u336351g0o.ha002.t.justns.ru Open in urlscan Pro
2a00:b700::6:b Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://s.id/3rSUP
Effective URL:
http://u336351g0o.ha002.t.justns.ru/authx
Submission: On February 22 via api (February 22nd 2019, 1:31:39 pm UTC) from FR

Summary HTTP 36 Redirects Behaviour Indicators

Summary

This website contacted 18 IPs in 8 countries across 24 domains to perform 36 HTTP transactions. The main IP is 2a00:b700::6:b, located in Russian Federation and belongs to ASBAXET, RU. The main domain is u336351g0o.ha002.t.justns.ru.

This is the only time u336351g0o.ha002.t.justns.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	203.119.112.228 203.119.112.228	56088 (PANDI-ID ...) (PANDI-ID PANDI - Pengelola Nama Domain Internet Indonesia)
1	77.222.40.43 77.222.40.43	44112 (SWEB-AS) (SWEB-AS)
1 1	2606:4700:31:... 2606:4700:31::681f:ab2	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2606:4700:31:... 2606:4700:31::681f:bb2	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2606:4700::68... 2606:4700::6813:c597	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
3	2a00:b700::6:b 2a00:b700::6:b	51659 (ASBAXET) (ASBAXET)
5	151.139.241.23 151.139.241.23	12989 (HWNG) (HWNG)
1	145.239.193.145 145.239.193.145	16276 (OVH) (OVH)
1	74.214.194.132 74.214.194.132	59940 (PULSEPOIN...) (PULSEPOINT-EU)
1	13.32.158.117 13.32.158.117	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	13.32.222.16 13.32.222.16	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 1	185.86.137.42 185.86.137.42	201081 (SMARTADSE...) (SMARTADSERVER)
1	68.232.35.16 68.232.35.16	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
1	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	147.135.143.44 147.135.143.44	16276 (OVH) (OVH)
1	3.120.49.191 3.120.49.191	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	5.179.192.20 5.179.192.20	34235 (ASPSERVEU...) (ASPSERVEUR-AS)
1	2a00:1450:400... 2a00:1450:4001:81e::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	2600:9000:200... 2600:9000:200d:d400:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2600:9000:200... 2600:9000:200d:4400:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
36	18

1 203.119.112.228 (Indonesia)

ASN56088 (PANDI-ID PANDI - Pengelola Nama Domain Internet Indonesia, ID)
PTR: s.id.112.119.203.in-addr.arpa

s.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 77.222.40.43 (Russian Federation)

ASN44112 (SWEB-AS, RU)
PTR: vh265.sweb.ru

tatilexus2.temp.swtest.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:31::681f:ab2 (United States) 1 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

urlz.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:31::681f:bb2 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

urlz.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:c597 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:b700::6:b (Russian Federation)

ASN51659 (ASBAXET, RU)

u336351g0o.ha002.t.justns.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.139.241.23 (Dallas, United States)

ASN12989 (HWNG, NL)

ads.themoneytizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 145.239.193.145 (United Kingdom)

ASN16276 (OVH, FR)

g.tmyzer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.214.194.132 (Amsterdam, Netherlands)

ASN59940 (PULSEPOINT-EU, NL)

tag.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.158.117 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-32-158-117.fra56.r.cloudfront.net

p.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.222.16 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-32-222-16.fra56.r.cloudfront.net

d2zur9cc2gf1tx.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.137.42 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

ww1097.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 68.232.35.16 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

ced-ns.sascdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 147.135.143.44 (Waltham, United States)

ASN16276 (OVH, FR)

tag.leadplace.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.120.49.191 (Fairfield, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-3-120-49-191.eu-central-1.compute.amazonaws.com

edge.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.179.192.20 (France)

ASN34235 (ASPSERVEUR-AS, FR)
PTR: 5-179-192-20.dynamixhost.net

player.pepsia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81e::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:200d:d400:6:44e3:f8c0:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:200d:4400:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	themoneytizer.com ads.themoneytizer.com	114 KB
3	justns.ru u336351g0o.ha002.t.justns.ru	878 B
2	quantcount.com 1 redirects rules.quantcount.com	1 KB
2	leadplace.fr tag.leadplace.fr	3 KB
2	urlz.fr 1 redirects urlz.fr	2 KB
1	googleapis.com ajax.googleapis.com	30 KB
1	pepsia.com player.pepsia.com	37 KB
1	quantserve.com edge.quantserve.com	6 KB
1	criteo.com gum.criteo.com	305 B
1	sascdn.com ced-ns.sascdn.com	8 KB
1	smartadserver.com 1 redirects ww1097.smartadserver.com	481 B
1	cloudfront.net d2zur9cc2gf1tx.cloudfront.net	25 KB
1	cpx.to p.cpx.to s.cpx.to Failed	2 KB
1	contextweb.com tag.contextweb.com	11 KB
1	tmyzer.com g.tmyzer.com	200 B
1	cloudflare.com ajax.cloudflare.com	4 KB
1	swtest.ru tatilexus2.temp.swtest.ru	337 B
1	s.id s.id analytics.s.id Failed	2 KB
0	adleadevent.com Failed adtrack.adleadevent.com Failed
0	rubiconproject.com Failed fastlane.rubiconproject.com Failed
0	stickyadstv.com Failed ads.stickyadstv.com Failed
0	360yield.com Failed ad.360yield.com Failed
0	noowho.com Failed www.noowho.com Failed
0	adnxs.com Failed ib.adnxs.com Failed
36	24

