urlscan.io logo urlscan.io
SecurityTrails logo

www.moroccanslots.com Open in urlscan Pro
92.222.10.214  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://urlz.fr/dGm9
Effective URL: http://www.moroccanslots.com//wp-includes//pome//jcs//container//pre//app//au//5f6f93f1519ea470da72575a15eb9d6f/login.php
Submission: On August 26 via manual from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 21 IPs in 4 countries across 28 domains to perform 55 HTTP transactions. The main IP is 92.222.10.214, located in Paris, France and belongs to OVH, FR. The main domain is www.moroccanslots.com.
This is the only time www.moroccanslots.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Australian Government (Government)

Domain & IP information

IP Address AS Autonomous System
1 2 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 10 92.222.10.214 16276 (OVH)
1 2a00:1450:400... 15169 (GOOGLE)
8 151.139.241.23 33438 (HIGHWINDS2)
1 145.239.193.145 16276 (OVH)
1 1 185.86.137.32 201081 (SMARTADSE...)
1 2a01:4a0:1338... 201011 (NETZBETRI...)
1 2a02:2638:1::13 44788 (ASN-CRITE...)
2 145.239.192.166 16276 (OVH)
2 51.89.9.251 16276 (OVH)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2620:116:800d... 16509 (AMAZON-02)
1 13.226.155.28 16509 (AMAZON-02)
1 13.226.156.73 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2 2600:9000:218... 16509 (AMAZON-02)
2 2606:4700:e2:... 13335 (CLOUDFLAR...)
1 3.121.70.238 16509 (AMAZON-02)
1 185.33.220.240 29990 (ASN-APPNEX)
1 1 2620:116:800d... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
55 21
2    2606:4700:3038::681f:ab2 (United States)

ASN13335 (CLOUDFLARENET, US)
urlz.fr
1    2606:4700::6810:a823 (United States)

ASN13335 (CLOUDFLARENET, US)
ajax.cloudflare.com
10    92.222.10.214 (Paris, France)

ASN16276 (OVH, FR)
PTR: 214.ip-92-222-10.eu
www.moroccanslots.com
1    2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
8    151.139.241.23 (Dallas, United States)

ASN33438 (HIGHWINDS2, US)
ads.themoneytizer.com
1    145.239.193.145 (France)

ASN16276 (OVH, FR)
g.themoneytizer.net
1    185.86.137.32 (France)

ASN201081 (SMARTADSERVER, FR)
ww1097.smartadserver.com
1    2a01:4a0:1338:28::c38a:ff10 (Germany)

ASN201011 (NETZBETRIEB-GMBH, DE)
ced-ns.sascdn.com
1    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    145.239.192.166 (France)

ASN16276 (OVH, FR)
tag.leadplace.fr
2    51.89.9.251 (Germany)

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu
onetag-sys.com
1    2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
2    2620:116:800d:21:5a23:9c4e:e774:96c1 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
1    13.226.155.28 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-155-28.dus51.r.cloudfront.net
p.cpx.to
1    13.226.156.73 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-156-73.dus51.r.cloudfront.net
d2zur9cc2gf1tx.cloudfront.net
2    2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2600:9000:2182:f400:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
2    2606:4700:e2::ac40:8620 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
1    3.121.70.238 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-70-238.eu-central-1.compute.amazonaws.com
prebid-server.rubiconproject.com
1    185.33.220.240 (Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
1    2620:116:800d:21:8c6e:cf2c:8d6:9fb5 (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
1    2a00:1450:4001:821::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
Domain Requested by
10 www.moroccanslots.com 3 redirects urlz.fr
www.moroccanslots.com
8 ads.themoneytizer.com ajax.cloudflare.com
ads.themoneytizer.com
2 pixel.quantserve.com 1 redirects
2 script.4dex.io ads.themoneytizer.com
script.4dex.io
2 rules.quantcount.com 1 redirects
2 www.google-analytics.com www.googletagmanager.com
2 onetag-sys.com ads.themoneytizer.com
2 tag.leadplace.fr ads.themoneytizer.com
tag.leadplace.fr
2 urlz.fr 1 redirects
1 ajax.googleapis.com d2zur9cc2gf1tx.cloudfront.net
1 prebid-server.rubiconproject.com ads.themoneytizer.com
1 ib.adnxs.com ads.themoneytizer.com
1 d2zur9cc2gf1tx.cloudfront.net ads.themoneytizer.com
1 p.cpx.to ads.themoneytizer.com
1 secure.quantserve.com ads.themoneytizer.com
1 spl.zeotap.com ads.themoneytizer.com
1 gum.criteo.com ads.themoneytizer.com
1 ced-ns.sascdn.com
1 ww1097.smartadserver.com 1 redirects
1 g.themoneytizer.net ads.themoneytizer.com
1 www.googletagmanager.com ajax.cloudflare.com
1 ajax.cloudflare.com urlz.fr
0 adtrack.adleadevent.com Failed ajax.googleapis.com
0 s.cpx.to Failed p.cpx.to
0 shb.richaudience.com Failed ads.themoneytizer.com
0 ads.servenobid.com Failed ads.themoneytizer.com
0 a.teads.tv Failed ads.themoneytizer.com
0 ice.360yield.com Failed ads.themoneytizer.com
0 bidder.criteo.com Failed ads.themoneytizer.com
0 fastlane.rubiconproject.com Failed ads.themoneytizer.com
0 js-sec.indexww.com Failed ads.themoneytizer.com
0 tag.contextweb.com Failed ads.themoneytizer.com
55 32

This site contains no links.

Subject Issuer Validity Valid
ajax.cloudflare.com
DigiCert ECC Secure Server CA		 2020-08-11 -
2022-08-16		 2 years crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-08-11 -
2020-11-03		 3 months crt.sh
g.themoneytizer.net
GoGetSSL RSA DV CA		 2019-10-16 -
2022-01-17		 2 years crt.sh
*.themoneytizer.com
Sectigo RSA Domain Validation Secure Server CA		 2019-02-15 -
2021-02-14		 2 years crt.sh
*.sascdn.com
DigiCert SHA2 Secure Server CA		 2019-10-17 -
2020-10-16		 a year crt.sh
*.criteo.com
DigiCert ECC Secure Server CA		 2020-06-22 -
2020-09-20		 3 months crt.sh
*.leadplace.fr
Gandi Standard SSL CA 2		 2018-09-06 -
2020-09-12		 2 years crt.sh
onetag-sys.com
Let's Encrypt Authority X3		 2020-07-02 -
2020-09-30		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-05 -
2021-08-05		 a year crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2019-10-04 -
2020-10-07		 a year crt.sh
p.cpx.to
Sectigo RSA Domain Validation Secure Server CA		 2020-01-27 -
2021-02-08		 a year crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2020-05-26 -
2021-04-21		 a year crt.sh
*.rubiconproject.com
DigiCert SHA2 Secure Server CA		 2019-01-10 -
2021-01-14		 2 years crt.sh
*.adnxs.com
DigiCert ECC Secure Server CA		 2019-01-23 -
2021-03-08		 2 years crt.sh

