urlz.fr Open in urlscan Pro
2606:4700:3038::681f:bb2 Public Scan

URL:
https://urlz.fr/cXp6
Submission: On June 17 via manual (June 17th 2020, 2:28:22 pm UTC) from DE

Summary HTTP 147 Redirects Behaviour Indicators

Summary

This website contacted 56 IPs in 8 countries across 54 domains to perform 147 HTTP transactions. The main IP is 2606:4700:3038::681f:bb2, located in United States and belongs to CLOUDFLARENET, US. The main domain is urlz.fr.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on January 29th 2020. Valid for: 8 months.

This is the only time urlz.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:303... 2606:4700:3038::681f:bb2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:84e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:186d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:825::2008	15169 (GOOGLE) (GOOGLE)
13	151.139.241.23 151.139.241.23	33438 (HIGHWINDS2) (HIGHWINDS2)
1	145.239.193.145 145.239.193.145	16276 (OVH) (OVH)
1	198.148.27.131 198.148.27.131	19189 (PULSEPOINT) (PULSEPOINT)
1 6	185.86.137.32 185.86.137.32	201081 (SMARTADSE...) (SMARTADSERVER)
3	2a01:4a0:1338... 2a01:4a0:1338:28::c38a:ff10	201011 (NETZBETRI...) (NETZBETRIEB-GMBH)
1	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	145.239.193.51 145.239.193.51	16276 (OVH) (OVH)
2	51.89.9.251 51.89.9.251	16276 (OVH) (OVH)
1	2606:4700:10:... 2606:4700:10::6816:1957	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	91.228.74.154 91.228.74.154	27281 (QUANTCAST) (QUANTCAST)
1	13.226.154.85 13.226.154.85	16509 (AMAZON-02) (AMAZON-02)
5	52.31.182.127 52.31.182.127	16509 (AMAZON-02) (AMAZON-02)
1	13.226.156.32 13.226.156.32	16509 (AMAZON-02) (AMAZON-02)
2	72.247.225.98 72.247.225.98	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
2	2606:4700:e2:... 2606:4700:e2::ac40:8720	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.31.203.53 52.31.203.53	16509 (AMAZON-02) (AMAZON-02)
3 6	18.195.112.7 18.195.112.7	16509 (AMAZON-02) (AMAZON-02)
4	116.202.160.31 116.202.160.31	24940 (HETZNER-AS) (HETZNER-AS)
1	178.250.2.131 178.250.2.131	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	69.173.144.141 69.173.144.141	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2.21.37.179 2.21.37.179	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6 7	37.252.173.38 37.252.173.38	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2600:9000:218... 2600:9000:2182:9a00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
5	52.214.251.91 52.214.251.91	16509 (AMAZON-02) (AMAZON-02)
1	34.95.76.218 34.95.76.218	15169 (GOOGLE) (GOOGLE)
2 2	185.86.137.110 185.86.137.110	201081 (SMARTADSE...) (SMARTADSERVER)
1	104.16.92.60 104.16.92.60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 4	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
7 10	216.58.206.2 216.58.206.2	15169 (GOOGLE) (GOOGLE)
1 1	37.252.173.22 37.252.173.22	29990 (ASN-APPNEX) (ASN-APPNEX)
1	18.185.173.123 18.185.173.123	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:820::200a	15169 (GOOGLE) (GOOGLE)
1	54.228.220.169 54.228.220.169	16509 (AMAZON-02) (AMAZON-02)
3	54.38.64.100 54.38.64.100	16276 (OVH) (OVH)
4 29	151.101.113.44 151.101.113.44	54113 (FASTLY) (FASTLY)
2 3	52.49.73.64 52.49.73.64	16509 (AMAZON-02) (AMAZON-02)
1	68.232.35.16 68.232.35.16	15133 (EDGECAST) (EDGECAST)
2	185.29.133.223 185.29.133.223	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 5	104.89.19.71 104.89.19.71	16625 (AKAMAI-AS) (AKAMAI-AS)
5 5	18.195.154.255 18.195.154.255	16509 (AMAZON-02) (AMAZON-02)
2	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
3 3	40.113.136.100 40.113.136.100	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4 4	185.29.133.52 185.29.133.52	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 14	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
2 2	198.148.27.140 198.148.27.140	19189 (PULSEPOINT) (PULSEPOINT)
4 4	70.42.32.31 70.42.32.31	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
2 2	35.160.142.237 35.160.142.237	16509 (AMAZON-02) (AMAZON-02)
2	192.132.33.46 192.132.33.46	18568 (BIDTELLECT) (BIDTELLECT)
2	141.226.224.32 141.226.224.32	200478 (TABOOLA-AS) (TABOOLA-AS)
7 7	35.157.51.244 35.157.51.244	16509 (AMAZON-02) (AMAZON-02)
1 1	50.16.38.94 50.16.38.94	14618 (AMAZON-AES) (AMAZON-AES)
2	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	138.201.220.30 138.201.220.30	24940 (HETZNER-AS) (HETZNER-AS)
2 5	2.21.37.45 2.21.37.45	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	92.123.150.214 92.123.150.214	16625 (AKAMAI-AS) (AKAMAI-AS)
1 3	144.76.91.199 144.76.91.199	24940 (HETZNER-AS) (HETZNER-AS)
1 2	23.2.214.145 23.2.214.145	16625 (AKAMAI-AS) (AKAMAI-AS)
3 4	54.36.109.186 54.36.109.186	16276 (OVH) (OVH)
1	159.69.76.252 159.69.76.252	24940 (HETZNER-AS) (HETZNER-AS)
2 2	18.185.191.218 18.185.191.218	16509 (AMAZON-02) (AMAZON-02)
2 5	35.157.249.55 35.157.249.55	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.4.40 37.157.4.40	198622 (ADFORM) (ADFORM)
147	56

