urlscan.io logo urlscan.io
SecurityTrails logo

equalised-propose.000webhostapp.com Open in urlscan Pro
2a02:4780:dead:53a1::1  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://urlz.fr/avDQ
Effective URL: https://equalised-propose.000webhostapp.com/PayPal1/secure-account/e1576d/en/season.php?country.x=59f4185d36daec8aef3758114e66a20e59f4185d36...
Submission: On September 30 via automatic, source phishtank
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 28 IPs in 8 countries across 28 domains to perform 50 HTTP transactions. The main IP is 2a02:4780:dead:53a1::1, located in United States and belongs to AWEX, US. The main domain is equalised-propose.000webhostapp.com.
TLS certificate: Issued by RapidSSL RSA CA 2018 on June 11th 2019. Valid for: 2 years.
This is the only time equalised-propose.000webhostapp.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: PayPal (Financial)

Domain & IP information

IP Address AS Autonomous System
2 2606:4700:31:... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
9 2a02:4780:dea... 204915 (AWEX)
7 151.139.241.23 33438 (HIGHWINDS2)
1 145.239.193.145 16276 (OVH)
1 74.214.194.131 59940 (PULSEPOIN...)
1 143.204.214.46 16509 (AMAZON-02)
1 2 185.86.137.42 201081 (SMARTADSE...)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2a02:2638::1c 44788 (ASN-CRITE...)
2 145.239.192.166 16276 (OVH)
1 91.228.74.138 27281 (QUANTCAST)
1 143.204.208.65 16509 (AMAZON-02)
3 5.179.192.20 34235 (ASPSERVEU...)
1 94.23.196.203 16276 (OVH)
1 2 52.57.163.110 16509 (AMAZON-02)
2 37.252.172.250 29990 (ASN-APPNEXUS)
1 69.173.144.143 26667 (RUBICONPR...)
1 2.18.234.233 16625 (AKAMAI-AS)
1 2600:9000:204... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 54.247.104.216 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 178.79.227.76 22822 (LLNW)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 195.8.215.136 41690 (DAILYMOTI...)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
50 28
2    2606:4700:31::681f:bb2 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
urlz.fr
1    2606:4700::6813:c697 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
ajax.cloudflare.com
9    2a02:4780:dead:53a1::1 (United States)

ASN204915 (AWEX, US)
equalised-propose.000webhostapp.com
7    151.139.241.23 (Dallas, United States)

ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US)
ads.themoneytizer.com
1    145.239.193.145 (France)

ASN16276 (OVH, FR)
g.tmyzer.com
1    74.214.194.131 (Amsterdam, Netherlands)

ASN59940 (PULSEPOINT-EU, NL)
tag.contextweb.com
1    143.204.214.46 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-214-46.fra53.r.cloudfront.net
p.cpx.to
2    185.86.137.42 (France)

ASN201081 (SMARTADSERVER, FR)
ww1097.smartadserver.com
1    2a02:26f0:6c00:296::c01 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
ced-ns.sascdn.com
1    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    145.239.192.166 (France)

ASN16276 (OVH, FR)
tag.leadplace.fr
1    91.228.74.138 (United Kingdom)

ASN27281 (QUANTCAST - Quantcast Corporation, US)
secure.quantserve.com
1    143.204.208.65 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-208-65.fra53.r.cloudfront.net
d2zur9cc2gf1tx.cloudfront.net
3    5.179.192.20 (Paris, France)

ASN34235 (ASPSERVEUR-AS, FR)
PTR: 5-179-192-20.dynamixhost.net
player.pepsia.com
1    94.23.196.203 (France)

ASN16276 (OVH, FR)
PTR: serveur8.wilsoftech.com
www.noowho.com
2    52.57.163.110 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-57-163-110.eu-central-1.compute.amazonaws.com
ice.360yield.com
2    37.252.172.250 (Ascension Island)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
1    69.173.144.143 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)
fastlane.rubiconproject.com
1    2.18.234.233 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-234-233.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
1    2600:9000:2047:fc00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
rules.quantcount.com
1    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
ajax.googleapis.com
1    54.247.104.216 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-247-104-216.eu-west-1.compute.amazonaws.com
adtrack.adleadevent.com
1    2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
1    178.79.227.76 (Italy)

ASN22822 (LLNW - Limelight Networks, Inc., US)
PTR: https-178-79-227-76.vie.llnw.net
api.dmcdn.net
1    2001:4de0:ac19::1:b:1b (Netherlands)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
maxcdn.bootstrapcdn.com
1    195.8.215.136 (France)

ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR)
PTR: www.dailymotion.com
www.dailymotion.com
1    2001:4de0:ac18::1:a:2a (Netherlands)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
code.jquery.com
Domain Requested by
9 equalised-propose.000webhostapp.com urlz.fr
equalised-propose.000webhostapp.com
7 ads.themoneytizer.com ajax.cloudflare.com
ads.themoneytizer.com
3 player.pepsia.com urlz.fr
player.pepsia.com
2 ib.adnxs.com ads.themoneytizer.com
2 ice.360yield.com 1 redirects
2 tag.leadplace.fr ads.themoneytizer.com
2 ww1097.smartadserver.com 1 redirects ads.themoneytizer.com
2 urlz.fr urlz.fr
1 code.jquery.com equalised-propose.000webhostapp.com
1 www.dailymotion.com api.dmcdn.net
1 maxcdn.bootstrapcdn.com player.pepsia.com
1 api.dmcdn.net player.pepsia.com
1 www.google-analytics.com urlz.fr
1 adtrack.adleadevent.com ajax.googleapis.com
1 ajax.googleapis.com ads.themoneytizer.com
1 rules.quantcount.com secure.quantserve.com
1 ads.stickyadstv.com ads.themoneytizer.com
1 fastlane.rubiconproject.com ads.themoneytizer.com
1 www.noowho.com
1 d2zur9cc2gf1tx.cloudfront.net ads.themoneytizer.com
1 secure.quantserve.com ads.themoneytizer.com
1 gum.criteo.com ads.themoneytizer.com
1 ced-ns.sascdn.com
1 p.cpx.to ads.themoneytizer.com
1 tag.contextweb.com ads.themoneytizer.com
1 g.tmyzer.com ads.themoneytizer.com
1 ajax.cloudflare.com urlz.fr
0 c.tmyzer.com Failed ads.themoneytizer.com
0 pixel.quantserve.com Failed
0 s.cpx.to Failed ads.themoneytizer.com
0 ads.creative-serving.com Failed
50 31

This site contains no links.