This page contains 6 frames:

Primary Page: http://www.moroccanslots.com//wp-includes//pome//jcs//container//pre//app//au//5f6f93f1519ea470da72575a15eb9d6f/login.php
Frame ID: 94B2FEB3E9ADD720420532B2976D0DB2
Requests: 50 HTTP requests in this frame

Frame: http://www.moroccanslots.com//wp-includes//pome//jcs//container//pre//app//au//4e1f41e930086be2756706a10ae83bc4/login.php
Frame ID: 2320F937C28C82E15F4EFC06D0B3EFD7
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1598415300484
Frame ID: 955FAFBFF0DE91485E6BA194C36ACB44
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
Frame ID: 953086D9B0CB73AAE80C4942B545CC6D
Requests: 1 HTTP requests in this frame

Frame: http://www.moroccanslots.com//wp-includes//pome//jcs//container//pre//app//au//0a76136f54ef650ee91c52d7ea7668c8/login.php
Frame ID: 6DEC1224609389136D0A1195CF7024E6
Requests: 1 HTTP requests in this frame

Frame: http://tag.leadplace.fr/wckr.php?nogdpr&id=MTIZ
Frame ID: 269C6FF354CE90D7AD3CB97D40E9D0CE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://urlz.fr/dGm9 HTTP 301
    http://urlz.fr/dGm9 Page URL
  2. http://www.moroccanslots.com//wp-includes//pome//jcs//container//pre//app//au//wp-index.php HTTP 302
    http://www.moroccanslots.com//wp-includes//pome//jcs//container//pre//app//au//5f6f93f1519ea470da72575a15... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

55
Requests

40 %
HTTPS

55 %
IPv6

28
Domains

32
Subdomains

21
IPs

4
Countries

466 kB
Transfer

1154 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://urlz.fr/dGm9 HTTP 301
    http://urlz.fr/dGm9 Page URL
  2. http://www.moroccanslots.com//wp-includes//pome//jcs//container//pre//app//au//wp-index.php HTTP 302
    http://www.moroccanslots.com//wp-includes//pome//jcs//container//pre//app//au//5f6f93f1519ea470da72575a15eb9d6f/login.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://urlz.fr/dGm9 HTTP 301
  • http://urlz.fr/dGm9
Request Chain 2
  • http://www.moroccanslots.com//wp-includes//pome//jcs//container//pre//app//au//wp-index.php HTTP 302
  • http://www.moroccanslots.com//wp-includes//pome//jcs//container//pre//app//au//4e1f41e930086be2756706a10ae83bc4/login.php
Request Chain 13
  • https://ww1097.smartadserver.com/config.js?nwid=1097 HTTP 302
  • https://ced-ns.sascdn.com/diff/js/smart.js
Request Chain 23
  • http://www.moroccanslots.com//wp-includes//pome//jcs//container//pre//app//au//wp-index.php HTTP 302
  • http://www.moroccanslots.com//wp-includes//pome//jcs//container//pre//app//au//0a76136f54ef650ee91c52d7ea7668c8/login.php
Request Chain 24
  • https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/12/0/9/1.gif?gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/12/2/8/2.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fid5-sync.com%2Fc%2F12%2F2%2F8%2F2.gif%3Fpuid%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
Request Chain 26
  • http://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js HTTP 301
  • https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Request Chain 46
  • http://pixel.quantserve.com/pixel;r=771245877;labels=Categories.hobbiesandinterests;rf=0;a=p-6Fv0cGNfc_bw8;url=http%3A%2F%2Furlz.fr%2FdGm9;fpan=1;fpa=P0-175184649-1598415300729;ns=0;ce=1;qjs=1;qv=35f667c6-20200713111428;cm=;gdpr=0;ref=;d=urlz.fr;je=0;sr=1600x1200x24;enc=n;dst=1;et=1598415300729;tzo=-120;ogl= HTTP 301
  • https://pixel.quantserve.com/pixel;r=771245877;labels=Categories.hobbiesandinterests;rf=0;a=p-6Fv0cGNfc_bw8;url=http%3A%2F%2Furlz.fr%2FdGm9;fpan=1;fpa=P0-175184649-1598415300729;ns=0;ce=1;qjs=1;qv=35f667c6-20200713111428;cm=;gdpr=0;ref=;d=urlz.fr;je=0;sr=1600x1200x24;enc=n;dst=1;et=1598415300729;tzo=-120;ogl=

55 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
dGm9
urlz.fr/
Redirect Chain
  • https://urlz.fr/dGm9
  • http://urlz.fr/dGm9
3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://urlz.fr/dGm9
Protocol
HTTP/1.1
Server
2606:4700:3038::681f:ab2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
906253670034b32ef537880c09c5b7084445b0bb5deec5790906f0dada15b8a9

Request headers

Host
urlz.fr
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Cookie
__cfduid=d31fe6a4327a3211ca49f66420e57ac511598415299
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 26 Aug 2020 04:14:59 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
CF-Cache-Status
DYNAMIC
cf-request-id
04ca92fc4b000005e481103200000001
Server
cloudflare
CF-RAY
5c8abaa6de0405e4-FRA
Content-Encoding
gzip