1 2606:4700:3038::681f:bb2 (United States)

ASN13335 (CLOUDFLARENET, US)

urlz.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:84e5 (United States)

ASN13335 (CLOUDFLARENET, US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:186d (United States)

ASN13335 (CLOUDFLARENET, US)

www.amazondede.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 151.139.241.23 (Dallas, United States)

ASN33438 (HIGHWINDS2, US)

ads.themoneytizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 145.239.193.145 (France)

ASN16276 (OVH, FR)

g.themoneytizer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.131 (New York, United States)

ASN19189 (PULSEPOINT, US)

tag.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.86.137.32 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

ww1097.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a01:4a0:1338:28::c38a:ff10 (Germany)

ASN201011 (NETZBETRIEB-GMBH, DE)

ced-ns.sascdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 145.239.193.51 (France)

ASN16276 (OVH, FR)

tag.leadplace.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.89.9.251 (Germany)

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.228.74.154 (United Kingdom)

ASN27281 (QUANTCAST, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.154.85 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-154-85.dus51.r.cloudfront.net

p.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.31.182.127 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-182-127.eu-west-1.compute.amazonaws.com

tmzr.pubstack.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
intake.prod.pubstack.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.156.32 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-156-32.dus51.r.cloudfront.net

d2zur9cc2gf1tx.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.247.225.98 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a72-247-225-98.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:e2::ac40:8720 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.31.203.53 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-203-53.eu-west-1.compute.amazonaws.com

ads.servenobid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.195.112.7 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-112-7.eu-central-1.compute.amazonaws.com

ice.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 116.202.160.31 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.31.160.202.116.clients.your-server.de

shb.richaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.141 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.21.37.179 (France)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a2-21-37-179.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 37.252.173.38 (Ascension Island) 6 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2182:9a00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.214.251.91 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-251-91.eu-west-1.compute.amazonaws.com

s.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.95.76.218 (United States)

ASN15169 (GOOGLE, US)
PTR: 218.76.95.34.bc.googleusercontent.com

cdn.prod.pubstack.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.137.110 (France) 2 redirects

ASN201081 (SMARTADSERVER, FR)

sync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.92.60 (United States)

ASN13335 (CLOUDFLARENET, US)

dmp.truoptik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.189.110 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 216.58.206.2 (Mountain View, United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s20-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.173.22 (Ascension Island) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.185.173.123 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-173-123.eu-central-1.compute.amazonaws.com

pool.grid-data.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.228.220.169 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-220-169.eu-west-1.compute.amazonaws.com

adtrack.adleadevent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.38.64.100 (France)

ASN16276 (OVH, FR)

c.tmyzer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 151.101.113.44 (Frankfurt am Main, Germany) 4 redirects

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.zorosrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.49.73.64 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-73-64.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 68.232.35.16 (United States)

ASN15133 (EDGECAST, US)

ec-ns.sascdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.29.133.223 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)

tags.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.89.19.71 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-89-19-71.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.195.154.255 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-154-255.eu-central-1.compute.amazonaws.com

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 40.113.136.100 (Amsterdam, Netherlands) 3 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.powerlinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.29.133.52 (United Kingdom) 4 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 141.226.228.48 (Netherlands) 2 redirects

ASN200478 (TABOOLA-AS, IL)

am-sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.148.27.140 (New York, United States) 2 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 70.42.32.31 (United States) 4 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.160.142.237 (Boardman, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-160-142-237.us-west-2.compute.amazonaws.com

www.storygize.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com

bttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 35.157.51.244 (Frankfurt am Main, Germany) 7 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-51-244.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.16.38.94 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-38-94.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.201.220.30 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.30.220.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.21.37.45 (France) 2 redirects