	Domain	Requested by
5	ads.themoneytizer.com	ajax.cloudflare.com ads.themoneytizer.com
3	u336351g0o.ha002.t.justns.ru	urlz.fr s.id
2	rules.quantcount.com	1 redirects
2	tag.leadplace.fr	ads.themoneytizer.com tag.leadplace.fr
2	urlz.fr	1 redirects
1	ajax.googleapis.com	d2zur9cc2gf1tx.cloudfront.net
1	player.pepsia.com	s.id player.pepsia.com
1	edge.quantserve.com	ads.themoneytizer.com
1	gum.criteo.com	ads.themoneytizer.com
1	ced-ns.sascdn.com
1	ww1097.smartadserver.com	1 redirects
1	d2zur9cc2gf1tx.cloudfront.net	ads.themoneytizer.com
1	p.cpx.to	ads.themoneytizer.com
1	tag.contextweb.com	ads.themoneytizer.com
1	g.tmyzer.com	ads.themoneytizer.com
1	ajax.cloudflare.com	urlz.fr
1	tatilexus2.temp.swtest.ru	s.id
1	s.id
0	adtrack.adleadevent.com Failed	ajax.googleapis.com
0	s.cpx.to Failed	ads.themoneytizer.com
0	fastlane.rubiconproject.com Failed	ads.themoneytizer.com
0	ads.stickyadstv.com Failed	ads.themoneytizer.com
0	ad.360yield.com Failed	ads.themoneytizer.com
0	www.noowho.com Failed
0	ib.adnxs.com Failed	ads.themoneytizer.com
0	analytics.s.id Failed	s.id
36	26

This site contains no links.

Subject Issuer	Validity	Valid
*.s.id COMODO RSA Domain Validation Secure Server CA	`2018-12-03` - `2020-12-02`	2 years	crt.sh
ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2018-09-22` - `2019-03-31`	6 months	crt.sh
*.themoneytizer.com Sectigo RSA Domain Validation Secure Server CA	`2019-02-15` - `2021-02-14`	2 years	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2018-10-16` - `2019-10-21`	a year	crt.sh

This page contains 4 frames:

Primary Page: http://u336351g0o.ha002.t.justns.ru/authx
Frame ID: 9580C0CFF1B0F33F902D61DA71030BF8
Requests: 33 HTTP requests in this frame

Frame: http://u336351g0o.ha002.t.justns.ru/authx
Frame ID: 147E10A5F1143F5E7290F0F29FC474D9
Requests: 1 HTTP requests in this frame

Frame: http://u336351g0o.ha002.t.justns.ru/authx
Frame ID: A5F7DCA465470FB9F225EB8A14EE817F
Requests: 1 HTTP requests in this frame

Frame: http://tag.leadplace.fr/wckr.php?nogdpr&id=MTIZ
Frame ID: 4FF9B744D669B436FABC0D6B867F68DE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://s.id/3rSUP Page URL
http://tatilexus2.temp.swtest.ru/ Page URL
https://urlz.fr/8Ytf HTTP 301
http://urlz.fr/8Ytf Page URL
http://u336351g0o.ha002.t.justns.ru/authx Page URL

Detected technologies

Ubuntu (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Ubuntu/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

36
Requests

17 %
HTTPS

40 %
IPv6

24
Domains

26
Subdomains

18
IPs

8
Countries

247 kB
Transfer

596 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://s.id/3rSUP Page URL
http://tatilexus2.temp.swtest.ru/ Page URL
https://urlz.fr/8Ytf HTTP 301
http://urlz.fr/8Ytf Page URL
http://u336351g0o.ha002.t.justns.ru/authx Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://urlz.fr/8Ytf HTTP 301
http://urlz.fr/8Ytf

Request Chain 14

http://ww1097.smartadserver.com/config.js?nwid=1097 HTTP 302
http://ced-ns.sascdn.com/diff/js/smart.js

Request Chain 17

http://id5-sync.com/i/12/9.gif HTTP 302
http://id5-sync.com/c/12/0/9/1.gif HTTP 302
http://ib.adnxs.com/getuid?http://id5-sync.com/c/12/2/8/2.gif?puid=$UID HTTP 302
http://ib.adnxs.com/bounce?%2Fgetuid%3Fhttp%3A%2F%2Fid5-sync.com%2Fc%2F12%2F2%2F8%2F2.gif%3Fpuid%3D%24UID

Request Chain 25

http://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js HTTP 301
https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js