Redirect headers

status
301
date
Wed, 26 Aug 2020 04:14:59 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d31fe6a4327a3211ca49f66420e57ac511598415299; expires=Fri, 25-Sep-20 04:14:59 GMT; path=/; domain=.urlz.fr; HttpOnly; SameSite=Lax
location
http://urlz.fr/dGm9
cf-cache-status
DYNAMIC
cf-request-id
04ca92fbfc0000175ecf119200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5c8abaa66a96175e-FRA
rocket-loader.min.js
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Requested by
Host: urlz.fr
URL: http://urlz.fr/dGm9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:a823 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://urlz.fr/dGm9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 26 Aug 2020 04:14:59 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Mon, 17 Aug 2020 17:01:45 GMT
server
cloudflare
etag
W/"5f3ab7f9-3016"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
application/javascript
status
200
cache-control
max-age=172800, public
strict-transport-security
max-age=15780000; includeSubDomains
cf-ray
5c8abaa73d0e9ace-FRA
cf-request-id
04ca92fc8200009ace8d898200000001
expires
Fri, 28 Aug 2020 04:14:59 GMT
login.php
www.moroccanslots.com//wp-includes//pome//jcs//container//pre//app//au//4e1f41e930086be2756706a10ae83bc4/ Frame 2320
Redirect Chain
  • http://www.moroccanslots.com//wp-includes//pome//jcs//container//pre//app//au//wp-index.php
  • http://www.moroccanslots.com//wp-includes//pome//jcs//container//pre//app//au//4e1f41e930086be2756706a10ae83bc4/login.php
0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://www.moroccanslots.com//wp-includes//pome//jcs//container//pre//app//au//4e1f41e930086be2756706a10ae83bc4/login.php
Requested by
Host: urlz.fr
URL: http://urlz.fr/dGm9
Protocol
HTTP/1.1
Server
92.222.10.214 Paris, France, ASN16276 (OVH, FR),
Reverse DNS
214.ip-92-222-10.eu
Software
Apache/2.4.38 (Debian) /
Resource Hash

Request headers

Host
www.moroccanslots.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://urlz.fr/dGm9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://urlz.fr/dGm9

Response headers

Date
Wed, 26 Aug 2020 04:15:00 GMT
Server
Apache/2.4.38 (Debian)
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1919
Keep-Alive
timeout=5, max=99
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Wed, 26 Aug 2020 04:15:00 GMT
Server
Apache/2.4.38 (Debian)
location
4e1f41e930086be2756706a10ae83bc4/login.php
Content-Length
0
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
js
www.googletagmanager.com/gtag/ 		89 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-162669458-1
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a4a71f737a1c818d771021917a6f86161a9756a1528fc79a66b8efe28a3ec61f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
http://urlz.fr/dGm9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 26 Aug 2020 04:14:59 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35797
x-xss-protection
0
last-modified
Wed, 26 Aug 2020 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 26 Aug 2020 04:14:59 GMT
requestform.js
ads.themoneytizer.com/s/ 		65 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=6
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 / PHP/5.4.45
Resource Hash
2ae025d04663287951fdfa802d16b9be85e33bcc8ae2a97d25ffbe500e17ae6d

Request headers

Referer
http://urlz.fr/dGm9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 26 Aug 2020 04:14:04 GMT
Content-Encoding
gzip
Server
NetDNA-cache/2.2
X-Powered-By
PHP/5.4.45
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
text/html; charset=UTF-8
Cache-control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11631
Expires
Thu, 27 Aug 2020 04:14:04 GMT
gen.js
ads.themoneytizer.com/s/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ads.themoneytizer.com/s/gen.js?type=6
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 / PHP/5.4.45
Resource Hash
df8c0a338715a333687f5a25f14e5baedc7781aed18495b55a693734fed62e3b

Request headers

Referer
http://urlz.fr/dGm9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 26 Aug 2020 04:14:00 GMT
Content-Encoding
gzip
Server
NetDNA-cache/2.2
X-Powered-By
PHP/5.4.45
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
text/html; charset=UTF-8
Cache-control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3356
Expires
Thu, 27 Aug 2020 04:14:00 GMT
requestform.js
ads.themoneytizer.com/s/ 		68 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 / PHP/5.4.45
Resource Hash
ffe90bb8da182c32b3682ad3578def5553aa468f8a2f393cdc09435a7e6bdbb2

Request headers

Referer
http://urlz.fr/dGm9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 26 Aug 2020 04:14:59 GMT
Content-Encoding
gzip
Server
NetDNA-cache/2.2
X-Powered-By
PHP/5.4.45
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
text/html; charset=UTF-8
Cache-control
max-age=86400
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
Expires
Thu, 27 Aug 2020 04:14:59 GMT
gen.js
ads.themoneytizer.com/s/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ads.themoneytizer.com/s/gen.js?type=28
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 / PHP/5.4.45
Resource Hash
df8c0a338715a333687f5a25f14e5baedc7781aed18495b55a693734fed62e3b

Request headers

Referer
http://urlz.fr/dGm9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 26 Aug 2020 04:14:54 GMT
Content-Encoding
gzip
Server
NetDNA-cache/2.2
X-Powered-By
PHP/5.4.45
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
text/html; charset=UTF-8
Cache-control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3356
Expires
Thu, 27 Aug 2020 04:14:54 GMT
requestform.js
ads.themoneytizer.com/s/ 		68 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 / PHP/5.4.45
Resource Hash
51a89388e47fd3e3f32662d9b6633736a080031d12e9ad910bd3a22c7f4dc436

Request headers

Referer
http://urlz.fr/dGm9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 26 Aug 2020 04:14:04 GMT
Content-Encoding
gzip
Server
NetDNA-cache/2.2
X-Powered-By
PHP/5.4.45
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
text/html; charset=UTF-8
Cache-control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12185
Expires
Thu, 27 Aug 2020 04:14:04 GMT
gen.js
ads.themoneytizer.com/s/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ads.themoneytizer.com/s/gen.js?type=1
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 / PHP/5.4.45
Resource Hash
df8c0a338715a333687f5a25f14e5baedc7781aed18495b55a693734fed62e3b

Request headers

Referer
http://urlz.fr/dGm9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 26 Aug 2020 04:14:51 GMT
Content-Encoding
gzip
Server
NetDNA-cache/2.2
X-Powered-By
PHP/5.4.45
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
text/html; charset=UTF-8
Cache-control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3356
Expires
Thu, 27 Aug 2020 04:14:51 GMT
/
g.themoneytizer.net/g/ 		26 B
200 B 		Script
General
Check archive.org
Download Go to
Full URL
https://g.themoneytizer.net/g/
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.193.145 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
24f85d914df50a3785eaeed932eab1fd4cbec751c51376321436d853963a46dd

Request headers

Referer
http://urlz.fr/dGm9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 26 Aug 2020 04:15:00 GMT
Server
nginx
X-IPLB-Instance
29894
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
moneybile.js
ads.themoneytizer.com/ 		38 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/moneybile.js
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
4006e0481f9cfffd3a579c3dcbdad1b6953e844c1e3c76a8d9f86844c98d87a3

