urlz.fr Open in urlscan Pro
2606:4700:3038::681f:bb2 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://urlz.fr/bNME
Submission: On March 15 via automatic, source phishtank (March 15th 2020, 8:15:26 am UTC)

Summary HTTP 84 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 44 IPs in 10 countries across 46 domains to perform 84 HTTP transactions. The main IP is 2606:4700:3038::681f:bb2, located in United States and belongs to CLOUDFLARENET, US. The main domain is urlz.fr.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on January 29th 2020. Valid for: 8 months.

This is the only time urlz.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:303... 2606:4700:3038::681f:bb2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:4004	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	199.34.228.54 199.34.228.54	27647 (WEEBLY) (WEEBLY)
8	151.139.241.23 151.139.241.23	33438 (HIGHWINDS2) (HIGHWINDS2)
1	145.239.193.145 145.239.193.145	16276 (OVH) (OVH)
1	74.214.194.131 74.214.194.131	59940 (PULSEPOIN...) (PULSEPOINT-EU)
1	13.225.73.69 13.225.73.69	16509 (AMAZON-02) (AMAZON-02)
1 2	185.86.137.113 185.86.137.113	201081 (SMARTADSE...) (SMARTADSERVER)
1	68.232.35.16 68.232.35.16	15133 (EDGECAST) (EDGECAST)
1	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	145.239.192.166 145.239.192.166	16276 (OVH) (OVH)
3	51.89.9.251 51.89.9.251	16276 (OVH) (OVH)
1	2606:4700:10:... 2606:4700:10::6814:8338	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	91.228.74.200 91.228.74.200	27281 (QUANTCAST) (QUANTCAST)
1	13.225.84.175 13.225.84.175	16509 (AMAZON-02) (AMAZON-02)
1	23.210.249.164 23.210.249.164	16625 (AKAMAI-AS) (AKAMAI-AS)
3	5.179.192.20 5.179.192.20	34235 (ASPSERVEU...) (ASPSERVEUR-AS)
1	94.23.196.203 94.23.196.203	16276 (OVH) (OVH)
2	2606:4700:303... 2606:4700:3035::681b:921a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4 5	37.252.173.62 37.252.173.62	29990 (ASN-APPNEX) (ASN-APPNEX)
1	69.173.144.142 69.173.144.142	26667 (RUBICONPR...) (RUBICONPROJECT)
2 5	52.29.234.105 52.29.234.105	16509 (AMAZON-02) (AMAZON-02)
5	52.16.97.238 52.16.97.238	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:20e... 2600:9000:20eb:a00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	91.228.74.248 91.228.74.248	27281 (QUANTCAST) (QUANTCAST)
1	2a00:1450:400... 2a00:1450:4001:815::200a	15169 (GOOGLE) (GOOGLE)
1	2600:9000:215... 2600:9000:2156:b200:c:a9b7:ddc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	54.228.220.169 54.228.220.169	16509 (AMAZON-02) (AMAZON-02)
1	54.38.64.100 54.38.64.100	16276 (OVH) (OVH)
1	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
7 7	172.217.22.66 172.217.22.66	15169 (GOOGLE) (GOOGLE)
2 2	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	37.252.172.249 37.252.172.249	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	104.16.91.60 104.16.91.60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.195.73.23 18.195.73.23	16509 (AMAZON-02) (AMAZON-02)
1 19	151.101.114.2 151.101.114.2	54113 (FASTLY) (FASTLY)
1 3	23.5.97.37 23.5.97.37	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	35.201.85.158 35.201.85.158	15169 (GOOGLE) (GOOGLE)
2 2	18.195.104.209 18.195.104.209	16509 (AMAZON-02) (AMAZON-02)
1 1	151.101.14.49 151.101.14.49	54113 (FASTLY) (FASTLY)
1	151.101.114.49 151.101.114.49	54113 (FASTLY) (FASTLY)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	40.113.136.100 40.113.136.100	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4 4	185.29.135.226 185.29.135.226	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	74.214.194.140 74.214.194.140	59940 (PULSEPOIN...) (PULSEPOINT-EU)
2 2	185.184.8.30 185.184.8.30	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
4 4	63.32.144.14 63.32.144.14	16509 (AMAZON-02) (AMAZON-02)
1 1	100.20.21.65 100.20.21.65	16509 (AMAZON-02) (AMAZON-02)
1	192.132.33.46 192.132.33.46	18568 (BIDTELLECT) (BIDTELLECT)
1	141.226.224.32 141.226.224.32	200478 (TABOOLA-AS) (TABOOLA-AS)
6 6	52.57.113.38 52.57.113.38	16509 (AMAZON-02) (AMAZON-02)
1 1	35.210.239.72 35.210.239.72	19527 (GOOGLE-2) (GOOGLE-2)
1	54.36.123.232 54.36.123.232	16276 (OVH) (OVH)
1	23.37.55.184 23.37.55.184	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.210.249.83 23.210.249.83	16625 (AKAMAI-AS) (AKAMAI-AS)
2 5	18.195.171.24 18.195.171.24	16509 (AMAZON-02) (AMAZON-02)
1 2	52.59.1.143 52.59.1.143	16509 (AMAZON-02) (AMAZON-02)
2 2	35.210.178.101 35.210.178.101	19527 (GOOGLE-2) (GOOGLE-2)
84	44

1 2606:4700:3038::681f:bb2 (United States)

ASN13335 (CLOUDFLARENET, US)

urlz.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:4004 (United States)

ASN13335 (CLOUDFLARENET, US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.34.228.54 (San Francisco, United States)

ASN27647 (WEEBLY, US)
PTR: pages-wildcard-2.weebly.com

oran987.weebly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.139.241.23 (Dallas, United States)

ASN33438 (HIGHWINDS2, US)

ads.themoneytizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 145.239.193.145 (France)

ASN16276 (OVH, FR)

g.themoneytizer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.214.194.131 (Amsterdam, Netherlands)

ASN59940 (PULSEPOINT-EU, NL)

tag.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.73.69 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-73-69.fra2.r.cloudfront.net

p.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.137.113 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

ww1097.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 68.232.35.16 (United States)

ASN15133 (EDGECAST, US)

ced-ns.sascdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 145.239.192.166 (France)

ASN16276 (OVH, FR)

tag.leadplace.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.89.9.251 (Germany)

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:8338 (United States)

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.228.74.200 (United Kingdom)

ASN27281 (QUANTCAST, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.84.175 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-84-175.fra2.r.cloudfront.net

d2zur9cc2gf1tx.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.210.249.164 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-249-164.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 5.179.192.20 (Paris, France)

ASN34235 (ASPSERVEUR-AS, FR)
PTR: 5-179-192-20.dynamixhost.net

player.pepsia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.23.196.203 (France)

ASN16276 (OVH, FR)
PTR: serveur8.wilsoftech.com

www.noowho.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3035::681b:921a (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.252.173.62 (Ascension Island) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.142 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.29.234.105 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-234-105.eu-central-1.compute.amazonaws.com

ice.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.16.97.238 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-97-238.eu-west-1.compute.amazonaws.com

s.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:a00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.228.74.248 (United Kingdom)

ASN27281 (QUANTCAST, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:815::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:b200:c:a9b7:ddc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.sharethis.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.228.220.169 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-220-169.eu-west-1.compute.amazonaws.com

adtrack.adleadevent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.38.64.100 (France)

ASN16276 (OVH, FR)

c.tmyzer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.217.22.66 (United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s17-in-f66.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.110 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.172.249 (Ascension Island) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.91.60 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

dmp.truoptik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.73.23 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-73-23.eu-central-1.compute.amazonaws.com

pool.grid-data.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 151.101.114.2 (Frankfurt am Main, Germany) 1 redirects

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.5.97.37 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-5-97-37.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.201.85.158 (Ascension Island) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 158.85.201.35.bc.googleusercontent.com

server.exposebox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.195.104.209 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-104-209.eu-central-1.compute.amazonaws.com

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.14.49 (Frankfurt am Main, Germany) 1 redirects

ASN54113 (FASTLY, US)

match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

match.zorosrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 40.113.136.100 (Amsterdam, Netherlands) 2 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.powerlinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.29.135.226 (United Kingdom) 4 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.214.194.140 (Amsterdam, Netherlands) 1 redirects

ASN59940 (PULSEPOINT-EU, NL)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.30 (Poland) 2 redirects

ASN204995 (RTB-HOUSE-AMS, NL)
PTR: ip-185-184-8-30.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ams.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 63.32.144.14 (Dublin, Ireland) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-144-14.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 100.20.21.65 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-100-20-21-65.us-west-2.compute.amazonaws.com

www.storygize.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com

bttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.57.113.38 (Frankfurt am Main, Germany) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-113-38.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.210.239.72 (Mountain View, United States) 1 redirects

ASN19527 (GOOGLE-2, US)
PTR: 72.239.210.35.bc.googleusercontent.com

u.ipw.metadsp.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.36.123.232 (France)

ASN16276 (OVH, FR)
PTR: s04.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.37.55.184 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-55-184.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.210.249.83 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-249-83.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.195.171.24 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-171-24.eu-central-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.59.1.143 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-1-143.eu-central-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.210.178.101 (Mountain View, United States) 2 redirects

ASN19527 (GOOGLE-2, US)
PTR: 101.178.210.35.bc.googleusercontent.com

a.volvelle.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	taboola.com 2 redirects cdn.taboola.com trc.taboola.com match.taboola.com cds.taboola.com	317 KB
12	360yield.com 5 redirects ice.360yield.com ad.360yield.com match.360yield.com	8 KB
8	adnxs.com 6 redirects ib.adnxs.com secure.adnxs.com acdn.adnxs.com	13 KB
8	themoneytizer.com ads.themoneytizer.com	192 KB
7	bidswitch.net 6 redirects pool.grid-data.bidswitch.net x.bidswitch.net	3 KB
7	doubleclick.net 7 redirects cm.g.doubleclick.net	2 KB
6	cpx.to p.cpx.to s.cpx.to	7 KB
4	adsrvr.org 4 redirects match.adsrvr.org	2 KB
4	mathtag.com 4 redirects sync.mathtag.com	3 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
3	rubiconproject.com fastlane.rubiconproject.com pixel.rubiconproject.com eus.rubiconproject.com	2 KB
3	pepsia.com player.pepsia.com	40 KB
3	onetag-sys.com onetag-sys.com	453 B
2	volvelle.tech 2 redirects a.volvelle.tech	1 KB
2	creativecdn.com 2 redirects creativecdn.com ams.creativecdn.com	763 B
2	powerlinks.com 2 redirects px.powerlinks.com	1 KB
2	mfadsrvr.com 2 redirects rtb.mfadsrvr.com	1 KB
2	pubmatic.com 2 redirects image2.pubmatic.com	1 KB
2	4dex.io script.4dex.io	19 KB
2	quantserve.com secure.quantserve.com pixel.quantserve.com	7 KB
2	leadplace.fr tag.leadplace.fr	3 KB
2	criteo.com gum.criteo.com bidder.criteo.com	508 B
2	smartadserver.com 1 redirects ww1097.smartadserver.com	2 KB
2	contextweb.com 1 redirects tag.contextweb.com bh.contextweb.com	12 KB
2	weebly.com oran987.weebly.com
1	metadsp.co.uk 1 redirects u.ipw.metadsp.co.uk	265 B
1	bttrack.com bttrack.com	380 B
1	storygize.net 1 redirects www.storygize.net	430 B
1	zorosrv.com match.zorosrv.com	387 B
1	exposebox.com 1 redirects server.exposebox.com	217 B
1	truoptik.com 1 redirects dmp.truoptik.com	658 B
1	criteo.net static.criteo.net	21 KB
1	tmyzer.com c.tmyzer.com	200 B
1	adleadevent.com adtrack.adleadevent.com	518 B
1	consensu.org c.sharethis.mgr.consensu.org	406 B
1	googleapis.com ajax.googleapis.com	30 KB
1	quantcount.com rules.quantcount.com	966 B
1	id5-sync.com id5-sync.com Failed	435 B
1	noowho.com www.noowho.com	1 KB
1	indexww.com js-sec.indexww.com	454 B
1	cloudfront.net d2zur9cc2gf1tx.cloudfront.net	26 KB
1	zeotap.com spl.zeotap.com
1	sascdn.com ced-ns.sascdn.com	8 KB
1	themoneytizer.net g.themoneytizer.net	200 B
1	cloudflare.com ajax.cloudflare.com	4 KB
1	urlz.fr urlz.fr	1 KB
84	46

	Domain	Requested by
14	trc.taboola.com	1 redirects cdn.taboola.com urlz.fr
8	ads.themoneytizer.com	ajax.cloudflare.com ads.themoneytizer.com
7	cm.g.doubleclick.net	7 redirects
6	x.bidswitch.net	6 redirects
5	ad.360yield.com	2 redirects
5	cdn.taboola.com	urlz.fr cdn.taboola.com
5	s.cpx.to	p.cpx.to
5	ice.360yield.com	2 redirects
5	ib.adnxs.com	4 redirects ads.themoneytizer.com
4	match.adsrvr.org	4 redirects
4	sync.mathtag.com	4 redirects
3	sb.scorecardresearch.com	1 redirects cdn.taboola.com urlz.fr
3	player.pepsia.com	urlz.fr player.pepsia.com
3	onetag-sys.com	ads.themoneytizer.com
2	a.volvelle.tech	2 redirects
2	match.360yield.com	1 redirects
2	px.powerlinks.com	2 redirects
2	rtb.mfadsrvr.com	2 redirects
2	secure.adnxs.com	2 redirects
2	image2.pubmatic.com	2 redirects
2	script.4dex.io	ads.themoneytizer.com script.4dex.io
2	tag.leadplace.fr	ads.themoneytizer.com tag.leadplace.fr
2	ww1097.smartadserver.com	1 redirects ced-ns.sascdn.com
2	oran987.weebly.com	urlz.fr
1	acdn.adnxs.com	ads.themoneytizer.com
1	eus.rubiconproject.com	ads.themoneytizer.com
1	u.ipw.metadsp.co.uk	1 redirects
1	cds.taboola.com	urlz.fr
1	bttrack.com	urlz.fr
1	www.storygize.net	1 redirects
1	ams.creativecdn.com	1 redirects
1	creativecdn.com	1 redirects
1	bh.contextweb.com	1 redirects
1	pixel.rubiconproject.com	urlz.fr
1	match.zorosrv.com
1	match.taboola.com	1 redirects
1	server.exposebox.com	1 redirects
1	pool.grid-data.bidswitch.net
1	dmp.truoptik.com	1 redirects
1	static.criteo.net	ads.themoneytizer.com
1	c.tmyzer.com	ads.themoneytizer.com
1	adtrack.adleadevent.com	ajax.googleapis.com
1	c.sharethis.mgr.consensu.org	player.pepsia.com
1	ajax.googleapis.com	d2zur9cc2gf1tx.cloudfront.net
1	pixel.quantserve.com
1	rules.quantcount.com	secure.quantserve.com
1	fastlane.rubiconproject.com	ads.themoneytizer.com
1	bidder.criteo.com	ads.themoneytizer.com
1	id5-sync.com	ads.themoneytizer.com
1	www.noowho.com
1	js-sec.indexww.com	ads.themoneytizer.com
1	d2zur9cc2gf1tx.cloudfront.net	ads.themoneytizer.com
1	secure.quantserve.com	ads.themoneytizer.com
1	spl.zeotap.com	ads.themoneytizer.com
1	gum.criteo.com	ads.themoneytizer.com
1	ced-ns.sascdn.com
1	p.cpx.to	ads.themoneytizer.com
1	tag.contextweb.com	ads.themoneytizer.com
1	g.themoneytizer.net	ads.themoneytizer.com
1	ajax.cloudflare.com	urlz.fr
1	urlz.fr
84	61

This site contains links to these domains. Also see Links.