36 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Cookie set 3rSUP Show response
s.id/ 2 KB
2 KB 944ms
248ms Document
text/html 203.119.112.228
Pengelola Nama Do...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.id/3rSUP
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.119.112.228 , Indonesia, ASN56088 (PANDI-ID PANDI - Pengelola Nama Domain Internet Indonesia, ID),
Reverse DNS: s.id.112.119.203.in-addr.arpa
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 7b65011be82baae4f460bcd9cf90f557e3c4101d8b75d83c96e57ff947fc025c

Request headers

Host: s.id
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Server: nginx/1.10.3 (Ubuntu)
Date: Fri, 22 Feb 2019 13:31:23 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: private, must-revalidate
pragma: no-cache
expires: -1
Set-Cookie: XSRF-TOKEN=eyJpdiI6InEyTmppc2xFZmc3T0JFSTFLU0U3RFE9PSIsInZhbHVlIjoiTmVYaVlYaHJZbXZCeW5ENkJsaXpjS3djR2pjQnErekg3SG9nc2Fxa3dJUUV0dTdBbU5DVUNiWWszdEVaXC9vZDV3ODE0RXk2cEg5SWhqbTc5OE9CXC9SUT09IiwibWFjIjoiNzhjMGJhYjUyYzAxZDE3N2QzYjVjYzgxMDc0MjA4NGEyYzMzYjg5NDMxMmI0MjVjMTU5Zjg5OTMzYTIwN2QyOSJ9; expires=Fri, 22-Feb-2019 15:31:23 GMT; Max-Age=7200; path=/ major_tom=eyJpdiI6IkI2U1N2V082Yzd3VFVjMzB4ZUJKUFE9PSIsInZhbHVlIjoiM0FGTkNTZ2I2TFJHY2xjY214TmZpQllTcnlwZ1wvVmIwOGRoV2llSFFKNGtCSGJmc01aRnFQZm5rTmVLQkg4aTlkeUhpRkJGT3dJRUVlTkNIbVwvUVk5UT09IiwibWFjIjoiMzYwZWI1YTZmMmUzNTdjNzljYzkyMjAzY2IyZTFjZWI4Zjk5N2I0YTFlODE4ZmZkMWYzZjI4ZTBiN2M5NmJkNCJ9; expires=Fri, 22-Feb-2019 15:31:23 GMT; Max-Age=7200; path=/; httponly
Content-Encoding: gzip

GET piwik.js
analytics.s.id/ 0
0

GET
H/1.1 200
OK /
tatilexus2.temp.swtest.ru/ 64 B
337 B 193ms
69ms Document
text/html 77.222.40.43
SWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://tatilexus2.temp.swtest.ru/
Requested by: Host: s.id
URL: https://s.id/3rSUP
Protocol: HTTP/1.1
Server: 77.222.40.43 , Russian Federation, ASN44112 (SWEB-AS, RU),
Reverse DNS: vh265.sweb.ru
Software: nginx/1.15.2 /
Resource Hash

Request headers

Host: tatilexus2.temp.swtest.ru
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Server: nginx/1.15.2
Date: Fri, 22 Feb 2019 13:31:24 GMT
Content-Type: text/html
Content-Length: 64
Connection: keep-alive
Keep-Alive: timeout=10
Last-Modified: Thu, 21 Feb 2019 06:15:37 GMT
ETag: "176cb79-40-582616722f636"
Accept-Ranges: bytes

GET
H/1.1

200
OK

8Ytf Show response
urlz.fr/
Redirect Chain

https://urlz.fr/8Ytf
http://urlz.fr/8Ytf

3 KB
1 KB

42ms
36ms

Document
text/html

2606:4700:31::681f:bb2
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://urlz.fr/8Ytf
Protocol: HTTP/1.1
Server: 2606:4700:31::681f:bb2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3aa676d8a9c744bece25ad5e7c774d12c6a234711066219f7dd725397373ae4

Request headers

Host: urlz.fr
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://tatilexus2.temp.swtest.ru/
Accept-Encoding: gzip, deflate
Cookie: __cfduid=d25a31dc02cc65a62c4ad9609d3da89c71550842284
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://tatilexus2.temp.swtest.ru/

Response headers

Date: Fri, 22 Feb 2019 13:31:24 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: cloudflare
CF-RAY: 4ad1d01579cfc2e7-FRA
Content-Encoding: gzip

Redirect headers

status: 301
date: Fri, 22 Feb 2019 13:31:24 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d25a31dc02cc65a62c4ad9609d3da89c71550842284; expires=Sat, 22-Feb-20 13:31:24 GMT; path=/; domain=.urlz.fr; HttpOnly
location: http://urlz.fr/8Ytf
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 4ad1d014f8d89718-FRA

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/cb7744ae/cloudflare-static/ 11 KB
4 KB 14ms
13ms Script
application/javascript 2606:4700::6813:c597
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/cb7744ae/cloudflare-static/rocket-loader.min.js

Requested by

Host: urlz.fr
URL: http://urlz.fr/8Ytf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:c597 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