Request headers

Referer
http://urlz.fr/dGm9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 26 Aug 2020 04:15:00 GMT
content-encoding
gzip
last-modified
Mon, 13 Jul 2020 16:40:37 GMT
server
nginx
etag
"7ff1-981e-5aa5559ba8e59"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
status
200
cache-control
max-age=86400
accept-ranges
bytes
content-length
16267
expires
Thu, 27 Aug 2020 04:14:47 GMT
getjs.static.js
tag.contextweb.com/ 		0
0
smart.js
ced-ns.sascdn.com/diff/js/
Redirect Chain
  • https://ww1097.smartadserver.com/config.js?nwid=1097
  • https://ced-ns.sascdn.com/diff/js/smart.js
30 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ced-ns.sascdn.com/diff/js/smart.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4a0:1338:28::c38a:ff10 , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash

Request headers

Referer
http://urlz.fr/dGm9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 26 Aug 2020 04:15:00 GMT
Content-Encoding
gzip
Last-Modified
Thu, 13 Aug 2020 09:28:25 GMT
Server
AkamaiNetStorage
ETag
"91fcae4e090336a23407d1cb5b15158a:1597310907.48144"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9519

Redirect headers

location
https://ced-ns.sascdn.com/diff/js/smart.js
date
Wed, 26 Aug 2020 04:15:00 GMT
content-length
0
sync
gum.criteo.com/ 		49 B
370 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://urlz.fr/dGm9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
date
Wed, 26 Aug 2020 04:14:59 GMT
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
status
200
cache-control
private, max-age=3600
server-processing-duration-in-ticks
833
content-length
165
expires
60
libJsLP.js
tag.leadplace.fr/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.leadplace.fr/libJsLP.js
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.192.166 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
06410fe0d6024ba0c2e0945c3ada3b0e1d3396ceadc0b413f188553fe487abde

Request headers

Referer
http://urlz.fr/dGm9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 26 Aug 2020 04:15:00 GMT
Last-Modified
Tue, 25 Aug 2020 14:23:09 GMT
Server
nginx/1.14.2
ETag
"5f451ecd-bf2"
X-IPLB-Instance
30195
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
3058
/
onetag-sys.com/usync/ Frame 955F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1598415300484
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.9.251 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?pubId=2a897e3f18e6769&cb=1598415300484
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://urlz.fr/dGm9
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://urlz.fr/dGm9

Response headers

status
200
content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
strict-transport-security
max-age=2592000
/
spl.zeotap.com/ Frame 9530 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
spl.zeotap.com
:scheme
https
:path
/?env=mWeb&uc=2&zdid=1258&eventType=map
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://urlz.fr/dGm9
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://urlz.fr/dGm9

Response headers

status
200
date
Wed, 26 Aug 2020 04:15:00 GMT
content-type
text/html
set-cookie
__cfduid=d49f8c9a3be7d8e6cd39cefc2b9d03e9d1598415300; expires=Fri, 25-Sep-20 04:15:00 GMT; path=/; domain=.zeotap.com; HttpOnly; SameSite=Lax zc=fb22ef42-dfc3-4b43-45fd-4b21ae3b5525; Path=/; Domain=.zeotap.com; Max-Age=63072000; SameSite=None; Secure zsc=%B6%24F%DAv%26%8Em%D3c%3E%BB%D1%AE%5D%01v%0C5%9B%BEk%CFQ%E4%BBp%9F%7C%A1%0B%E81%87%CE%10%D6%3F%14%E5%16%B5%90%93X%097%C0D1O%01%A0%0CeqS%2A%8B%DE%CDoU%7F%E4%7F%15%BF%8C%BFp4%2A%86C%2C%EBk%8C%AC%2A%AE%9Du%18x%C7%A0X%86%D1X%25I%A3%A5%B5%B7D%13A%25%D2%B8%EF; Path=/; Domain=.zeotap.com; Max-Age=86400; SameSite=None; Secure
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
http://urlz.fr
vary
Origin
via
1.1 google
cf-cache-status
DYNAMIC
cf-request-id
04ca92ff850000bed38b96c200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5c8abaac0a11bed3-FRA
content-encoding
br
quant.js
secure.quantserve.com/ 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8130c2c72afad9d94581ef93aaa00524093103c47c71fce52f606d5ff693c3ce
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
http://urlz.fr/dGm9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 26 Aug 2020 04:15:00 GMT
content-encoding
gzip
last-modified
Wed, 26-Aug-2020 04:15:00 GMT
etag
M0-2a172724
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
private, no-transform, max-age=604800
strict-transport-security
max-age=86400
content-length
8060
expires
Wed, 02 Sep 2020 04:15:00 GMT
px.js
p.cpx.to/p/12773/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.cpx.to/p/12773/px.js
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.155.28 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-155-28.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
http://urlz.fr/dGm9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 26 Aug 2020 00:10:27 GMT
Content-Encoding
UTF-8
Connection
keep-alive
Last-Modified
Tue, 25 Aug 2020 15:08:48 GMT
Server
AmazonS3
Age
14674
ETag
"72097b27945ea3b5376f41afb8b17432"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 4ecd74dda94d7576e134fcdf16df8129.cloudfront.net (CloudFront)
Cache-Control
max-age=2419200
X-Amz-Cf-Pop
DUS51-C1
Accept-Ranges
bytes
Content-Length
1631
X-Amz-Cf-Id
FTxvYzAALx43eEJuFOrxyaN1-YJl5vnT79wVG3w6-Kg02GD0c29A3Q==
notifyme.js
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/ 		25 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.226.156.73 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-156-73.dus51.r.cloudfront.net
Software
Apache /
Resource Hash

Request headers

Referer
http://urlz.fr/dGm9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 26 Aug 2020 00:07:26 GMT
Via
1.1 0ee6aea018b9489b266252370f1e002e.cloudfront.net (CloudFront)
Last-Modified
Mon, 18 Feb 2019 16:54:28 GMT
Server
Apache
Age
23753
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
X-Amz-Cf-Pop
DUS51-C1
Accept-Ranges
bytes
Content-Length
25704
X-Amz-Cf-Id
oHdz7ShMgmsK5fIg9ESKHtsQae_-uny0Hz9DggswwYuvqq6R8BSeHA==
186329-261067657875242.js
js-sec.indexww.com/ht/p/ 		0
0
prebid.js
ads.themoneytizer.com/moneybid3_20/build/dist/ 		391 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/moneybid3_20/build/dist/prebid.js
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
bd80838c5136bf60d28581d0b436a002e8ee34d737a666fbd1d45fa7a6473cb1

