URL: https://pichinchaonline6.webcindario.com/ingresoToken.html
Submission: On September 27 via manual from BR

Summary

This website contacted 24 IPs in 7 countries across 17 domains to perform 61 HTTP transactions. The main IP is 5.57.226.202, located in Madrid, Spain and belongs to SERVIHOSTING-AS AireNetworks - StackScale, ES. The main domain is pichinchaonline6.webcindario.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on August 16th 2018. Valid for: 3 months.
This is the only time pichinchaonline6.webcindario.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 5.57.226.202 29119 (SERVIHOST...)
9 200.0.63.48 198949 (VS-AS)
3 18.220.59.148 16509 (AMAZON-02)
14 195.181.167.140 60068 (CDN77)
2 2400:cb00:204... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 205.185.216.10 20446 (HIGHWINDS3)
1 146.20.133.39 27357 (RACKSPACE)
1 195.181.174.88 60068 (CDN77)
1 146.20.128.125 27357 (RACKSPACE)
1 2600:9000:200... 16509 (AMAZON-02)
2 185.28.139.8 197541 (VIDEOPLAZ...)
2 4 172.227.124.249 20940 (AKAMAI-ASN1)
1 185.94.180.125 35220 (SPOTX-AMS)
1 18.185.28.221 16509 (AMAZON-02)
7 2a00:1450:400... 15169 (GOOGLE)
2 216.58.210.6 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 185.94.180.124 35220 (SPOTX-AMS)
3 2a00:1450:400... 15169 (GOOGLE)
1 185.28.139.9 197541 (VIDEOPLAZ...)
61 24
Domain Requested by
15 static.addevweb.com pichinchaonline6.webcindario.com
static.addevweb.com
9 www.pichincha.com pichinchaonline6.webcindario.com
6 imasdk.googleapis.com static.addevweb.com
imasdk.googleapis.com
4 sb.scorecardresearch.com 2 redirects
3 pagead2.googlesyndication.com
3 ads.vidoomy.com pichinchaonline6.webcindario.com
2 mx-sunmedia.videoplaza.tv static.addevweb.com
2 adservice.google.com imasdk.googleapis.com
2 s0.2mdn.net imasdk.googleapis.com
2 www.google-analytics.com 1 redirects www.googletagmanager.com
2 www.googletagmanager.com pichinchaonline6.webcindario.com
static.addevweb.com
2 hosting.miarroba.info pichinchaonline6.webcindario.com
1 search.spotxchange.com static.addevweb.com
1 fonts.googleapis.com
1 d.agkn.com js.agkn.com
1 sync.search.spotxchange.com
1 es-sunicontent.videoplaza.tv static.addevweb.com
1 js.agkn.com static.addevweb.com
1 t.lkqd.net ad.lkqd.net
1 v.lkqd.net ad.lkqd.net
1 ad.lkqd.net ads.vidoomy.com
1 stats.g.doubleclick.net pichinchaonline6.webcindario.com
1 pichinchaonline6.webcindario.com
61 23

This site contains no links.

Subject Issuer Validity Valid
webcindario.com
Let's Encrypt Authority X3
2018-08-16 -
2018-11-14
3 months crt.sh
www.pichincha.com
DigiCert SHA2 Extended Validation Server CA
2017-12-08 -
2018-12-09
a year crt.sh
ads.vidoomy.com
COMODO RSA Domain Validation Secure Server CA
2018-01-18 -
2019-01-18
a year crt.sh
*.addevweb.com
COMODO RSA Domain Validation Secure Server CA
2017-09-11 -
2019-09-11
2 years crt.sh
ssl391079.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2018-09-26 -
2019-04-04
6 months crt.sh
*.google-analytics.com
Google Internet Authority G3
2018-09-11 -
2018-12-04
3 months crt.sh
*.g.doubleclick.net
Google Internet Authority G3
2018-09-04 -
2018-11-27
3 months crt.sh
*.lkqd.net
Go Daddy Secure Certificate Authority - G2
2016-05-31 -
2019-07-12
3 years crt.sh
*.agkn.com
RapidSSL RSA CA 2018
2018-06-21 -
2020-09-16
2 years crt.sh
*.videoplaza.tv
DigiCert SHA2 Secure Server CA
2017-12-19 -
2019-02-22
a year crt.sh
*.scorecardresearch.com
COMODO RSA Organization Validation Secure Server CA
2017-12-06 -
2018-12-26
a year crt.sh
sync.search.spotxchange.com
GeoTrust RSA CA 2018
2018-02-20 -
2019-05-25
a year crt.sh
*.googleapis.com
Google Internet Authority G3
2018-09-11 -
2018-12-04
3 months crt.sh
*.doubleclick.net
Google Internet Authority G3
2018-08-28 -
2018-11-20
3 months crt.sh
*.google.com
Google Internet Authority G3
2018-08-28 -
2018-11-20
3 months crt.sh
*.spotxchange.com
GeoTrust RSA CA 2018
2018-02-27 -
2019-03-25
a year crt.sh

This page contains 10 frames:

Primary Page: https://pichinchaonline6.webcindario.com/ingresoToken.html
Frame ID: 853A520E9163AD9DCBA5C1EABD4766C8
Requests: 46 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/formats.js?pid=430&sid=642145
Frame ID: 45081C650F2DC548BF78182DDFFA4335
Requests: 2 HTTP requests in this frame

Frame: https://hosting.miarroba.info/607f6b0b381bbc1f64fa027d62891072_cookie.php
Frame ID: 2F3527264C00F89D9E34C851C9733778
Requests: 1 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: DE5CBC96D76B0F21B4982A38796AFC40
Requests: 2 HTTP requests in this frame

Frame: https://d.agkn.com/iframe/8613/?che=552095092&c=%7B%22bpid%22%3A%22sunmedia%22%2C%22loc%22%3A%22https%3A%2F%2Fpichinchaonline6.webcindario.com%2FingresoToken.html%22%2C%22ref%22%3A%22-1%22%2C%22cid%22%3A%22-1%22%2C%22sid%22%3A%22-1%22%2C%22gen%22%3A%22-1%22%2C%22age%22%3A%22-1%22%2C%22cat%22%3A%22-1%22%2C%22brd%22%3A%22-1%22%7D
Frame ID: 6867C9ADF2743806D1574FB54DB7BE9E
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.238.1_en.html
Frame ID: 51C06A61D56766DD907601ECDECC13C3
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.237.5_en.html
Frame ID: 967BA44FD6AD3BE20770BCE83E348B81
Requests: 1 HTTP requests in this frame

Frame: https://static.addevweb.com/SMSupport/SMAdOps/vpaidads/SMPlugin/vpaid_wrapper_sunmedia.js?t=https%3A%2F%2Fmx-sunmedia.videoplaza.tv%2Fproxy%2Fdistributor%2Fv2%3Fs%3DESIT%2FDesktop%26tt%3Dp%26rt%3Dvast_2.0%26rnd%3D%7Brandom%7D%26pf%3Dfl_11%26dcid%3Dpc%26xpb%3D1
Frame ID: 4C600EE356D003B146E1B845B7577F31
Requests: 1 HTTP requests in this frame

Frame: https://static.addevweb.com/SMVast/SMVast_2.0.js
Frame ID: D7255017A1E69DB3AFE48A0A18A3C006
Requests: 9 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.237.5_en.html
Frame ID: 98FDC9A0B0A92EDF169C9C19F64BEEE9
Requests: 1 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • script /2mdn\.net/i

Overall confidence: 100%
Detected patterns
  • script /2mdn\.net/i
  • env /^Goog_AdSense_/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i

Overall confidence: 100%
Detected patterns
  • html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
  • env /^google_tag_manager$/i

Page Statistics

61
Requests

98 %
HTTPS

35 %
IPv6

17
Domains

23
Subdomains

24
IPs

7
Countries

485 kB
Transfer

1420 kB
Size

8
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10
  • https://www.google-analytics.com/r/collect?v=1&_v=j69&a=576161736&t=pageview&_s=1&dl=https%3A%2F%2Fpichinchaonline6.webcindario.com%2FingresoToken.html&ul=en-us&de=UTF-8&dt=Internexo%20Banco%20Pichincha&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABC~&jid=1467731244&gjid=341390265&cid=682838048.1538022985&tid=UA-597118-7&_gid=1751010854.1538022985&_r=1&gtm=G9hT2VG59&z=1209761408 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-597118-7&cid=682838048.1538022985&jid=1467731244&_gid=1751010854.1538022985&gjid=341390265&_v=j69&z=1209761408
Request Chain 28
  • https://sb.scorecardresearch.com/p?c1=2&c2=21892462&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=398756543&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=3523251 HTTP 302
  • https://sb.scorecardresearch.com/p2?c1=2&c2=21892462&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=398756543&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=3523251
Request Chain 29
  • https://sb.scorecardresearch.com/p?C1=1&C2=21892462&C3=&C4=&C5=09 HTTP 302
  • https://sb.scorecardresearch.com/p2?C1=1&C2=21892462&C3=&C4=&C5=09