Subject Issuer Validity Valid
sni21163.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-08-21 -
2020-02-27		 6 months crt.sh
ssl412106.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-08-10 -
2020-02-16		 6 months crt.sh
*.000webhostapp.com
RapidSSL RSA CA 2018		 2019-06-11 -
2021-07-10		 2 years crt.sh
*.themoneytizer.com
Sectigo RSA Domain Validation Secure Server CA		 2019-02-15 -
2021-02-14		 2 years crt.sh
g.tmyzer.com
Let's Encrypt Authority X3		 2019-08-02 -
2019-10-31		 3 months crt.sh
*.contextweb.com
DigiCert SHA2 Secure Server CA		 2018-07-07 -
2020-06-03		 2 years crt.sh
p.cpx.to
COMODO RSA Domain Validation Secure Server CA		 2015-02-10 -
2020-02-09		 5 years crt.sh
*.sascdn.com
DigiCert SHA2 Secure Server CA		 2019-03-12 -
2020-06-10		 a year crt.sh
*.criteo.com
DigiCert SHA2 Secure Server CA		 2018-11-05 -
2020-01-03		 a year crt.sh
*.leadplace.fr
Gandi Standard SSL CA 2		 2018-09-06 -
2020-09-12		 2 years crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2018-10-16 -
2019-10-21		 a year crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2019-07-17 -
2020-07-05		 a year crt.sh
player.pepsia.com
Let's Encrypt Authority X3		 2019-07-30 -
2019-10-28		 3 months crt.sh
www.noowho.com
Gandi Standard SSL CA 2		 2017-02-07 -
2020-02-07		 3 years crt.sh
*.360yield.com
Amazon		 2019-09-24 -
2020-10-24		 a year crt.sh
*.adnxs.com
DigiCert ECC Secure Server CA		 2019-01-23 -
2021-03-08		 2 years crt.sh
*.rubiconproject.com
DigiCert SHA2 Secure Server CA		 2019-01-10 -
2021-01-14		 2 years crt.sh
ads.stickyadstv.com
DigiCert SHA2 Secure Server CA		 2019-08-28 -
2020-11-26		 a year crt.sh
*.googleapis.com
GTS CA 1O1		 2019-09-05 -
2019-11-28		 3 months crt.sh
adtrack.adleadevent.com
Amazon		 2019-06-30 -
2020-07-30		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2019-09-05 -
2019-11-28		 3 months crt.sh
*.dmcdn.net
Let's Encrypt Authority X3		 2019-09-01 -
2019-11-30		 3 months crt.sh
*.bootstrapcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2019-09-14 -
2020-10-13		 a year crt.sh
*.smartadserver.com
Thawte RSA CA 2018		 2018-09-07 -
2020-02-17		 a year crt.sh
*.dailymotion.com
DigiCert SHA2 High Assurance Server CA		 2018-09-24 -
2019-10-23		 a year crt.sh
jquery.org
COMODO RSA Domain Validation Secure Server CA		 2018-10-17 -
2020-10-16		 2 years crt.sh

This page contains 6 frames:

Primary Page: https://equalised-propose.000webhostapp.com/PayPal1/secure-account/e1576d/en/season.php?country.x=59f4185d36daec8aef3758114e66a20e59f4185d36daec8aef3758114e66a20e
Frame ID: C4555B637817E58C1AD84CFD6A2B6880
Requests: 42 HTTP requests in this frame

Frame: https://equalised-propose.000webhostapp.com/PayPal1/secure-account/e1576d/en/season.php?country.x=59f4185d36daec8aef3758114e66a20e59f4185d36daec8aef3758114e66a20e
Frame ID: CF55B3C3B63F6EA9C5DDF91F5E9E539D
Requests: 1 HTTP requests in this frame

Frame: https://equalised-propose.000webhostapp.com/PayPal1/secure-account/e1576d/en/season.php?country.x=59f4185d36daec8aef3758114e66a20e59f4185d36daec8aef3758114e66a20e
Frame ID: 0D2E3C0FFD546C60674F9878E6D81E31
Requests: 1 HTTP requests in this frame

Frame: https://tag.leadplace.fr/wckr.php?nogdpr&id=MTIZ
Frame ID: 293520CE4914D2909B7DE03661B75F8E
Requests: 1 HTTP requests in this frame

Frame: https://www.google-analytics.com/analytics.js
Frame ID: CAD2702CA0B0113F2956D550EB86FDE0
Requests: 6 HTTP requests in this frame

Frame: https://www.dailymotion.com/embed?api=postMessage&autoplay-mute=true&autoplay=true&controls=false&endscreen-enable=false&id=player_screen_video&mute=true&origin=https%3A%2F%2Furlz.fr&sharing-enable=false&syndication=273739&ui-logo=false&ui-start-screen-info=false
Frame ID: EBC2CB89455835FE53CF461BB8458EAA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://urlz.fr/avDQ Page URL
  2. https://equalised-propose.000webhostapp.com/PayPal1/secure-account/e1576d/en/season.php?country.x=59f4185d36daec8aef3758... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

50
Requests

92 %
HTTPS

37 %
IPv6

28
Domains

31
Subdomains

28
IPs

8
Countries

460 kB
Transfer

1163 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://urlz.fr/avDQ Page URL
  2. https://equalised-propose.000webhostapp.com/PayPal1/secure-account/e1576d/en/season.php?country.x=59f4185d36daec8aef3758114e66a20e59f4185d36daec8aef3758114e66a20e Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10
  • https://ww1097.smartadserver.com/config.js?nwid=1097 HTTP 302
  • https://ced-ns.sascdn.com/diff/js/smart.js
Request Chain 19
  • https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/12/0/9/1.gif?gdpr=1&gdpr_consent= HTTP 302
  • https://secure.adnxs.com/getuid?https://id5-sync.com/c/12/2/8/2.gif?puid=$UID&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/12/2/8/2.gif?puid=7552908628466334705&gdpr=1&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F7%2F3.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
Request Chain 20
  • https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%221484e27b9a56a57%22%2C%22version%22%3A%225.2.0-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Furlz.fr%2FavDQ%22%2C%22imp%22%3A%5B%7B%22id%22%3A%222ff58ce48d5876%22%2C%22pid%22%3A%221121191%22%2C%22tid%22%3A%2234259f2a-3cd9-429b-b1d3-3afd977e2773%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%5D%7D%7D%5D%7D%7D HTTP 302
  • https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%221484e27b9a56a57%22%2C%22version%22%3A%225.2.0-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Furlz.fr%2FavDQ%22%2C%22imp%22%3A%5B%7B%22id%22%3A%222ff58ce48d5876%22%2C%22pid%22%3A%221121191%22%2C%22tid%22%3A%2234259f2a-3cd9-429b-b1d3-3afd977e2773%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%5D%7D%7D%5D%7D%7D

50 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
avDQ
urlz.fr/ 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://urlz.fr/avDQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:31::681f:bb2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1344e53ea79084d031d08f7653c07c3e38616546910fe43799ce00368de0fbc9

Request headers

:method
GET
:authority
urlz.fr
:scheme
https
:path
/avDQ
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
navigate
sec-fetch-user
?1
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1