Domain
www.noowho.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-01-29` - `2020-10-09`	8 months	crt.sh
ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-12-05` - `2020-06-12`	6 months	crt.sh
*.weebly.com RapidSSL RSA CA 2018	`2019-10-04` - `2021-12-02`	2 years	crt.sh
*.themoneytizer.com Sectigo RSA Domain Validation Secure Server CA	`2019-02-15` - `2021-02-14`	2 years	crt.sh
g.themoneytizer.net GoGetSSL RSA DV CA	`2019-10-16` - `2022-01-17`	2 years	crt.sh
*.contextweb.com DigiCert SHA2 Secure Server CA	`2018-07-07` - `2020-06-03`	2 years	crt.sh
p.cpx.to Sectigo RSA Domain Validation Secure Server CA	`2020-01-27` - `2021-02-08`	a year	crt.sh
*.sascdn.com DigiCert SHA2 Secure Server CA	`2017-10-25` - `2020-05-12`	3 years	crt.sh
*.criteo.com DigiCert ECC Secure Server CA	`2019-12-05` - `2021-04-08`	a year	crt.sh
*.leadplace.fr Gandi Standard SSL CA 2	`2018-09-06` - `2020-09-12`	2 years	crt.sh
onetag-sys.com Let's Encrypt Authority X3	`2020-03-02` - `2020-05-31`	3 months	crt.sh
ssl828800.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2020-02-25` - `2020-09-02`	6 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2019-10-04` - `2020-10-07`	a year	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2019-07-17` - `2020-07-05`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2020-03-02` - `2021-04-01`	a year	crt.sh
player.pepsia.com Let's Encrypt Authority X3	`2020-02-07` - `2020-05-07`	3 months	crt.sh
www.noowho.com Gandi Standard SSL CA 2	`2017-02-07` - `2020-02-07`	3 years	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-01-10` - `2021-01-14`	2 years	crt.sh
*.360yield.com Amazon	`2019-09-24` - `2020-10-24`	a year	crt.sh
s.cpx.to Sectigo RSA Domain Validation Secure Server CA	`2020-01-27` - `2021-02-08`	a year	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-02-25` - `2020-05-19`	3 months	crt.sh
*.sharethis.mgr.consensu.org Go Daddy Secure Certificate Authority - G2	`2018-05-21` - `2020-05-21`	2 years	crt.sh
adtrack.adleadevent.com Amazon	`2019-06-30` - `2020-07-30`	a year	crt.sh
*.smartadserver.com DigiCert Global CA G2	`2020-02-03` - `2022-02-03`	2 years	crt.sh
c.tmyzer.com Let's Encrypt Authority X3	`2020-02-11` - `2020-05-11`	3 months	crt.sh
*.criteo.net DigiCert ECC Secure Server CA	`2019-12-03` - `2021-04-06`	a year	crt.sh
pool.grid-data.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-03-06` - `2022-03-06`	2 years	crt.sh
f2.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-03-03` - `2020-07-25`	5 months	crt.sh
*.scorecardresearch.com Sectigo RSA Organization Validation Secure Server CA	`2019-12-16` - `2020-12-25`	a year	crt.sh
g2.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-11-21` - `2020-11-12`	a year	crt.sh
*.bttrack.com Sectigo RSA Domain Validation Secure Server CA	`2019-03-19` - `2021-04-13`	2 years	crt.sh
*.taboola.com DigiCert ECC Secure Server CA	`2019-09-03` - `2020-09-10`	a year	crt.sh
*.id5-sync.com Go Daddy Secure Certificate Authority - G2	`2017-04-02` - `2020-04-02`	3 years	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2020-01-02` - `2021-04-02`	a year	crt.sh

This page contains 12 frames:

Primary Page: https://urlz.fr/bNME
Frame ID: 667A3E8A1DB81C451B52E38F97BBE5CE
Requests: 52 HTTP requests in this frame

Frame: https://oran987.weebly.com/
Frame ID: 6EB6FDC993599616CFB9272B2E034E33
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1584260110101
Frame ID: 8F396BE58C4DBA372BC2B5F8A2396B37
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
Frame ID: 6DCFA778275AA598F956EB2975BC55FF
Requests: 1 HTTP requests in this frame

Frame: https://oran987.weebly.com/
Frame ID: 06CD478BDA394F2E606BDF34A20184FE
Requests: 1 HTTP requests in this frame

Frame: https://tag.leadplace.fr/wckr.php?nogdpr&id=MTIZ
Frame ID: 0843D80B25A88CCA03FAF1C277AC13DB
Requests: 1 HTTP requests in this frame

Frame: https://cdn.taboola.com/shared/tbframe.js
Frame ID: 9C49BD5CED2156CA2B568866574100D7
Requests: 1 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/themonetizer-network/loader.js
Frame ID: 89F7E6BFE6538729EEF558638E680080
Requests: 8 HTTP requests in this frame

Frame: https://trc.taboola.com/sg/exposebox-network/1/rtb-h?taboola_hm=_2go82expmuf
Frame ID: 23D02CE3D5806BA0F2D3E5031B022459
Requests: 15 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 729D54A766F87074382CE8B5A4FC40AA
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: D299A252C65DFD8845276CF2C12D5BC2
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1584260110257
Frame ID: 91C5BF7AF651E2BFC262E93C3BD07D66
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /\/prebid\.js/i

Quantcast (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /\.quantserve\.com\/quant\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

84
Requests

98 %
HTTPS

15 %
IPv6

46
Domains

61
Subdomains

44
IPs

10
Countries

708 kB
Transfer

2182 kB
Size

3
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.noowho.com/Show-23690713.html

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

https://ww1097.smartadserver.com/config.js?nwid=1097 HTTP 302
https://ced-ns.sascdn.com/diff/js/smart.js

Request Chain 21

https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent= HTTP 302
https://id5-sync.com/c/12/0/9/1.gif?gdpr=1&gdpr_consent= HTTP 302
https://ib.adnxs.com/getuid?https://id5-sync.com/c/12/2/8/2.gif?puid=$UID&gdpr=1&gdpr_consent= HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fid5-sync.com%2Fc%2F12%2F2%2F8%2F2.gif%3Fpuid%3D%24UID%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/12/2/8/2.gif?puid=5480717129975921282&gdpr=1&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F10%2F7%2F3.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/12/10/7/3.gif?puid=3813917456556205622&gdpr=1&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/12/19/6/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/12/19/6/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/12/19/6/4.gif?puid=96ada909b025dbb396c1acde5a8e4d31&gdpr=1&gdpr_consent= HTTP 302
https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F5%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F5%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/12/101/5/5.gif?puid=8862f612-76d2-42eb-a5df-b1ad2e14b3cd&gdpr=1&gdpr_consent= HTTP 302
https://loadus.exelator.com/load/?p=1082&g=204&j=r&gdpr=1&gdpr_consent=&ru=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F103%2F4%2F6.gif%3Fpuid%3D%25%25UID%25%25%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://loadus.exelator.com/load/?p=1082&g=204&j=r&gdpr=1&gdpr_consent=&ru=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F103%2F4%2F6.gif%3Fpuid%3D%25%25UID%25%25%26gdpr%3D1%26gdpr_consent%3D&xl8blockcheck=1 HTTP 302
https://id5-sync.com/c/12/103/4/6.gif?puid=68cf8e22ea18fd2023d72af9ae56bf2b&gdpr=1&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F3%2F7.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/12/108/3/7.gif?puid=1692ef71-6695-11ea-afc5-c2b41ec1ad8b&gdpr=1&gdpr_consent= HTTP 302
https://uipglob.semasio.net/id5/1/get?_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F112%2F2%2F8.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://uipglob.semasio.net/id5/1/get2?_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F112%2F2%2F8.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/12/112/2/8.gif?puid=AD1B425107208AEC&gdpr=1&gdpr_consent=

Request Chain 29

https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2216538633dee76de%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Furlz.fr%2FbNME%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2215056%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2214df2fecda65f14%22%2C%22pid%22%3A%2222124029%22%2C%22tid%22%3A%2277e094df-0c34-4aa2-b4f6-38e8ed22dc79%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A355%2C%22h%22%3A50%7D%2C%7B%22w%22%3A640%2C%22h%22%3A480%7D%5D%7D%7D%2C%7B%22id%22%3A%221510f89408ff808%22%2C%22pid%22%3A%221121191%22%2C%22tid%22%3A%22a8041d84-31ed-40ab-b664-d252b0c3b4e7%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%5D%7D%7D%5D%7D%7D HTTP 302
https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2216538633dee76de%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Furlz.fr%2FbNME%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2215056%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2214df2fecda65f14%22%2C%22pid%22%3A%2222124029%22%2C%22tid%22%3A%2277e094df-0c34-4aa2-b4f6-38e8ed22dc79%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A355%2C%22h%22%3A50%7D%2C%7B%22w%22%3A640%2C%22h%22%3A480%7D%5D%7D%7D%2C%7B%22id%22%3A%221510f89408ff808%22%2C%22pid%22%3A%221121191%22%2C%22tid%22%3A%22a8041d84-31ed-40ab-b664-d252b0c3b4e7%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%5D%7D%7D%5D%7D%7D

Request Chain 45

https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=4b4f1383-a0d9-4c8a-b950-902ce8a38616 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm=&dsp=dbm&fid=4b4f1383-a0d9-4c8a-b950-902ce8a38616&google_tc= HTTP 302
https://s.cpx.to/ca.png?dsp=dbm&fid=4b4f1383-a0d9-4c8a-b950-902ce8a38616&google_gid=CAESEBv9q8XY9nrTjg6ckMIn9GU&google_cver=1

Request Chain 46

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D4b4f1383-a0d9-4c8a-b950-902ce8a38616 HTTP 302
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D4b4f1383-a0d9-4c8a-b950-902ce8a38616 HTTP 302
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=282DEDAD-EFB4-4E0C-84F7-765376947E27&fid=4b4f1383-a0d9-4c8a-b950-902ce8a38616

Request Chain 47

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D11528%26ref%3D%26hn_ver%3D10%26fid%3D4b4f1383-a0d9-4c8a-b950-902ce8a38616 HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.cpx.to%252Fan_fire%253Fapp_nexus_uid%253D%2524UID%2526pid%253D11528%2526ref%253D%2526hn_ver%253D10%2526fid%253D4b4f1383-a0d9-4c8a-b950-902ce8a38616 HTTP 302
https://s.cpx.to/an_fire?app_nexus_uid=8477901299308279771&pid=11528&ref=&hn_ver=10&fid=4b4f1383-a0d9-4c8a-b950-902ce8a38616

Request Chain 48

https://dmp.truoptik.com/0362536315099b06/sync.gif?cbk=https%3A%2F%2Fs.cpx.to%2Fsync&dsp=TRUOPTIK&fid=4b4f1383-a0d9-4c8a-b950-902ce8a38616&fck=19b54208466b4d6d&cbp=dsp_uid HTTP 302
https://s.cpx.to/sync?dsp_uid=e153e9d5491c5f34d7275a79e41e1773&fck=19b54208466b4d6d

Request Chain 55

https://sb.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1584260113888&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Furlz.fr%2FbNME&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1584260113888&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Furlz.fr%2FbNME&c9=

Request Chain 57

https://server.exposebox.com/rcm HTTP 302
https://trc.taboola.com/sg/exposebox-network/1/rtb-h?taboola_hm=_2go82expmuf

Request Chain 58

https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola HTTP 302
https://trc.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=048e3981-d79f-4c76-a762-d54f82d96784 HTTP 302
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=048e3981-d79f-4c76-a762-d54f82d96784&tbid=9562377c-a471-4e0f-b9a7-c8ebcc13c959-tuct5676992&query=taboola_hm%3D048e3981-d79f-4c76-a762-d54f82d96784&isDirect=0 HTTP 302
https://match.zorosrv.com/match?tabid=9562377c-a471-4e0f-b9a7-c8ebcc13c959-tuct5676992&extuid=048e3981-d79f-4c76-a762-d54f82d96784&excid=218&query=taboola_hm%3D048e3981-d79f-4c76-a762-d54f82d96784

Request Chain 60

https://px.powerlinks.com/user/identify?sourceId=d4a7a706-ab0f-11e8-a038-127202fb7690&rurl=https%3A%2F%2Ftrc.taboola.com%2Fsg%2Fpowerlinksdsp-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%24%7BUSER%7D HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=113&redir=%2F%2Fpx.powerlinks.com%2Fuser%2Fsync%2Fdsps%3FuserId%3D%5BMM_UUID%5D%26sourceId%3Daa4e7548-789b-4df8-a72f-d951a5b206eb%26sync%3D0%26rurl%3Dhttps%25253A%25252F%25252Ftrc.taboola.com%25252Fsg%25252Fpowerlinksdsp-network%25252F1%25252Frtb-h%25252F%25253Ftaboola_hm%25253DFhYFPSiKAimnCuqdHkXui9l3pSAnPd7N9OdZO9-NkOc%2525253D HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=113&redir=%2F%2Fpx.powerlinks.com%2Fuser%2Fsync%2Fdsps%3FuserId%3D%5BMM_UUID%5D%26sourceId%3Daa4e7548-789b-4df8-a72f-d951a5b206eb%26sync%3D0%26rurl%3Dhttps%25253A%25252F%25252Ftrc.taboola.com%25252Fsg%25252Fpowerlinksdsp-network%25252F1%25252Frtb-h%25252F%25253Ftaboola_hm%25253DFhYFPSiKAimnCuqdHkXui9l3pSAnPd7N9OdZO9-NkOc%2525253D&mm_bnc&mm_bct&UUID=6b5c5e6d-e413-4300-a7a3-36642fe80ee7 HTTP 302
https://px.powerlinks.com/user/sync/dsps?userId=6b5c5e6d-e413-4300-a7a3-36642fe80ee7&sourceId=aa4e7548-789b-4df8-a72f-d951a5b206eb&sync=0&rurl=https%3A%2F%2Ftrc.taboola.com%2Fsg%2Fpowerlinksdsp-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3DFhYFPSiKAimnCuqdHkXui9l3pSAnPd7N9OdZO9-NkOc%253D HTTP 302
https://trc.taboola.com/sg/powerlinksdsp-network/1/rtb-h/?taboola_hm=FhYFPSiKAimnCuqdHkXui9l3pSAnPd7N9OdZO9-NkOc%3D

Request Chain 61

https://sync.mathtag.com/sync/img?mt_exid=92&redir=https://trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=[MM_UUID] HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=92&redir=https://trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=[MM_UUID]&mm_bnc&mm_bct&UUID=62c65e6d-e412-4d00-ab86-5fc9a58c1470 HTTP 302
https://trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=62c65e6d-e412-4d00-ab86-5fc9a58c1470

Request Chain 62

https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Ftrc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%% HTTP 302
https://trc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=dlVOQKfnpE4Q&ev=1&pid=562107

Request Chain 63

https://creativecdn.com/cm-notify?pi=taboola HTTP 302
https://ams.creativecdn.com/cm-notify?pi=taboola&tc=1 HTTP 302
https://trc.taboola.com/sg/rtbhouse-network/1/rtb-h/?taboola_hm=VW3Sa6Q86uzx1R3MxdWG&pi=taboola&tc=1

Request Chain 64

https://ib.adnxs.com/getuidnb?https://trc.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID HTTP 302
https://trc.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=8477901299308279771

Request Chain 65

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEDc5rOzXhCSLAwWcj0lMpLU&google_cver=1

Request Chain 66

https://ib.adnxs.com/getuidnb?https://trc.taboola.com/sg/nca-appnexus-network/1/rtb-h/?taboola_hm=$UID HTTP 302
https://trc.taboola.com/sg/nca-appnexus-network/1/rtb-h/?taboola_hm=8477901299308279771