61 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request ingresoToken.html
pichinchaonline6.webcindario.com/
13 KB
4 KB
Document
General
Full URL
https://pichinchaonline6.webcindario.com/ingresoToken.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software
nginx / Webcindario Hosting Service
Resource Hash
ee758bffbcb013a4226b4124a474a835463e8144cbeb68493ffee519a912d0a4

Request headers

:method
GET
:authority
pichinchaonline6.webcindario.com
:scheme
https
:path
/ingresoToken.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
server
nginx
date
Thu, 27 Sep 2018 04:36:23 GMT
content-type
text/html
vary
Accept-Encoding
set-cookie
__muid=27f52d9557e0cfb7a936117d9008311581aae303; Domain=.webcindario.com; Path=/; Expires=Tue, 19 Jan 2038 03:14:11 GMT; HttpOnly
x-powered-by
Webcindario Hosting Service
content-encoding
gzip
bpglobal.css
www.pichincha.com/styles/
16 KB
5 KB
Stylesheet
General
Full URL
https://www.pichincha.com/styles/bpglobal.css
Requested by
Host: pichinchaonline6.webcindario.com
URL: https://pichinchaonline6.webcindario.com/ingresoToken.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.0.63.48 Quito, Ecuador, ASN198949 (VS-AS, IL),
Reverse DNS
www.bancopichincha.fin.ec
Software
Apache /
Resource Hash
2ee2a6c379357b39781d14855c7c0176c1787a91f61cd30970e2abf8e4d4a740
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pichinchaonline6.webcindario.com/ingresoToken.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15552000
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
3202
Connection
Keep-Alive
Content-Length
4329
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Tue, 11 Sep 2018 07:58:02 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
Date
Thu, 27 Sep 2018 04:36:24 GMT
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=604800
Content-Security-Policy
frame-ancestors 'self';
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=92
Expires
Thu, 04 Oct 2018 03:43:02 GMT
internexo.js
www.pichincha.com/scripts/
5 KB
5 KB
Script
General
Full URL
https://www.pichincha.com/scripts/internexo.js
Requested by
Host: pichinchaonline6.webcindario.com
URL: https://pichinchaonline6.webcindario.com/ingresoToken.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.0.63.48 Quito, Ecuador, ASN198949 (VS-AS, IL),
Reverse DNS
www.bancopichincha.fin.ec
Software
Apache /
Resource Hash
d799e4071a02440a4087267ca74c6581569bc7fe3fcfa2281dfb4cf3b5d95a3c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pichinchaonline6.webcindario.com/ingresoToken.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15552000
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Wed, 07 Oct 2015 16:32:00 GMT
Server
Apache
Age
2602
Date
Thu, 27 Sep 2018 04:36:24 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self';
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
4658
X-XSS-Protection
1; mode=block
ajax_util.js
www.pichincha.com/scripts/
2 KB
2 KB
Script
General
Full URL
https://www.pichincha.com/scripts/ajax_util.js
Requested by
Host: pichinchaonline6.webcindario.com
URL: https://pichinchaonline6.webcindario.com/ingresoToken.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.0.63.48 Quito, Ecuador, ASN198949 (VS-AS, IL),
Reverse DNS
www.bancopichincha.fin.ec
Software
Apache /
Resource Hash
2c450847391d6a6c3402cd6f37e0b120c92ee246511f94414856b009187cbb9d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pichinchaonline6.webcindario.com/ingresoToken.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15552000
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Wed, 07 Oct 2015 16:32:00 GMT
Server
Apache
Age
2935
Date
Thu, 27 Sep 2018 04:36:24 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self';
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=97
Content-Length
1708
X-XSS-Protection
1; mode=block
banca_elec.png
www.pichincha.com/images/icons/
2 KB
2 KB
Image
General
Full URL
https://www.pichincha.com/images/icons/banca_elec.png
Requested by
Host: pichinchaonline6.webcindario.com
URL: https://pichinchaonline6.webcindario.com/ingresoToken.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.0.63.48 Quito, Ecuador, ASN198949 (VS-AS, IL),
Reverse DNS
www.bancopichincha.fin.ec
Software
Apache /
Resource Hash
c6f857289b6346595f6422017d18147295aa1e365d187969b1fc4f7c5b5a2617
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pichinchaonline6.webcindario.com/ingresoToken.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15552000
X-Content-Type-Options
nosniff
Age
2980
Connection
Keep-Alive
Content-Length
1961
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Thu, 31 May 2018 06:13:49 GMT
Server
Apache
Date
Thu, 27 Sep 2018 04:36:24 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
max-age=604800
Content-Security-Policy
frame-ancestors 'self';
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Expires
Thu, 04 Oct 2018 03:46:44 GMT
miarrobamobile.js
ads.vidoomy.com/
2 KB
2 KB
Script
General
Full URL
https://ads.vidoomy.com/miarrobamobile.js
Requested by
Host: pichinchaonline6.webcindario.com
URL: https://pichinchaonline6.webcindario.com/ingresoToken.html
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
18.220.59.148 Cambridge, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-220-59-148.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / PHP/7.1.7, ASP.NET
Resource Hash
8723cae31a124bb3aba17b012e29bfc6360ecba1b40661077000e8a97afa0e55

Request headers

Referer
https://pichinchaonline6.webcindario.com/ingresoToken.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Thu, 27 Sep 2018 04:36:08 GMT
server
Microsoft-IIS/10.0
x-powered-by
PHP/7.1.7, ASP.NET
content-length
2006
content-type
application/javascript
miarrodesktop.js
ads.vidoomy.com/
0
0
Script
General
Full URL
https://ads.vidoomy.com/miarrodesktop.js
Requested by
Host: pichinchaonline6.webcindario.com
URL: https://pichinchaonline6.webcindario.com/ingresoToken.html
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
18.220.59.148 Cambridge, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-220-59-148.us-east-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://pichinchaonline6.webcindario.com/ingresoToken.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-type
text/html
fd629041-9e6f-47d6-8dfb-cf82237caa89.js
static.addevweb.com/integrations/fd629041-9e6f-47d6-8dfb-cf82237caa89/
132 KB
36 KB
Script
General
Full URL
https://static.addevweb.com/integrations/fd629041-9e6f-47d6-8dfb-cf82237caa89/fd629041-9e6f-47d6-8dfb-cf82237caa89.js
Requested by
Host: pichinchaonline6.webcindario.com
URL: https://pichinchaonline6.webcindario.com/ingresoToken.html
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.181.167.140 , United Kingdom, ASN60068 (CDN77, GB),
Reverse DNS
unn-195-181-167-140.datapacket.com
Software
nginx /
Resource Hash
c11471a828f6253182afce9643d3064cb524ea6f72d5e41fc9502a992a24c41a

Request headers

Referer
https://pichinchaonline6.webcindario.com/ingresoToken.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 27 Sep 2018 04:36:24 GMT
content-encoding
gzip
tp-cache
HIT
age
56577
status
200
x-device
desktop
content-length
36446
last-modified
Wed, 26 Sep 2018 12:53:08 GMT
server
nginx
etag
"f1a5e5ef-21152-576c5b43c8c40"
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
cache-control
max-age=0, s-maxage=2592001
access-control-allow-credentials
true
accept-ranges
bytes
/
hosting.miarroba.info/
1 KB
1 KB
Script
General
Full URL
https://hosting.miarroba.info/?__muid=27f52d9557e0cfb7a936117d9008311581aae303&h=1836052&t=1538022983&k=3ba7573b2eb1fb65ff039f876e9de405
Requested by
Host: pichinchaonline6.webcindario.com
URL: https://pichinchaonline6.webcindario.com/ingresoToken.html
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2400:cb00:2048:1::6819:cf08 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
9215c09ccbde4ac66369b3110e3b086ebf8236b972974249f3c2e900d29b97e2