Response headers

status
200
date
Mon, 30 Sep 2019 14:49:57 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d9cec2fc741952a9101a03958335d17661569854997; expires=Tue, 29-Sep-20 14:49:57 GMT; path=/; domain=.urlz.fr; HttpOnly
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
51e701a6fbc48c74-VIE
content-encoding
br
rocket-loader.min.js
ajax.cloudflare.com/cdn-cgi/scripts/95c75768/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.cloudflare.com/cdn-cgi/scripts/95c75768/cloudflare-static/rocket-loader.min.js
Requested by
Host: urlz.fr
URL: https://urlz.fr/avDQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:c697 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ebb1042972496d60bb6555b9622f7e23201bbfe5d25b33d1096f1b61d659045
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://urlz.fr/avDQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 30 Sep 2019 14:49:57 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Mon, 23 Sep 2019 14:57:07 GMT
server
cloudflare
etag
W/"5d88dd43-2fb5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
application/javascript
status
200
cache-control
max-age=172800, public
strict-transport-security
max-age=15780000; includeSubDomains
cf-ray
51e701a7fc2d5a00-VIE
expires
Wed, 02 Oct 2019 14:49:57 GMT
season.php
equalised-propose.000webhostapp.com/PayPal1/secure-account/e1576d/en/ Frame CF55 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://equalised-propose.000webhostapp.com/PayPal1/secure-account/e1576d/en/season.php?country.x=59f4185d36daec8aef3758114e66a20e59f4185d36daec8aef3758114e66a20e
Requested by
Host: urlz.fr
URL: https://urlz.fr/avDQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4780:dead:53a1::1 , United States, ASN204915 (AWEX, US),
Reverse DNS
Software
awex /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
equalised-propose.000webhostapp.com
:scheme
https
:path
/PayPal1/secure-account/e1576d/en/season.php?country.x=59f4185d36daec8aef3758114e66a20e59f4185d36daec8aef3758114e66a20e
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://urlz.fr/avDQ
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://urlz.fr/avDQ

Response headers

status
200
date
Mon, 30 Sep 2019 14:49:58 GMT
content-type
text/html; charset=UTF-8
set-cookie
PHPSESSID=qkua4qogb1bnd1db2u0cr2ns1d; path=/
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
server
awex
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-request-id
a41fa85745954d7bd0d1a060200313e4
content-encoding
gzip
requestform.js
ads.themoneytizer.com/s/ 		34 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/95c75768/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx / PHP/5.4.45
Resource Hash
829841cb81cdcb3548fcabcd566ce4c822dcc2bff8ccf2d588184509ffe4da0c

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://urlz.fr/avDQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 30 Sep 2019 14:49:57 GMT
content-encoding
gzip
server
nginx
x-powered-by
PHP/5.4.45
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
status
200
cache-control
max-age=86400
accept-ranges
bytes
content-length
8188
expires
Tue, 01 Oct 2019 14:49:26 GMT
gen.js
ads.themoneytizer.com/s/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/gen.js?type=28
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/95c75768/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx / PHP/5.4.45
Resource Hash
2c0b1cf6965cedd6fdc86718ff298f16a50ad29397c68cb6b4de5c0954f98728

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://urlz.fr/avDQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 30 Sep 2019 14:49:57 GMT
content-encoding
gzip
server
nginx
x-powered-by
PHP/5.4.45
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
status
200
cache-control
max-age=86400
accept-ranges
bytes
content-length
2655
expires
Tue, 01 Oct 2019 14:49:44 GMT
/
g.tmyzer.com/g/ 		26 B
200 B 		Script
General
Check archive.org
Download Go to
Full URL
https://g.tmyzer.com/g/
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=28
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.193.145 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
278393caf9e3b1246267fb79e95027449f041bbf8e8774a4cf46d72cc09b7405

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://urlz.fr/avDQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 30 Sep 2019 14:49:58 GMT
Server
nginx
X-IPLB-Instance
29894
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
moneyvisibility.js
ads.themoneytizer.com/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/moneyvisibility.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=28
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
7665c874bc98e44bd494def2883069f2f4c14cdef48d52d517cbbfce75440f37

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://urlz.fr/avDQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 30 Sep 2019 14:49:58 GMT
content-encoding
gzip
last-modified
Wed, 27 Feb 2019 16:57:07 GMT
server
nginx
etag
"779a-308e-582e3105a6be4"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
status
200
cache-control
max-age=86400
accept-ranges
bytes
content-length
3931
expires
Tue, 01 Oct 2019 14:49:57 GMT
moneybile.js
ads.themoneytizer.com/ 		37 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/moneybile.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=28
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
94666aec361fee9a9294bb32a5bc11867e479d41c199dd6ec8053122ae105a4b

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://urlz.fr/avDQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 30 Sep 2019 14:49:58 GMT
content-encoding
gzip
last-modified
Wed, 27 Feb 2019 16:57:00 GMT
server
nginx
etag
"7ff1-9390-582e30fefbc74"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
status
200
cache-control
max-age=86400
accept-ranges
bytes
content-length
15733
expires
Tue, 01 Oct 2019 14:49:35 GMT
getjs.static.js
tag.contextweb.com/ 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.contextweb.com/getjs.static.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=28
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.214.194.131 Amsterdam, Netherlands, ASN59940 (PULSEPOINT-EU, NL),
Reverse DNS
Software
envoy /
Resource Hash
bf0e17523e8f57ccb02223b6e5adea462a5479afc4e79d9cbf80ca7f6186dc69

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://urlz.fr/avDQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 30 Sep 2019 14:49:58 GMT
content-encoding
gzip
server
envoy
etag
d13c8ae45565efb782b52cb7f6a3b3828e3d77a7
p3p
policyref="/TagPublish/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
status
200
cache-control
max-age=432000, public
x-envoy-upstream-service-time
3
content-type
application/x-javascript
content-length
11296
px.js
p.cpx.to/p/11528/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.cpx.to/p/11528/px.js?r=15fa3
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=28
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.214.46 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-214-46.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
759d88dd7c8fa0d1e31323bd2ebf3f238156fdcbd1ed108215f69fece482d0c2

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://urlz.fr/avDQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 29 Sep 2019 02:23:58 GMT
Content-Encoding
UTF-8
Connection
keep-alive
Last-Modified
Wed, 10 Oct 2018 10:49:46 GMT
Server
AmazonS3
Age
131161
ETag
"f30057c89bf67afeaf18ceba624fa4b7"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
Cache-Control
max-age=2419200
X-Amz-Cf-Pop
FRA53-C1
Accept-Ranges
bytes
Content-Length
1498
X-Amz-Cf-Id
Yejok3fkGQHxGuPvAfHpJyHNHDQg6RiqE3xCEK338SZ5qqMJQnvETQ==
smart.js
ced-ns.sascdn.com/diff/js/
Redirect Chain
  • https://ww1097.smartadserver.com/config.js?nwid=1097
  • https://ced-ns.sascdn.com/diff/js/smart.js
24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ced-ns.sascdn.com/diff/js/smart.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:296::c01 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Apache /
Resource Hash
e74d4b9c447f963778d2309bf36b2c9acd06d8c7096f9a98b28643cae53f426b

Request headers

Referer
https://urlz.fr/avDQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 30 Sep 2019 14:49:58 GMT
Content-Encoding
gzip
Last-Modified
Thu, 05 Sep 2019 12:08:33 GMT
Server
Apache
ETag
"1fc11a0f5e30485338c4562812f21662:1567685313"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8004

Redirect headers

Location
https://ced-ns.sascdn.com/diff/js/smart.js
Date
Mon, 30 Sep 2019 14:49:58 GMT
Cache-Control
private
Content-Length
159
Content-Type
text/html; charset=utf-8
sync
gum.criteo.com/ 		49 B
386 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=28
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://urlz.fr/avDQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 30 Sep 2019 14:49:58 GMT
Content-Encoding
gzip
Expires
60
Cache-Control
private, max-age=3600
Content-Length
165
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
libJsLP.js
tag.leadplace.fr/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.leadplace.fr/libJsLP.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=28
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.192.166 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
90e6f92e956b0b2b6e655f63d36cd44cef727f54c2b2a175ab5144de14ba2a31