3349f7ebfafd1cf105f9f4a41a1be792db6dfc5d754de2fbce192a2185486b73

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://urlz.fr/8Ytf
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Feb 2019 13:31:24 GMT
content-encoding: gzip
last-modified: Mon, 18 Feb 2019 17:46:56 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5c6aef90-2d8b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=172800, public
strict-transport-security: max-age=15780000; includeSubDomains
cf-ray: 4ad1d015ffb897c8-FRA
expires: Sun, 24 Feb 2019 13:31:24 GMT

GET
H/1.1 404
Not Found authx
u336351g0o.ha002.t.justns.ru/ Frame 147E 0
0 85ms
42ms Document
text/html 2a00:b700::6:b
ASBAXET

General

Check archive.org

Show headers Download Go to

Full URL: http://u336351g0o.ha002.t.justns.ru/authx
Requested by: Host: urlz.fr
URL: http://urlz.fr/8Ytf
Protocol: HTTP/1.1
Server: 2a00:b700::6:b , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash

Request headers

Host: u336351g0o.ha002.t.justns.ru
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://urlz.fr/8Ytf
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://urlz.fr/8Ytf

Response headers

Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Pragma: no-cache
Content-Type: text/html
Content-Length: 618
Date: Fri, 22 Feb 2019 13:31:24 GMT
Server: LiteSpeed
Vary: User-Agent
Connection: Keep-Alive

GET
H/1.1 200
OK requestform.js Show response
ads.themoneytizer.com/s/ 43 KB
9 KB 29ms
8ms Script
text/html 151.139.241.23
HWNG

General

Check archive.org

Show headers Download Go to

Full URL: http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/cb7744ae/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Server: 151.139.241.23 Dallas, United States, ASN12989 (HWNG, NL),
Reverse DNS
Software: NetDNA-cache/2.2 / PHP/5.4.45
Resource Hash: 2dab93e85c921c8a853f19c5bfa32757e9f235f066e4756a7c914e5cba6619f4

Request headers

Referer: http://urlz.fr/8Ytf
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 22 Feb 2019 13:31:24 GMT
Content-Encoding: gzip
Server: NetDNA-cache/2.2
X-Powered-By: PHP/5.4.45
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/html; charset=UTF-8
Cache-control: max-age=86400
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes
Expires: Sat, 23 Feb 2019 13:31:24 GMT

GET
H/1.1 200
OK gen.js Show response
ads.themoneytizer.com/s/ 6 KB
2 KB 28ms
7ms Script
text/html 151.139.241.23
HWNG

General

Check archive.org

Show headers Download Go to

Full URL: http://ads.themoneytizer.com/s/gen.js?type=28
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/cb7744ae/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Server: 151.139.241.23 Dallas, United States, ASN12989 (HWNG, NL),
Reverse DNS
Software: NetDNA-cache/2.2 / PHP/5.4.45
Resource Hash: dd76fdd2142192064e0af855f1b21bdad5ed9e807f053e813827e601404a83cb

Request headers

Referer: http://urlz.fr/8Ytf
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 22 Feb 2019 13:31:24 GMT
Content-Encoding: gzip
Server: NetDNA-cache/2.2
X-Powered-By: PHP/5.4.45
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/html; charset=UTF-8
Cache-control: max-age=86400
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes
Expires: Sat, 23 Feb 2019 13:31:24 GMT

GET
H/1.1 200
OK / Show response
g.tmyzer.com/g/ 26 B
200 B 68ms
46ms Script
text/html 145.239.193.145
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://g.tmyzer.com/g/
Requested by: Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol: HTTP/1.1
Server: 145.239.193.145 , United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 8c8543047af01eee8aec752d049f35aff3abc468628af82f9585117411786d8c

Request headers

Referer: http://urlz.fr/8Ytf
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 22 Feb 2019 13:31:24 GMT
Server: nginx
X-IPLB-Instance: 15014
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 moneyvisibility.js Show response
ads.themoneytizer.com/ 12 KB
4 KB 37ms
7ms Script
text/javascript 151.139.241.23
HWNG

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneyvisibility.js
Requested by: Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN12989 (HWNG, NL),
Reverse DNS
Software: nginx /
Resource Hash: 7665c874bc98e44bd494def2883069f2f4c14cdef48d52d517cbbfce75440f37

Request headers

Referer: http://urlz.fr/8Ytf
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Feb 2019 13:31:24 GMT
content-encoding: gzip
last-modified: Tue, 03 Oct 2017 20:38:26 GMT
server: nginx
etag: "779a-308e-55aaa791f67cd"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 3931
expires: Sat, 23 Feb 2019 13:31:17 GMT

GET
H2 200 moneybile.js Show response
ads.themoneytizer.com/ 37 KB
16 KB 44ms
15ms Script
text/javascript 151.139.241.23
HWNG

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneybile.js
Requested by: Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN12989 (HWNG, NL),
Reverse DNS
Software: nginx /
Resource Hash: 94666aec361fee9a9294bb32a5bc11867e479d41c199dd6ec8053122ae105a4b

Request headers

Referer: http://urlz.fr/8Ytf
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Feb 2019 13:31:24 GMT
content-encoding: gzip
last-modified: Tue, 26 Dec 2017 18:31:28 GMT
server: nginx
etag: "7ff1-9390-561427db3104d"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 15733
expires: Sat, 23 Feb 2019 13:31:24 GMT