Request headers

Referer
https://pichinchaonline6.webcindario.com/ingresoToken.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

cf-ray
460b44e29b6896ac-FRA
pragma
no-cache
date
Thu, 27 Sep 2018 04:36:24 GMT
content-encoding
gzip
last-modified
Thu, 27 Sep 2018 04:36:24 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
status
200
cache-control
no-cache
content-type
application/javascript; charset=iso-8859-1
expires
Mon, 26 Jul 1997 05:00:00 GMT
gtm.js
www.googletagmanager.com/
66 KB
23 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-T2VG59
Requested by
Host: pichinchaonline6.webcindario.com
URL: https://pichinchaonline6.webcindario.com/ingresoToken.html
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:816::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
b50ec863f77326df68724d336d1e16f8f9a7f0b2e32121b4a0543682522aebce
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pichinchaonline6.webcindario.com/ingresoToken.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 27 Sep 2018 04:36:24 GMT
content-encoding
gzip
server
Google Tag Manager (scaffolding)
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
23873
x-xss-protection
1; mode=block
expires
Thu, 27 Sep 2018 04:36:24 GMT
analytics.js
www.google-analytics.com/
39 KB
16 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T2VG59
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:815::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
ed17a6e7532cc3065f9fbd8f607dfd30e09b4531ada9f7cb5732a2bf6cf6744c
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://pichinchaonline6.webcindario.com/ingresoToken.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 13 Sep 2018 23:12:19 GMT
server
Golfe2
age
4101
date
Thu, 27 Sep 2018 03:28:03 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
16173
expires
Thu, 27 Sep 2018 05:28:03 GMT
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j69&a=576161736&t=pageview&_s=1&dl=https%3A%2F%2Fpichinchaonline6.webcindario.com%2FingresoToken.html&ul=en-us&de=UTF-8&dt=Internexo%20Banco%20Pich...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-597118-7&cid=682838048.1538022985&jid=1467731244&_gid=1751010854.1538022985&gjid=341390265&_v=j69&z=1209761408
35 B
102 B
Image
General
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-597118-7&cid=682838048.1538022985&jid=1467731244&_gid=1751010854.1538022985&gjid=341390265&_v=j69&z=1209761408
Requested by
Host: pichinchaonline6.webcindario.com
URL: https://pichinchaonline6.webcindario.com/ingresoToken.html
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:400c:c00::9c , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://pichinchaonline6.webcindario.com/ingresoToken.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 27 Sep 2018 04:36:24 GMT
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 27 Sep 2018 04:36:24 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
302
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-597118-7&cid=682838048.1538022985&jid=1467731244&_gid=1751010854.1538022985&gjid=341390265&_v=j69&z=1209761408
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
416
expires
Fri, 01 Jan 1990 00:00:00 GMT
bpform.css
www.pichincha.com/styles/
4 KB
2 KB
Stylesheet
General
Full URL
https://www.pichincha.com/styles/bpform.css
Requested by
Host: pichinchaonline6.webcindario.com
URL: https://pichinchaonline6.webcindario.com/ingresoToken.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.0.63.48 Quito, Ecuador, ASN198949 (VS-AS, IL),
Reverse DNS
www.bancopichincha.fin.ec
Software
Apache /
Resource Hash
6b0f54accd945c6a7034f75908ebaad8c00d71e12f762388e207d61e6e0feb91
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pichinchaonline6.webcindario.com/ingresoToken.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15552000
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
3266
Connection
Keep-Alive
Content-Length
1441
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Thu, 31 May 2018 06:14:03 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
Date
Thu, 27 Sep 2018 04:36:24 GMT
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=604800
Content-Security-Policy
frame-ancestors 'self';
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Expires
Thu, 04 Oct 2018 03:41:58 GMT
bpButtons.css
www.pichincha.com/styles/
2 KB
1 KB
Stylesheet
General
Full URL
https://www.pichincha.com/styles/bpButtons.css
Requested by
Host: pichinchaonline6.webcindario.com
URL: https://pichinchaonline6.webcindario.com/ingresoToken.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.0.63.48 Quito, Ecuador, ASN198949 (VS-AS, IL),
Reverse DNS
www.bancopichincha.fin.ec
Software
Apache /
Resource Hash
b4e4284df82b1d00d1744f880369526804cff3d98ede14dfab7f00b27fc8a7f7
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pichinchaonline6.webcindario.com/ingresoToken.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15552000
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
3228
Connection
Keep-Alive
Content-Length
542
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Wed, 07 Oct 2015 16:32:00 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
Date
Thu, 27 Sep 2018 04:36:24 GMT
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=604800
Content-Security-Policy
frame-ancestors 'self';
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Expires
Thu, 04 Oct 2018 03:42:36 GMT
bpTooltips.css
www.pichincha.com/styles/
3 KB
1 KB
Stylesheet
General
Full URL
https://www.pichincha.com/styles/bpTooltips.css
Requested by
Host: pichinchaonline6.webcindario.com
URL: https://pichinchaonline6.webcindario.com/ingresoToken.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.0.63.48 Quito, Ecuador, ASN198949 (VS-AS, IL),
Reverse DNS
www.bancopichincha.fin.ec
Software
Apache /
Resource Hash
e26364f609d60e527048fff8bc46f61aa42566b7f1d0ebff6eecf89a9ebca997
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pichinchaonline6.webcindario.com/ingresoToken.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15552000
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
3170
Connection
Keep-Alive
Content-Length
875
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Wed, 07 Oct 2015 16:32:00 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
Date
Thu, 27 Sep 2018 04:36:24 GMT
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=604800
Content-Security-Policy
frame-ancestors 'self';
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=98
Expires
Thu, 04 Oct 2018 03:43:34 GMT
help0000.gif
www.pichincha.com/images/icons/
500 B
1 KB
Image
General
Full URL
https://www.pichincha.com/images/icons/help0000.gif
Requested by
Host: pichinchaonline6.webcindario.com
URL: https://pichinchaonline6.webcindario.com/ingresoToken.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.0.63.48 Quito, Ecuador, ASN198949 (VS-AS, IL),
Reverse DNS
www.bancopichincha.fin.ec
Software
Apache /
Resource Hash
5ac42d7d04e897c0e8466374450473737d6364e6992292e0e44f3d3eef80d08c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.pichincha.com/styles/bpform.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15552000
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Content-Length
500
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Wed, 11 Nov 2015 20:59:13 GMT
Server
Apache
Date
Thu, 27 Sep 2018 04:36:25 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
image/gif
Cache-Control
max-age=604800
Content-Security-Policy
frame-ancestors 'self';
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Expires
Thu, 04 Oct 2018 04:36:25 GMT
logoBanc.png
www.pichincha.com/images/bp/
2 KB
3 KB
Image
General
Full URL
https://www.pichincha.com/images/bp/logoBanc.png
Requested by
Host: pichinchaonline6.webcindario.com
URL: https://pichinchaonline6.webcindario.com/ingresoToken.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.0.63.48 Quito, Ecuador, ASN198949 (VS-AS, IL),
Reverse DNS
www.bancopichincha.fin.ec
Software
Apache /
Resource Hash
75952252f7614a01ff731ef84894583eb5012dad1b614c948322f7ddaa86b0fa
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.pichincha.com/styles/bpglobal.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15552000
X-Content-Type-Options
nosniff
Age
3229
Connection
Keep-Alive
Content-Length
2497
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Thu, 31 May 2018 06:13:23 GMT
Server
Apache
Date
Thu, 27 Sep 2018 04:36:25 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
max-age=604800
Content-Security-Policy
frame-ancestors 'self';
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=98
Expires
Thu, 04 Oct 2018 03:42:36 GMT
formats.js
ad.lkqd.net/vpaid/ Frame 4508
158 KB
48 KB
Script
General
Full URL
https://ad.lkqd.net/vpaid/formats.js?pid=430&sid=642145
Requested by
Host: ads.vidoomy.com
URL: https://ads.vidoomy.com/miarrobamobile.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
12f2035670904e87f8e2313533931a75b09deffa73cd68bf6a6aca51bf47fa68

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 27 Sep 2018 04:36:25 GMT
Content-Encoding
gzip
Last-Modified
Fri, 21 Sep 2018 16:45:34 GMT
X-HW
1538022985.dop018.fr8.t,1538022985.cds014.fr8.shn,1538022985.cds014.fr8.c
Content-Type
application/javascript
Cache-Control
max-age=300
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
48861
miarrodesktop.js
ads.vidoomy.com/
0
0
Script
General
Full URL
https://ads.vidoomy.com/miarrodesktop.js
Requested by
Host: pichinchaonline6.webcindario.com
URL: https://pichinchaonline6.webcindario.com/ingresoToken.html
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
18.220.59.148 Cambridge, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-220-59-148.us-east-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://pichinchaonline6.webcindario.com/ingresoToken.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-type
text/html
ad
v.lkqd.net/ Frame 4508
180 B
366 B
XHR
General
Full URL
https://v.lkqd.net/ad?pid=430&sid=642594&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fpichinchaonline6.webcindario.com%2FingresoToken.html&dnt=0&c1=&c2=&c3=&rnd=39880888&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js?pid=430&sid=642145
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.133.39 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software
nginx /
Resource Hash
45fa735c6df15f15a1293a9cb3125033408874bf284280e8bcac23f95ad8feac