Request Chain 67

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=79d2cbe8-c209-4daf-84aa-923423a1e5a5

Request Chain 68

https://www.storygize.net/ccm/4b560cdd-91f9-422b-adb7-e9dff26bc3ad?u=7aaf735e-15eb-45ae-a685-20702c9d01d8-tuct5676991 HTTP 302
https://trc.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=37cf273d-6031-4a9e-b4c2-17b86d952301

Request Chain 71

https://x.bidswitch.net/sync?ssp=taboola HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=taboola HTTP 302
https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=taboola&bsw_user_id=af8bf60c-9d0f-4d1d-b8d1-b01a1a27f4f2&bsw_param=af8bf60c-9d0f-4d1d-b8d1-b01a1a27f4f2&gdpr=&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=339&expires=14&user_group=0&user_id=&ssp=taboola&bsw_param=af8bf60c-9d0f-4d1d-b8d1-b01a1a27f4f2 HTTP 302
https://trc.taboola.com/sg/bidswitch-network/1/rtb-h/?taboola_hm=af8bf60c-9d0f-4d1d-b8d1-b01a1a27f4f2

Request Chain 78

https://cm.g.doubleclick.net/pixel?google_nid=improvedigital&google_cm&google_sc&gdpr=1&gdpr_consent=BOo5R8OOwSJTQCLAAAENDB-AAAAujAAA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improvedigital&google_cm=&google_sc=&gdpr=1&gdpr_consent=BOo5R8OOwSJTQCLAAAENDB-AAAAujAAA&google_tc= HTTP 302
https://ad.360yield.com/match?publisher_dsp_id=55&gdpr=1&gdpr_consent=BOo5R8OOwSJTQCLAAAENDB-AAAAujAAA&external_user_id=CAESECnOyn2f0GifRm7Cm4HhY6E&google_cver=1 HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=55&gdpr=1&gdpr_consent=BOo5R8OOwSJTQCLAAAENDB-AAAAujAAA&external_user_id=CAESECnOyn2f0GifRm7Cm4HhY6E&google_cver=1

Request Chain 79

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=eUVnPHyVTxyUAzEKU9Xp4w&google_cm&publisher_dsp_id=340 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=eUVnPHyVTxyUAzEKU9Xp4w&google_cm=&publisher_dsp_id=340&google_tc= HTTP 302
https://match.360yield.com/match?publisher_dsp_id=340&google_gid=CAESEI2VHjYjHOqvE512rzNvI0U&google_cver=1 HTTP 302
https://match.360yield.com/ul_cb/match?publisher_dsp_id=340&google_gid=CAESEI2VHjYjHOqvE512rzNvI0U&google_cver=1

Request Chain 80

https://x.bidswitch.net/sync?ssp=improve&publisher_user_id=7945673c-7c95-4f1c-9403-310a53d5e9e3&publisher_dsp_id=191&publisher_call_type=redirect&gdpr=1&gdpr_consent=BOo5R8OOwSJTQCLAAAENDB-AAAAujAAA&publisher_redirecturl=https://ice.360yield.com/match HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=improve&publisher_user_id=7945673c-7c95-4f1c-9403-310a53d5e9e3&publisher_dsp_id=191&publisher_call_type=redirect&gdpr=1&gdpr_consent=BOo5R8OOwSJTQCLAAAENDB-AAAAujAAA&publisher_redirecturl=https://ice.360yield.com/match HTTP 302
https://a.volvelle.tech/sync?ssp=bidswitch&bidswitch_ssp_id=improve HTTP 302
https://a.volvelle.tech/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=improve HTTP 302
https://x.bidswitch.net/sync?dsp_id=190&expires=14&user_group=1&user_id=0eab72b2-e0dd-492a-a6c8-ee9d35e967a9&ssp=improve HTTP 302
https://ad.360yield.com/match?publisher_dsp_id=191&external_user_id=ea4d5627-ed10-441f-9de9-ef6953c2daa1

Request Chain 81

https://ib.adnxs.com/getuid?https://ice.360yield.com/match?external_user_id=$UID&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOo5R8OOwSJTQCLAAAENDB-AAAAujAAA HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fice.360yield.com%2Fmatch%3Fexternal_user_id%3D%24UID%26publisher_dsp_id%3D40%26gdpr%3D1%26gdpr_consent%3DBOo5R8OOwSJTQCLAAAENDB-AAAAujAAA HTTP 302
https://ice.360yield.com/match?external_user_id=5231469128542689091&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOo5R8OOwSJTQCLAAAENDB-AAAAujAAA HTTP 302
https://ice.360yield.com/ul_cb/match?external_user_id=5231469128542689091&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOo5R8OOwSJTQCLAAAENDB-AAAAujAAA

Request Chain 82

https://match.adsrvr.org/track/cmf/generic?ttd_pid=improve-digital&ttd_tpi=1&publisher_user_id=7945673c-7c95-4f1c-9403-310a53d5e9e3&publisher_dsp_id=167&publisher_call_type=redirect&gdpr=1&gdpr_consent=BOo5R8OOwSJTQCLAAAENDB-AAAAujAAA&publisher_redirecturl=https://ice.360yield.com/match HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=improve-digital&ttd_tpi=1&publisher_user_id=7945673c-7c95-4f1c-9403-310a53d5e9e3&publisher_dsp_id=167&publisher_call_type=redirect&gdpr=1&gdpr_consent=BOo5R8OOwSJTQCLAAAENDB-AAAAujAAA&publisher_redirecturl=https://ice.360yield.com/match HTTP 302
https://ad.360yield.com/match?publisher_dsp_id=167&external_user_id=782b0135-1d6a-4fe6-b545-0b89d2a2e707 HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=167&external_user_id=782b0135-1d6a-4fe6-b545-0b89d2a2e707

84 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request bNME Show response
urlz.fr/ 3 KB
1 KB 127ms
83ms Document
text/html 2606:4700:3038::681f:bb2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://urlz.fr/bNME
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::681f:bb2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40125b3a193777fbbe912b7b2587516c656066f9a70d2ca875eecf6eadfdcfd0

Request headers

:method: GET
:authority: urlz.fr
:scheme: https
:path: /bNME
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: document
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document

Response headers

status: 200
date: Sun, 15 Mar 2020 08:15:08 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d4080627d673981c26ceebc80204c94a71584260108; expires=Tue, 14-Apr-20 08:15:08 GMT; path=/; domain=.urlz.fr; HttpOnly; SameSite=Lax
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5744c8eeba16324c-FRA
content-encoding: br

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/ 12 KB
4 KB 10ms
8ms Script
application/javascript 2606:4700::6811:4004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Requested by

Host: urlz.fr
URL: https://urlz.fr/bNME

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://urlz.fr/bNME
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 15 Mar 2020 08:15:08 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Fri, 06 Mar 2020 12:22:46 GMT
server: cloudflare
etag: W/"5e624096-3016"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/javascript
status: 200
cache-control: max-age=172800, public
strict-transport-security: max-age=15780000; includeSubDomains
cf-ray: 5744c8ef4904dfa5-FRA
expires: Tue, 17 Mar 2020 08:15:08 GMT

GET
H/1.1 200
OK Cookie set /
oran987.weebly.com/ Frame 6EB6 0
0 541ms
205ms Document
text/html 199.34.228.54
WEEBLY

General

Check archive.org

Show headers Download Go to

Full URL: https://oran987.weebly.com/
Requested by: Host: urlz.fr
URL: https://urlz.fr/bNME
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.34.228.54 San Francisco, United States, ASN27647 (WEEBLY, US),
Reverse DNS: pages-wildcard-2.weebly.com
Software: Apache /
Resource Hash

Request headers

Host: oran987.weebly.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: https://urlz.fr/bNME
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://urlz.fr/bNME

Response headers

Date: Sun, 15 Mar 2020 08:15:09 GMT
Server: Apache
Set-Cookie: is_mobile=0; path=/; domain=oran987.weebly.com language=en; expires=Sun, 29-Mar-2020 08:15:09 GMT; Max-Age=1209600; path=/
Vary: X-W-SSL,Accept-Encoding,User-Agent
Cache-Control: private
ETag: W/"fdd1837c448e80722a1e02440ef36bc6-gzip"
Content-Encoding: gzip
X-Host: pages46.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 6858
Keep-Alive: timeout=10, max=71
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H2 200 requestform.js Show response
ads.themoneytizer.com/s/ 41 KB
9 KB 104ms
41ms Script
text/html 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx / PHP/5.4.45
Resource Hash: aec1e2d8eee94b09ced067339e25eb7b5afa51080efefba2b0c5994adbd25fd9

Request headers

Referer: https://urlz.fr/bNME
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 15 Mar 2020 08:15:08 GMT
content-encoding: gzip
server: nginx
x-powered-by: PHP/5.4.45
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
status: 200
cache-control: max-age=86400
accept-ranges: bytes
expires: Mon, 16 Mar 2020 08:15:08 GMT

GET
H2 200 gen.js Show response
ads.themoneytizer.com/s/ 7 KB
8 KB 84ms
21ms Script
text/html 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/gen.js?type=28
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx / PHP/5.4.45
Resource Hash: 85c1d4efbf53b669b37f4a6efe6a0c942e3465db6ebc0812c6c22139938c6576

Request headers

Referer: https://urlz.fr/bNME
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 15 Mar 2020 08:15:08 GMT
server: nginx
x-powered-by: PHP/5.4.45
x-cache: HIT
content-type: text/html; charset=UTF-8
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 7677
expires: Mon, 16 Mar 2020 08:14:13 GMT

GET
H/1.1 200
OK / Show response
g.themoneytizer.net/g/ 26 B
200 B 146ms
36ms Script
text/html 145.239.193.145
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://g.themoneytizer.net/g/
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=28
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 145.239.193.145 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 00e0444dc2b1c43780931d55acf76738a0d25a4227007127984b44dbbd7d2aaa

Request headers

Referer: https://urlz.fr/bNME
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Sun, 15 Mar 2020 08:15:10 GMT
Server: nginx
X-IPLB-Instance: 29894
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 moneyvisibility.js Show response
ads.themoneytizer.com/ 12 KB
4 KB 22ms
21ms Script
text/javascript 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneyvisibility.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=28
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: 22185f510bff003e8504a6bff1759a96e745cb019155405c55fd2263898c6151

Request headers

Referer: https://urlz.fr/bNME
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 15 Mar 2020 08:15:10 GMT
content-encoding: gzip
last-modified: Wed, 08 Jan 2020 19:01:35 GMT
server: nginx
etag: "779a-30ad-59ba5857e2265"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 3955
expires: Mon, 16 Mar 2020 08:14:20 GMT

GET
H2 200 moneybile.js Show response
ads.themoneytizer.com/ 37 KB
16 KB 27ms
26ms Script
text/javascript 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneybile.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=28
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: 94666aec361fee9a9294bb32a5bc11867e479d41c199dd6ec8053122ae105a4b

Request headers

Referer: https://urlz.fr/bNME
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 15 Mar 2020 08:15:10 GMT
content-encoding: gzip
last-modified: Wed, 27 Feb 2019 16:57:00 GMT
server: nginx
etag: "7ff1-9390-582e30fefbc74"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 15733
expires: Mon, 16 Mar 2020 08:14:21 GMT

GET
H2 200 getjs.static.js Show response
tag.contextweb.com/ 32 KB
11 KB 95ms
33ms Script
application/x-javascript 74.214.194.131
PULSEPOINT-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.contextweb.com/getjs.static.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=28
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 74.214.194.131 Amsterdam, Netherlands, ASN59940 (PULSEPOINT-EU, NL),
Reverse DNS
Software: envoy /
Resource Hash: bf0e17523e8f57ccb02223b6e5adea462a5479afc4e79d9cbf80ca7f6186dc69

Request headers

Referer: https://urlz.fr/bNME
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 15 Mar 2020 08:15:09 GMT
content-encoding: gzip
server: envoy
etag: d13c8ae45565efb782b52cb7f6a3b3828e3d77a7
p3p: policyref="/TagPublish/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
status: 200
cache-control: max-age=432000, public
x-envoy-upstream-service-time: 2
content-type: application/x-javascript
content-length: 11296

GET
H/1.1 200
OK px.js Show response
p.cpx.to/p/11528/ 1 KB
2 KB 171ms
42ms Script
application/javascript 13.225.73.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.cpx.to/p/11528/px.js?r=1b73f
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=28
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.73.69 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-73-69.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 759d88dd7c8fa0d1e31323bd2ebf3f238156fdcbd1ed108215f69fece482d0c2

Request headers

Referer: https://urlz.fr/bNME
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Fri, 13 Mar 2020 08:17:24 GMT
Content-Encoding: UTF-8
Last-Modified: Wed, 10 Oct 2018 10:49:46 GMT
Server: AmazonS3
Age: 172667
ETag: "f30057c89bf67afeaf18ceba624fa4b7"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 f8fe53d5464b299529d281799da8de30.cloudfront.net (CloudFront)
Cache-Control: max-age=2419200
X-Amz-Cf-Pop: FRA2-C2
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1498
X-Amz-Cf-Id: cojORgqbFbF4yngGnas0597OyX0mA6ekOJmCk4hwEglTH3iXqX5KNg==

GET
H2

200

smart.js Show response
ced-ns.sascdn.com/diff/js/
Redirect Chain

https://ww1097.smartadserver.com/config.js?nwid=1097
https://ced-ns.sascdn.com/diff/js/smart.js

24 KB
8 KB

85ms
21ms

Script
application/x-javascript

68.232.35.16
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ced-ns.sascdn.com/diff/js/smart.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.232.35.16 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (lcy/1D59) /
Resource Hash: 0214d392d4e27028b59a53de3a937de0211ca40bc070387c0d68da05a3d8cc4c

Request headers

Referer: https://urlz.fr/bNME
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Mar 2020 08:15:10 GMT
content-encoding: gzip
last-modified: Mon, 27 Jan 2020 10:13:07 GMT
server: ECS (lcy/1D59)
age: 79265
x-n: S
etag: "0f11d3e54b5ff26b5828eaa172f1ef2a:1580119987"
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 8149

Redirect headers

location: https://ced-ns.sascdn.com/diff/js/smart.js
date: Sun, 15 Mar 2020 08:15:09 GMT
cache-control: private
content-length: 159
content-type: text/html; charset=utf-8

GET
H2 200 sync Show response
gum.criteo.com/ 49 B
371 B 42ms
13ms Script
text/javascript 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=28

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://urlz.fr/bNME
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
status: 200
cache-control: private, max-age=3600
date: Sun, 15 Mar 2020 08:15:09 GMT
content-length: 165
expires: 60

GET
H/1.1 200
OK libJsLP.js Show response
tag.leadplace.fr/ 3 KB
3 KB 105ms
28ms Script
application/javascript 145.239.192.166
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.leadplace.fr/libJsLP.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=28
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 145.239.192.166 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 90e6f92e956b0b2b6e655f63d36cd44cef727f54c2b2a175ab5144de14ba2a31

Request headers

Referer: https://urlz.fr/bNME
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Sun, 15 Mar 2020 08:15:10 GMT
Last-Modified: Wed, 28 Nov 2018 09:16:40 GMT
Server: nginx/1.14.2
ETag: "5bfe5cf8-a72"
X-IPLB-Instance: 30195
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 2674

GET
H2 200 /
onetag-sys.com/usync/ Frame 8F39 0
0 102ms
34ms Document
text/html 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1584260110101

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=28

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

51.89.9.251 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?pubId=2a897e3f18e6769&cb=1584260110101
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://urlz.fr/bNME
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://urlz.fr/bNME

Response headers

status: 200
content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
strict-transport-security: max-age=2592000