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://urlz.fr/avDQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 30 Sep 2019 14:49:58 GMT
Last-Modified
Tue, 30 Oct 2018 10:00:26 GMT
Server
nginx/1.14.2
ETag
"5bd82bba-a72"
X-IPLB-Instance
30195
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
2674
quant.js
secure.quantserve.com/ 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.138 , United Kingdom, ASN27281 (QUANTCAST - Quantcast Corporation, US),
Reverse DNS
Software
QS /
Resource Hash
404a9b0ffbcc813e8ddbb8d8510a24a69c09079282f8083ee94f4adc5d627176

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://urlz.fr/avDQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 30 Sep 2019 14:49:58 GMT
Content-Encoding
gzip
Last-Modified
Mon, 30-Sep-2019 14:49:58 GMT
Server
QS
ETag
M0-e2b9884a
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=604800
Connection
keep-alive
Content-Length
5456
Expires
Mon, 07 Oct 2019 14:49:58 GMT
notifyme.js
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/ 		25 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.208.65 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-208-65.fra53.r.cloudfront.net
Software
Apache /
Resource Hash
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://urlz.fr/avDQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 30 Sep 2019 06:32:59 GMT
Via
1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
Last-Modified
Mon, 18 Feb 2019 16:54:28 GMT
Server
Apache
Age
46263
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
X-Amz-Cf-Pop
FRA53-C1
Accept-Ranges
bytes
Content-Length
25704
X-Amz-Cf-Id
JOtTNOFG3kQ1PdJNK6J48O0IU8syLV5-gIGpN0XGOS63aLUjqX5Tig==
prebid.js
ads.themoneytizer.com/moneybid2_31/build/dist/ 		333 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/moneybid2_31/build/dist/prebid.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
1aa092da3c4c7cfa17ea0a1a695f3c98e49e5ad40fb8054f7f2c0508b640bf50

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://urlz.fr/avDQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 30 Sep 2019 14:49:58 GMT
content-encoding
gzip
last-modified
Tue, 17 Sep 2019 15:51:10 GMT
server
nginx
etag
"32334-53511-592c1b0771144"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
status
200
cache-control
max-age=86400
accept-ranges
bytes
content-length
107532
expires
Tue, 01 Oct 2019 14:49:45 GMT
sdk.js
player.pepsia.com/ 		38 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.pepsia.com/sdk.js?d=16d82a64834
Requested by
Host: urlz.fr
URL: https://urlz.fr/avDQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.179.192.20 Paris, France, ASN34235 (ASPSERVEUR-AS, FR),
Reverse DNS
5-179-192-20.dynamixhost.net
Software
nginx /
Resource Hash
dccff4268cf23b61b45aeb89e063cb102cdf9a862e1c25bd2104aaf135a914d3

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://urlz.fr/avDQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 30 Sep 2019 14:49:58 GMT
Last-Modified
Tue, 24 Sep 2019 10:24:44 GMT
Server
nginx
Accept-Ranges
bytes
ETag
"5d89eeec-96b1"
Content-Length
38577
Content-Type
application/javascript
season.php
equalised-propose.000webhostapp.com/PayPal1/secure-account/e1576d/en/ Frame 0D2E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://equalised-propose.000webhostapp.com/PayPal1/secure-account/e1576d/en/season.php?country.x=59f4185d36daec8aef3758114e66a20e59f4185d36daec8aef3758114e66a20e
Requested by
Host: urlz.fr
URL: https://urlz.fr/avDQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4780:dead:53a1::1 , United States, ASN204915 (AWEX, US),
Reverse DNS
Software
awex /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
equalised-propose.000webhostapp.com
:scheme
https
:path
/PayPal1/secure-account/e1576d/en/season.php?country.x=59f4185d36daec8aef3758114e66a20e59f4185d36daec8aef3758114e66a20e
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://urlz.fr/avDQ
accept-encoding
gzip, deflate, br
cookie
PHPSESSID=qkua4qogb1bnd1db2u0cr2ns1d
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://urlz.fr/avDQ

Response headers

status
200
date
Mon, 30 Sep 2019 14:49:58 GMT
content-type
text/html; charset=UTF-8
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
server
awex
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-request-id
04cc525aa1d0c9959238046cf60644ca
content-encoding
gzip
image.php
www.noowho.com/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.noowho.com/image.php?site=23690713&ref=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.23.196.203 , France, ASN16276 (OVH, FR),
Reverse DNS
serveur8.wilsoftech.com
Software
Apache/2.4.7 (Ubuntu) / PHP/5.5.9-1ubuntu4.22
Resource Hash
8a67157fb7f642d5f25653bd19f1fcabb3f24fc3647481dba0a466a4e009fb4b

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://urlz.fr/avDQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 30 Sep 2019 14:58:44 GMT
Cache-Control
no-store, no-cache, must-revalidate
Server
Apache/2.4.7 (Ubuntu)
Connection
close
X-Powered-By
PHP/5.5.9-1ubuntu4.22
Content-Length
1488
Content-Type
image/gif
id5_cm
ads.creative-serving.com/
Redirect Chain
  • https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent=
  • https://id5-sync.com/c/12/0/9/1.gif?gdpr=1&gdpr_consent=
  • https://secure.adnxs.com/getuid?https://id5-sync.com/c/12/2/8/2.gif?puid=$UID&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/12/2/8/2.gif?puid=7552908628466334705&gdpr=1&gdpr_consent=
  • https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F7%2F3.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
0
0
hb
ice.360yield.com/ul_cb/
Redirect Chain
  • https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%221484e27b9a56a57%22%2C%22version%22%3A%225.2.0-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Furlz.fr%2F...
  • https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%221484e27b9a56a57%22%2C%22version%22%3A%225.2.0-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Furlz...
3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%221484e27b9a56a57%22%2C%22version%22%3A%225.2.0-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Furlz.fr%2FavDQ%22%2C%22imp%22%3A%5B%7B%22id%22%3A%222ff58ce48d5876%22%2C%22pid%22%3A%221121191%22%2C%22tid%22%3A%2234259f2a-3cd9-429b-b1d3-3afd977e2773%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%5D%7D%7D%5D%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.163.110 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-57-163-110.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
1f9297e08a2d617dcb3a9e81543ac6e71f25f885730006e5eaad7d2abc160fc4

Request headers

Referer
https://urlz.fr/avDQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 30 Sep 2019 14:49:58 GMT
content-encoding
gzip
status
200
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://urlz.fr
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
1695