GET
H/1.1 200
OK getjs.static.js Show response
tag.contextweb.com/ 32 KB
11 KB 64ms
21ms Script
application/x-javascript 74.214.194.132
PULSEPOINT-EU

General

Check archive.org

Show headers Download Go to

Full URL: http://tag.contextweb.com/getjs.static.js
Requested by: Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol: HTTP/1.1
Server: 74.214.194.132 Amsterdam, Netherlands, ASN59940 (PULSEPOINT-EU, NL),
Reverse DNS
Software: envoy /
Resource Hash: bf0e17523e8f57ccb02223b6e5adea462a5479afc4e79d9cbf80ca7f6186dc69

Request headers

Referer: http://urlz.fr/8Ytf
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Feb 2019 13:31:24 GMT
content-encoding: gzip
server: envoy
etag: d13c8ae45565efb782b52cb7f6a3b3828e3d77a7
p3p: policyref="/TagPublish/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: max-age=432000, public
x-envoy-upstream-service-time: 3
content-type: application/x-javascript
content-length: 11296

GET
H/1.1 200
OK px.js
p.cpx.to/p/11528/ 1 KB
2 KB 114ms
74ms Script
application/javascript 13.32.158.117
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://p.cpx.to/p/11528/px.js?r=185ae
Requested by: Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol: HTTP/1.1
Server: 13.32.158.117 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-32-158-117.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: http://urlz.fr/8Ytf
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 02 Oct 2018 18:47:15 GMT
Content-Encoding: UTF-8
Last-Modified: Wed, 26 Sep 2018 10:53:05 GMT
Server: AmazonS3
ETag: "f30057c89bf67afeaf18ceba624fa4b7"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 7e3ec4bce6d89d06369eae9bcbd1cb7e.cloudfront.net (CloudFront)
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1498
X-Amz-Cf-Id: zzGV4TCHlYWotC-VxWxXt4_hQsU3ltuSQ8H6w5HH0X1KMBzJN5BqUQ==

GET
H/1.1 200
OK notifyme.js Show response
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/ 25 KB
25 KB 42ms
8ms Script
text/javascript 13.32.222.16
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Requested by: Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol: HTTP/1.1
Server: 13.32.222.16 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-32-222-16.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213

Request headers

Referer: http://urlz.fr/8Ytf
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 18 Feb 2019 16:55:05 GMT
Via: 1.1 89934ce37ea0d70a19ace48a847ae306.cloudfront.net (CloudFront)
Last-Modified: Mon, 18 Feb 2019 16:54:28 GMT
Server: Apache
Age: 74171
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 25704
X-Amz-Cf-Id: X_-L9HEeyc8MYNue3XkkIsnxWNWBPHwt8XABhrtQxlPXDiZgh8eVAg==

GET
H/1.1

200
OK

smart.js
ced-ns.sascdn.com/diff/js/
Redirect Chain

http://ww1097.smartadserver.com/config.js?nwid=1097
http://ced-ns.sascdn.com/diff/js/smart.js

23 KB
8 KB

49ms
10ms

Script
application/x-javascript

68.232.35.16
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: http://ced-ns.sascdn.com/diff/js/smart.js
Protocol: HTTP/1.1
Server: 68.232.35.16 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40E6) /
Resource Hash

Request headers

Referer: http://urlz.fr/8Ytf
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 22 Feb 2019 13:31:24 GMT
Content-Encoding: gzip
Last-Modified: Mon, 11 Feb 2019 13:12:51 GMT
Server: ECS (fcn/40E6)
X-N: S
Etag: "18d57cd29660668e0675302a0f212fc1:1549890771"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: application/x-javascript
Cache-Control: max-age=86400
Accept-Ranges: bytes
Content-Length: 7698

Redirect headers

Location: http://ced-ns.sascdn.com/diff/js/smart.js
Date: Fri, 22 Feb 2019 13:31:24 GMT
Cache-Control: public, no-cache="Set-Cookie", max-age=3600
Content-Type: text/html; charset=utf-8
ETag: "77706A291E2033D8F346CA110D5CF4D9"
Content-Length: 158
Expires: Fri, 22 Feb 2019 14:31:24 GMT

GET
H/1.1 200
OK sync Show response
gum.criteo.com/ 49 B
305 B 71ms
27ms Script
text/javascript 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: http://gum.criteo.com/sync?c=147&r=2&j=criteoCallback
Requested by: Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol: HTTP/1.1
Server: 2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0

Request headers

Referer: http://urlz.fr/8Ytf
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 22 Feb 2019 13:31:24 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=3600
Content-Length: 49
Expires: 60

GET
H/1.1 200
OK libJsLP.js Show response
tag.leadplace.fr/ 3 KB
3 KB 64ms
18ms Script
application/javascript 147.135.143.44
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://tag.leadplace.fr/libJsLP.js
Requested by: Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol: HTTP/1.1
Server: 147.135.143.44 Waltham, United States, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 90e6f92e956b0b2b6e655f63d36cd44cef727f54c2b2a175ab5144de14ba2a31