GET
H2 200 /
spl.zeotap.com/ Frame 6DCF 0
0 139ms
119ms Document
text/html 2606:4700:10::6814:8338
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=28
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:8338 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: spl.zeotap.com
:scheme: https
:path: /?env=mWeb&uc=2&zdid=1258&eventType=map
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://urlz.fr/bNME
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://urlz.fr/bNME

Response headers

status: 200
date: Sun, 15 Mar 2020 08:15:10 GMT
content-type: text/html
set-cookie: __cfduid=dc13c77571134c89df87daab7d72d0e051584260110; expires=Tue, 14-Apr-20 08:15:10 GMT; path=/; domain=.zeotap.com; HttpOnly; SameSite=Lax zc=c6fe4755-d976-4cba-798d-0fb645c42ed5; Path=/; Domain=.zeotap.com; Max-Age=315360000; SameSite=None; Secure zc1=c6fe4755-d976-4cba-798d-0fb645c42ed5; Path=/; Domain=.zeotap.com; Max-Age=315360000 zsc=%8DR%82%E8%E1%CC%A4y%2B-%08V%0D%EE%BB3%12%BE%07%F6%C5%9A%18XW%C5q%F3%A1%14%D2%DB%29%98k%3A%C0%D6%B3%1CL%84F%1FN%7C%F8%60h3%B6N%0Ed%ED%CF%CEM%9Au%3C%84%88%27U.%F4%1A%BCQd%0E%AF%E8%B6%A7%D5s%B3%12%C2%29%D7H%B5%3E%8Cl%CD%F9%07%83A%87%E1%F3%C9c%C3J0dhv%006%60r%8BBm%BEv%26%1E%B9%E4%5B%18%81%3F%04%0F%10%9Dj%FA%B4%DBT%9BE%07%13%F6%FA%D8C%22SK%D6F%A4%3B%ADEg%C8Y%86%11%95%EB%1F%BE%7D%08%5B%16%1B%F8%3E%C9%EAe%BB%8DC%DA%0BO%7F%2A-%9D%884%90%FD%29; Path=/; Domain=.zeotap.com; Max-Age=86400; SameSite=None; Secure
access-control-allow-headers: *
access-control-allow-origin: *
via: 1.1 google
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5744c8f8494c1456-FRA
content-encoding: br

GET
H/1.1 200
OK quant.js Show response
secure.quantserve.com/ 13 KB
6 KB 197ms
37ms Script
application/x-javascript 91.228.74.200
QUANTCAST

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.quantserve.com/quant.js

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.200 , United Kingdom, ASN27281 (QUANTCAST, US),

Reverse DNS

Software

QS /

Resource Hash

e8d7c60749c1d62942a8e0a6f901800bd14ff3094251373626cd99a8875c6391

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://urlz.fr/bNME
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Sun, 15 Mar 2020 08:15:10 GMT
Content-Encoding: gzip
Last-Modified: Sun, 15-Mar-2020 08:15:10 GMT
Server: QS
Etag: M0-56c8c653
Vary: Accept-Encoding
Strict-Transport-Security: max-age=86400
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=604800
Connection: keep-alive
Content-Length: 5651
Expires: Sun, 22 Mar 2020 08:15:10 GMT

GET
H/1.1 200
OK notifyme.js Show response
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/ 25 KB
26 KB 258ms
61ms Script
text/javascript 13.225.84.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.84.175 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-84-175.fra2.r.cloudfront.net
Software: Apache /
Resource Hash: b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213

Request headers

Referer: https://urlz.fr/bNME
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Sun, 15 Mar 2020 08:10:13 GMT
Via: 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
Last-Modified: Mon, 18 Feb 2019 16:54:28 GMT
Server: Apache
Age: 2218
X-Cache: Hit from cloudfront
Content-Type: text/javascript
X-Amz-Cf-Pop: FRA2-C2
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 25704
X-Amz-Cf-Id: 7uaiOJvu0sUec5kWJh07TaH6IaunHTg7L95Q65HiphMv60ii5qnfLQ==

GET
H/1.1 200
OK 186329-261067657875242.js Show response
js-sec.indexww.com/ht/p/ 0
454 B 524ms
450ms Script
text/javascript 23.210.249.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.164 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-164.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://urlz.fr/bNME
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Sun, 15 Mar 2020 08:15:10 GMT
Content-Encoding: gzip
Last-Modified: Sun, 15 Mar 2020 08:11:29 GMT
Server: Apache
ETag: "da493d-0-5a0e03ff156dc"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=3556
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 20
Expires: Sun, 15 Mar 2020 09:14:26 GMT

GET
H2 200 prebid.js Show response
ads.themoneytizer.com/moneybid2_445_2/build/dist/ 407 KB
130 KB 28ms
27ms Script
text/javascript 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: 5c0e9940676227b089871a760a8bcdd5632b8d0057e710c8862240a753fa2d26

Request headers

Referer: https://urlz.fr/bNME
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 15 Mar 2020 08:15:10 GMT
content-encoding: gzip
last-modified: Fri, 06 Mar 2020 16:16:02 GMT
server: nginx
etag: "45703-65b8f-5a031f84724e8"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 132652
expires: Mon, 16 Mar 2020 08:14:39 GMT

GET
H/1.1 200
OK sdk.js Show response
player.pepsia.com/ 39 KB
39 KB 258ms
71ms Script
application/javascript 5.179.192.20
ASPSERVEUR-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.pepsia.com/sdk.js?d=170dd42d719
Requested by: Host: urlz.fr
URL: https://urlz.fr/bNME
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.179.192.20 Paris, France, ASN34235 (ASPSERVEUR-AS, FR),
Reverse DNS: 5-179-192-20.dynamixhost.net
Software: nginx /
Resource Hash: 83e7227079d44c2e0241e283dbc3b163b21d7ddf589b78645ec0b70e2dba9f57

Request headers

Referer: https://urlz.fr/bNME
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Sun, 15 Mar 2020 08:15:10 GMT
Last-Modified: Wed, 15 Jan 2020 14:29:42 GMT
Server: nginx
Accept-Ranges: bytes
ETag: "5e1f21d6-9c1b"
Content-Length: 39963
Content-Type: application/javascript

GET
H/1.1 200
OK Cookie set /
oran987.weebly.com/ Frame 06CD 0
0 197ms
197ms Document
text/html 199.34.228.54
WEEBLY

General

Check archive.org

Show headers Download Go to

Full URL: https://oran987.weebly.com/
Requested by: Host: urlz.fr
URL: https://urlz.fr/bNME
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.34.228.54 San Francisco, United States, ASN27647 (WEEBLY, US),
Reverse DNS: pages-wildcard-2.weebly.com
Software: Apache /
Resource Hash

Request headers

Host: oran987.weebly.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: https://urlz.fr/bNME
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: is_mobile=0; language=en
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://urlz.fr/bNME

Response headers

Date: Sun, 15 Mar 2020 08:15:10 GMT
Server: Apache
Vary: X-W-SSL,Accept-Encoding,User-Agent
Set-Cookie: language=en; expires=Sun, 29-Mar-2020 08:15:10 GMT; Max-Age=1209600; path=/
Cache-Control: private
ETag: W/"fdd1837c448e80722a1e02440ef36bc6-gzip"
Content-Encoding: gzip
X-Host: pages8.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 6858
Keep-Alive: timeout=10, max=63
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK image.php
www.noowho.com/ 1 KB
1 KB 213ms
134ms Image
image/gif 94.23.196.203
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.noowho.com/image.php?site=23690713&ref=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.23.196.203 , France, ASN16276 (OVH, FR),
Reverse DNS: serveur8.wilsoftech.com
Software: Apache/2.4.7 (Ubuntu) / PHP/5.5.9-1ubuntu4.22
Resource Hash: c2d5f331d09b9a259832acdee3d079099995c012289a6aadc349e9d0c4061b4b

Request headers

Referer: https://urlz.fr/bNME
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Sun, 15 Mar 2020 08:27:50 GMT
Cache-Control: no-store, no-cache, must-revalidate
Server: Apache/2.4.7 (Ubuntu)
Connection: close
X-Powered-By: PHP/5.5.9-1ubuntu4.22
Content-Length: 1051
Content-Type: image/gif

GET

8.gif
id5-sync.com/c/12/112/2/
Redirect Chain

https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent=
https://id5-sync.com/c/12/0/9/1.gif?gdpr=1&gdpr_consent=
https://ib.adnxs.com/getuid?https://id5-sync.com/c/12/2/8/2.gif?puid=$UID&gdpr=1&gdpr_consent=
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fid5-sync.com%2Fc%2F12%2F2%2F8%2F2.gif%3Fpuid%3D%24UID%26gdpr%3D1%26gdpr_consent%3D
https://id5-sync.com/c/12/2/8/2.gif?puid=5480717129975921282&gdpr=1&gdpr_consent=
https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F10%2F7%2F3.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D1%26gdpr_consent%3D
https://id5-sync.com/c/12/10/7/3.gif?puid=3813917456556205622&gdpr=1&gdpr_consent=
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/12/19/6/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/12/19/6/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
https://id5-sync.com/c/12/19/6/4.gif?puid=96ada909b025dbb396c1acde5a8e4d31&gdpr=1&gdpr_consent=
https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F5%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F5%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
https://id5-sync.com/c/12/101/5/5.gif?puid=8862f612-76d2-42eb-a5df-b1ad2e14b3cd&gdpr=1&gdpr_consent=
https://loadus.exelator.com/load/?p=1082&g=204&j=r&gdpr=1&gdpr_consent=&ru=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F103%2F4%2F6.gif%3Fpuid%3D%25%25UID%25%25%26gdpr%3D1%26gdpr_consent%3D
https://loadus.exelator.com/load/?p=1082&g=204&j=r&gdpr=1&gdpr_consent=&ru=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F103%2F4%2F6.gif%3Fpuid%3D%25%25UID%25%25%26gdpr%3D1%26gdpr_consent%3D&xl8blockcheck=1
https://id5-sync.com/c/12/103/4/6.gif?puid=68cf8e22ea18fd2023d72af9ae56bf2b&gdpr=1&gdpr_consent=
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F3%2F7.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_cons...
https://id5-sync.com/c/12/108/3/7.gif?puid=1692ef71-6695-11ea-afc5-c2b41ec1ad8b&gdpr=1&gdpr_consent=
https://uipglob.semasio.net/id5/1/get?_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F112%2F2%2F8.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D1%26gdpr_consent%3D
https://uipglob.semasio.net/id5/1/get2?_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F112%2F2%2F8.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D1%26gdpr_consent%3D
https://id5-sync.com/c/12/112/2/8.gif?puid=AD1B425107208AEC&gdpr=1&gdpr_consent=

0
0

GET
H2 200 localstore.js Show response
script.4dex.io/ 450 B
711 B 47ms
12ms Script
application/javascript 2606:4700:3035::681b:921a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681b:921a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ca8e213054d163276dedede01f9eaedf3daf414063621030719d3cbde1eca51

Request headers

Referer: https://urlz.fr/bNME
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 15 Mar 2020 08:15:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 09 Mar 2020 11:11:59 GMT
server: cloudflare
age: 1109
etag: W/"bfa52622781c173885812009122c3f7c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=1800
cf-ray: 5744c8f90cc61f3d-FRA
x-amz-request-id: 0523613C472695FA
x-amz-id-2: vuXjt3ItoC/oV4lnH/mCnEcwEdQgqccYER2YAfXC8GMJ1cfwkCVldUrXEZztaTEtVZiMoGdmqpc=

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
137 B 91ms
31ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=23&wv=2.44.5&cb=77582133248
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://urlz.fr/bNME
Origin: https://urlz.fr
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Sun, 15 Mar 2020 08:15:09 GMT
access-control-allow-credentials: true
server: Finatra
access-control-allow-origin: https://urlz.fr
timing-allow-origin: *
vary: Origin

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 21 KB
7 KB 222ms
150ms XHR
application/json 37.252.173.62
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.62 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

a49e649ebc4f814611087fd45c301b2a228e34bd49dca9d82a35422df5a6ef9d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://urlz.fr/bNME
Origin: https://urlz.fr
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 15 Mar 2020 08:15:12 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.38.150.96; 185.38.150.96; 535.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.87:80
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 535c721d-15db-4b90-b53c-a70d167ec767
Server: nginx/1.13.4
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://urlz.fr
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
453 B 34ms
34ms XHR
application/json 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

51.89.9.251 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://urlz.fr/bNME
Origin: https://urlz.fr
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=2592000
content-encoding: gzip
status: 200
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://urlz.fr
cache-control: no-cache, no-transform
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: Content-Type, Origin, Referer, User-Agent, x-ak-clientip

GET
H2 200 moneybid.js Show response
ads.themoneytizer.com/bidder1/ 75 B
270 B 64ms
21ms XHR
text/html 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=15056&adid=11&formatid=video&size=desktop&country=undefined
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx / PHP/5.4.45
Resource Hash: 649144be1fa79362df36ab951a8b94ba05f5e7f1a484224bf9dc7f333fdb60dd

Request headers

Referer: https://urlz.fr/bNME
Origin: https://urlz.fr
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 15 Mar 2020 08:15:10 GMT
server: nginx
x-powered-by: PHP/5.4.45
status: 200
x-cache: HIT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 75
expires: Mon, 16 Mar 2020 08:15:10 GMT

GET
H2 200 moneybid.js Show response
ads.themoneytizer.com/bidder1/ 631 B
666 B 64ms
21ms XHR
text/html 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=15056&adid=28&formatid=30012&size=desktop
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx / PHP/5.4.45
Resource Hash: 87d0504a593794695c2f77db0efde1f65e73a7086abf260f07f491482517cd07

Request headers

Referer: https://urlz.fr/bNME
Origin: https://urlz.fr
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 15 Mar 2020 08:15:10 GMT
content-encoding: gzip
server: nginx
status: 200
x-powered-by: PHP/5.4.45
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 435
expires: Mon, 16 Mar 2020 08:15:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 285 B
2 KB 3477ms
286ms XHR
application/json 69.173.144.142
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11740&site_id=39544&zone_id=1078310&size_id=2&alt_size_ids=19%2C43%2C44%2C117&p_pos=atf&rp_schain=1.0,1!themoneytizer.com,15056,1,,,&rf=https%3A%2F%2Furlz.fr&kw=15056&tg_i.siteid=15056&tk_flint=pbjs_lite_v2.44.5&x_source.tid=a8041d84-31ed-40ab-b664-d252b0c3b4e7&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.47817810440963804
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.142 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: 49df0d0f0416358c2243906aa35f7e8df04d6b9f4231a49893eca3a5ec06d01c

Request headers

Referer: https://urlz.fr/bNME
Origin: https://urlz.fr
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 15 Mar 2020 08:15:13 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://urlz.fr
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=5, max=61
Content-Length: 285
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2

302

hb Show response
ice.360yield.com/ul_cb/
Redirect Chain

https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2216538633dee76de%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Furlz.fr%2F...
https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2216538633dee76de%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Furlz...