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Origin
https://pichinchaonline6.webcindario.com

Response headers

date
Thu, 27 Sep 2018 04:36:25 GMT
content-encoding
gzip
server
nginx
status
200
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://pichinchaonline6.webcindario.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
150
607f6b0b381bbc1f64fa027d62891072_cookie.php
hosting.miarroba.info/ Frame 2F35
0
0
Document
General
Full URL
https://hosting.miarroba.info/607f6b0b381bbc1f64fa027d62891072_cookie.php
Requested by
Host: pichinchaonline6.webcindario.com
URL: https://pichinchaonline6.webcindario.com/ingresoToken.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2400:cb00:2048:1::6819:cf08 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
POST
:authority
hosting.miarroba.info
:scheme
https
:path
/607f6b0b381bbc1f64fa027d62891072_cookie.php
content-length
162
pragma
no-cache
cache-control
no-cache
origin
https://pichinchaonline6.webcindario.com
upgrade-insecure-requests
1
content-type
application/x-www-form-urlencoded
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://pichinchaonline6.webcindario.com/ingresoToken.html
accept-encoding
gzip, deflate
cookie
__cfduid=d64ea20591837bc1d1fb676077b31ea461538022984; __weslvu=1538022984; clientcountry=unknown
Origin
https://pichinchaonline6.webcindario.com
Upgrade-Insecure-Requests
1
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://pichinchaonline6.webcindario.com/ingresoToken.html

Response headers

status
200
date
Thu, 27 Sep 2018 04:36:25 GMT
content-type
text/html; charset=iso-8859-1
vary
Accept-Encoding
set-cookie
__weslvu=1538022984; expires=Thu, 27-Sep-2018 05:36:24 GMT; Max-Age=3599; path=/; domain=hosting.miarroba.info
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
460b44e9081a96ac-FRA
content-encoding
gzip
eu_country.php
static.addevweb.com/SMVpaidCreatives/geotarget/
19 B
261 B
XHR
General
Full URL
https://static.addevweb.com/SMVpaidCreatives/geotarget/eu_country.php
Requested by
Host: static.addevweb.com
URL: https://static.addevweb.com/integrations/fd629041-9e6f-47d6-8dfb-cf82237caa89/fd629041-9e6f-47d6-8dfb-cf82237caa89.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.181.174.88 , United Kingdom, ASN60068 (CDN77, GB),
Reverse DNS
unn-195-181-174-88.datapacket.com
Software
nginx /
Resource Hash
2fd18698a9c07c01ed01e19274ad4cd456e1faabc8b226a17efc63b3220ef3e2

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://pichinchaonline6.webcindario.com/ingresoToken.html
Origin
https://pichinchaonline6.webcindario.com

Response headers

date
Thu, 27 Sep 2018 04:36:25 GMT
tp-cache
HIT
server
nginx
age
596981
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json
status
200
cache-control
max-age=0, s-maxage=2592000
x-device
desktop
accept-ranges
bytes
access-control-allow-origin
*
content-length
19
t
t.lkqd.net/ Frame DE5C
0
301 B
XHR
General
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js?pid=430&sid=642145
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.125 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
POST
Origin
https://pichinchaonline6.webcindario.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

date
Thu, 27 Sep 2018 04:36:25 GMT
server
nginx
access-control-allow-origin
https://pichinchaonline6.webcindario.com
access-control-max-age
300
access-control-allow-methods
GET, OPTIONS, POST
content-type
text/plain; charset=UTF-8
status
200
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=300
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
0
tag.js
js.agkn.com/prod/v0/
3 KB
3 KB
Script
General
Full URL
https://js.agkn.com/prod/v0/tag.js
Requested by
Host: static.addevweb.com
URL: https://static.addevweb.com/integrations/fd629041-9e6f-47d6-8dfb-cf82237caa89/fd629041-9e6f-47d6-8dfb-cf82237caa89.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200c:e000:15:efbc:e300:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
33e5e19bca3a0cd6eb3c73b7160afe3a752ddefc95b05e82f74fce1f727e14cd

Request headers

Referer
https://pichinchaonline6.webcindario.com/ingresoToken.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 28 Jun 2018 23:55:39 GMT
via
1.1 0437902e99783229e3317bb4dfe27240.cloudfront.net (CloudFront)
last-modified
Thu, 28 Jun 2018 23:51:37 GMT
server
AmazonS3
age
16822
etag
"0a19c06e5266e3e9e572f723610708ba"
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
3111
x-amz-cf-id
eSc9CYz4ripn3FSu16nss9KX5bkPhjulk58AX3-3DIWzTVLlRBnKVw==
gtm.js
www.googletagmanager.com/
65 KB
23 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NH3RQL3&l=spotxDataLayer
Requested by
Host: static.addevweb.com
URL: https://static.addevweb.com/integrations/fd629041-9e6f-47d6-8dfb-cf82237caa89/fd629041-9e6f-47d6-8dfb-cf82237caa89.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:816::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
38feffef11c5cb6f685726b45bf177a290d53975ec3423408448f0f83cb450e6
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pichinchaonline6.webcindario.com/ingresoToken.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 27 Sep 2018 04:36:25 GMT
content-encoding
gzip
server
Google Tag Manager (scaffolding)
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
23798
x-xss-protection
1; mode=block
expires
Thu, 27 Sep 2018 04:36:25 GMT
truncated
/
715 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/png
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/png
SMPlayer_d.css
static.addevweb.com/SMSdk/css/SMVast/
4 KB
1 KB
Stylesheet
General
Full URL
https://static.addevweb.com/SMSdk/css/SMVast/SMPlayer_d.css
Requested by
Host: static.addevweb.com
URL: https://static.addevweb.com/integrations/fd629041-9e6f-47d6-8dfb-cf82237caa89/fd629041-9e6f-47d6-8dfb-cf82237caa89.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.181.167.140 , United Kingdom, ASN60068 (CDN77, GB),
Reverse DNS
unn-195-181-167-140.datapacket.com
Software
nginx /
Resource Hash
faea86767665f43e53c216419a8778e0a8586ee95e69981da71cbaa2d34e9181

Request headers

Referer
https://pichinchaonline6.webcindario.com/ingresoToken.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 27 Sep 2018 04:36:25 GMT
content-encoding
gzip
tp-cache
HIT
last-modified
Mon, 24 Sep 2018 11:17:07 GMT
server
nginx
age
234954
etag
"f1a98de5-1117-5769c21353a59"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=0, s-maxage=2592000
content-length
957
accept-ranges
bytes
x-device
desktop
v2
es-sunicontent.videoplaza.tv/proxy/distributor/
46 KB
4 KB
XHR
General
Full URL
https://es-sunicontent.videoplaza.tv/proxy/distributor/v2?s=MobusiIH%2FMiArrobaDesktop&tt=p&rt=vast_2.0&rnd=135713002&pf=fl_11&dcid=pc&xpb=1&cp.gdpr=1&cp.consent=1
Requested by
Host: static.addevweb.com
URL: https://static.addevweb.com/integrations/fd629041-9e6f-47d6-8dfb-cf82237caa89/fd629041-9e6f-47d6-8dfb-cf82237caa89.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.28.139.8 , Sweden, ASN197541 (VIDEOPLAZA-AS, SE),
Reverse DNS
stc-185-28-139.videoplaza.net
Software
/
Resource Hash
3708e6df76853d6053b0b88baecdeeae8ff83e57ea48840cba61c6616d37e841

Request headers

Accept
*/*
Referer
https://pichinchaonline6.webcindario.com/ingresoToken.html
Origin
https://pichinchaonline6.webcindario.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 27 Sep 2018 04:36:25 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
text/xml;charset=utf-8
Access-Control-Allow-Origin
https://pichinchaonline6.webcindario.com
Cache-Control
no-cache, must-revalidate
Access-Control-Allow-Credentials
true
Connection
close
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/p?c1=2&c2=21892462&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=398756543&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct...
  • https://sb.scorecardresearch.com/p2?c1=2&c2=21892462&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=398756543&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_c...
43 B
309 B
Image
General
Full URL
https://sb.scorecardresearch.com/p2?c1=2&c2=21892462&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=398756543&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=3523251
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.227.124.249 Cambridge, United States, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a172-227-124-249.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Request headers