Request headers

Referer: http://urlz.fr/8Ytf
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 22 Feb 2019 13:31:24 GMT
Last-Modified: Tue, 30 Oct 2018 10:00:26 GMT
Server: nginx/1.14.2
ETag: "5bd82bba-a72"
X-IPLB-Instance: 13167
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 2674

GET

bounce
ib.adnxs.com/
Redirect Chain

http://id5-sync.com/i/12/9.gif
http://id5-sync.com/c/12/0/9/1.gif
http://ib.adnxs.com/getuid?http://id5-sync.com/c/12/2/8/2.gif?puid=$UID
http://ib.adnxs.com/bounce?%2Fgetuid%3Fhttp%3A%2F%2Fid5-sync.com%2Fc%2F12%2F2%2F8%2F2.gif%3Fpuid%3D%24UID

0
0

GET
H/1.1 200
OK quant.js Show response
edge.quantserve.com/ 12 KB
6 KB 38ms
8ms Script
application/x-javascript 3.120.49.191
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://edge.quantserve.com/quant.js
Requested by: Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol: HTTP/1.1
Server: 3.120.49.191 Fairfield, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-3-120-49-191.eu-central-1.compute.amazonaws.com
Software: QS /
Resource Hash: 404a9b0ffbcc813e8ddbb8d8510a24a69c09079282f8083ee94f4adc5d627176

Request headers

Referer: http://urlz.fr/8Ytf
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 22 Feb 2019 13:31:24 GMT
Content-Encoding: gzip
Last-Modified: Fri, 22-Feb-2019 13:31:24 GMT
Server: QS
ETag: M0-e2b9884a
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=604800
Connection: keep-alive
Content-Length: 5456
Expires: Fri, 01 Mar 2019 13:31:24 GMT

GET
H2 200 prebid.js Show response
ads.themoneytizer.com/moneybid1_39/build/dist/ 262 KB
83 KB 15ms
14ms Script
text/javascript 151.139.241.23
HWNG

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneybid1_39/build/dist/prebid.js
Requested by: Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN12989 (HWNG, NL),
Reverse DNS
Software: nginx /
Resource Hash: 07370fa9f43186d0cc01f9c8ff0729fc54e1e20c24658d27d5ad04aee5195c37

Request headers

Referer: http://urlz.fr/8Ytf
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Feb 2019 13:31:24 GMT
content-encoding: gzip
last-modified: Thu, 14 Feb 2019 11:56:01 GMT
server: nginx
etag: "2040b-41776-581d957a465c8"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 84535
expires: Sat, 23 Feb 2019 13:31:07 GMT

GET
H/1.1 200
OK sdk.js
player.pepsia.com/ 37 KB
37 KB 90ms
38ms Script
application/javascript 5.179.192.20
ASPSERVEUR-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://player.pepsia.com/sdk.js?d=16915674a2b
Requested by: Host: s.id
URL: https://s.id/3rSUP
Protocol: HTTP/1.1
Server: 5.179.192.20 , France, ASN34235 (ASPSERVEUR-AS, FR),
Reverse DNS: 5-179-192-20.dynamixhost.net
Software: nginx /
Resource Hash

Request headers

Referer: http://urlz.fr/8Ytf
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 22 Feb 2019 13:31:24 GMT
Last-Modified: Tue, 19 Feb 2019 15:33:45 GMT
Server: nginx
Accept-Ranges: bytes
ETag: "5c6c21d9-9462"
Content-Length: 37986
Content-Type: application/javascript

GET
H/1.1 404
Not Found authx
u336351g0o.ha002.t.justns.ru/ Frame A5F7 0
0 61ms
60ms Document
text/html 2a00:b700::6:b
ASBAXET

General

Check archive.org

Show headers Download Go to

Full URL: http://u336351g0o.ha002.t.justns.ru/authx
Requested by: Host: s.id
URL: https://s.id/3rSUP
Protocol: HTTP/1.1
Server: 2a00:b700::6:b , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash

Request headers

Host: u336351g0o.ha002.t.justns.ru
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://urlz.fr/8Ytf
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://urlz.fr/8Ytf

Response headers

Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Pragma: no-cache
Content-Type: text/html
Content-Length: 618
Date: Fri, 22 Feb 2019 13:31:24 GMT
Server: LiteSpeed
Vary: User-Agent
Connection: Keep-Alive

GET image.php
www.noowho.com/ 0
0

GET
H/1.1 200
OK jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.0.0/ 84 KB
30 KB 12ms
7ms Script
text/javascript 2a00:1450:4001:81e::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js

Requested by

Host: d2zur9cc2gf1tx.cloudfront.net
URL: http://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:81e::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://urlz.fr/8Ytf
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 21 Feb 2019 12:00:17 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 20 Dec 2016 18:17:03 GMT
Server: sffe
Age: 91867
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 30186
X-XSS-Protection: 1; mode=block
Expires: Fri, 21 Feb 2020 12:00:17 GMT