0
-1 B

3203ms
56ms

XHR
text/plain

52.29.234.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2216538633dee76de%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Furlz.fr%2FbNME%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2215056%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2214df2fecda65f14%22%2C%22pid%22%3A%2222124029%22%2C%22tid%22%3A%2277e094df-0c34-4aa2-b4f6-38e8ed22dc79%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A355%2C%22h%22%3A50%7D%2C%7B%22w%22%3A640%2C%22h%22%3A480%7D%5D%7D%7D%2C%7B%22id%22%3A%221510f89408ff808%22%2C%22pid%22%3A%221121191%22%2C%22tid%22%3A%22a8041d84-31ed-40ab-b664-d252b0c3b4e7%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%5D%7D%7D%5D%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.234.105 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-234-105.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://urlz.fr/bNME
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Mar 2020 08:15:13 GMT
access-control-allow-origin: https://urlz.fr
location: https://ice.360yield.com:443/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2216538633dee76de%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Furlz.fr%2FbNME%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2215056%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2214df2fecda65f14%22%2C%22pid%22%3A%2222124029%22%2C%22tid%22%3A%2277e094df-0c34-4aa2-b4f6-38e8ed22dc79%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A355%2C%22h%22%3A50%7D%2C%7B%22w%22%3A640%2C%22h%22%3A480%7D%5D%7D%7D%2C%7B%22id%22%3A%221510f89408ff808%22%2C%22pid%22%3A%221121191%22%2C%22tid%22%3A%22a8041d84-31ed-40ab-b664-d252b0c3b4e7%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%5D%7D%7D%5D%7D%7D
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
status: 302
access-control-allow-credentials: true
content-type: text/plain
content-length: 0

Redirect headers

date: Sun, 15 Mar 2020 08:15:13 GMT
status: 302
location: https://ice.360yield.com:443/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2216538633dee76de%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Furlz.fr%2FbNME%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2215056%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2214df2fecda65f14%22%2C%22pid%22%3A%2222124029%22%2C%22tid%22%3A%2277e094df-0c34-4aa2-b4f6-38e8ed22dc79%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A355%2C%22h%22%3A50%7D%2C%7B%22w%22%3A640%2C%22h%22%3A480%7D%5D%7D%7D%2C%7B%22id%22%3A%221510f89408ff808%22%2C%22pid%22%3A%221121191%22%2C%22tid%22%3A%22a8041d84-31ed-40ab-b664-d252b0c3b4e7%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%5D%7D%7D%5D%7D%7D
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: https://urlz.fr
access-control-allow-credentials: true
content-type: text/plain
content-length: 0

GET
H/1.1 200
OK wckr.php
tag.leadplace.fr/ Frame 0843 0
0 29ms
28ms Document
text/html 145.239.192.166
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.leadplace.fr/wckr.php?nogdpr&id=MTIZ
Requested by: Host: tag.leadplace.fr
URL: https://tag.leadplace.fr/libJsLP.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 145.239.192.166 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash

Request headers

Host: tag.leadplace.fr
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: https://urlz.fr/bNME
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://urlz.fr/bNME

Response headers

Server: nginx/1.14.2
Date: Sun, 15 Mar 2020 08:15:10 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
X-IPLB-Instance: 30195

GET
H2 200 adagio.js Show response
script.4dex.io/ 60 KB
18 KB 37ms
22ms Fetch
application/javascript 2606:4700:3035::681b:921a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681b:921a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4cc36a5dabe23d6973e196b1f70629c2e25646d55847c07e889ec2938205add2

Request headers

Referer: https://urlz.fr/bNME
Origin: https://urlz.fr
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Mar 2020 08:15:10 GMT
content-encoding: br
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
age: 1359
status: 200
x-amz-request-id: 743C50D266F320D6
x-amz-id-2: vUJUwQHN4AKhWZWrkmkndiVaaszGVu9B3hU13nwIb/O/c7NcIZVR06T5hgflC/2JjE8Bcug+qr8=
last-modified: Mon, 09 Mar 2020 11:11:38 GMT
server: cloudflare
etag: W/"02788774e36642fcb0bbfe63327d3df7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
cf-ray: 5744c8f939b73240-FRA

GET
H/1.1 200
OK fire.js Show response
s.cpx.to/ 772 B
1 KB 3157ms
33ms Script
application/javascript 52.16.97.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.cpx.to/fire.js?pid=11528&ref=&hn_ver=10&fid=4b4f1383-a0d9-4c8a-b950-902ce8a38616

Requested by

Host: p.cpx.to
URL: https://p.cpx.to/p/11528/px.js?r=1b73f

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.16.97.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-16-97-238.eu-west-1.compute.amazonaws.com

Software

Resource Hash

aa0b2e4b12882a55a52dc6ab79c9b4d629abe3f910fb30a78d63e85cebd15afe

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://urlz.fr/bNME
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Sun, 15 Mar 2020 08:15:13 GMT
X-Frame-Options: sameorigin
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Type: application/javascript; charset=UTF-8
Content-Length: 772
Expires: Fri, 14 Feb 2020 09:45:12 GMT

GET
H2 200 rules-p-6Fv0cGNfc_bw8.js Show response
rules.quantcount.com/ 1 KB
966 B 27ms
10ms Script
application/x-javascript 2600:9000:20eb:a00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:a00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681

Request headers

Referer: https://urlz.fr/bNME
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 15 Mar 2020 07:24:22 GMT
content-encoding: gzip
last-modified: Mon, 19 Mar 2018 22:28:36 GMT
server: AmazonS3
age: 3050
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=3600
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: CMLZNUn-_AT2VdwnOWKae0ualZP1IrVfGR8QMjbHRczfV6-uEgj1PA==
via: 1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront)

GET
H/1.1 200
OK pixel;r=881157724;labels=Categories.hobbiesandinterests;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Furlz.fr%2FbNME;fpan=1;fpa=P0-1676076174-1584260110332;ns=0;ce=1;qjs=1;qv=0e9a7da-20191205140709;cm=;...
pixel.quantserve.com/ 35 B
658 B 396ms
38ms Image
image/gif 91.228.74.248
QUANTCAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=881157724;labels=Categories.hobbiesandinterests;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Furlz.fr%2FbNME;fpan=1;fpa=P0-1676076174-1584260110332;ns=0;ce=1;qjs=1;qv=0e9a7da-20191205140709;cm=;ref=;je=0;sr=1600x1200x24;enc=n;dst=1;et=1584260110332;tzo=-60;ogl=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.248 , United Kingdom, ASN27281 (QUANTCAST, US),

Reverse DNS

Software

QS /

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://urlz.fr/bNME
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Pragma: no-cache
Date: Sun, 15 Mar 2020 08:15:10 GMT
Server: QS
Strict-Transport-Security: max-age=86400
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
Cache-Control: private, no-cache, no-store, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.0.0/ 84 KB
30 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:815::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js

Requested by

Host: d2zur9cc2gf1tx.cloudfront.net
URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://urlz.fr/bNME
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 24 Feb 2020 23:19:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1673714
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 30186
x-xss-protection: 0
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 Feb 2021 23:19:56 GMT

GET
H2 200 get_consent Show response
c.sharethis.mgr.consensu.org/ 13 B
406 B 56ms
12ms XHR
application/json 2600:9000:2156:b200:c:a9b7:ddc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.sharethis.mgr.consensu.org/get_consent
Requested by: Host: player.pepsia.com
URL: https://player.pepsia.com/sdk.js?d=170dd42d719
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2156:b200:c:a9b7:ddc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 38bc0f256821a9c0a02a1c0cedf8ff70c211e637ef77ac199de2fe0cf36ba9ec

Request headers

Referer: https://urlz.fr/bNME
Origin: https://urlz.fr
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Mar 2020 08:15:10 GMT
via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
status: 200
etag: W/"d-+DingHfG0CPg0LypXw8zXfS4tGg"
vary: Origin,Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://urlz.fr
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-length: 13
x-amz-cf-id: BPWaQ3VGwNX3AW-ph2Xo0WmNqpYSYIzyIKezjRptQZawwi54AfZbxw==

GET
H/1.1 200
OK indexv2.php Show response
player.pepsia.com/V2/ 170 B
413 B 48ms
48ms XHR
text/html 5.179.192.20
ASPSERVEUR-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.pepsia.com/V2/indexv2.php?token=00I4&controls=1&autoplay=1&logo=true&volume=1&api=1&id=0&origin=https://urlz.fr&gdpr=1&d=170dd42d82c
Requested by: Host: player.pepsia.com
URL: https://player.pepsia.com/sdk.js?d=170dd42d719
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.179.192.20 Paris, France, ASN34235 (ASPSERVEUR-AS, FR),
Reverse DNS: 5-179-192-20.dynamixhost.net
Software: nginx /
Resource Hash: 89085930fdff263d643c4fa37f489efadd7d9f8361661113d67eb61aa7d6311a

Request headers

Referer: https://urlz.fr/bNME
Origin: https://urlz.fr
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://urlz.fr
Date: Sun, 15 Mar 2020 08:15:10 GMT
Content-Encoding: gzip
Access-Control-Allow-Credentials: true
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK algov2.php Show response
player.pepsia.com/V2/ 1 KB
801 B 107ms
59ms XHR
text/html 5.179.192.20
ASPSERVEUR-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.pepsia.com/V2/algov2.php?token=00I4&num=9&origin=https://urlz.fr&d=170dd42d82c
Requested by: Host: player.pepsia.com
URL: https://player.pepsia.com/sdk.js?d=170dd42d719
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.179.192.20 Paris, France, ASN34235 (ASPSERVEUR-AS, FR),
Reverse DNS: 5-179-192-20.dynamixhost.net
Software: nginx /
Resource Hash: 08a970250b9ebc2040ea2328597409d452c786ce43f2a746134e1813bf8185d1

Request headers

Referer: https://urlz.fr/bNME
Origin: https://urlz.fr
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://urlz.fr
Date: Sun, 15 Mar 2020 08:15:10 GMT
Content-Encoding: gzip
Access-Control-Allow-Credentials: true
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK notifyme.php Show response
adtrack.adleadevent.com/ 0
518 B 173ms
35ms XHR
application/x-javascript 54.228.220.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.228.220.169 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-228-220-169.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://urlz.fr/bNME
Origin: https://urlz.fr
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 15 Mar 2020 08:15:10 GMT
Content-Encoding: gzip
Last-Modified: Sun, 15 Mar 2020 08:15:10 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: https://urlz.fr
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 bundle.js Show response
ads.themoneytizer.com/cs2/dist/ 103 KB
24 KB 22ms
22ms Script
text/javascript 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/cs2/dist/bundle.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: 7c97f6e3a63cde2ec40a982359b3aefff892560577e4846a629556da52e75391

Request headers

Referer: https://urlz.fr/bNME
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 15 Mar 2020 08:15:10 GMT
content-encoding: gzip
last-modified: Mon, 10 Feb 2020 10:52:38 GMT
server: nginx
etag: "3d387-19a8c-59e3689a88147"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 24569
expires: Mon, 16 Mar 2020 08:15:06 GMT

GET
H/1.1 200
OK ac Show response
ww1097.smartadserver.com/ 22 B
2 KB 238ms
237ms Script
application/javascript 185.86.137.113
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://ww1097.smartadserver.com/ac?nwid=1097&siteid=205724&pgid=890545&fmtid=30012&async=1&visit=m&tmstp=4517041473&tag=sas_30012&sh=1200&sw=1600&pgDomain=https%3A%2F%2Furlz.fr%2FbNME&hb_bid=moneytizer&hb_cpm=0.01&hb_ccy=USD&hb_dealid=0&noadcbk=sas.noad
Requested by: Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/js/smart.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.113 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: cb5e68ea98339921426942e8f8c0756dda0f90adeec0ca8067db577e8ca32e3e

Request headers

Referer: https://urlz.fr/bNME
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: no-cache
date: Sun, 15 Mar 2020 08:15:12 GMT
content-encoding: gzip
vary: Accept-Encoding
x-smrt-d: 3%3b23%3b119
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache, no-store
content-type: application/javascript; charset=utf-8
content-length: 140
expires: -1

GET
H/1.1 200
OK / Show response
c.tmyzer.com/c/ 0
200 B 141ms
43ms XHR
text/html 54.38.64.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tmyzer.com/c/?s=15056&f=28&fi=0
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://urlz.fr/bNME
Origin: https://urlz.fr
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 15 Mar 2020 08:15:13 GMT
Server: nginx
X-IPLB-Instance: 20685
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 66 KB
21 KB 59ms
22ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 0edc31ecf7a24eddb74effe2c7d4f6f86a423fc632bdad3195bb0bef55d81ade

Request headers

Referer: https://urlz.fr/bNME
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 15 Mar 2020 08:15:13 GMT
content-encoding: gzip
last-modified: Tue, 10 Mar 2020 09:28:59 GMT
server: nginx
access-control-allow-origin: *
etag: W/"5e675ddb-10924"
content-type: text/javascript
status: 200
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Mon, 16 Mar 2020 08:15:13 GMT

GET
H2 200 hb Show response
ice.360yield.com/ul_cb/ 5 KB
3 KB 98ms
97ms XHR
application/json 52.29.234.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2216538633dee76de%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Furlz.fr%2FbNME%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2215056%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2214df2fecda65f14%22%2C%22pid%22%3A%2222124029%22%2C%22tid%22%3A%2277e094df-0c34-4aa2-b4f6-38e8ed22dc79%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A355%2C%22h%22%3A50%7D%2C%7B%22w%22%3A640%2C%22h%22%3A480%7D%5D%7D%7D%2C%7B%22id%22%3A%221510f89408ff808%22%2C%22pid%22%3A%221121191%22%2C%22tid%22%3A%22a8041d84-31ed-40ab-b664-d252b0c3b4e7%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%5D%7D%7D%5D%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.234.105 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-234-105.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 4d6489e8640b982cf16ad6d5e030406ff68b0828c8643259eaa60751b2aa01f3

Request headers

Referer: https://urlz.fr/bNME
Origin: https://urlz.fr
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 15 Mar 2020 08:15:13 GMT
content-encoding: gzip
status: 200
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: https://urlz.fr
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 2372

GET
H/1.1

200
OK

ca.png
s.cpx.to/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=4b4f1383-a0d9-4c8a-b950-902ce8a38616
https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm=&dsp=dbm&fid=4b4f1383-a0d9-4c8a-b950-902ce8a38616&google_tc=
https://s.cpx.to/ca.png?dsp=dbm&fid=4b4f1383-a0d9-4c8a-b950-902ce8a38616&google_gid=CAESEBv9q8XY9nrTjg6ckMIn9GU&google_cver=1

95 B
804 B

33ms
33ms

Image
image/png

52.16.97.238
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/ca.png?dsp=dbm&fid=4b4f1383-a0d9-4c8a-b950-902ce8a38616&google_gid=CAESEBv9q8XY9nrTjg6ckMIn9GU&google_cver=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.16.97.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-16-97-238.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://urlz.fr/bNME
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: sameorigin
Date: Sun, 15 Mar 2020 08:15:13 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Cache-Control: no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 95

Redirect headers

pragma: no-cache
date: Sun, 15 Mar 2020 08:15:13 GMT
server: HTTP server (unknown)
location: https://s.cpx.to/ca.png?dsp=dbm&fid=4b4f1383-a0d9-4c8a-b950-902ce8a38616&google_gid=CAESEBv9q8XY9nrTjg6ckMIn9GU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 334
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

sync
s.cpx.to/
Redirect Chain

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D4b4f1383-a0d9-4c8a-b950-902ce8a38616
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D4b4f1383-a0d9-4c8a-b950-902ce8a38616
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=282DEDAD-EFB4-4E0C-84F7-765376947E27&fid=4b4f1383-a0d9-4c8a-b950-902ce8a38616

95 B
881 B

33ms
33ms

Image
image/png

52.16.97.238
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=282DEDAD-EFB4-4E0C-84F7-765376947E27&fid=4b4f1383-a0d9-4c8a-b950-902ce8a38616

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.16.97.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-16-97-238.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://urlz.fr/bNME
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Sun, 15 Mar 2020 08:15:13 GMT
X-Frame-Options: sameorigin
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Type: image/png
Content-Length: 95
Expires: Sun, 15 Mar 2020 08:15:13 GMT

Redirect headers

Location: https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=282DEDAD-EFB4-4E0C-84F7-765376947E27&fid=4b4f1383-a0d9-4c8a-b950-902ce8a38616
Date: Sun, 15 Mar 2020 08:15:13 GMT
X-Cnection: close
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Content-Length: 448
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1