Redirect headers

date
Mon, 30 Sep 2019 14:49:58 GMT
status
302
location
https://ice.360yield.com:443/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%221484e27b9a56a57%22%2C%22version%22%3A%225.2.0-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Furlz.fr%2FavDQ%22%2C%22imp%22%3A%5B%7B%22id%22%3A%222ff58ce48d5876%22%2C%22pid%22%3A%221121191%22%2C%22tid%22%3A%2234259f2a-3cd9-429b-b1d3-3afd977e2773%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%5D%7D%7D%5D%7D%7D
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://urlz.fr
access-control-allow-credentials
true
content-type
text/plain
content-length
0
prebid
ib.adnxs.com/ut/v3/ 		253 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_31/build/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.250 , Ascension Island, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
187bdc9307f054afe1dfc94cd92d09549609ffdaf39930415a853763e3b11eae
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://urlz.fr/avDQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 30 Sep 2019 14:50:00 GMT
X-Proxy-Origin
89.39.105.129; 89.39.105.129; 538.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.112:80
AN-X-Request-Uuid
78c0d3dc-b302-4735-a443-0c09707c88da
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://urlz.fr
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
253
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		143 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_31/build/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.250 , Ascension Island, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
a00b793fedb368f5a3e42945045c0dcbf4c3dbddcb9806ce5fbbf71c749a7b38
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://urlz.fr/avDQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 30 Sep 2019 14:50:00 GMT
X-Proxy-Origin
89.39.105.129; 89.39.105.129; 538.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.200:80
AN-X-Request-Uuid
4a9d91e2-3bfd-407b-acbe-2f6111631c8e
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://urlz.fr
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
143
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		255 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11740&site_id=39544&zone_id=1078310&size_id=2&p_pos=atf&rf=https%3A%2F%2Furlz.fr&kw=15056&tg_i.siteid=15056&tk_flint=pbjs_lite_v2.31.0&x_source.tid=34259f2a-3cd9-429b-b1d3-3afd977e2773&p_screen_res=1600x1200&rp_floor=0.37&rp_secure=1&slots=1&rand=0.6317486780753423
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_31/build/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
c587a15a55a3d1136aa430dffa11a5d5a9053e9e93a06bf2c0855df62bcca6e9

Request headers

Sec-Fetch-Mode
cors
Referer
https://urlz.fr/avDQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 30 Sep 2019 14:49:58 GMT
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://urlz.fr
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=410
Content-Length
255
Expires
Wed, 17 Sep 1975 21:32:10 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ 		67 B
548 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=5224337&componentId=mustang&timestamp=1569854998675&pKey=1669538868&_fw_gdpr_consent=undefined&loc=https%3A%2F%2Furlz.fr%2FavDQ&playerSize=640x480&
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_31/build/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash

Request headers

Sec-Fetch-Mode
cors
Referer
https://urlz.fr/avDQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 30 Sep 2019 14:49:58 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://urlz.fr
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1569854998683089-23
Expires
Mon, 30 Sep 2019 14:49:58 GMT
moneybid.js
ads.themoneytizer.com/bidder1/ 		631 B
666 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=15056&adid=28&formatid=30012&size=desktop
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_31/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx / PHP/5.4.45
Resource Hash
87d0504a593794695c2f77db0efde1f65e73a7086abf260f07f491482517cd07

Request headers

Sec-Fetch-Mode
cors
Referer
https://urlz.fr/avDQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 30 Sep 2019 14:49:58 GMT
content-encoding
gzip
server
nginx
status
200
x-powered-by
PHP/5.4.45
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
435
expires
Tue, 01 Oct 2019 14:49:58 GMT
fire.js
s.cpx.to/ 		0
0
wckr.php
tag.leadplace.fr/ Frame 2935 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tag.leadplace.fr/wckr.php?nogdpr&id=MTIZ
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.192.166 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash

Request headers

Host
tag.leadplace.fr
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
https://urlz.fr/avDQ
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://urlz.fr/avDQ

Response headers

Server
nginx/1.14.2
Date
Mon, 30 Sep 2019 14:49:58 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
X-IPLB-Instance
30195
rules-p-6Fv0cGNfc_bw8.js
rules.quantcount.com/ 		1 KB
964 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2047:fc00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://urlz.fr/avDQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 30 Sep 2019 14:41:19 GMT
content-encoding
gzip
last-modified
Mon, 19 Mar 2018 22:28:36 GMT
server
AmazonS3
age
534
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
status
200
cache-control
max-age=3600
x-amz-cf-pop
FRA53
x-amz-cf-id
iRQLiHbYgM_GfxhwSNFyWeqyuo9bUMZ-LUB6tz-pIrZilA6nWszacw==
via
1.1 23082ff4de65f70078e091bc7cd0cf24.cloudfront.net (CloudFront)
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.0.0/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://urlz.fr/avDQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 26 Aug 2019 09:17:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3043969
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
30186
x-xss-protection
0
last-modified
Tue, 20 Dec 2016 18:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 25 Aug 2020 09:17:09 GMT
notifyme.php
adtrack.adleadevent.com/ 		0
518 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.247.104.216 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-247-104-216.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://urlz.fr/avDQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Pragma
no-cache
Date
Mon, 30 Sep 2019 14:49:59 GMT
Content-Encoding
gzip
Last-Modified
Mon, 30 Sep 2019 14:49:59 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
https://urlz.fr
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
Expires
Sat, 26 Jul 1997 05:00:00 GMT
pixel;r=614768236;labels=Categories.hobbiesandinterests;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Furlz.fr%2FavDQ;fpan=1;fpa=P0-313371373-1569854998720;ns=0;ce=1;qjs=1;qv=4c19192-20180628134937;cm=;r...
pixel.quantserve.com/ 		0
0
indexv2.php
player.pepsia.com/V2/ 		43 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://player.pepsia.com/V2/indexv2.php?token=00I4&controls=1&autoplay=1&logo=true&volume=1&api=1&id=0&origin=https://urlz.fr&d=16d82a64936
Requested by
Host: player.pepsia.com
URL: https://player.pepsia.com/sdk.js?d=16d82a64834
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.179.192.20 Paris, France, ASN34235 (ASPSERVEUR-AS, FR),
Reverse DNS
5-179-192-20.dynamixhost.net
Software
nginx /
Resource Hash
76513f192fa0924c7239022e4f8f878503499dc6e12f6b0cd1bad26269ec1a8a

Request headers

Sec-Fetch-Mode
cors
Referer
https://urlz.fr/avDQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://urlz.fr
Date
Mon, 30 Sep 2019 14:49:58 GMT
Content-Encoding
gzip
Access-Control-Allow-Credentials
true
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
algov2.php
player.pepsia.com/V2/ 		1 KB
784 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://player.pepsia.com/V2/algov2.php?token=00I4&num=9&origin=https://urlz.fr&d=16d82a64937
Requested by
Host: player.pepsia.com
URL: https://player.pepsia.com/sdk.js?d=16d82a64834
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.179.192.20 Paris, France, ASN34235 (ASPSERVEUR-AS, FR),
Reverse DNS
5-179-192-20.dynamixhost.net
Software
nginx /
Resource Hash