Request headers

Referer
http://urlz.fr/dGm9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 26 Aug 2020 04:15:00 GMT
content-encoding
gzip
last-modified
Tue, 28 Jul 2020 18:20:25 GMT
server
nginx
etag
"459e1-61a5a-5ab847e40baf4"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
status
200
cache-control
max-age=86400
accept-ranges
bytes
content-length
127330
expires
Thu, 27 Aug 2020 04:14:44 GMT
login.php
www.moroccanslots.com//wp-includes//pome//jcs//container//pre//app//au//0a76136f54ef650ee91c52d7ea7668c8/ Frame 6DEC
Redirect Chain
  • http://www.moroccanslots.com//wp-includes//pome//jcs//container//pre//app//au//wp-index.php
  • http://www.moroccanslots.com//wp-includes//pome//jcs//container//pre//app//au//0a76136f54ef650ee91c52d7ea7668c8/login.php
0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://www.moroccanslots.com//wp-includes//pome//jcs//container//pre//app//au//0a76136f54ef650ee91c52d7ea7668c8/login.php
Requested by
Host: urlz.fr
URL: http://urlz.fr/dGm9
Protocol
HTTP/1.1
Server
92.222.10.214 Paris, France, ASN16276 (OVH, FR),
Reverse DNS
214.ip-92-222-10.eu
Software
Apache/2.4.38 (Debian) /
Resource Hash

Request headers

Host
www.moroccanslots.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://urlz.fr/dGm9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://urlz.fr/dGm9

Response headers

Date
Wed, 26 Aug 2020 04:15:00 GMT
Server
Apache/2.4.38 (Debian)
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1918
Keep-Alive
timeout=5, max=97
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Wed, 26 Aug 2020 04:15:00 GMT
Server
Apache/2.4.38 (Debian)
location
0a76136f54ef650ee91c52d7ea7668c8/login.php
Content-Length
0
Keep-Alive
timeout=5, max=98
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
bounce
ib.adnxs.com/
Redirect Chain
  • https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent=
  • https://id5-sync.com/c/12/0/9/1.gif?gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/12/2/8/2.gif?puid=$UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fid5-sync.com%2Fc%2F12%2F2%2F8%2F2.gif%3Fpuid%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
0
0
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-162669458-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://urlz.fr/dGm9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 04 Jun 2020 23:38:14 GMT
server
Golfe2
age
6079
date
Wed, 26 Aug 2020 02:33:41 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18469
expires
Wed, 26 Aug 2020 04:33:41 GMT
rules-p-6Fv0cGNfc_bw8.js
rules.quantcount.com/
Redirect Chain
  • http://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
  • https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2182:f400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
http://urlz.fr/dGm9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 26 Aug 2020 03:23:51 GMT
via
1.1 50f438df6dbb947f3e4702890bc9cc06.cloudfront.net (CloudFront)
last-modified
Mon, 19 Mar 2018 22:28:36 GMT
server
AmazonS3
age
3070
etag
"9a93052877e57b42aeefaab6e7ec5f90"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
status
200
cache-control
max-age=3600
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-length
1113
x-amz-cf-id
_xY2r6gb6cxmQ1SeH_05l7V10qgftFLIVwnTCu1wYFK_dC6EHzhR-g==

Redirect headers

Date
Wed, 26 Aug 2020 04:15:00 GMT
Via
1.1 147cd286989da71c73312280bb09c200.cloudfront.net (CloudFront)
Server
CloudFront
X-Amz-Cf-Pop
DUS51-C1
X-Cache
Redirect from cloudfront
Content-Type
text/html
Location
https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Connection
keep-alive
Content-Length
183
X-Amz-Cf-Id
1IAE1I7_YH-6O8i0pg3Evw6MUUkr5ZLrQq3ljX1FS-xLhema34zYRA==
collect
www.google-analytics.com/r/ 		35 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j83&a=869444072&t=pageview&_s=1&dl=http%3A%2F%2Furlz.fr%2FdGm9&ul=en-us&de=UTF-8&dt=Sign-in%20-%20myGov&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=171203868&gjid=775169583&cid=2111005095.1598415301&tid=UA-162669458-1&_gid=977590171.1598415301&_r=1&gtm=2ou8c0&z=1610003017
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://urlz.fr/dGm9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Aug 2020 04:15:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
wckr.php
tag.leadplace.fr/ Frame 269C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://tag.leadplace.fr/wckr.php?nogdpr&id=MTIZ
Requested by
Host: tag.leadplace.fr
URL: https://tag.leadplace.fr/libJsLP.js
Protocol
HTTP/1.1
Server
145.239.192.166 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash

Request headers

Host
tag.leadplace.fr
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://urlz.fr/dGm9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://urlz.fr/dGm9

Response headers

Server
nginx/1.14.2
Date
Wed, 26 Aug 2020 04:15:00 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
X-IPLB-Instance
30196
localstore.js
script.4dex.io/ 		450 B
746 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid3_20/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8620 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
http://urlz.fr/dGm9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 26 Aug 2020 04:15:00 GMT
content-encoding
br
cf-cache-status
HIT
age
496
status
200
x-amz-request-id
64CD8DFCC6D0DB30
x-amz-id-2
ikqulgOVT6VUs6SDn1Y/miCkQQq1+UK7Vi4qd3oqoOIXhLkiSlLZnE0tKIJ1grG0sWHHsM/V8yo=
last-modified
Thu, 06 Aug 2020 05:51:31 GMT
server
cloudflare
etag
W/"bfa52622781c173885812009122c3f7c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=1800
cf-request-id
04ca93003800000ea71894a200000001
cf-ray
5c8abaad2cad0ea7-FRA
auction
prebid-server.rubiconproject.com/openrtb2/ 		112 B
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid3_20/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.121.70.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-121-70-238.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
http://urlz.fr/dGm9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 26 Aug 2020 04:15:00 GMT
content-encoding
gzip
status
400
access-control-allow-origin
http://urlz.fr
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
120
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		0
0
cdb
bidder.criteo.com/ 		0
0
prebid
ib.adnxs.com/ut/v3/ 		19 B
705 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid3_20/build/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.240 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://urlz.fr/dGm9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 26 Aug 2020 04:15:00 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 717.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.37:80
AN-X-Request-Uuid
ecb1fa6d-8346-440a-a2d1-1c5668f7125f
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
http://urlz.fr
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
hb
ice.360yield.com/ 		0
0
bid-request
a.teads.tv/hb/ 		0
0
adreq
ads.servenobid.com/ 		0
0
prebid-request
onetag-sys.com/ 		15 B
437 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid3_20/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.9.251 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
http://urlz.fr/dGm9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=2592000
content-encoding
gzip
status
200
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
http://urlz.fr
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
/
shb.richaudience.com/hb/ 		0
0
/
shb.richaudience.com/hb/ 		0
0
/
shb.richaudience.com/hb/ 		0
0
/
shb.richaudience.com/hb/ 		0
0
moneybid.js
ads.themoneytizer.com/bidder1/ 		0
0
moneybid.js
ads.themoneytizer.com/bidder1/ 		0
0
moneybid.js
ads.themoneytizer.com/bidder1/ 		0
0
Primary Request login.php
www.moroccanslots.com//wp-includes//pome//jcs//container//pre//app//au//5f6f93f1519ea470da72575a15eb9d6f/
Redirect Chain
  • http://www.moroccanslots.com//wp-includes//pome//jcs//container//pre//app//au//wp-index.php
  • http://www.moroccanslots.com//wp-includes//pome//jcs//container//pre//app//au//5f6f93f1519ea470da72575a15eb9d6f/login.php
5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.moroccanslots.com//wp-includes//pome//jcs//container//pre//app//au//5f6f93f1519ea470da72575a15eb9d6f/login.php
Requested by
Host: urlz.fr
URL: http://urlz.fr/dGm9
Protocol
HTTP/1.1
Server
92.222.10.214 Paris, France, ASN16276 (OVH, FR),
Reverse DNS
214.ip-92-222-10.eu
Software
Apache/2.4.38 (Debian) /
Resource Hash
6fc43af08a1b5a63d3b344adf855c70aceb227d65cfcd2eb413f1f963f192913