200
OK

an_fire
s.cpx.to/
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D11528%26ref%3D%26hn_ver%3D10%26fid%3D4b4f1383-a0d9-4c8a-b950-902ce8a38616
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.cpx.to%252Fan_fire%253Fapp_nexus_uid%253D%2524UID%2526pid%253D11528%2526ref%253D%2526hn_ver%253D10%2526fid%253D4b4f1383-a0d9-4c8a-b...
https://s.cpx.to/an_fire?app_nexus_uid=8477901299308279771&pid=11528&ref=&hn_ver=10&fid=4b4f1383-a0d9-4c8a-b950-902ce8a38616

95 B
865 B

66ms
32ms

Image
image/png

52.16.97.238
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/an_fire?app_nexus_uid=8477901299308279771&pid=11528&ref=&hn_ver=10&fid=4b4f1383-a0d9-4c8a-b950-902ce8a38616

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.16.97.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-16-97-238.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://urlz.fr/bNME
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Sun, 15 Mar 2020 08:15:13 GMT
X-Frame-Options: sameorigin
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Type: image/png
Content-Length: 95
Expires: Sun, 15 Mar 2020 08:15:13 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 15 Mar 2020 08:15:15 GMT
AN-X-Request-Uuid: ace33719-c210-4edf-a5df-5d2b1acc9e3c
Content-Type: text/html; charset=utf-8
Server: nginx/1.13.4
Location: https://s.cpx.to/an_fire?app_nexus_uid=8477901299308279771&pid=11528&ref=&hn_ver=10&fid=4b4f1383-a0d9-4c8a-b950-902ce8a38616
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.38.150.96; 185.38.150.96; 534.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.43:80
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

sync
s.cpx.to/
Redirect Chain

https://dmp.truoptik.com/0362536315099b06/sync.gif?cbk=https%3A%2F%2Fs.cpx.to%2Fsync&dsp=TRUOPTIK&fid=4b4f1383-a0d9-4c8a-b950-902ce8a38616&fck=19b54208466b4d6d&cbp=dsp_uid
https://s.cpx.to/sync?dsp_uid=e153e9d5491c5f34d7275a79e41e1773&fck=19b54208466b4d6d

95 B
708 B

62ms
33ms

Image
image/png

52.16.97.238
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/sync?dsp_uid=e153e9d5491c5f34d7275a79e41e1773&fck=19b54208466b4d6d

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.16.97.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-16-97-238.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://urlz.fr/bNME
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Sun, 15 Mar 2020 08:15:13 GMT
X-Frame-Options: sameorigin
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Type: image/png
Content-Length: 95
Expires: Sun, 15 Mar 2020 08:15:13 GMT

Redirect headers

date: Sun, 15 Mar 2020 08:15:13 GMT
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 302
to-dmp-balancer: balancer1-dmp-nyc1-do.truoptik.com
content-length: 154
pragma: no-cache
to-dmp-sync: sync4-dmp-nyc1-do.truoptik.com
server: cloudflare
user-agent: Tru Optik DMP 1.3.1
location: https://s.cpx.to/sync?dsp_uid=e153e9d5491c5f34d7275a79e41e1773&fck=19b54208466b4d6d
content-type: text/html
access-control-allow-origin: *
cache-control: no-store
cf-ray: 5744c90d5bb1ce63-LHR
expires: 0

GET
H/1.1 200
OK sync
pool.grid-data.bidswitch.net/ 43 B
300 B 167ms
35ms Image
image/gif 18.195.73.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pool.grid-data.bidswitch.net/sync?pid=42
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.73.23 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-73-23.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://urlz.fr/bNME
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Sun, 15 Mar 2020 08:15:13 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 tbframe.js Show response
cdn.taboola.com/shared/ Frame 9C49 14 KB
4 KB 116ms
38ms Script
application/x-javascript 151.101.114.2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/shared/tbframe.js
Requested by: Host: urlz.fr
URL: https://urlz.fr/bNME
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d01d7e89b4d641722a6ee3361a74140f0271768fa9c0fb75168cc1f3dc90ad09

Request headers

Referer: https://urlz.fr/bNME
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-amz-version-id: 0pDr76RrkFiLTlb_BYFV8nfS5Xv_eohq
content-encoding: gzip
age: 28490
x-cache: HIT
status: 200
date: Sun, 15 Mar 2020 08:15:13 GMT
x-amz-replication-status: COMPLETED
content-length: 3897
x-amz-id-2: +9hThpZgqSmaNAz6qSOZ5ntBC+PmswuvE+g624KMXtRCjhrN0gRwMPV1+v8IRh54vtpXJbg9sPo=
x-served-by: cache-hhn4066-HHN
last-modified: Thu, 14 Apr 2016 14:04:36 GMT
server: AmazonS3
x-timer: S1584260114.614746,VS0,VE0
etag: "0c6cdb6c2f89bf98124c3679a3412fb6"
vary: Accept-Encoding
x-amz-request-id: 95F04980218A6F57
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/x-javascript
abp: 80
x-cache-hits: 14136

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/themonetizer-network/ Frame 89F7 688 KB
173 KB 37ms
37ms Script
application/javascript 151.101.114.2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/themonetizer-network/loader.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/shared/tbframe.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 298fad0c41697618bfac1c6b81045ba985fe42d5f9c93a081afc91d106301e9e

Request headers

Referer: https://urlz.fr/bNME
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-amz-version-id: ExkWbHJkC.IGxtNH5RvoLkA8NxGHYapt
content-encoding: gzip
age: 101
x-cache: HIT
status: 200
date: Sun, 15 Mar 2020 08:15:13 GMT
content-length: 177143
x-amz-id-2: sOAH7p2ZvA5j0Q3EWNMcPQZDiOMe+GJ2BQ8fp7F8fzP1DXNr891S2lr2KnHRKnl1zVz/r23wkBc=
x-served-by: cache-hhn4066-HHN
last-modified: Sun, 15 Mar 2020 08:13:32 GMT
server: AmazonS3
x-timer: S1584260114.675953,VS0,VE0
etag: "464f47076a47ce73168cc2b96eb3e887"
vary: Accept-Encoding
x-amz-request-id: 8E16B5DC6089F0A1
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 29
x-cache-hits: 16

GET
H2 200 impl.20200315-2-RELEASE.js Show response
cdn.taboola.com/libtrc/ Frame 89F7 447 KB
126 KB 39ms
39ms Script
application/javascript 151.101.114.2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20200315-2-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/themonetizer-network/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c4753bcf721ada49c5d919504a4470c4a14f71fa220b1ac5da5ac1cd4b88ca09

Request headers

Referer: https://urlz.fr/bNME
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-amz-version-id: NJl5STSgZZlDP7a7mYC1GrOIXHpP2.0l
content-encoding: gzip
age: 2620
x-cache: HIT
status: 200
date: Sun, 15 Mar 2020 08:15:13 GMT
x-amz-replication-status: COMPLETED
content-length: 129181
x-amz-id-2: YJJu3a+rQcQSBqiuWlwvFWAf/HcVWVqfsxeSbwNxEKFDg6yRswVEkbb8OqZGJyWRNjKqPfDPEZI=
x-served-by: cache-hhn4066-HHN
last-modified: Sun, 15 Mar 2020 07:27:12 GMT
server: AmazonS3
x-timer: S1584260114.796092,VS0,VE0
etag: "43c710208e9c29d0756ce3a226d3ecfa"
vary: Accept-Encoding
x-amz-request-id: 839E5C1CF7EAD7B6
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 80
x-cache-hits: 23898

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ Frame 89F7 1 KB
1 KB 108ms
35ms Script
application/x-javascript 23.5.97.37
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/themonetizer-network/loader.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.5.97.37 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-5-97-37.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://urlz.fr/bNME
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Sun, 15 Mar 2020 08:15:13 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 884
Expires: Mon, 16 Mar 2020 08:15:13 GMT

GET
H2 200 json Show response
trc.taboola.com/themonetizer-urlz/trc/3/ Frame 89F7 5 KB
3 KB 224ms
223ms Script
application/javascript 151.101.114.2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/themonetizer-urlz/trc/3/json?tim=09%3A15%3A13.866&lti=deflated&data=%7B%22id%22%3A496%2C%22ii%22%3A%22%2Fbnme%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22vi%22%3A1584260113864%2C%22cv%22%3A%2220200315-2-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Furlz.fr%2FbNME%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22nsid%22%3A%22themonetizer-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A2%2C%22uim%22%3A%22thumbnails-a%3Apub%3Dthemonetizer-network%3Aabp%3D0%22%2C%22uip%22%3A%22205724-MEGABANNER%20BAS%22%2C%22orig_uip%22%3A%22205724-MEGABANNER%20BAS%22%2C%22cd%22%3A8%2C%22mw%22%3A0%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20200315-2-RELEASE.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e48ef27d44de3214b67f7fe5b11b567c17d860177d68a848b35ba62a97ba4d84

Request headers

Referer: https://urlz.fr/bNME
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-vcl-time-ms: 186
date: Sun, 15 Mar 2020 08:15:14 GMT
content-encoding: gzip
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
via: 1.1 varnish
x-served-by: cache-hhn4066-HHN
server: nginx
x-timer: S1584260114.885057,VS0,VE186
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/ Frame 89F7
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1584260113888&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Furlz.fr%2FbNME&c9=
https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1584260113888&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Furlz.fr%2FbNME&c9=

0
248 B

37ms
36ms

Image
text/plain

23.5.97.37
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1584260113888&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Furlz.fr%2FbNME&c9=
Requested by: Host: urlz.fr
URL: https://urlz.fr/bNME
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.5.97.37 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-5-97-37.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://urlz.fr/bNME
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 15 Mar 2020 08:15:13 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1584260113888&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Furlz.fr%2FbNME&c9=
Pragma: no-cache
Date: Sun, 15 Mar 2020 08:15:13 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 userx.20200315-2-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ Frame 89F7 22 KB
8 KB 38ms
37ms Script
application/javascript 151.101.114.2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20200315-2-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/themonetizer-network/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b4dbc571ca03291588ebaf5f683bb64da9613944f6e4d84c2bf38fb3160a6e3f

Request headers

Referer: https://urlz.fr/bNME
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-amz-version-id: RVJFIPll8vKmMfJrQc.yhmI96XjAoZct
content-encoding: gzip
age: 2590
x-cache: HIT
status: 200
date: Sun, 15 Mar 2020 08:15:14 GMT
x-amz-replication-status: COMPLETED
content-length: 7711
x-amz-id-2: SRMtKZQU6Qsxc4tb6EMLWRlJnE06uqv3tqmWPR2wotvNh76LTDZW6Tma3JkulbJrhJ9S3kPsnOo=
x-served-by: cache-hhn4066-HHN
last-modified: Sun, 15 Mar 2020 07:27:18 GMT
server: AmazonS3
x-timer: S1584260114.129398,VS0,VE0
etag: "5c24e71e2288603bb1785328d3baf83e"
vary: Accept-Encoding
x-amz-request-id: BEB7B22A75BD7F20
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 13
x-cache-hits: 3756

GET
H2

204

rtb-h
trc.taboola.com/sg/exposebox-network/1/ Frame 23D0
Redirect Chain

https://server.exposebox.com/rcm
https://trc.taboola.com/sg/exposebox-network/1/rtb-h?taboola_hm=_2go82expmuf

0
51 B

45ms
45ms

Image
text/plain

151.101.114.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/exposebox-network/1/rtb-h?taboola_hm=_2go82expmuf
Requested by: Host: urlz.fr
URL: https://urlz.fr/bNME
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms: 8
date: Sun, 15 Mar 2020 08:15:14 GMT
via: 1.1 varnish
server: nginx
x-timer: S1584260114.224814,VS0,VE8
x-served-by: cache-hhn4066-HHN
x-cache: MISS
status: 204
accept-ranges: bytes
x-cache-hits: 0

Redirect headers

date: Sun, 15 Mar 2020 08:15:14 GMT
via: 1.1 google
x-powered-by: Express
location: //trc.taboola.com/sg/exposebox-network/1/rtb-h?taboola_hm=_2go82expmuf
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status: 302
cache-control: max-age:0
alt-svc: clear
expires: 0

GET
H2

200

match
match.zorosrv.com/ Frame 23D0
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=taboola
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola
https://trc.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=048e3981-d79f-4c76-a762-d54f82d96784
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=048e3981-d79f-4c76-a762-d54f82d96784&tbid=9562377c-a471-4e0f-b9a7-c8ebcc13c959-tuct5676992&query=taboola_hm%3D048e3981-d79f-...
https://match.zorosrv.com/match?tabid=9562377c-a471-4e0f-b9a7-c8ebcc13c959-tuct5676992&extuid=048e3981-d79f-4c76-a762-d54f82d96784&excid=218&query=taboola_hm%3D048e3981-d79f-4c76-a762-d54f82d96784

0
387 B

140ms
46ms

Image
text/plain

151.101.114.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.zorosrv.com/match?tabid=9562377c-a471-4e0f-b9a7-c8ebcc13c959-tuct5676992&extuid=048e3981-d79f-4c76-a762-d54f82d96784&excid=218&query=taboola_hm%3D048e3981-d79f-4c76-a762-d54f82d96784
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 15 Mar 2020 08:15:15 GMT
via: 1.1 varnish
server: nginx
x-timer: S1584260116.635532,VS0,VE8
x-cache: MISS
p3p: policyref="/w3c/p3p.xml", CP="NOI IDC DSP COR CURa ADMa OUR IND COM STA NOR UNI"
status: 200
x-cache-hits: 0
accept-ranges: bytes
access-control-allow-headers: X-Requested-With, X-Prototype-Version, Content-Type, Origin, Allow
content-length: 0
x-served-by: cache-hhn4073-HHN

Redirect headers

date: Sun, 15 Mar 2020 08:15:15 GMT
via: 1.1 varnish
server: nginx
x-timer: S1584260115.494294,VS0,VE9
location: https://match.zorosrv.com/match?tabid=9562377c-a471-4e0f-b9a7-c8ebcc13c959-tuct5676992&extuid=048e3981-d79f-4c76-a762-d54f82d96784&excid=218&query=taboola_hm%3D048e3981-d79f-4c76-a762-d54f82d96784
x-cache: MISS
status: 302
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-fra19170-FRA

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 23D0 0
239 B 160ms
38ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=16698
Requested by: Host: urlz.fr
URL: https://urlz.fr/bNME
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: image/gif
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Expires: 0

GET
H2

200

/
trc.taboola.com/sg/powerlinksdsp-network/1/rtb-h/ Frame 23D0
Redirect Chain

https://px.powerlinks.com/user/identify?sourceId=d4a7a706-ab0f-11e8-a038-127202fb7690&rurl=https%3A%2F%2Ftrc.taboola.com%2Fsg%2Fpowerlinksdsp-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%24%7BUSER%7D
https://sync.mathtag.com/sync/img?mt_exid=113&redir=%2F%2Fpx.powerlinks.com%2Fuser%2Fsync%2Fdsps%3FuserId%3D%5BMM_UUID%5D%26sourceId%3Daa4e7548-789b-4df8-a72f-d951a5b206eb%26sync%3D0%26rurl%3Dhttps...
https://sync.mathtag.com/sync/img?mt_exid=113&redir=%2F%2Fpx.powerlinks.com%2Fuser%2Fsync%2Fdsps%3FuserId%3D%5BMM_UUID%5D%26sourceId%3Daa4e7548-789b-4df8-a72f-d951a5b206eb%26sync%3D0%26rurl%3Dhttps...
https://px.powerlinks.com/user/sync/dsps?userId=6b5c5e6d-e413-4300-a7a3-36642fe80ee7&sourceId=aa4e7548-789b-4df8-a72f-d951a5b206eb&sync=0&rurl=https%3A%2F%2Ftrc.taboola.com%2Fsg%2Fpowerlinksdsp-net...
https://trc.taboola.com/sg/powerlinksdsp-network/1/rtb-h/?taboola_hm=FhYFPSiKAimnCuqdHkXui9l3pSAnPd7N9OdZO9-NkOc%3D