Request headers

Sec-Fetch-Mode
cors
Referer
https://urlz.fr/avDQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://urlz.fr
Date
Mon, 30 Sep 2019 14:49:58 GMT
Content-Encoding
gzip
Access-Control-Allow-Credentials
true
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
analytics.js
www.google-analytics.com/ Frame CAD2 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: urlz.fr
URL: https://urlz.fr/avDQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://urlz.fr/avDQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
1440
date
Mon, 30 Sep 2019 14:25:58 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17803
expires
Mon, 30 Sep 2019 16:25:58 GMT
all.js
api.dmcdn.net/ Frame CAD2 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.dmcdn.net/all.js
Requested by
Host: player.pepsia.com
URL: https://player.pepsia.com/sdk.js?d=16d82a64834
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.79.227.76 , Italy, ASN22822 (LLNW - Limelight Networks, Inc., US),
Reverse DNS
https-178-79-227-76.vie.llnw.net
Software
DMS/1.0.42 /
Resource Hash

Request headers

Sec-Fetch-Mode
cors
Referer
https://urlz.fr/avDQ
Origin
https://urlz.fr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 30 Sep 2019 14:49:59 GMT
content-encoding
gzip
last-modified
Fri, 27 Sep 2019 13:09:39 GMT
server
DMS/1.0.42
age
264438
etag
"5d8e0a13-72c2"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=43200, s-maxage=3600
accept-ranges
bytes
access-control-allow-origin
*
content-length
9628
expires
Fri, 27 Sep 2019 14:22:41 GMT
glyphicons-halflings-regular.woff2
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/fonts/ Frame CAD2 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/fonts/glyphicons-halflings-regular.woff2
Requested by
Host: player.pepsia.com
URL: https://player.pepsia.com/sdk.js?d=16d82a64834
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
/
Resource Hash
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Request headers

Sec-Fetch-Mode
cors
Referer
https://urlz.fr/avDQ
Origin
https://urlz.fr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 30 Sep 2019 14:49:58 GMT
content-encoding
gzip
last-modified
Wed, 12 Dec 2018 18:36:18 GMT
status
200
etag
"1544639778"
vary
Accept-Encoding
x-cache
HIT
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-hello-human
Say hello back! @getBootstrapCDN on Twitter
accept-ranges
bytes
timing-allow-origin
*
content-length
18056
truncated
/ Frame CAD2 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://urlz.fr/avDQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/gif
favicon.ico
urlz.fr/ Frame CAD2 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://urlz.fr/favicon.ico
Requested by
Host: urlz.fr
URL: https://urlz.fr/avDQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:31::681f:bb2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://urlz.fr/avDQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 30 Sep 2019 14:49:59 GMT
content-encoding
br
cf-cache-status
EXPIRED
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
status
404
cache-control
public, max-age=86400
cf-ray
51e701af3abc8c74-VIE
expires
Tue, 01 Oct 2019 14:49:59 GMT
Primary Request season.php
equalised-propose.000webhostapp.com/PayPal1/secure-account/e1576d/en/ 		17 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://equalised-propose.000webhostapp.com/PayPal1/secure-account/e1576d/en/season.php?country.x=59f4185d36daec8aef3758114e66a20e59f4185d36daec8aef3758114e66a20e
Requested by
Host: urlz.fr
URL: https://urlz.fr/avDQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4780:dead:53a1::1 , United States, ASN204915 (AWEX, US),
Reverse DNS
Software
awex /
Resource Hash
1a8b6a580bca97daf5b00417796b9e075a1f0a94d35bdde3e0deb05f0b9a213e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
equalised-propose.000webhostapp.com
:scheme
https
:path
/PayPal1/secure-account/e1576d/en/season.php?country.x=59f4185d36daec8aef3758114e66a20e59f4185d36daec8aef3758114e66a20e
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://urlz.fr/avDQ
accept-encoding
gzip, deflate, br
cookie
PHPSESSID=qkua4qogb1bnd1db2u0cr2ns1d
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Referer
https://urlz.fr/avDQ

Response headers

status
200
date
Mon, 30 Sep 2019 14:49:59 GMT
content-type
text/html; charset=UTF-8
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
server
awex
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-request-id
f981542df2b6a7ed296a59ff09c3e857
content-encoding
gzip
bundle.js
ads.themoneytizer.com/cs2/dist/ 		97 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/cs2/dist/bundle.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://urlz.fr/avDQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 30 Sep 2019 14:49:58 GMT
content-encoding
gzip
last-modified
Tue, 17 Sep 2019 21:28:09 GMT
server
nginx
etag
W/"3247a-183db-592c6659901e6"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
status
200
cache-control
max-age=86400
accept-ranges
bytes
expires
Tue, 01 Oct 2019 14:49:58 GMT
ac
ww1097.smartadserver.com/ 		22 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ww1097.smartadserver.com/ac?nwid=1097&siteid=205724&pgid=890545&fmtid=30012&async=1&visit=m&tmstp=9211195305&tag=sas_30012&sh=1200&sw=1600&pgDomain=https%3A%2F%2Furlz.fr%2FavDQ&hb_bid=moneytizer&hb_cpm=0.01&hb_ccy=USD&hb_dealid=0&noadcbk=sas.noad
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.86.137.42 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://urlz.fr/avDQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 30 Sep 2019 14:49:58 GMT
Content-Encoding
gzip
X-SMRT-D
3%3b11%3b139
Vary
Accept-Encoding
P3P
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Cache-Control
no-cache, no-store
Content-Type
application/javascript; charset=utf-8
Content-Length
140
Expires
-1
/
c.tmyzer.com/c/ 		0
0
Cookie set embed
www.dailymotion.com/ Frame EBC2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.dailymotion.com/embed?api=postMessage&autoplay-mute=true&autoplay=true&controls=false&endscreen-enable=false&id=player_screen_video&mute=true&origin=https%3A%2F%2Furlz.fr&sharing-enable=false&syndication=273739&ui-logo=false&ui-start-screen-info=false
Requested by
Host: api.dmcdn.net
URL: https://api.dmcdn.net/all.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.8.215.136 , France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
www.dailymotion.com
Software
DMS/1.0.42 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31708800; includeSubDomains

Request headers

Host
www.dailymotion.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
https://urlz.fr/avDQ
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://urlz.fr/avDQ