Request headers

Host
www.moroccanslots.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://urlz.fr/dGm9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://urlz.fr/dGm9

Response headers

Date
Wed, 26 Aug 2020 04:15:00 GMT
Server
Apache/2.4.38 (Debian)
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1919
Keep-Alive
timeout=5, max=94
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Wed, 26 Aug 2020 04:15:00 GMT
Server
Apache/2.4.38 (Debian)
location
5f6f93f1519ea470da72575a15eb9d6f/login.php
Content-Length
0
Keep-Alive
timeout=5, max=95
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
fire.js
s.cpx.to/ 		0
0
pixel;r=771245877;labels=Categories.hobbiesandinterests;rf=0;a=p-6Fv0cGNfc_bw8;url=http%3A%2F%2Furlz.fr%2FdGm9;fpan=1;fpa=P0-175184649-1598415300729;ns=0;ce=1;qjs=1;qv=35f667c6-20200713111428;cm=;g...
pixel.quantserve.com/
Redirect Chain
  • http://pixel.quantserve.com/pixel;r=771245877;labels=Categories.hobbiesandinterests;rf=0;a=p-6Fv0cGNfc_bw8;url=http%3A%2F%2Furlz.fr%2FdGm9;fpan=1;fpa=P0-175184649-1598415300729;ns=0;ce=1;qjs=1;qv=3...
  • https://pixel.quantserve.com/pixel;r=771245877;labels=Categories.hobbiesandinterests;rf=0;a=p-6Fv0cGNfc_bw8;url=http%3A%2F%2Furlz.fr%2FdGm9;fpan=1;fpa=P0-175184649-1598415300729;ns=0;ce=1;qjs=1;qv=...
35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=771245877;labels=Categories.hobbiesandinterests;rf=0;a=p-6Fv0cGNfc_bw8;url=http%3A%2F%2Furlz.fr%2FdGm9;fpan=1;fpa=P0-175184649-1598415300729;ns=0;ce=1;qjs=1;qv=35f667c6-20200713111428;cm=;gdpr=0;ref=;d=urlz.fr;je=0;sr=1600x1200x24;enc=n;dst=1;et=1598415300729;tzo=-120;ogl=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
http://urlz.fr/dGm9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Aug 2020 04:15:00 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
status
200
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT

Redirect headers

Location
https://pixel.quantserve.com/pixel;r=771245877;labels=Categories.hobbiesandinterests;rf=0;a=p-6Fv0cGNfc_bw8;url=http%3A%2F%2Furlz.fr%2FdGm9;fpan=1;fpa=P0-175184649-1598415300729;ns=0;ce=1;qjs=1;qv=35f667c6-20200713111428;cm=;gdpr=0;ref=;d=urlz.fr;je=0;sr=1600x1200x24;enc=n;dst=1;et=1598415300729;tzo=-120;ogl=
Date
Wed, 26 Aug 2020 04:15:00 GMT
Cache-Control
private, no-transform, max-age=86400
Connection
keep-alive
Content-Length
0
Expires
Thu, 27 Aug 2020 04:15:00 GMT
adagio.js
script.4dex.io/ 		63 KB
19 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8620 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
http://urlz.fr/dGm9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 26 Aug 2020 04:15:00 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
age
1576
status
200
x-amz-request-id
EDD4BCA949D1C8B7
x-amz-id-2
b1M5+qC+fyRhVuJ3/yJfb2qcFgesRgTZjuiZpxj/Xzz3SQ8OubO6SX5N+P6sRACDtztUU1t61hc=
last-modified
Thu, 06 Aug 2020 05:51:29 GMT
server
cloudflare
etag
W/"4a229fdde14f5a9d448571b8f77782b7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
cf-request-id
04ca93008600001f3162307200000001
cf-ray
5c8abaada85b1f31-FRA
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.0.0/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Requested by
Host: d2zur9cc2gf1tx.cloudfront.net
URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://urlz.fr/dGm9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 24 Aug 2020 09:11:52 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 03 Mar 2020 19:15:00 GMT
Server
sffe
Age
154988
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
30186
X-XSS-Protection
0
Expires
Tue, 24 Aug 2021 09:11:52 GMT
notifyme.php
adtrack.adleadevent.com/ 		0
0
image.css
www.moroccanslots.com//wp-includes//pome//jcs//container//pre//app//au//5f6f93f1519ea470da72575a15eb9d6f/img/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.moroccanslots.com//wp-includes//pome//jcs//container//pre//app//au//5f6f93f1519ea470da72575a15eb9d6f/img/image.css
Requested by
Host: www.moroccanslots.com
URL: http://www.moroccanslots.com//wp-includes//pome//jcs//container//pre//app//au//5f6f93f1519ea470da72575a15eb9d6f/login.php
Protocol
HTTP/1.1
Server
92.222.10.214 Paris, France, ASN16276 (OVH, FR),
Reverse DNS
214.ip-92-222-10.eu
Software
Apache/2.4.38 (Debian) /
Resource Hash
d4e278d74dde6b19a4cd9456a323c6b2240ae9d5c1f364bb7fe5af713ac8a445