45 B
96 B

46ms
45ms

Image
image/gif

151.101.114.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/powerlinksdsp-network/1/rtb-h/?taboola_hm=FhYFPSiKAimnCuqdHkXui9l3pSAnPd7N9OdZO9-NkOc%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Sun, 15 Mar 2020 08:15:15 GMT
via: 1.1 varnish
server: nginx
x-timer: S1584260115.477344,VS0,VE9
x-served-by: cache-hhn4066-HHN
x-cache: MISS
status: 200
accept-ranges: bytes
x-cache-hits: 0

Redirect headers

Location: https://trc.taboola.com/sg/powerlinksdsp-network/1/rtb-h/?taboola_hm=FhYFPSiKAimnCuqdHkXui9l3pSAnPd7N9OdZO9-NkOc%3D
Date: Sun, 15 Mar 2020 08:15:15 GMT
Server: nginx
Connection: close
Etag: "FhYFPSiKAimnCuqdHkXui9l3pSAnPd7N9OdZO9-NkOc="
Content-Length: 0

GET
H2

200

/
trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/ Frame 23D0
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=92&redir=https://trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=[MM_UUID]
https://sync.mathtag.com/sync/img?mt_exid=92&redir=https://trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=[MM_UUID]&mm_bnc&mm_bct&UUID=62c65e6d-e412-4d00-ab86-5fc9a58c1470
https://trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=62c65e6d-e412-4d00-ab86-5fc9a58c1470

0
57 B

45ms
45ms

Image
text/plain

151.101.114.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=62c65e6d-e412-4d00-ab86-5fc9a58c1470
Requested by: Host: urlz.fr
URL: https://urlz.fr/bNME
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms: 8
date: Sun, 15 Mar 2020 08:15:14 GMT
via: 1.1 varnish
server: nginx
x-timer: S1584260114.206839,VS0,VE8
x-served-by: cache-hhn4066-HHN
x-cache: MISS
status: 200
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

Redirect headers

Date: Sun, 15 Mar 2020 08:16:03 GMT
Server: MT3 2187 76c51ad master cdg-pixel-x23
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=62c65e6d-e412-4d00-ab86-5fc9a58c1470
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 15 Mar 2020 08:16:02 GMT

GET
H2

204

/
trc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/ Frame 23D0
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Ftrc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%
https://trc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=dlVOQKfnpE4Q&ev=1&pid=562107

0
50 B

45ms
45ms

Image
text/plain

151.101.114.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=dlVOQKfnpE4Q&ev=1&pid=562107
Requested by: Host: urlz.fr
URL: https://urlz.fr/bNME
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Sun, 15 Mar 2020 08:15:14 GMT
via: 1.1 varnish
server: nginx
x-timer: S1584260114.227234,VS0,VE9
x-served-by: cache-hhn4066-HHN
x-cache: MISS
status: 204
accept-ranges: bytes
x-cache-hits: 0

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
location: https://trc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=dlVOQKfnpE4Q&ev=1&pid=562107
content-language: en-US
status: 302
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-c96d8d657-dvvmz
expires: -1

GET
H2

204

/
trc.taboola.com/sg/rtbhouse-network/1/rtb-h/ Frame 23D0
Redirect Chain

https://creativecdn.com/cm-notify?pi=taboola
https://ams.creativecdn.com/cm-notify?pi=taboola&tc=1
https://trc.taboola.com/sg/rtbhouse-network/1/rtb-h/?taboola_hm=VW3Sa6Q86uzx1R3MxdWG&pi=taboola&tc=1

0
50 B

51ms
50ms

Image
text/plain

151.101.114.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/rtbhouse-network/1/rtb-h/?taboola_hm=VW3Sa6Q86uzx1R3MxdWG&pi=taboola&tc=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Sun, 15 Mar 2020 08:15:14 GMT
via: 1.1 varnish
server: nginx
x-timer: S1584260114.267434,VS0,VE9
x-served-by: cache-hhn4066-HHN
x-cache: MISS
status: 204
accept-ranges: bytes
x-cache-hits: 0

Redirect headers

status: 302
pragma: no-cache
date: Sun, 15 Mar 2020 08:15:14 GMT, Sun, 15 Mar 2020 08:15:14 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
location: https://trc.taboola.com/sg/rtbhouse-network/1/rtb-h/?taboola_hm=VW3Sa6Q86uzx1R3MxdWG&pi=taboola&tc=1
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

/
trc.taboola.com/sg/appnexus-network/1/rtb-h/ Frame 23D0
Redirect Chain

https://ib.adnxs.com/getuidnb?https://trc.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID
https://trc.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=8477901299308279771

0
63 B

47ms
45ms

Image
text/plain

151.101.114.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=8477901299308279771
Requested by: Host: urlz.fr
URL: https://urlz.fr/bNME
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Sun, 15 Mar 2020 08:15:14 GMT
via: 1.1 varnish
server: nginx
x-timer: S1584260114.173251,VS0,VE9
x-served-by: cache-hhn4066-HHN
x-cache: MISS
status: 200
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

Redirect headers

Pragma: no-cache
Date: Sun, 15 Mar 2020 08:15:16 GMT
AN-X-Request-Uuid: ce4375f9-8261-4356-8ab9-9bd641fb4c3f
Content-Type: text/html; charset=utf-8
Server: nginx/1.13.4
Location: https://trc.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=8477901299308279771
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.38.150.96; 185.38.150.96; 535.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.13:80
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame 23D0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEDc5rOzXhCSLAwWcj0lMpLU&google_cver=1

0
54 B

48ms
47ms

Image
text/plain

151.101.114.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEDc5rOzXhCSLAwWcj0lMpLU&google_cver=1
Requested by: Host: urlz.fr
URL: https://urlz.fr/bNME
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Sun, 15 Mar 2020 08:15:14 GMT
via: 1.1 varnish
server: nginx
x-timer: S1584260114.197855,VS0,VE9
x-served-by: cache-hhn4066-HHN
x-cache: MISS
status: 200
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

Redirect headers

pragma: no-cache
date: Sun, 15 Mar 2020 08:15:14 GMT
server: HTTP server (unknown)
location: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEDc5rOzXhCSLAwWcj0lMpLU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 304
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

/
trc.taboola.com/sg/nca-appnexus-network/1/rtb-h/ Frame 23D0
Redirect Chain

https://ib.adnxs.com/getuidnb?https://trc.taboola.com/sg/nca-appnexus-network/1/rtb-h/?taboola_hm=$UID
https://trc.taboola.com/sg/nca-appnexus-network/1/rtb-h/?taboola_hm=8477901299308279771

0
60 B

47ms
47ms

Image
text/plain

151.101.114.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/nca-appnexus-network/1/rtb-h/?taboola_hm=8477901299308279771
Requested by: Host: urlz.fr
URL: https://urlz.fr/bNME
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Sun, 15 Mar 2020 08:15:14 GMT
via: 1.1 varnish
server: nginx
x-timer: S1584260114.196903,VS0,VE9
x-served-by: cache-hhn4066-HHN
x-cache: MISS
status: 204
accept-ranges: bytes
x-cache-hits: 0

Redirect headers

Pragma: no-cache
Date: Sun, 15 Mar 2020 08:15:16 GMT
AN-X-Request-Uuid: 232e4829-07cf-46dc-95ae-95a575fdba32
Content-Type: text/html; charset=utf-8
Server: nginx/1.13.4
Location: https://trc.taboola.com/sg/nca-appnexus-network/1/rtb-h/?taboola_hm=8477901299308279771
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.38.150.96; 185.38.150.96; 535.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.40:80
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame 23D0
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=79d2cbe8-c209-4daf-84aa-923423a1e5a5

0
54 B

47ms
45ms

Image
text/plain

151.101.114.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=79d2cbe8-c209-4daf-84aa-923423a1e5a5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Sun, 15 Mar 2020 08:15:14 GMT
via: 1.1 varnish
server: nginx
x-timer: S1584260114.310652,VS0,VE9
x-served-by: cache-hhn4066-HHN
x-cache: MISS
status: 200
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

Redirect headers

pragma: no-cache
date: Sun, 15 Mar 2020 08:15:14 GMT
x-aspnet-version: 4.0.30319
location: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=79d2cbe8-c209-4daf-84aa-923423a1e5a5
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
status: 302
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 239

GET
H2

200

rtb-h
trc.taboola.com/sg/storygize-network/1/ Frame 23D0
Redirect Chain

https://www.storygize.net/ccm/4b560cdd-91f9-422b-adb7-e9dff26bc3ad?u=7aaf735e-15eb-45ae-a685-20702c9d01d8-tuct5676991
https://trc.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=37cf273d-6031-4a9e-b4c2-17b86d952301

0
201 B

46ms
45ms

Image
text/plain

151.101.114.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=37cf273d-6031-4a9e-b4c2-17b86d952301
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Sun, 15 Mar 2020 08:15:15 GMT
via: 1.1 varnish
server: nginx
x-timer: S1584260115.208374,VS0,VE9
x-served-by: cache-hhn4066-HHN
x-cache: MISS
status: 200
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

Redirect headers

Location: https://trc.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=37cf273d-6031-4a9e-b4c2-17b86d952301
Pragma: no-cache
expires: 0
cache-control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
P3P: CP ALL ADM DEV PSAi COM OUR OTRo STP IND ONL

GET
H/1.1 200
OK cookiesync
bttrack.com/pixel/ Frame 23D0 35 B
380 B 388ms
97ms Image
image/gif 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bttrack.com/pixel/cookiesync?source=14b8c562-d12b-418b-b680-ad517d5839ec
Requested by: Host: urlz.fr
URL: https://urlz.fr/bNME
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

X-ServerName: Track003-dc3
Pragma: no-cache
Date: Sun, 15 Mar 2020 08:15:14 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control: private,no-cache
Content-Type: image/gif
Content-Length: 35
Expires: -1

GET
H/1.1 204
No Content /
cds.taboola.com/ Frame 23D0 0
176 B 281ms
91ms Image
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cds.taboola.com/?uid=7aaf735e-15eb-45ae-a685-20702c9d01d8-tuct5676991&_r=4858810
Requested by: Host: urlz.fr
URL: https://urlz.fr/bNME
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Sun, 15 Mar 2020 08:15:14 GMT
cache-control: no-store
x-envoy-upstream-service-time: 0
Server: nginx
Connection: close
Content-Length: 0

GET
H2

200

/
trc.taboola.com/sg/bidswitch-network/1/rtb-h/ Frame 23D0
Redirect Chain

https://x.bidswitch.net/sync?ssp=taboola
https://x.bidswitch.net/ul_cb/sync?ssp=taboola
https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=taboola&bsw_user_id=af8bf60c-9d0f-4d1d-b8d1-b01a1a27f4f2&bsw_param=af8bf60c-9d0f-4d1d-b8d1-b01a1a27f4f2&gdpr=&gdpr_consent=
https://x.bidswitch.net/sync?dsp_id=339&expires=14&user_group=0&user_id=&ssp=taboola&bsw_param=af8bf60c-9d0f-4d1d-b8d1-b01a1a27f4f2
https://trc.taboola.com/sg/bidswitch-network/1/rtb-h/?taboola_hm=af8bf60c-9d0f-4d1d-b8d1-b01a1a27f4f2

0
178 B

45ms
45ms

Image
text/plain

151.101.114.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/bidswitch-network/1/rtb-h/?taboola_hm=af8bf60c-9d0f-4d1d-b8d1-b01a1a27f4f2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms: 8
date: Sun, 15 Mar 2020 08:15:14 GMT
via: 1.1 varnish
server: nginx
x-timer: S1584260115.523342,VS0,VE8
x-served-by: cache-hhn4066-HHN
x-cache: MISS
status: 200
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

Redirect headers

status: 302
date: Sun, 15 Mar 2020 08:15:14 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
location: //trc.taboola.com/sg/bidswitch-network/1/rtb-h/?taboola_hm=af8bf60c-9d0f-4d1d-b8d1-b01a1a27f4f2
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

POST
H2 204 bulk Show response
trc.taboola.com/themonetizer-urlz/log/3/ Frame 89F7 0
226 B 47ms
47ms XHR
image/gif 151.101.114.2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/themonetizer-urlz/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20200315-2-RELEASE.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://urlz.fr/bNME
Origin: https://urlz.fr
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 10
date: Sun, 15 Mar 2020 08:15:14 GMT
via: 1.1 varnish
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 204
x-served-by: cache-hhn4066-HHN
pragma: no-cache
server: nginx
x-timer: S1584260114.144417,VS0,VE10
content-type: image/gif
access-control-allow-origin: https://urlz.fr
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame 89F7 254 B
683 B 38ms
37ms Image
image/png 151.101.114.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: urlz.fr
URL: https://urlz.fr/bNME
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Referer: https://urlz.fr/bNME
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via: 1.1 varnish
age: 2655
x-cache: HIT
status: 200
date: Sun, 15 Mar 2020 08:15:14 GMT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: grODyaFUyHwi27S6u2hd746yPHwUf+y1im5Wn93DxT7wozhn8KMFUP712WAAG3eD1t2rnF4k3Bs=
x-served-by: cache-hhn4066-HHN
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1584260114.198336,VS0,VE0
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
x-amz-request-id: 29D722C296265892
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: image/png
abp: 13
x-cache-hits: 5195

GET
H/1.1 200 12.json Show response
id5-sync.com/g/v1/ 130 B
435 B 32ms
30ms XHR
text/json 54.36.123.232
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v1/12.json?1puid=&gdpr=0&gdpr_consent=

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.36.123.232 , France, ASN16276 (OVH, FR),

Reverse DNS

s04.id5-sync.com

Software

Resource Hash

fa6b0916bae47221207862bce5b98f3d64c14b5b7389bff6ed3aab0f4630dd9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://urlz.fr/bNME
Origin: https://urlz.fr
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://urlz.fr
Date: Sun, 15 Mar 2020 08:15:15 GMT
Access-Control-Allow-Credentials: true
Vary: Origin
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: text/json;charset=utf-8

GET
H/1.1 200
OK usync.html
eus.rubiconproject.com/ Frame 729D 0
0 115ms
35ms Document
text/html 23.37.55.184
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.55.184 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-55-184.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: https://urlz.fr/bNME
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://urlz.fr/bNME

Response headers

Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Wed, 04 Mar 2020 22:48:14 GMT
Content-Encoding: gzip
Content-Length: 7619
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=12232
Expires: Sun, 15 Mar 2020 11:39:08 GMT
Date: Sun, 15 Mar 2020 08:15:16 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame D299 0
0 129ms
40ms Document
text/html 23.210.249.83
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.83 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-83.deploy.static.akamaitechnologies.com
Software: nginx/1.9.13 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: https://urlz.fr/bNME
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://urlz.fr/bNME

Response headers

Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: "573e714d-3e3"
Server: nginx/1.9.13
Content-Type: text/html
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 506
Cache-Control: max-age=31536000
Expires: Mon, 15 Mar 2021 08:15:16 GMT
Date: Sun, 15 Mar 2020 08:15:16 GMT
Connection: keep-alive

GET
H2 200 /
onetag-sys.com/usync/ Frame 91C5 0
0 35ms
34ms Document
text/html 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1584260110257

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

51.89.9.251 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?cb=1584260110257
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://urlz.fr/bNME
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://urlz.fr/bNME