GET
H/1.1 200
OK wckr.php
tag.leadplace.fr/ Frame 4FF9 0
0 24ms
19ms Document
text/html 147.135.143.44
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://tag.leadplace.fr/wckr.php?nogdpr&id=MTIZ
Requested by: Host: tag.leadplace.fr
URL: http://tag.leadplace.fr/libJsLP.js
Protocol: HTTP/1.1
Server: 147.135.143.44 Waltham, United States, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash

Request headers

Host: tag.leadplace.fr
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://urlz.fr/8Ytf
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://urlz.fr/8Ytf

Response headers

Server: nginx/1.14.2
Date: Fri, 22 Feb 2019 13:31:24 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
X-IPLB-Instance: 13167

GET
H2

200

rules-p-6Fv0cGNfc_bw8.js
rules.quantcount.com/
Redirect Chain

http://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js

1 KB
944 B

27ms
6ms

Script
application/x-javascript

2600:9000:200d:4400:6:44e3:f8c0:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200d:4400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: http://urlz.fr/8Ytf
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Feb 2019 13:29:27 GMT
content-encoding: gzip
last-modified: Mon, 19 Mar 2018 22:28:36 GMT
server: AmazonS3
age: 117
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=3600
x-amz-cf-id: Lk6itljEtqtixJ24ti7K2oM6eKhB3oksjwsdYPYM74gld0P3gtpLrw==
via: 1.1 761f19bc2f5721b0be0a41147e1e925f.cloudfront.net (CloudFront)

Redirect headers

Date: Fri, 22 Feb 2019 13:31:24 GMT
Via: 1.1 09052d1a6e392e4f4a3fd97bf34a2b24.cloudfront.net (CloudFront)
Server: CloudFront
X-Cache: Redirect from cloudfront
Content-Type: text/html
Location: https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Connection: keep-alive
Content-Length: 183
X-Amz-Cf-Id: rzD4X5XsjlMU9OnTmSE_qxlAo-DMx_SFWK6Tq2cB99sUNFs2BXuzmw==

GET hb
ad.360yield.com/ 0
0

GET swfIndex.php
ads.stickyadstv.com/www/delivery/ 0
0

GET fastlane.json
fastlane.rubiconproject.com/a/api/ 0
0

POST prebid
ib.adnxs.com/ut/v3/ 0
0

GET
H/1.1 404
Not Found Primary Request authx Show response
u336351g0o.ha002.t.justns.ru/ 618 B
878 B 45ms
42ms Document
text/html 2a00:b700::6:b
ASBAXET

General

Check archive.org

Show headers Download Go to

Full URL: http://u336351g0o.ha002.t.justns.ru/authx
Requested by: Host: s.id
URL: https://s.id/3rSUP
Protocol: HTTP/1.1
Server: 2a00:b700::6:b , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 7da7df6b2ae25a2b32a494dacea2c51b02b173dcb020c79f4df47a92fb497274

Request headers

Host: u336351g0o.ha002.t.justns.ru
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://urlz.fr/8Ytf
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://urlz.fr/8Ytf

Response headers

Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Pragma: no-cache
Content-Type: text/html
Content-Length: 618
Date: Fri, 22 Feb 2019 13:31:24 GMT
Server: LiteSpeed
Vary: User-Agent
Connection: Keep-Alive

GET fire.js
s.cpx.to/ 0
0

GET notifyme.php
adtrack.adleadevent.com/ 0
0

GET /
player.pepsia.com/V2/ 0
0

GET algo.php
player.pepsia.com/V2/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: analytics.s.id
URL: https://analytics.s.id/piwik.js

Domain: ib.adnxs.com
URL: http://ib.adnxs.com/bounce?%2Fgetuid%3Fhttp%3A%2F%2Fid5-sync.com%2Fc%2F12%2F2%2F8%2F2.gif%3Fpuid%3D%24UID

Domain: www.noowho.com
URL: https://www.noowho.com/image.php?site=23690713&ref=http://tatilexus2.temp.swtest.ru/

Domain: ad.360yield.com
URL: http://ad.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22id%22%3A%22150fe387042ca1a%22%2C%22version%22%3A%225.0.0-JS-5.2.0%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22219749dcbb9ea6%22%2C%22pid%22%3A%221121190%22%2C%22tid%22%3A%223cec95fc-4745-4f9c-9f8e-c4fe1dd344cc%22%2C%22banner%22%3A%7B%7D%7D%2C%7B%22id%22%3A%223162eb7adbdba7%22%2C%22pid%22%3A%221121191%22%2C%22tid%22%3A%22283033d9-c6b8-4692-ae98-a183dccbb48b%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D

Domain: ads.stickyadstv.com
URL: http://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=5224337&componentId=mustang&timestamp=1550842284714&pKey=1515848107&_fw_gdpr_consent=undefined&loc=http%3A%2F%2Furlz.fr%2F8Ytf&playerSize=640x480&

Domain: fastlane.rubiconproject.com
URL: http://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11740&site_id=39544&zone_id=1078226&size_id=2&p_pos=unknown&rf=https%3A%2F%2Furlz.fr&kw=15056&tg_i.siteid=15056&tk_flint=pbjs_lite_v1.39.0&x_source.tid=3cec95fc-4745-4f9c-9f8e-c4fe1dd344cc&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=0&slots=1&rand=0.9303703139197432