Response headers

Content-Security-Policy-Report-Only
default-src https: blob: wss: data: android-webview-video-poster: android-webview: chrome-extension: safari-extension: 'unsafe-eval' 'unsafe-inline'; report-uri https://www.dailymotion.com/content_security_policy_report_uri
Server
DMS/1.0.42
X-DM-BackNode
web-483.adm.dc3.dailymotion.com:80
Vary
X-DM-SSL,Accept-Encoding
Cache-Control
no-cache, no-store
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Content-Security-Policy
upgrade-insecure-requests
Access-Control-Expose-Headers
X-DM-BackNode-Response-Time
Strict-Transport-Security
max-age=31708800; includeSubDomains
Date
Mon, 30 Sep 2019 14:49:59 GMT
Link
<https://static1.dmcdn.net>; rel=preconnect,<https://ajax.googleapis.com>; rel=preconnect
Keep-Alive
timeout=60, max=4985
X-DM-LB-IP
195.8.215.136
X-DM-LB-Name
lb-07
X-DM-BackNode-Response-Time
38
Connection
Keep-Alive
Set-Cookie
ts=210063; expires=Fri, 30-Oct-2020 15:49:59 GMT; Max-Age=34218000; path=/; domain=.dailymotion.com sid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ sdx=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ su_user_id=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ su_sid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ su_sdx=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ client_token=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ access_token=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ refresh_token=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ dmvk=5d921617248e3; path=/; domain=.dailymotion.com v1st=977A6F74A4A2E1A160E4225F2596FE28; expires=Thu, 29 Oct 2020 14:49:58 GMT; max-age=34128000; path=/; domain=.dailymotion.com
Expect-Ct
max-age=0, report-uri="https://www.dailymotion.com/content_security_policy_report_uri"
Content-Length
12522
truncated
/ Frame CAD2 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://urlz.fr/avDQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/x-icon
khawarezmialgo.js
equalised-propose.000webhostapp.com/PayPal1/secure-account/e1576d/en/js/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://equalised-propose.000webhostapp.com/PayPal1/secure-account/e1576d/en/js/khawarezmialgo.js
Requested by
Host: equalised-propose.000webhostapp.com
URL: https://equalised-propose.000webhostapp.com/PayPal1/secure-account/e1576d/en/season.php?country.x=59f4185d36daec8aef3758114e66a20e59f4185d36daec8aef3758114e66a20e
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4780:dead:53a1::1 , United States, ASN204915 (AWEX, US),
Reverse DNS
Software
awex /
Resource Hash
18f40ec7eebad0f047ee2cfb0c07766d1914a69b3293c69f1ace52528fe68674
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://equalised-propose.000webhostapp.com/PayPal1/secure-account/e1576d/en/season.php?country.x=59f4185d36daec8aef3758114e66a20e59f4185d36daec8aef3758114e66a20e
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 30 Sep 2019 14:49:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Sep 2019 19:02:56 GMT
server
awex
content-type
application/javascript
status
200
x-xss-protection
1; mode=block
x-request-id
dc9f032a77e0a02d52f985cd5b84fcb8
contextualLogin.css
equalised-propose.000webhostapp.com/PayPal1/secure-account/e1576d/en/System/ 		74 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://equalised-propose.000webhostapp.com/PayPal1/secure-account/e1576d/en/System/contextualLogin.css
Requested by
Host: equalised-propose.000webhostapp.com
URL: https://equalised-propose.000webhostapp.com/PayPal1/secure-account/e1576d/en/season.php?country.x=59f4185d36daec8aef3758114e66a20e59f4185d36daec8aef3758114e66a20e
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4780:dead:53a1::1 , United States, ASN204915 (AWEX, US),
Reverse DNS
Software
awex /
Resource Hash
5f30b9d063e3b1e723874d10ece4e92485ffbb08e1822f7d43550116b0f485d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://equalised-propose.000webhostapp.com/PayPal1/secure-account/e1576d/en/season.php?country.x=59f4185d36daec8aef3758114e66a20e59f4185d36daec8aef3758114e66a20e
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 30 Sep 2019 14:49:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Sep 2019 19:02:56 GMT
server
awex
content-type
text/css
status
200
x-xss-protection
1; mode=block
x-request-id
8615f930bbf43a837d374b78a8b2da4a
jquery-3.2.1.min.js
code.jquery.com/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.2.1.min.js
Requested by
Host: equalised-propose.000webhostapp.com
URL: https://equalised-propose.000webhostapp.com/PayPal1/secure-account/e1576d/en/season.php?country.x=59f4185d36daec8aef3758114e66a20e59f4185d36daec8aef3758114e66a20e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://equalised-propose.000webhostapp.com/PayPal1/secure-account/e1576d/en/season.php?country.x=59f4185d36daec8aef3758114e66a20e59f4185d36daec8aef3758114e66a20e
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Mon, 30 Sep 2019 14:49:59 GMT
Content-Encoding
gzip
Last-Modified
Mon, 20 Mar 2017 19:01:15 GMT
Server
nginx
ETag
W/"58d026fb-15283"
Vary
Accept-Encoding
X-HW
1569854998.dop005.fr8.shc,1569854998.dop005.fr8.t,1569854999.cds133.fr8.c
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
30125
login.js
equalised-propose.000webhostapp.com/PayPal1/secure-account/e1576d/en/js/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://equalised-propose.000webhostapp.com/PayPal1/secure-account/e1576d/en/js/login.js
Requested by
Host: equalised-propose.000webhostapp.com
URL: https://equalised-propose.000webhostapp.com/PayPal1/secure-account/e1576d/en/season.php?country.x=59f4185d36daec8aef3758114e66a20e59f4185d36daec8aef3758114e66a20e
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4780:dead:53a1::1 , United States, ASN204915 (AWEX, US),
Reverse DNS
Software
awex /
Resource Hash
c4944bba897015b20665c2f83e8d76ea3dbe0514df2d2d0370a4c2c71ff8211a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://equalised-propose.000webhostapp.com/PayPal1/secure-account/e1576d/en/season.php?country.x=59f4185d36daec8aef3758114e66a20e59f4185d36daec8aef3758114e66a20e
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 30 Sep 2019 14:49:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Sep 2019 19:02:56 GMT
server
awex
content-type
application/javascript
status
200
x-xss-protection
1; mode=block
x-request-id
25e501584e76497e0419afe1eb99c0c1
plugins.js
equalised-propose.000webhostapp.com/PayPal1/secure-account/e1576d/en/js/ 		55 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://equalised-propose.000webhostapp.com/PayPal1/secure-account/e1576d/en/js/plugins.js
Requested by
Host: equalised-propose.000webhostapp.com
URL: https://equalised-propose.000webhostapp.com/PayPal1/secure-account/e1576d/en/season.php?country.x=59f4185d36daec8aef3758114e66a20e59f4185d36daec8aef3758114e66a20e
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4780:dead:53a1::1 , United States, ASN204915 (AWEX, US),
Reverse DNS
Software
awex /
Resource Hash
656b81fc8ce755e7cdacde6bcb9e9c2af44902025e0c10cd1ac897ca3945dacb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://equalised-propose.000webhostapp.com/PayPal1/secure-account/e1576d/en/season.php?country.x=59f4185d36daec8aef3758114e66a20e59f4185d36daec8aef3758114e66a20e
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 30 Sep 2019 14:49:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Sep 2019 19:02:56 GMT
server
awex
content-type
application/javascript
status
200
x-xss-protection
1; mode=block
x-request-id
583429bd8ae702b2c7afa78ae8cc4b80
cfpp.svg
equalised-propose.000webhostapp.com/PayPal1/secure-account/e1576d/en/css/shared/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://equalised-propose.000webhostapp.com/PayPal1/secure-account/e1576d/en/css/shared/cfpp.svg
Requested by
Host: equalised-propose.000webhostapp.com
URL: https://equalised-propose.000webhostapp.com/PayPal1/secure-account/e1576d/en/season.php?country.x=59f4185d36daec8aef3758114e66a20e59f4185d36daec8aef3758114e66a20e
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4780:dead:53a1::1 , United States, ASN204915 (AWEX, US),
Reverse DNS
Software
awex /
Resource Hash
b3cc50b9e94bbecaaeb1079b64b8ca50616d1732824964c1cc2c5422627a0ec5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://equalised-propose.000webhostapp.com/PayPal1/secure-account/e1576d/en/System/contextualLogin.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 30 Sep 2019 14:49:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Sep 2019 19:02:56 GMT
server
awex
content-type
image/svg+xml
status
200
x-xss-protection
1; mode=block
x-request-id
cbcb2f3ca8413bfe66d303a0eae4127e
icon_alter.png
equalised-propose.000webhostapp.com/PayPal1/secure-account/e1576d/en/css/shared/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://equalised-propose.000webhostapp.com/PayPal1/secure-account/e1576d/en/css/shared/icon_alter.png
Requested by
Host: equalised-propose.000webhostapp.com
URL: https://equalised-propose.000webhostapp.com/PayPal1/secure-account/e1576d/en/season.php?country.x=59f4185d36daec8aef3758114e66a20e59f4185d36daec8aef3758114e66a20e
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4780:dead:53a1::1 , United States, ASN204915 (AWEX, US),
Reverse DNS
Software
awex /
Resource Hash
54436312813c5ba0070898ec0ac998a94e0486d12417a8fa4602cc501a94029e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://equalised-propose.000webhostapp.com/PayPal1/secure-account/e1576d/en/System/contextualLogin.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 30 Sep 2019 14:49:59 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Sep 2019 19:02:56 GMT
server
awex
content-type
image/png
status
200
accept-ranges
bytes
content-length
4675
x-xss-protection
1; mode=block
x-request-id
519d8d574c348b03659e064c5d35de5c