Referer
https://pichinchaonline6.webcindario.com/ingresoToken.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Sep 2018 04:36:25 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://sb.scorecardresearch.com/p2?c1=2&c2=21892462&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=398756543&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=3523251
Pragma
no-cache
Date
Thu, 27 Sep 2018 04:36:25 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
p2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/p?C1=1&C2=21892462&C3=&C4=&C5=09
  • https://sb.scorecardresearch.com/p2?C1=1&C2=21892462&C3=&C4=&C5=09
43 B
309 B
Image
General
Full URL
https://sb.scorecardresearch.com/p2?C1=1&C2=21892462&C3=&C4=&C5=09
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.227.124.249 Cambridge, United States, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a172-227-124-249.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Request headers

Referer
https://pichinchaonline6.webcindario.com/ingresoToken.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Sep 2018 04:36:25 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://sb.scorecardresearch.com/p2?C1=1&C2=21892462&C3=&C4=&C5=09
Pragma
no-cache
Date
Thu, 27 Sep 2018 04:36:25 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
/
static.addevweb.com/SMVast/track/
42 B
266 B
Image
General
Full URL
https://static.addevweb.com/SMVast/track/?ap=smptf&it=fd629041-9e6f-47d6-8dfb-cf82237caa89&tp=op&pb=1&pos=no-pos&loop=0
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.181.167.140 , United Kingdom, ASN60068 (CDN77, GB),
Reverse DNS
unn-195-181-167-140.datapacket.com
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://pichinchaonline6.webcindario.com/ingresoToken.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 27 Sep 2018 04:36:25 GMT
tp-cache
HIT
last-modified
Mon, 18 Jun 2018 11:56:06 GMT
server
nginx
age
590137
etag
"f1ae96da-2a-56ee9402fb653"
vary
Accept-Encoding
content-type
image/gif
status
200
cache-control
max-age=0, s-maxage=31536000
content-length
42
accept-ranges
bytes
x-device
desktop
/
static.addevweb.com/SMVast/track/
42 B
266 B
Image
General
Full URL
https://static.addevweb.com/SMVast/track/?ap=smptf&it=fd629041-9e6f-47d6-8dfb-cf82237caa89&tp=req&pb=1&pos=no-pos&loop=0
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.181.167.140 , United Kingdom, ASN60068 (CDN77, GB),
Reverse DNS
unn-195-181-167-140.datapacket.com
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://pichinchaonline6.webcindario.com/ingresoToken.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 27 Sep 2018 04:36:25 GMT
tp-cache
HIT
last-modified
Mon, 18 Jun 2018 11:56:06 GMT
server
nginx
age
590137
etag
"f1ae96da-2a-56ee9402fb653"
vary
Accept-Encoding
content-type
image/gif
status
200
cache-control
max-age=0, s-maxage=31536000
content-length
42
accept-ranges
bytes
x-device
desktop
/
static.addevweb.com/SMVast/track/
42 B
266 B
Image
General
Full URL
https://static.addevweb.com/SMVast/track/?ap=smptf&it=fd629041-9e6f-47d6-8dfb-cf82237caa89&tp=ef&pb=1&pos=no-pos&loop=0
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.181.167.140 , United Kingdom, ASN60068 (CDN77, GB),
Reverse DNS
unn-195-181-167-140.datapacket.com
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://pichinchaonline6.webcindario.com/ingresoToken.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 27 Sep 2018 04:36:25 GMT
tp-cache
HIT
last-modified
Mon, 18 Jun 2018 11:56:06 GMT
server
nginx
age
590137
etag
"f1ae96da-2a-56ee9402fb653"
vary
Accept-Encoding
content-type
image/gif
status
200
cache-control
max-age=0, s-maxage=31536000
content-length
42
accept-ranges
bytes
x-device
desktop
partner
sync.search.spotxchange.com/
43 B
442 B
Image
General
Full URL
https://sync.search.spotxchange.com/partner?source=unknown&sync_limit=7
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.125 , Netherlands, ASN35220 (SPOTX-AMS, NL),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer
https://pichinchaonline6.webcindario.com/ingresoToken.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 27 Sep 2018 04:36:25 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
P3P
CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV ADMa"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Cookie set /
d.agkn.com/iframe/8613/ Frame 6867
0
0
Document
General
Full URL
https://d.agkn.com/iframe/8613/?che=552095092&c=%7B%22bpid%22%3A%22sunmedia%22%2C%22loc%22%3A%22https%3A%2F%2Fpichinchaonline6.webcindario.com%2FingresoToken.html%22%2C%22ref%22%3A%22-1%22%2C%22cid%22%3A%22-1%22%2C%22sid%22%3A%22-1%22%2C%22gen%22%3A%22-1%22%2C%22age%22%3A%22-1%22%2C%22cat%22%3A%22-1%22%2C%22brd%22%3A%22-1%22%7D
Requested by
Host: js.agkn.com
URL: https://js.agkn.com/prod/v0/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.28.221 Cambridge, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-185-28-221.eu-central-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash

Request headers

Host
d.agkn.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://pichinchaonline6.webcindario.com/ingresoToken.html
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://pichinchaonline6.webcindario.com/ingresoToken.html

Response headers

Cache-Control
no-cache, must-revalidate
Content-Type
text/html;charset=UTF-8
Date
Thu, 27 Sep 2018 04:36:24 GMT
Expires
Sat, 01 Jan 2000 00:00:00 GMT
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
Server
Apache-Coyote/1.1
Set-Cookie
ab=0001%3AK%2FUzI6XALpY%2B9UC4IDhYfbnV5nbpwwDP;Max-Age=31536000;domain=agkn.com;path=/ u=C|0AEAjPxrJIz8ayQAAAAAAAg1RAQCADVIBAIA;Max-Age=31536000;domain=agkn.com;path=/
Content-Length
503
Connection
keep-alive
t
t.lkqd.net/ Frame DE5C
0
0

css
fonts.googleapis.com/
767 B
477 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:816::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
06d10ddd446ea86ebea46a23a233c9a5fd8df1ce12dfde397d6edbf273f3b852
Security Headers
Name Value
Strict-Transport-Security max-age=86400
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pichinchaonline6.webcindario.com/ingresoToken.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=86400
content-encoding
gzip
last-modified
Thu, 27 Sep 2018 04:36:25 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Thu, 27 Sep 2018 04:36:25 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
x-xss-protection
1; mode=block
expires
Thu, 27 Sep 2018 04:36:25 GMT
play.png
static.addevweb.com/SMSdk/ico/
1 KB
2 KB
Image
General
Full URL
https://static.addevweb.com/SMSdk/ico/play.png
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.181.167.140 , United Kingdom, ASN60068 (CDN77, GB),
Reverse DNS
unn-195-181-167-140.datapacket.com
Software
nginx /
Resource Hash
dd4473796fb0eda44798d1802b139e99b54cdf783a2df05f0be684481238c151

Request headers

Referer
https://static.addevweb.com/SMSdk/css/SMVast/SMPlayer_d.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 27 Sep 2018 04:36:25 GMT
tp-cache
HIT
last-modified
Mon, 24 Sep 2018 11:17:07 GMT
server
nginx
age
234954
etag
"f1a1ce5e-5f5-5769c21381c7e"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=0, s-maxage=2592000
content-length
1525
accept-ranges
bytes
x-device
desktop
adlabel.png
static.addevweb.com/SMSdk/ico/
1 KB
2 KB
Image
General
Full URL
https://static.addevweb.com/SMSdk/ico/adlabel.png
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.181.167.140 , United Kingdom, ASN60068 (CDN77, GB),
Reverse DNS
unn-195-181-167-140.datapacket.com
Software
nginx /
Resource Hash
4cf86b8273ac1a15c23684145f8035a0e3c9d67942f62cb44bb8b95bd7465877

Request headers

Referer
https://static.addevweb.com/SMSdk/css/SMVast/SMPlayer_d.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 27 Sep 2018 04:36:25 GMT
tp-cache
HIT
last-modified
Mon, 24 Sep 2018 11:17:07 GMT
server
nginx
age
234954
etag
"f1a1ce5a-54f-5769c213691f7"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=0, s-maxage=2592000
content-length
1359
accept-ranges
bytes
x-device
desktop
skip.png
static.addevweb.com/SMSdk/ico/
3 KB
3 KB
Image
General
Full URL
https://static.addevweb.com/SMSdk/ico/skip.png
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.181.167.140 , United Kingdom, ASN60068 (CDN77, GB),
Reverse DNS
unn-195-181-167-140.datapacket.com
Software
nginx /
Resource Hash
47fd77ed50c61b270cf73b6b71c5ae29d7b46023ea1e3d2f646858d839c927bb