Request headers

Referer
http://www.moroccanslots.com//wp-includes//pome//jcs//container//pre//app//au//5f6f93f1519ea470da72575a15eb9d6f/login.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 26 Aug 2020 04:15:00 GMT
Content-Encoding
gzip
Last-Modified
Wed, 26 Aug 2020 04:15:00 GMT
Server
Apache/2.4.38 (Debian)
ETag
W/"691-5adc010344fd5-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=93
Content-Length
748
user.png
www.moroccanslots.com//wp-includes//pome//jcs//container//pre//app//au//5f6f93f1519ea470da72575a15eb9d6f/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.moroccanslots.com//wp-includes//pome//jcs//container//pre//app//au//5f6f93f1519ea470da72575a15eb9d6f/img/user.png
Requested by
Host: www.moroccanslots.com
URL: http://www.moroccanslots.com//wp-includes//pome//jcs//container//pre//app//au//5f6f93f1519ea470da72575a15eb9d6f/login.php
Protocol
HTTP/1.1
Server
92.222.10.214 Paris, France, ASN16276 (OVH, FR),
Reverse DNS
214.ip-92-222-10.eu
Software
Apache/2.4.38 (Debian) /
Resource Hash
2f59e0255a37e34f2e6baebdf85d3c5c8cac5e86538f96e8d8f300ddbce0caa4

Request headers

Referer
http://www.moroccanslots.com//wp-includes//pome//jcs//container//pre//app//au//5f6f93f1519ea470da72575a15eb9d6f/login.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 26 Aug 2020 04:15:00 GMT
Last-Modified
Wed, 26 Aug 2020 04:15:00 GMT
Server
Apache/2.4.38 (Debian)
ETag
W/"c31-5adc010344035"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
3121
pass.png
www.moroccanslots.com//wp-includes//pome//jcs//container//pre//app//au//5f6f93f1519ea470da72575a15eb9d6f/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.moroccanslots.com//wp-includes//pome//jcs//container//pre//app//au//5f6f93f1519ea470da72575a15eb9d6f/img/pass.png
Requested by
Host: www.moroccanslots.com
URL: http://www.moroccanslots.com//wp-includes//pome//jcs//container//pre//app//au//5f6f93f1519ea470da72575a15eb9d6f/login.php
Protocol
HTTP/1.1
Server
92.222.10.214 Paris, France, ASN16276 (OVH, FR),
Reverse DNS
214.ip-92-222-10.eu
Software
Apache/2.4.38 (Debian) /
Resource Hash
0db100b94e87ba4d2397d0f164b596919fe53afefd0951e7198420b519476c1f

Request headers

Referer
http://www.moroccanslots.com//wp-includes//pome//jcs//container//pre//app//au//5f6f93f1519ea470da72575a15eb9d6f/login.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 26 Aug 2020 04:15:00 GMT
Last-Modified
Wed, 26 Aug 2020 04:15:00 GMT
Server
Apache/2.4.38 (Debian)
ETag
W/"1e0f-5adc010344035"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
7695
backlog.png
www.moroccanslots.com//wp-includes//pome//jcs//container//pre//app//au//5f6f93f1519ea470da72575a15eb9d6f/img/ 		102 KB
102 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.moroccanslots.com//wp-includes//pome//jcs//container//pre//app//au//5f6f93f1519ea470da72575a15eb9d6f/img/backlog.png
Requested by
Host: www.moroccanslots.com
URL: http://www.moroccanslots.com//wp-includes//pome//jcs//container//pre//app//au//5f6f93f1519ea470da72575a15eb9d6f/login.php
Protocol
HTTP/1.1
Server
92.222.10.214 Paris, France, ASN16276 (OVH, FR),
Reverse DNS
214.ip-92-222-10.eu
Software
Apache/2.4.38 (Debian) /
Resource Hash
c4cc933872f10b2d6f77cb739b1737d34b9c8e9045357058c86b0776e44e077f

Request headers

Referer
http://www.moroccanslots.com//wp-includes//pome//jcs//container//pre//app//au//5f6f93f1519ea470da72575a15eb9d6f/login.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 26 Aug 2020 04:15:00 GMT
Last-Modified
Wed, 26 Aug 2020 04:15:00 GMT
Server
Apache/2.4.38 (Debian)
ETag
W/"19886-5adc010344fd5"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
104582

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
tag.contextweb.com
URL
https://tag.contextweb.com/getjs.static.js
Domain
js-sec.indexww.com
URL
https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fid5-sync.com%2Fc%2F12%2F2%2F8%2F2.gif%3Fpuid%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
Domain
fastlane.rubiconproject.com
URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11740&site_id=39544&zone_id=1124628%3B1078226%3B1078310&size_id=15%3B2%3B2&alt_size_ids=2%2C55%2C58%2C221%3B19%2C43%2C44%2C117%3B19%2C43%2C44%2C117&p_pos=atf&gdpr=0&rp_schain=1.0,1!themoneytizer.com,15056,1,,,&rf=https%3A%2F%2Furlz.fr&kw=15056&tg_i.siteid=15056&tk_flint=pbjs_lite_v3.20.0&x_source.tid=efdbd5cd-ead9-45eb-9b56-0349e35d6412%3B5ad8c4aa-2242-453e-9dda-7af04750d973%3B76871355-9f38-4eaa-acc5-1206447d0a17&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=3&rand=0.6631091228248038
Domain
bidder.criteo.com
URL
https://bidder.criteo.com/cdb?profileId=207&av=31&wv=3.20.0&cb=66894552275
Domain
ice.360yield.com
URL
https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%22391a18ee3132d04%22%2C%22version%22%3A%227.0.0-JS-6.3.0%22%2C%22referrer%22%3A%22http%3A%2F%2Furlz.fr%2FdGm9%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2215056%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22151ea0b23780d8a%22%2C%22pid%22%3A%2222124029%22%2C%22tid%22%3A%228e8fe5d3-f5f9-4fbd-b56c-56a22a497afc%22%2C%22banner%22%3A%7B%7D%7D%2C%7B%22id%22%3A%22163ad1cfd2379bb%22%2C%22pid%22%3A%2212065816%22%2C%22tid%22%3A%22efdbd5cd-ead9-45eb-9b56-0349e35d6412%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A1%2C%22h%22%3A1%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A90%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A30%7D%2C%7B%22w%22%3A990%2C%22h%22%3A90%7D%2C%7B%22w%22%3A950%2C%22h%22%3A90%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%2217820f034cfcd93%22%2C%22pid%22%3A%221121190%22%2C%22tid%22%3A%225ad8c4aa-2242-453e-9dda-7af04750d973%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%5D%7D%7D%2C%7B%22id%22%3A%221867e7a5be726ad%22%2C%22pid%22%3A%221121191%22%2C%22tid%22%3A%2276871355-9f38-4eaa-acc5-1206447d0a17%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%5D%7D%7D%5D%7D%7D
Domain
a.teads.tv
URL
https://a.teads.tv/hb/bid-request
Domain
ads.servenobid.com
URL
https://ads.servenobid.com/adreq?cb=2665
Domain
shb.richaudience.com
URL
https://shb.richaudience.com/hb/
Domain
shb.richaudience.com
URL
https://shb.richaudience.com/hb/
Domain
shb.richaudience.com
URL
https://shb.richaudience.com/hb/
Domain
shb.richaudience.com
URL
https://shb.richaudience.com/hb/
Domain
ads.themoneytizer.com
URL
https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=15056&adid=11&formatid=video&size=desktop&country=undefined
Domain
ads.themoneytizer.com
URL
https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=15056&adid=1&formatid=26322&size=desktop&country=CH
Domain
ads.themoneytizer.com
URL
https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=15056&adid=28&formatid=30012&size=desktop&country=CH
Domain
s.cpx.to
URL
https://s.cpx.to/fire.js?pid=12773&ref=&hn_ver=11&fid=4f5b2f95-8dd1-4f1f-96fb-2d3e0cfa1924
Domain
adtrack.adleadevent.com
URL
https://adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Australian Government (Government)