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ads.creative-serving.com
URL
https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F7%2F3.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
Domain
s.cpx.to
URL
https://s.cpx.to/fire.js?pid=11528&ref=&hn_ver=10&fid=7c85d43f-9bb2-48f1-a3ad-10bd966a9d5a
Domain
pixel.quantserve.com
URL
https://pixel.quantserve.com/pixel;r=614768236;labels=Categories.hobbiesandinterests;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Furlz.fr%2FavDQ;fpan=1;fpa=P0-313371373-1569854998720;ns=0;ce=1;qjs=1;qv=4c19192-20180628134937;cm=;ref=;je=0;sr=1600x1200x24;enc=n;dst=1;et=1569854998719;tzo=-120;ogl=
Domain
c.tmyzer.com
URL
https://c.tmyzer.com/c/?s=15056&f=28&fi=0

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: PayPal (Financial)

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| Aes object| Base64 object| Utf8 string| khawarezmifou string| khawarezmic string| output string| ctrTxt function| $ function| jQuery function| validateEmail function| makeid

1 Cookies

Domain/Path Name / Value
equalised-propose.000webhostapp.com/ Name: PHPSESSID
Value: qkua4qogb1bnd1db2u0cr2ns1d

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.creative-serving.com
ads.stickyadstv.com
ads.themoneytizer.com
adtrack.adleadevent.com
ajax.cloudflare.com
ajax.googleapis.com
api.dmcdn.net
c.tmyzer.com
ced-ns.sascdn.com
code.jquery.com
d2zur9cc2gf1tx.cloudfront.net
equalised-propose.000webhostapp.com
fastlane.rubiconproject.com
g.tmyzer.com
gum.criteo.com
ib.adnxs.com
ice.360yield.com
maxcdn.bootstrapcdn.com
p.cpx.to
pixel.quantserve.com
player.pepsia.com
rules.quantcount.com
s.cpx.to
secure.quantserve.com
tag.contextweb.com
tag.leadplace.fr
urlz.fr
ww1097.smartadserver.com
www.dailymotion.com
www.google-analytics.com
www.noowho.com
ads.creative-serving.com
c.tmyzer.com
pixel.quantserve.com
s.cpx.to
143.204.208.65
143.204.214.46
145.239.192.166
145.239.193.145
151.139.241.23
178.79.227.76
185.86.137.42
195.8.215.136
2.18.234.233
2001:4de0:ac18::1:a:2a
2001:4de0:ac19::1:b:1b
2600:9000:2047:fc00:6:44e3:f8c0:93a1
2606:4700:31::681f:bb2
2606:4700::6813:c697
2a00:1450:4001:800::200a
2a00:1450:4001:80b::200e
2a02:2638::1c
2a02:26f0:6c00:296::c01
2a02:4780:dead:53a1::1
37.252.172.250
5.179.192.20
52.57.163.110
54.247.104.216
69.173.144.143
74.214.194.131
91.228.74.138
94.23.196.203
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
1344e53ea79084d031d08f7653c07c3e38616546910fe43799ce00368de0fbc9
187bdc9307f054afe1dfc94cd92d09549609ffdaf39930415a853763e3b11eae
18f40ec7eebad0f047ee2cfb0c07766d1914a69b3293c69f1ace52528fe68674
1a8b6a580bca97daf5b00417796b9e075a1f0a94d35bdde3e0deb05f0b9a213e
1aa092da3c4c7cfa17ea0a1a695f3c98e49e5ad40fb8054f7f2c0508b640bf50
1f9297e08a2d617dcb3a9e81543ac6e71f25f885730006e5eaad7d2abc160fc4
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
278393caf9e3b1246267fb79e95027449f041bbf8e8774a4cf46d72cc09b7405
2c0b1cf6965cedd6fdc86718ff298f16a50ad29397c68cb6b4de5c0954f98728
404a9b0ffbcc813e8ddbb8d8510a24a69c09079282f8083ee94f4adc5d627176
46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681
54436312813c5ba0070898ec0ac998a94e0486d12417a8fa4602cc501a94029e
5f30b9d063e3b1e723874d10ece4e92485ffbb08e1822f7d43550116b0f485d5
656b81fc8ce755e7cdacde6bcb9e9c2af44902025e0c10cd1ac897ca3945dacb
759d88dd7c8fa0d1e31323bd2ebf3f238156fdcbd1ed108215f69fece482d0c2
76513f192fa0924c7239022e4f8f878503499dc6e12f6b0cd1bad26269ec1a8a
7665c874bc98e44bd494def2883069f2f4c14cdef48d52d517cbbfce75440f37
7ebb1042972496d60bb6555b9622f7e23201bbfe5d25b33d1096f1b61d659045
829841cb81cdcb3548fcabcd566ce4c822dcc2bff8ccf2d588184509ffe4da0c
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
87d0504a593794695c2f77db0efde1f65e73a7086abf260f07f491482517cd07
8a67157fb7f642d5f25653bd19f1fcabb3f24fc3647481dba0a466a4e009fb4b
90e6f92e956b0b2b6e655f63d36cd44cef727f54c2b2a175ab5144de14ba2a31
94666aec361fee9a9294bb32a5bc11867e479d41c199dd6ec8053122ae105a4b
a00b793fedb368f5a3e42945045c0dcbf4c3dbddcb9806ce5fbbf71c749a7b38
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
b3cc50b9e94bbecaaeb1079b64b8ca50616d1732824964c1cc2c5422627a0ec5
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213
bf0e17523e8f57ccb02223b6e5adea462a5479afc4e79d9cbf80ca7f6186dc69
c4944bba897015b20665c2f83e8d76ea3dbe0514df2d2d0370a4c2c71ff8211a
c587a15a55a3d1136aa430dffa11a5d5a9053e9e93a06bf2c0855df62bcca6e9
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
dccff4268cf23b61b45aeb89e063cb102cdf9a862e1c25bd2104aaf135a914d3
e74d4b9c447f963778d2309bf36b2c9acd06d8c7096f9a98b28643cae53f426b
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c