Request headers

Referer
https://static.addevweb.com/SMSdk/css/SMVast/SMPlayer_d.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 27 Sep 2018 04:36:25 GMT
tp-cache
HIT
last-modified
Mon, 24 Sep 2018 11:17:07 GMT
server
nginx
age
234954
etag
"f1a1eb0a-ac9-5769c213833e8"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=0, s-maxage=2592000
content-length
2761
accept-ranges
bytes
x-device
desktop
fullscreen-on.png
static.addevweb.com/SMSdk/ico/
1 KB
2 KB
Image
General
Full URL
https://static.addevweb.com/SMSdk/ico/fullscreen-on.png
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.181.167.140 , United Kingdom, ASN60068 (CDN77, GB),
Reverse DNS
unn-195-181-167-140.datapacket.com
Software
nginx /
Resource Hash
7a000f38eb0e9764341b690ff8c931c309a4392e7b35c157652864658ab406eb

Request headers

Referer
https://static.addevweb.com/SMSdk/css/SMVast/SMPlayer_d.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 27 Sep 2018 04:36:25 GMT
tp-cache
HIT
last-modified
Mon, 24 Sep 2018 11:17:07 GMT
server
nginx
age
234954
etag
"f1a1ce5c-547-5769c21380128"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=0, s-maxage=2592000
content-length
1351
accept-ranges
bytes
x-device
desktop
sound-on.png
static.addevweb.com/SMSdk/ico/
3 KB
3 KB
Image
General
Full URL
https://static.addevweb.com/SMSdk/ico/sound-on.png
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.181.167.140 , United Kingdom, ASN60068 (CDN77, GB),
Reverse DNS
unn-195-181-167-140.datapacket.com
Software
nginx /
Resource Hash
bdc8974fef203fa0bb84f6488aca9993abe075e703a1edc87c583e71ae855412

Request headers

Referer
https://static.addevweb.com/SMSdk/css/SMVast/SMPlayer_d.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 27 Sep 2018 04:36:25 GMT
tp-cache
HIT
last-modified
Mon, 24 Sep 2018 11:17:07 GMT
server
nginx
age
234954
etag
"f1a1eb0c-b4e-5769c21384385"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=0, s-maxage=2592000
content-length
2894
accept-ranges
bytes
x-device
desktop
ima3.js
imasdk.googleapis.com/js/sdkloader/
230 KB
79 KB
Script
General
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: static.addevweb.com
URL: https://static.addevweb.com/integrations/fd629041-9e6f-47d6-8dfb-cf82237caa89/fd629041-9e6f-47d6-8dfb-cf82237caa89.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:816::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
18fafdf0ca4e599359f51f4e5b1b9357efdf797810641ebb3210f771a9a17e2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pichinchaonline6.webcindario.com/ingresoToken.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 27 Sep 2018 04:36:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
81070
x-xss-protection
1; mode=block
expires
Thu, 27 Sep 2018 04:36:25 GMT
bridge3.238.1_en.html
imasdk.googleapis.com/js/core/ Frame 51C0
0
0
Document
General
Full URL
https://imasdk.googleapis.com/js/core/bridge3.238.1_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:816::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.238.1_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://pichinchaonline6.webcindario.com/ingresoToken.html
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://pichinchaonline6.webcindario.com/ingresoToken.html

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
169927
date
Wed, 26 Sep 2018 14:27:57 GMT
expires
Thu, 26 Sep 2019 14:27:57 GMT
last-modified
Wed, 26 Sep 2018 14:25:47 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
1; mode=block
cache-control
public, max-age=31536000
age
50908
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
client.js
s0.2mdn.net/instream/video/
26 KB
10 KB
Script
General
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.58.210.6 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s07-in-f6.1e100.net
Software
sffe /
Resource Hash
62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pichinchaonline6.webcindario.com/ingresoToken.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 27 Sep 2018 04:36:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
10523
x-xss-protection
1; mode=block
expires
Thu, 27 Sep 2018 04:36:25 GMT
integrator.js
adservice.google.com/adsid/
109 B
171 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=pichinchaonline6.webcindario.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:815::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pichinchaonline6.webcindario.com/ingresoToken.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 27 Sep 2018 04:36:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
104
x-xss-protection
1; mode=block
207956
search.spotxchange.com/vast/2.0/
67 B
1 KB
XHR
General
Full URL
https://search.spotxchange.com/vast/2.0/207956?VPAID=JS&content_page_url=https://pichinchaonline6.webcindario.com/ingresoToken.html&cb=1377877011&player_width=640&player_height=385&custom_skin=1&ad_volume=0&regs[gdpr]=1&user[consent]=1
Requested by
Host: static.addevweb.com
URL: https://static.addevweb.com/integrations/fd629041-9e6f-47d6-8dfb-cf82237caa89/fd629041-9e6f-47d6-8dfb-cf82237caa89.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.124 , Netherlands, ASN35220 (SPOTX-AMS, NL),
Reverse DNS
Software
nginx /
Resource Hash
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Accept
*/*
Referer
https://pichinchaonline6.webcindario.com/ingresoToken.html
Origin
https://pichinchaonline6.webcindario.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 27 Sep 2018 04:36:26 GMT
Content-Encoding
gzip
X-SpotX-Timing-Transform
0.000340
X-SpotX-Timing-SpotMarket
0.052061
X-SpotX-Timing-Page-Mux
0.000165
P3P
CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV ADMa"
X-SpotX-Timing-Page-Require
0.000497
X-fe
031
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.001206
Content-Length
77
X-SpotX-Timing-Page
0.054744
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000249
Last-Modified
Thu, 27 Sep 2018 04:36:26 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Vary
Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary
0.034249
Content-Type
text/xml;charset=UTF-8
Access-Control-Allow-Origin
https://pichinchaonline6.webcindario.com
X-SpotX-Timing-Page-Misc
0.000200
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.017812
X-SpotX-Timing-Page-URI
0.000025
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
truncated
/
43 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/gif
gen_204
pagead2.googlesyndication.com/pagead/
0
58 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?error=1012&vis=1&lid=7&sdkv=h.3.238.1&id=ima_html5&c=3552743310508939&domain=pichinchaonline6.webcindario.com
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pichinchaonline6.webcindario.com/ingresoToken.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Sep 2018 04:36:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/
231 KB
79 KB
Script
General
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: static.addevweb.com
URL: https://static.addevweb.com/integrations/fd629041-9e6f-47d6-8dfb-cf82237caa89/fd629041-9e6f-47d6-8dfb-cf82237caa89.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:816::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
2f5b5de8c33cc74675acf9e45b51e378f2cf11c958bbb644437f2d70fed930a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pichinchaonline6.webcindario.com/ingresoToken.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 27 Sep 2018 04:36:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
81090
x-xss-protection
1; mode=block
expires
Thu, 27 Sep 2018 04:36:26 GMT
bridge3.237.5_en.html
imasdk.googleapis.com/js/core/ Frame 967B
0
0
Document
General
Full URL
https://imasdk.googleapis.com/js/core/bridge3.237.5_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:816::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.237.5_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://pichinchaonline6.webcindario.com/ingresoToken.html
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://pichinchaonline6.webcindario.com/ingresoToken.html

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
169997
date
Tue, 25 Sep 2018 14:29:04 GMT
expires
Wed, 25 Sep 2019 14:29:04 GMT
last-modified
Tue, 25 Sep 2018 14:26:05 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
1; mode=block
cache-control
public, max-age=31536000
age
137242
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
esit_desktop.xml
static.addevweb.com/SMVpaidCreatives/vpaidwrapper/
844 B
1 KB
XHR
General
Full URL
https://static.addevweb.com/SMVpaidCreatives/vpaidwrapper/esit_desktop.xml
Requested by
Host: static.addevweb.com
URL: https://static.addevweb.com/integrations/fd629041-9e6f-47d6-8dfb-cf82237caa89/fd629041-9e6f-47d6-8dfb-cf82237caa89.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.181.167.140 , United Kingdom, ASN60068 (CDN77, GB),
Reverse DNS
unn-195-181-167-140.datapacket.com
Software
nginx /
Resource Hash
8f18132a234490642b0f981fa0794c35b8ca7a4ec9b8ef8b9b896c42735dc4b1