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes function| submit object| el_down string| Name function| GFG_Fun

0 Cookies

8 Console Messages

Source Level URL
Text
console-api log URL: https://ads.themoneytizer.com/moneybid3_20/build/dist/prebid.js(Line 29)
Message:
[object Object],[object Object],[object Object],[object Object]
console-api log URL: https://ads.themoneytizer.com/moneybid3_20/build/dist/prebid.js(Line 29)
Message:
[object Object]
console-api log URL: https://ads.themoneytizer.com/moneybid3_20/build/dist/prebid.js(Line 29)
Message:
[object Object],[object Object],[object Object],[object Object]
console-api log URL: https://ads.themoneytizer.com/moneybid3_20/build/dist/prebid.js(Line 29)
Message:
[object Object]
console-api log URL: https://ads.themoneytizer.com/moneybid3_20/build/dist/prebid.js(Line 29)
Message:
[object Object],[object Object],[object Object],[object Object]
console-api log URL: https://ads.themoneytizer.com/moneybid3_20/build/dist/prebid.js(Line 29)
Message:
[object Object]
console-api log URL: https://ads.themoneytizer.com/moneybid3_20/build/dist/prebid.js(Line 29)
Message:
[object Object],[object Object],[object Object],[object Object]
console-api log URL: https://ads.themoneytizer.com/moneybid3_20/build/dist/prebid.js(Line 29)
Message:
[object Object]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.teads.tv
ads.servenobid.com
ads.themoneytizer.com
adtrack.adleadevent.com
ajax.cloudflare.com
ajax.googleapis.com
bidder.criteo.com
ced-ns.sascdn.com
d2zur9cc2gf1tx.cloudfront.net
fastlane.rubiconproject.com
g.themoneytizer.net
gum.criteo.com
ib.adnxs.com
ice.360yield.com
js-sec.indexww.com
onetag-sys.com
p.cpx.to
pixel.quantserve.com
prebid-server.rubiconproject.com
rules.quantcount.com
s.cpx.to
script.4dex.io
secure.quantserve.com
shb.richaudience.com
spl.zeotap.com
tag.contextweb.com
tag.leadplace.fr
urlz.fr
ww1097.smartadserver.com
www.google-analytics.com
www.googletagmanager.com
www.moroccanslots.com
a.teads.tv
ads.servenobid.com
ads.themoneytizer.com
adtrack.adleadevent.com
bidder.criteo.com
fastlane.rubiconproject.com
ib.adnxs.com
ice.360yield.com
js-sec.indexww.com
s.cpx.to
shb.richaudience.com
tag.contextweb.com
13.226.155.28
13.226.156.73
145.239.192.166
145.239.193.145
151.139.241.23
185.33.220.240
185.86.137.32
2600:9000:2182:f400:6:44e3:f8c0:93a1
2606:4700:10::6816:1857
2606:4700:3038::681f:ab2
2606:4700::6810:a823
2606:4700:e2::ac40:8620
2620:116:800d:21:5a23:9c4e:e774:96c1
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2a00:1450:4001:802::2008
2a00:1450:4001:802::200e
2a00:1450:4001:821::200a
2a01:4a0:1338:28::c38a:ff10
2a02:2638:1::13
3.121.70.238
51.89.9.251
92.222.10.214
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
06410fe0d6024ba0c2e0945c3ada3b0e1d3396ceadc0b413f188553fe487abde
0db100b94e87ba4d2397d0f164b596919fe53afefd0951e7198420b519476c1f
24f85d914df50a3785eaeed932eab1fd4cbec751c51376321436d853963a46dd
2ae025d04663287951fdfa802d16b9be85e33bcc8ae2a97d25ffbe500e17ae6d
2f59e0255a37e34f2e6baebdf85d3c5c8cac5e86538f96e8d8f300ddbce0caa4
4006e0481f9cfffd3a579c3dcbdad1b6953e844c1e3c76a8d9f86844c98d87a3
51a89388e47fd3e3f32662d9b6633736a080031d12e9ad910bd3a22c7f4dc436
6fc43af08a1b5a63d3b344adf855c70aceb227d65cfcd2eb413f1f963f192913
8130c2c72afad9d94581ef93aaa00524093103c47c71fce52f606d5ff693c3ce
906253670034b32ef537880c09c5b7084445b0bb5deec5790906f0dada15b8a9
a4a71f737a1c818d771021917a6f86161a9756a1528fc79a66b8efe28a3ec61f
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
bd80838c5136bf60d28581d0b436a002e8ee34d737a666fbd1d45fa7a6473cb1
c4cc933872f10b2d6f77cb739b1737d34b9c8e9045357058c86b0776e44e077f
d4e278d74dde6b19a4cd9456a323c6b2240ae9d5c1f364bb7fe5af713ac8a445
df8c0a338715a333687f5a25f14e5baedc7781aed18495b55a693734fed62e3b
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
ffe90bb8da182c32b3682ad3578def5553aa468f8a2f393cdc09435a7e6bdbb2