Response headers

status: 200
content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
strict-transport-security: max-age=2592000

GET
H2

200

match
ad.360yield.com/ul_cb/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=improvedigital&google_cm&google_sc&gdpr=1&gdpr_consent=BOo5R8OOwSJTQCLAAAENDB-AAAAujAAA
https://cm.g.doubleclick.net/pixel?google_nid=improvedigital&google_cm=&google_sc=&gdpr=1&gdpr_consent=BOo5R8OOwSJTQCLAAAENDB-AAAAujAAA&google_tc=
https://ad.360yield.com/match?publisher_dsp_id=55&gdpr=1&gdpr_consent=BOo5R8OOwSJTQCLAAAENDB-AAAAujAAA&external_user_id=CAESECnOyn2f0GifRm7Cm4HhY6E&google_cver=1
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=55&gdpr=1&gdpr_consent=BOo5R8OOwSJTQCLAAAENDB-AAAAujAAA&external_user_id=CAESECnOyn2f0GifRm7Cm4HhY6E&google_cver=1

43 B
496 B

38ms
38ms

Image
image/gif

18.195.171.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=55&gdpr=1&gdpr_consent=BOo5R8OOwSJTQCLAAAENDB-AAAAujAAA&external_user_id=CAESECnOyn2f0GifRm7Cm4HhY6E&google_cver=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.171.24 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-171-24.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://urlz.fr/bNME
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Sun, 15 Mar 2020 08:15:16 GMT
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length: 43
content-type: image/gif

Redirect headers

status: 302
date: Sun, 15 Mar 2020 08:15:16 GMT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length: 0
location: https://ad.360yield.com:443/ul_cb/match?publisher_dsp_id=55&gdpr=1&gdpr_consent=BOo5R8OOwSJTQCLAAAENDB-AAAAujAAA&external_user_id=CAESECnOyn2f0GifRm7Cm4HhY6E&google_cver=1
content-type: text/plain

GET
H2

200

match
match.360yield.com/ul_cb/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=eUVnPHyVTxyUAzEKU9Xp4w&google_cm&publisher_dsp_id=340
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=eUVnPHyVTxyUAzEKU9Xp4w&google_cm=&publisher_dsp_id=340&google_tc=
https://match.360yield.com/match?publisher_dsp_id=340&google_gid=CAESEI2VHjYjHOqvE512rzNvI0U&google_cver=1
https://match.360yield.com/ul_cb/match?publisher_dsp_id=340&google_gid=CAESEI2VHjYjHOqvE512rzNvI0U&google_cver=1

43 B
497 B

38ms
38ms

Image
image/gif

52.59.1.143
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.360yield.com/ul_cb/match?publisher_dsp_id=340&google_gid=CAESEI2VHjYjHOqvE512rzNvI0U&google_cver=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.1.143 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-1-143.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://urlz.fr/bNME
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Sun, 15 Mar 2020 08:15:16 GMT
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length: 43
content-type: image/gif

Redirect headers

status: 302
date: Sun, 15 Mar 2020 08:15:16 GMT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length: 0
location: https://match.360yield.com:443/ul_cb/match?publisher_dsp_id=340&google_gid=CAESEI2VHjYjHOqvE512rzNvI0U&google_cver=1
content-type: text/plain

GET
H2

200

match
ad.360yield.com/
Redirect Chain

https://x.bidswitch.net/sync?ssp=improve&publisher_user_id=7945673c-7c95-4f1c-9403-310a53d5e9e3&publisher_dsp_id=191&publisher_call_type=redirect&gdpr=1&gdpr_consent=BOo5R8OOwSJTQCLAAAENDB-AAAAujAA...
https://x.bidswitch.net/ul_cb/sync?ssp=improve&publisher_user_id=7945673c-7c95-4f1c-9403-310a53d5e9e3&publisher_dsp_id=191&publisher_call_type=redirect&gdpr=1&gdpr_consent=BOo5R8OOwSJTQCLAAAENDB-AA...
https://a.volvelle.tech/sync?ssp=bidswitch&bidswitch_ssp_id=improve
https://a.volvelle.tech/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=improve
https://x.bidswitch.net/sync?dsp_id=190&expires=14&user_group=1&user_id=0eab72b2-e0dd-492a-a6c8-ee9d35e967a9&ssp=improve
https://ad.360yield.com/match?publisher_dsp_id=191&external_user_id=ea4d5627-ed10-441f-9de9-ef6953c2daa1

43 B
578 B

38ms
38ms

Image
image/gif

18.195.171.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/match?publisher_dsp_id=191&external_user_id=ea4d5627-ed10-441f-9de9-ef6953c2daa1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.171.24 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-171-24.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://urlz.fr/bNME
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Sun, 15 Mar 2020 08:15:16 GMT
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length: 43
content-type: image/gif

Redirect headers

status: 302
date: Sun, 15 Mar 2020 08:15:16 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
location: //ad.360yield.com/match?publisher_dsp_id=191&external_user_id=ea4d5627-ed10-441f-9de9-ef6953c2daa1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

match
ice.360yield.com/ul_cb/
Redirect Chain

https://ib.adnxs.com/getuid?https://ice.360yield.com/match?external_user_id=$UID&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOo5R8OOwSJTQCLAAAENDB-AAAAujAAA
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fice.360yield.com%2Fmatch%3Fexternal_user_id%3D%24UID%26publisher_dsp_id%3D40%26gdpr%3D1%26gdpr_consent%3DBOo5R8OOwSJTQCLAAAENDB-AAAAujAAA
https://ice.360yield.com/match?external_user_id=5231469128542689091&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOo5R8OOwSJTQCLAAAENDB-AAAAujAAA
https://ice.360yield.com/ul_cb/match?external_user_id=5231469128542689091&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOo5R8OOwSJTQCLAAAENDB-AAAAujAAA

43 B
423 B

40ms
40ms

Image
image/gif

52.29.234.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ice.360yield.com/ul_cb/match?external_user_id=5231469128542689091&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOo5R8OOwSJTQCLAAAENDB-AAAAujAAA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.234.105 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-234-105.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://urlz.fr/bNME
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Sun, 15 Mar 2020 08:15:16 GMT
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length: 43
content-type: image/gif

Redirect headers

status: 302
date: Sun, 15 Mar 2020 08:15:16 GMT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length: 0
location: https://ice.360yield.com:443/ul_cb/match?external_user_id=5231469128542689091&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOo5R8OOwSJTQCLAAAENDB-AAAAujAAA
content-type: text/plain

GET
H2

200

match
ad.360yield.com/ul_cb/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=improve-digital&ttd_tpi=1&publisher_user_id=7945673c-7c95-4f1c-9403-310a53d5e9e3&publisher_dsp_id=167&publisher_call_type=redirect&gdpr=1&gdpr_con...
https://match.adsrvr.org/track/cmb/generic?ttd_pid=improve-digital&ttd_tpi=1&publisher_user_id=7945673c-7c95-4f1c-9403-310a53d5e9e3&publisher_dsp_id=167&publisher_call_type=redirect&gdpr=1&gdpr_con...
https://ad.360yield.com/match?publisher_dsp_id=167&external_user_id=782b0135-1d6a-4fe6-b545-0b89d2a2e707
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=167&external_user_id=782b0135-1d6a-4fe6-b545-0b89d2a2e707

43 B
506 B

40ms
39ms

Image
image/gif

18.195.171.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=167&external_user_id=782b0135-1d6a-4fe6-b545-0b89d2a2e707
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.171.24 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-171-24.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://urlz.fr/bNME
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Sun, 15 Mar 2020 08:15:16 GMT
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length: 43
content-type: image/gif

Redirect headers

status: 302
date: Sun, 15 Mar 2020 08:15:16 GMT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length: 0
location: https://ad.360yield.com:443/ul_cb/match?publisher_dsp_id=167&external_user_id=782b0135-1d6a-4fe6-b545-0b89d2a2e707
content-type: text/plain

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: id5-sync.com
URL: https://id5-sync.com/c/12/112/2/8.gif?puid=AD1B425107208AEC&gdpr=1&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

135 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
oran987.weebly.com/	1970-01-19 08:24:29	Name: language Value: en
.oran987.weebly.com/	1969-12-31 23:59:59	Name: is_mobile Value: 0
.urlz.fr/	1970-01-19 08:47:32	Name: __cfduid Value: d4080627d673981c26ceebc80204c94a71584260108

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://script.4dex.io/localstore.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	error	URL: https://player.pepsia.com/sdk.js?d=170dd42d719(Line 4) Message: %c Pepsia.com Player #0 background: #ccc; color: #2176ff Site Désactivé !

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.volvelle.tech
acdn.adnxs.com
ad.360yield.com
ads.themoneytizer.com
adtrack.adleadevent.com
ajax.cloudflare.com
ajax.googleapis.com
ams.creativecdn.com
bh.contextweb.com
bidder.criteo.com
bttrack.com
c.sharethis.mgr.consensu.org
c.tmyzer.com
cdn.taboola.com
cds.taboola.com
ced-ns.sascdn.com
cm.g.doubleclick.net
creativecdn.com
d2zur9cc2gf1tx.cloudfront.net
dmp.truoptik.com
eus.rubiconproject.com
fastlane.rubiconproject.com
g.themoneytizer.net
gum.criteo.com
ib.adnxs.com
ice.360yield.com
id5-sync.com
image2.pubmatic.com
js-sec.indexww.com
match.360yield.com
match.adsrvr.org
match.taboola.com
match.zorosrv.com
onetag-sys.com
oran987.weebly.com
p.cpx.to
pixel.quantserve.com
pixel.rubiconproject.com
player.pepsia.com
pool.grid-data.bidswitch.net
px.powerlinks.com
rtb.mfadsrvr.com
rules.quantcount.com
s.cpx.to
sb.scorecardresearch.com
script.4dex.io
secure.adnxs.com
secure.quantserve.com
server.exposebox.com
spl.zeotap.com
static.criteo.net
sync.mathtag.com
tag.contextweb.com
tag.leadplace.fr
trc.taboola.com
u.ipw.metadsp.co.uk
urlz.fr
ww1097.smartadserver.com
www.noowho.com
www.storygize.net
x.bidswitch.net
id5-sync.com
100.20.21.65
104.16.91.60
13.225.73.69
13.225.84.175
141.226.224.32
145.239.192.166
145.239.193.145
151.101.114.2
151.101.114.49
151.101.14.49
151.139.241.23
172.217.22.66
178.250.0.165
18.195.104.209
18.195.171.24
18.195.73.23
185.184.8.30
185.29.135.226
185.64.189.110
185.86.137.113
192.132.33.46
199.34.228.54
23.210.249.164
23.210.249.83
23.37.55.184
23.5.97.37
2600:9000:20eb:a00:6:44e3:f8c0:93a1
2600:9000:2156:b200:c:a9b7:ddc0:93a1
2606:4700:10::6814:8338
2606:4700:3035::681b:921a
2606:4700:3038::681f:bb2
2606:4700::6811:4004
2a00:1450:4001:815::200a
2a02:2638:1::13
2a02:2638:1::3
35.201.85.158
35.210.178.101
35.210.239.72
37.252.172.249
37.252.173.62
40.113.136.100
5.179.192.20
51.89.9.251
52.16.97.238
52.29.234.105
52.57.113.38
52.59.1.143
54.228.220.169
54.36.123.232
54.38.64.100
63.32.144.14
68.232.35.16
69.173.144.142
69.173.144.165
74.214.194.131
74.214.194.140
91.228.74.200
91.228.74.248
94.23.196.203
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
00e0444dc2b1c43780931d55acf76738a0d25a4227007127984b44dbbd7d2aaa
0214d392d4e27028b59a53de3a937de0211ca40bc070387c0d68da05a3d8cc4c
08a970250b9ebc2040ea2328597409d452c786ce43f2a746134e1813bf8185d1
0edc31ecf7a24eddb74effe2c7d4f6f86a423fc632bdad3195bb0bef55d81ade
22185f510bff003e8504a6bff1759a96e745cb019155405c55fd2263898c6151
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
298fad0c41697618bfac1c6b81045ba985fe42d5f9c93a081afc91d106301e9e
38bc0f256821a9c0a02a1c0cedf8ff70c211e637ef77ac199de2fe0cf36ba9ec
40125b3a193777fbbe912b7b2587516c656066f9a70d2ca875eecf6eadfdcfd0
46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681
49df0d0f0416358c2243906aa35f7e8df04d6b9f4231a49893eca3a5ec06d01c
4cc36a5dabe23d6973e196b1f70629c2e25646d55847c07e889ec2938205add2
4d6489e8640b982cf16ad6d5e030406ff68b0828c8643259eaa60751b2aa01f3
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5c0e9940676227b089871a760a8bcdd5632b8d0057e710c8862240a753fa2d26
649144be1fa79362df36ab951a8b94ba05f5e7f1a484224bf9dc7f333fdb60dd
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
759d88dd7c8fa0d1e31323bd2ebf3f238156fdcbd1ed108215f69fece482d0c2
7c97f6e3a63cde2ec40a982359b3aefff892560577e4846a629556da52e75391
83e7227079d44c2e0241e283dbc3b163b21d7ddf589b78645ec0b70e2dba9f57
85c1d4efbf53b669b37f4a6efe6a0c942e3465db6ebc0812c6c22139938c6576
87d0504a593794695c2f77db0efde1f65e73a7086abf260f07f491482517cd07
89085930fdff263d643c4fa37f489efadd7d9f8361661113d67eb61aa7d6311a
90e6f92e956b0b2b6e655f63d36cd44cef727f54c2b2a175ab5144de14ba2a31
94666aec361fee9a9294bb32a5bc11867e479d41c199dd6ec8053122ae105a4b
9ca8e213054d163276dedede01f9eaedf3daf414063621030719d3cbde1eca51
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a49e649ebc4f814611087fd45c301b2a228e34bd49dca9d82a35422df5a6ef9d
aa0b2e4b12882a55a52dc6ab79c9b4d629abe3f910fb30a78d63e85cebd15afe
aec1e2d8eee94b09ced067339e25eb7b5afa51080efefba2b0c5994adbd25fd9
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213
b4dbc571ca03291588ebaf5f683bb64da9613944f6e4d84c2bf38fb3160a6e3f
bf0e17523e8f57ccb02223b6e5adea462a5479afc4e79d9cbf80ca7f6186dc69
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
c2d5f331d09b9a259832acdee3d079099995c012289a6aadc349e9d0c4061b4b
c4753bcf721ada49c5d919504a4470c4a14f71fa220b1ac5da5ac1cd4b88ca09
cb5e68ea98339921426942e8f8c0756dda0f90adeec0ca8067db577e8ca32e3e
d01d7e89b4d641722a6ee3361a74140f0271768fa9c0fb75168cc1f3dc90ad09
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e48ef27d44de3214b67f7fe5b11b567c17d860177d68a848b35ba62a97ba4d84
e8d7c60749c1d62942a8e0a6f901800bd14ff3094251373626cd99a8875c6391
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
fa6b0916bae47221207862bce5b98f3d64c14b5b7389bff6ed3aab0f4630dd9b

urlz.fr Open in urlscan Pro 2606:4700:3038::681f:bb2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

84 Requests

98 %HTTPS

15 %IPv6

46 Domains

61 Subdomains

44 IPs

10 Countries

708 kBTransfer

2182 kBSize

3 Cookies

1 Outgoing links

Redirected requests

84 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

urlz.fr Open in urlscan Pro
2606:4700:3038::681f:bb2 Public Scan

Screenshot
Live screenshot

Full Image

84
Requests

98 %
HTTPS

15 %
IPv6

46
Domains

61
Subdomains

44
IPs

10
Countries

708 kB
Transfer

2182 kB
Size

3
Cookies

84 HTTP transactions
0 data transactions