Request headers

Accept
*/*
Referer
https://pichinchaonline6.webcindario.com/ingresoToken.html
Origin
https://pichinchaonline6.webcindario.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 27 Sep 2018 04:36:26 GMT
tp-cache
HIT
age
590180
status
200
x-device
desktop
content-length
844
last-modified
Tue, 07 Aug 2018 11:33:55 GMT
server
nginx
etag
"f1abb0be-34c-572d6c4e485b7"
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/xml
access-control-allow-origin
https://pichinchaonline6.webcindario.com
cache-control
max-age=0, s-maxage=2592000
access-control-allow-credentials
true
accept-ranges
bytes
gen_204
pagead2.googlesyndication.com/pagead/
0
58 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?error=1012&vis=1&lid=7&sdkv=h.3.237.5&id=ima_html5&c=955591001860819&domain=pichinchaonline6.webcindario.com
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pichinchaonline6.webcindario.com/ingresoToken.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Sep 2018 04:36:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
vpaid_wrapper_sunmedia.js
static.addevweb.com/SMSupport/SMAdOps/vpaidads/SMPlugin/ Frame 4C60
10 KB
3 KB
Script
General
Full URL
https://static.addevweb.com/SMSupport/SMAdOps/vpaidads/SMPlugin/vpaid_wrapper_sunmedia.js?t=https%3A%2F%2Fmx-sunmedia.videoplaza.tv%2Fproxy%2Fdistributor%2Fv2%3Fs%3DESIT%2FDesktop%26tt%3Dp%26rt%3Dvast_2.0%26rnd%3D%7Brandom%7D%26pf%3Dfl_11%26dcid%3Dpc%26xpb%3D1
Requested by
Host: static.addevweb.com
URL: https://static.addevweb.com/integrations/fd629041-9e6f-47d6-8dfb-cf82237caa89/fd629041-9e6f-47d6-8dfb-cf82237caa89.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.181.167.140 , United Kingdom, ASN60068 (CDN77, GB),
Reverse DNS
unn-195-181-167-140.datapacket.com
Software
nginx /
Resource Hash
562454b1a3ee9f472415e324f2693985c24cbd391a685bd6538b7dbd6cd56988

Request headers

Referer
https://pichinchaonline6.webcindario.com/ingresoToken.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 27 Sep 2018 04:36:26 GMT
content-encoding
gzip
tp-cache
HIT
last-modified
Wed, 29 Aug 2018 11:25:02 GMT
server
nginx
age
590180
etag
"f1a24ab5-2926-5749135a05d86"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=2592000, s-maxage=2592000
content-length
3171
accept-ranges
bytes
x-device
desktop
SMVast_2.0.js
static.addevweb.com/SMVast/ Frame D725
75 KB
17 KB
Script
General
Full URL
https://static.addevweb.com/SMVast/SMVast_2.0.js
Requested by
Host: static.addevweb.com
URL: https://static.addevweb.com/SMSupport/SMAdOps/vpaidads/SMPlugin/vpaid_wrapper_sunmedia.js?t=https%3A%2F%2Fmx-sunmedia.videoplaza.tv%2Fproxy%2Fdistributor%2Fv2%3Fs%3DESIT%2FDesktop%26tt%3Dp%26rt%3Dvast_2.0%26rnd%3D%7Brandom%7D%26pf%3Dfl_11%26dcid%3Dpc%26xpb%3D1
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.181.167.140 , United Kingdom, ASN60068 (CDN77, GB),
Reverse DNS
unn-195-181-167-140.datapacket.com
Software
nginx /
Resource Hash
d160001390e5654cc441b2d4ef51046e095c53fb4a625d51cfd57b6ddb7b86fd

Request headers

Referer
https://pichinchaonline6.webcindario.com/ingresoToken.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 27 Sep 2018 04:36:27 GMT
content-encoding
gzip
tp-cache
HIT
last-modified
Wed, 05 Sep 2018 11:35:54 GMT
server
nginx
age
590192
etag
"f1a5c6ab-12de8-5751e2d67c42c"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=0, s-maxage=31536000
content-length
17064
accept-ranges
bytes
x-device
desktop
SMbridge.js
static.addevweb.com/SMSupport/SMAdOps/vpaidads/SMPlugin/ Frame D725
3 KB
1 KB
Script
General
Full URL
https://static.addevweb.com/SMSupport/SMAdOps/vpaidads/SMPlugin/SMbridge.js
Requested by
Host: static.addevweb.com
URL: https://static.addevweb.com/SMSupport/SMAdOps/vpaidads/SMPlugin/vpaid_wrapper_sunmedia.js?t=https%3A%2F%2Fmx-sunmedia.videoplaza.tv%2Fproxy%2Fdistributor%2Fv2%3Fs%3DESIT%2FDesktop%26tt%3Dp%26rt%3Dvast_2.0%26rnd%3D%7Brandom%7D%26pf%3Dfl_11%26dcid%3Dpc%26xpb%3D1
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.181.167.140 , United Kingdom, ASN60068 (CDN77, GB),
Reverse DNS
unn-195-181-167-140.datapacket.com
Software
nginx /
Resource Hash
6d6a2a470949610ba6ca92ea2d187cb9ee751e9dac386b274e8c393cdad74ba8

Request headers

Referer
https://pichinchaonline6.webcindario.com/ingresoToken.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 27 Sep 2018 04:36:27 GMT
content-encoding
gzip
tp-cache
HIT
last-modified
Wed, 29 Aug 2018 11:25:02 GMT
server
nginx
age
590180
etag
"f1a24ab3-bd5-5749135a02ea2"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=2592000, s-maxage=2592000
content-length
1083
accept-ranges
bytes
x-device
desktop
v2
mx-sunmedia.videoplaza.tv/proxy/distributor/ Frame D725
7 KB
2 KB
XHR
General
Full URL
https://mx-sunmedia.videoplaza.tv/proxy/distributor/v2?s=ESIT/Desktop&tt=p&rt=vast_2.0&rnd={random}&pf=fl_11&dcid=pc&xpb=1&cp.gdpr=1&cp.consent=1
Requested by
Host: static.addevweb.com
URL: https://static.addevweb.com/SMVast/SMVast_2.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.28.139.9 , Sweden, ASN197541 (VIDEOPLAZA-AS, SE),
Reverse DNS
stc-185-28-139.videoplaza.net
Software
/
Resource Hash
d31fb0eff9ec3564e198d7e52fb6687b8e4693af49eca3e2b8df3ee850127c7f

Request headers

Accept
*/*
Referer
https://pichinchaonline6.webcindario.com/ingresoToken.html
Origin
https://pichinchaonline6.webcindario.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 27 Sep 2018 04:36:27 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
text/xml;charset=utf-8
Access-Control-Allow-Origin
https://pichinchaonline6.webcindario.com
Cache-Control
no-cache, must-revalidate
Access-Control-Allow-Credentials
true
Connection
close
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame D725
231 KB
79 KB
Script
General
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: static.addevweb.com
URL: https://static.addevweb.com/SMVast/SMVast_2.0.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:816::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
2f5b5de8c33cc74675acf9e45b51e378f2cf11c958bbb644437f2d70fed930a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pichinchaonline6.webcindario.com/ingresoToken.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 27 Sep 2018 04:36:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
81090
x-xss-protection
1; mode=block
expires
Thu, 27 Sep 2018 04:36:27 GMT
bridge3.237.5_en.html
imasdk.googleapis.com/js/core/ Frame 98FD
0
0
Document
General
Full URL
https://imasdk.googleapis.com/js/core/bridge3.237.5_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:816::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.237.5_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://pichinchaonline6.webcindario.com/ingresoToken.html
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://pichinchaonline6.webcindario.com/ingresoToken.html