Domain: fastlane.rubiconproject.com
URL: http://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11740&site_id=39544&zone_id=1078310&size_id=2&p_pos=unknown&rf=https%3A%2F%2Furlz.fr&kw=15056&tg_i.siteid=15056&tk_flint=pbjs_lite_v1.39.0&x_source.tid=283033d9-c6b8-4692-ae98-a183dccbb48b&p_screen_res=1600x1200&rp_floor=0.37&rp_secure=0&slots=1&rand=0.0030503070997749404

Domain: ib.adnxs.com
URL: http://ib.adnxs.com/ut/v3/prebid

Domain: s.cpx.to
URL: https://s.cpx.to/fire.js?pid=11528&ref=http%3A%2F%2Ftatilexus2.temp.swtest.ru%2F&hn_ver=10&fid=6031d91f-0e06-435f-be99-77c7ae6c2d0d

Domain: adtrack.adleadevent.com
URL: https://adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7

Domain: player.pepsia.com
URL: http://player.pepsia.com/V2/?token=00I4&autoplay=1&logo=true&volume=1&api=1&id=0&origin=http://urlz.fr&d=16915674afc

Domain: player.pepsia.com
URL: http://player.pepsia.com/V2/algo.php?token=00I4&num=9&origin=http://urlz.fr&d=16915674afd

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.360yield.com
ads.stickyadstv.com
ads.themoneytizer.com
adtrack.adleadevent.com
ajax.cloudflare.com
ajax.googleapis.com
analytics.s.id
ced-ns.sascdn.com
d2zur9cc2gf1tx.cloudfront.net
edge.quantserve.com
fastlane.rubiconproject.com
g.tmyzer.com
gum.criteo.com
ib.adnxs.com
p.cpx.to
player.pepsia.com
rules.quantcount.com
s.cpx.to
s.id
tag.contextweb.com
tag.leadplace.fr
tatilexus2.temp.swtest.ru
u336351g0o.ha002.t.justns.ru
urlz.fr
ww1097.smartadserver.com
www.noowho.com
ad.360yield.com
ads.stickyadstv.com
adtrack.adleadevent.com
analytics.s.id
fastlane.rubiconproject.com
ib.adnxs.com
player.pepsia.com
s.cpx.to
www.noowho.com
13.32.158.117
13.32.222.16
145.239.193.145
147.135.143.44
151.139.241.23
185.86.137.42
203.119.112.228
2600:9000:200d:4400:6:44e3:f8c0:93a1
2600:9000:200d:d400:6:44e3:f8c0:93a1
2606:4700:31::681f:ab2
2606:4700:31::681f:bb2
2606:4700::6813:c597
2a00:1450:4001:81e::200a
2a00:b700::6:b
2a02:2638::1c
3.120.49.191
5.179.192.20
68.232.35.16
74.214.194.132
77.222.40.43
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
07370fa9f43186d0cc01f9c8ff0729fc54e1e20c24658d27d5ad04aee5195c37
2dab93e85c921c8a853f19c5bfa32757e9f235f066e4756a7c914e5cba6619f4
3349f7ebfafd1cf105f9f4a41a1be792db6dfc5d754de2fbce192a2185486b73
404a9b0ffbcc813e8ddbb8d8510a24a69c09079282f8083ee94f4adc5d627176
7665c874bc98e44bd494def2883069f2f4c14cdef48d52d517cbbfce75440f37
7b65011be82baae4f460bcd9cf90f557e3c4101d8b75d83c96e57ff947fc025c
7da7df6b2ae25a2b32a494dacea2c51b02b173dcb020c79f4df47a92fb497274
8c8543047af01eee8aec752d049f35aff3abc468628af82f9585117411786d8c
90e6f92e956b0b2b6e655f63d36cd44cef727f54c2b2a175ab5144de14ba2a31
94666aec361fee9a9294bb32a5bc11867e479d41c199dd6ec8053122ae105a4b
a3aa676d8a9c744bece25ad5e7c774d12c6a234711066219f7dd725397373ae4
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213
bf0e17523e8f57ccb02223b6e5adea462a5479afc4e79d9cbf80ca7f6186dc69
dd76fdd2142192064e0af855f1b21bdad5ed9e807f053e813827e601404a83cb

u336351g0o.ha002.t.justns.ru Open in urlscan Pro 2a00:b700::6:b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

36 Requests

17 %HTTPS

40 %IPv6

24 Domains

26 Subdomains

18 IPs

8 Countries

247 kBTransfer

596 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

36 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

0 Cookies

Indicators

u336351g0o.ha002.t.justns.ru Open in urlscan Pro
2a00:b700::6:b Public Scan

Screenshot
Live screenshot

Full Image

36
Requests

17 %
HTTPS

40 %
IPv6

24
Domains

26
Subdomains

18
IPs

8
Countries

247 kB
Transfer

596 kB
Size

0
Cookies

36 HTTP transactions
0 data transactions