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
169997
date
Tue, 25 Sep 2018 14:29:04 GMT
expires
Wed, 25 Sep 2019 14:29:04 GMT
last-modified
Tue, 25 Sep 2018 14:26:05 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
1; mode=block
cache-control
public, max-age=31536000
age
137243
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
client.js
s0.2mdn.net/instream/video/ Frame D725
26 KB
10 KB
Script
General
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.58.210.6 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s07-in-f6.1e100.net
Software
sffe /
Resource Hash
62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pichinchaonline6.webcindario.com/ingresoToken.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 27 Sep 2018 04:36:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
10523
x-xss-protection
1; mode=block
expires
Thu, 27 Sep 2018 04:36:27 GMT
integrator.js
adservice.google.com/adsid/ Frame D725
109 B
171 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=pichinchaonline6.webcindario.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:815::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pichinchaonline6.webcindario.com/ingresoToken.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 27 Sep 2018 04:36:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
104
x-xss-protection
1; mode=block
truncated
/ Frame D725
43 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/gif
v2
mx-sunmedia.videoplaza.tv/proxy/tracker/ Frame D725
0
254 B
Image
General
Full URL
https://mx-sunmedia.videoplaza.tv/proxy/tracker/v2?aid=0&cf=short_form&dcid=3a727fe9-8872-49b7-8e68-0a262f7b4f75&e=0&loc=CJQCEMRRGOzLAiCl7BAtUmdEQjWLbCtBOgxndW56ZW5oYXVzZW5CAyMjIw&pf=fl_11&pid=e5ea7ab2-c20e-11e8-98ca-0cc47a5353e4&s=ESIT%2FDesktop&tid=e5ea7ab1-c20e-11e8-98ca-0cc47a5353e4&tt=p&ua=%5Bua%5D&uc=%5Buc%5D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.28.139.8 , Sweden, ASN197541 (VIDEOPLAZA-AS, SE),
Reverse DNS
stc-185-28-139.videoplaza.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pichinchaonline6.webcindario.com/ingresoToken.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 27 Sep 2018 04:36:28 GMT
Connection
close
Vary
Accept-Encoding
Expires
Thu, 01 Jan 1970 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D725
0
49 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?error=1012&vis=1&lid=7&sdkv=h.3.237.5&id=ima_html5&c=2898107998759224&domain
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pichinchaonline6.webcindario.com/ingresoToken.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Sep 2018 04:36:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
t.lkqd.net
URL
https://t.lkqd.net/t

Verdicts & Comments Add Verdict or Comment

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| DocumentTimer function| clearAfter function| clearDocument function| click function| mykeyhandler object| dataLayer object| google_tag_manager string| GoogleAnalyticsObject function| mia_ga object| google_tag_data object| gaplugins object| sa object| gaGlobal object| gaData function| validaNumero function| validaTarjeta function| isDouble function| isNumber function| validarEmail function| isDate function| showHelp function| hideHelp function| validarCaracter function| newXMLHttpRequest function| getReadyStateHandler function| enviar function| doOnLoad function| salirDespuesDe function| salirTodo function| getBrowserHeight function| getYOffset function| setWaitingLayerPosition function| showWaitingLayer function| hideWaitingLayer object| vpaidLoader string| uAgent number| SMGDPRKey object| device object| SMInHome function| setUpAgknTag object| spotxDataLayer object| SMCurrentPlayer function| agknTagBuilder object| _agknTag string| _agknTagName object| _agknEchoTag number| _isAgknTagSet object| google_js_reporting_queue function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| ima object| google object| closure_lm_271583 function| processGoogleToken object| googleToken object| googleIMState object| google_persistent_state_async number| google_global_correlator object| closure_lm_507861 object| closure_lm_294712 object| closure_lm_621133

8 Cookies

Domain/Path Name / Value
.hosting.miarroba.info/ Name: __weslvu
Value: 1538022984
hosting.miarroba.info/ Name: __weslvu
Value: 1538022984
.miarroba.info/ Name: __cfduid
Value: d64ea20591837bc1d1fb676077b31ea461538022984
.pichinchaonline6.webcindario.com/ Name: _gid
Value: GA1.3.1751010854.1538022985
.pichinchaonline6.webcindario.com/ Name: _gat_UA-597118-7
Value: 1
.pichinchaonline6.webcindario.com/ Name: _ga
Value: GA1.3.682838048.1538022985
.miarroba.info/ Name: clientcountry
Value: unknown
.webcindario.com/ Name: __muid
Value: 27f52d9557e0cfb7a936117d9008311581aae303

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.lkqd.net
ads.vidoomy.com
adservice.google.com
d.agkn.com
es-sunicontent.videoplaza.tv
fonts.googleapis.com
hosting.miarroba.info
imasdk.googleapis.com
js.agkn.com
mx-sunmedia.videoplaza.tv
pagead2.googlesyndication.com
pichinchaonline6.webcindario.com
s0.2mdn.net
sb.scorecardresearch.com
search.spotxchange.com
static.addevweb.com
stats.g.doubleclick.net
sync.search.spotxchange.com
t.lkqd.net
v.lkqd.net
www.google-analytics.com
www.googletagmanager.com
www.pichincha.com
t.lkqd.net
146.20.128.125
146.20.133.39
172.227.124.249
18.185.28.221
18.220.59.148
185.28.139.8
185.28.139.9
185.94.180.124
185.94.180.125
195.181.167.140
195.181.174.88
200.0.63.48
205.185.216.10
216.58.210.6
2400:cb00:2048:1::6819:cf08
2600:9000:200c:e000:15:efbc:e300:93a1
2a00:1450:4001:815::2002
2a00:1450:4001:815::200e
2a00:1450:4001:816::2008
2a00:1450:4001:816::200a
2a00:1450:4001:81b::2002
2a00:1450:400c:c00::9c
5.57.226.202
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
06d10ddd446ea86ebea46a23a233c9a5fd8df1ce12dfde397d6edbf273f3b852
12f2035670904e87f8e2313533931a75b09deffa73cd68bf6a6aca51bf47fa68
18fafdf0ca4e599359f51f4e5b1b9357efdf797810641ebb3210f771a9a17e2a
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
2c450847391d6a6c3402cd6f37e0b120c92ee246511f94414856b009187cbb9d
2ee2a6c379357b39781d14855c7c0176c1787a91f61cd30970e2abf8e4d4a740
2f5b5de8c33cc74675acf9e45b51e378f2cf11c958bbb644437f2d70fed930a0
2fd18698a9c07c01ed01e19274ad4cd456e1faabc8b226a17efc63b3220ef3e2
33e5e19bca3a0cd6eb3c73b7160afe3a752ddefc95b05e82f74fce1f727e14cd
3708e6df76853d6053b0b88baecdeeae8ff83e57ea48840cba61c6616d37e841
38feffef11c5cb6f685726b45bf177a290d53975ec3423408448f0f83cb450e6
45fa735c6df15f15a1293a9cb3125033408874bf284280e8bcac23f95ad8feac
47fd77ed50c61b270cf73b6b71c5ae29d7b46023ea1e3d2f646858d839c927bb
4cf86b8273ac1a15c23684145f8035a0e3c9d67942f62cb44bb8b95bd7465877
562454b1a3ee9f472415e324f2693985c24cbd391a685bd6538b7dbd6cd56988
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5ac42d7d04e897c0e8466374450473737d6364e6992292e0e44f3d3eef80d08c
62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147
6b0f54accd945c6a7034f75908ebaad8c00d71e12f762388e207d61e6e0feb91
6d6a2a470949610ba6ca92ea2d187cb9ee751e9dac386b274e8c393cdad74ba8
75952252f7614a01ff731ef84894583eb5012dad1b614c948322f7ddaa86b0fa
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d
7a000f38eb0e9764341b690ff8c931c309a4392e7b35c157652864658ab406eb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8723cae31a124bb3aba17b012e29bfc6360ecba1b40661077000e8a97afa0e55
8f18132a234490642b0f981fa0794c35b8ca7a4ec9b8ef8b9b896c42735dc4b1
9215c09ccbde4ac66369b3110e3b086ebf8236b972974249f3c2e900d29b97e2
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4e4284df82b1d00d1744f880369526804cff3d98ede14dfab7f00b27fc8a7f7
b50ec863f77326df68724d336d1e16f8f9a7f0b2e32121b4a0543682522aebce
bdc8974fef203fa0bb84f6488aca9993abe075e703a1edc87c583e71ae855412
c11471a828f6253182afce9643d3064cb524ea6f72d5e41fc9502a992a24c41a
c6f857289b6346595f6422017d18147295aa1e365d187969b1fc4f7c5b5a2617
d160001390e5654cc441b2d4ef51046e095c53fb4a625d51cfd57b6ddb7b86fd
d31fb0eff9ec3564e198d7e52fb6687b8e4693af49eca3e2b8df3ee850127c7f
d799e4071a02440a4087267ca74c6581569bc7fe3fcfa2281dfb4cf3b5d95a3c
dd4473796fb0eda44798d1802b139e99b54cdf783a2df05f0be684481238c151
e26364f609d60e527048fff8bc46f61aa42566b7f1d0ebff6eecf89a9ebca997
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
ed17a6e7532cc3065f9fbd8f607dfd30e09b4531ada9f7cb5732a2bf6cf6744c
ee758bffbcb013a4226b4124a474a835463e8144cbeb68493ffee519a912d0a4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
faea86767665f43e53c216419a8778e0a8586ee95e69981da71cbaa2d34e9181