ASN20940 (AKAMAI-ASN1, EU)
PTR: a2-21-37-45.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.123.150.214 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-150-214.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 144.76.91.199 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.199.91.76.144.clients.your-server.de

hal900018.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.2.214.145 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-2-214-145.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.zenaps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.36.109.186 (Germany) 3 redirects

ASN16276 (OVH, FR)
PTR: p06.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.69.76.252 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.252.76.69.159.clients.your-server.de

sync.richaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.185.191.218 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-191-218.eu-central-1.compute.amazonaws.com

ads.creative-serving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.157.249.55 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-249-55.eu-central-1.compute.amazonaws.com

euc-ice.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.40 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
43	taboola.com 6 redirects cdn.taboola.com trc.taboola.com match.taboola.com am-sync.taboola.com cds.taboola.com	658 KB
13	themoneytizer.com ads.themoneytizer.com	206 KB
11	mathtag.com 6 redirects tags.mathtag.com sync.mathtag.com pixel.mathtag.com	7 KB
11	360yield.com 5 redirects ice.360yield.com euc-ice.360yield.com match.360yield.com ad.360yield.com	10 KB
10	doubleclick.net 7 redirects cm.g.doubleclick.net	2 KB
8	bidswitch.net 7 redirects pool.grid-data.bidswitch.net x.bidswitch.net	4 KB
8	adnxs.com 7 redirects ib.adnxs.com secure.adnxs.com	8 KB
8	smartadserver.com 3 redirects ww1097.smartadserver.com sync.smartadserver.com	8 KB
6	pubstack.io tmzr.pubstack.io cdn.prod.pubstack.io intake.prod.pubstack.io	30 KB
6	cpx.to p.cpx.to s.cpx.to	7 KB
5	mfadsrvr.com 5 redirects rtb.mfadsrvr.com	3 KB
5	scorecardresearch.com 1 redirects sb.scorecardresearch.com	4 KB
5	richaudience.com shb.richaudience.com sync.richaudience.com	848 B
4	redintelligence.net 1 redirects hal9000.redintelligence.net hal900018.redintelligence.net	5 KB
4	zemanta.com 4 redirects b1sync.zemanta.com	2 KB
4	pubmatic.com 2 redirects image2.pubmatic.com simage2.pubmatic.com	3 KB
4	id5-sync.com id5-sync.com Failed	5 KB
4	sascdn.com ced-ns.sascdn.com ec-ns.sascdn.com	24 KB
3	powerlinks.com 3 redirects px.powerlinks.com	2 KB
3	adsrvr.org 2 redirects match.adsrvr.org	2 KB
3	tmyzer.com c.tmyzer.com	600 B
3	rubiconproject.com fastlane.rubiconproject.com pixel.rubiconproject.com	4 KB
3	contextweb.com 2 redirects tag.contextweb.com bh.contextweb.com	12 KB
2	adform.net 2 redirects track.adform.net	753 B
2	creative-serving.com 2 redirects ads.creative-serving.com	2 KB
2	criteo.net static.criteo.net	41 KB
2	bttrack.com bttrack.com	760 B
2	storygize.net 2 redirects www.storygize.net	860 B
2	zorosrv.com match.zorosrv.com	444 B
2	4dex.io script.4dex.io	19 KB
2	google-analytics.com www.google-analytics.com	18 KB
2	quantserve.com secure.quantserve.com pixel.quantserve.com	9 KB
2	onetag-sys.com onetag-sys.com	438 B
2	leadplace.fr tag.leadplace.fr	3 KB
2	criteo.com gum.criteo.com bidder.criteo.com	466 B
2	amazondede.com www.amazondede.com
1	zenaps.com www.zenaps.com	705 B
1	awin1.com 1 redirects www.awin1.com	722 B
1	bluekai.com stags.bluekai.com	733 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com	620 B
1	casalemedia.com as-sec.casalemedia.com	331 B
1	adleadevent.com adtrack.adleadevent.com	518 B
1	googleapis.com ajax.googleapis.com	30 KB
1	truoptik.com dmp.truoptik.com
1	quantcount.com rules.quantcount.com	968 B
1	teads.tv a.teads.tv	293 B
1	servenobid.com ads.servenobid.com	376 B
1	indexww.com js-sec.indexww.com	12 KB
1	cloudfront.net d2zur9cc2gf1tx.cloudfront.net	26 KB
1	zeotap.com spl.zeotap.com
1	themoneytizer.net g.themoneytizer.net	200 B
1	googletagmanager.com www.googletagmanager.com	33 KB
1	cloudflare.com ajax.cloudflare.com	4 KB
1	urlz.fr urlz.fr	1 KB
147	54

	Domain	Requested by
15	trc.taboola.com	2 redirects cdn.taboola.com urlz.fr
14	am-sync.taboola.com	2 redirects urlz.fr
13	ads.themoneytizer.com	ajax.cloudflare.com ads.themoneytizer.com
10	cdn.taboola.com	urlz.fr cdn.taboola.com
10	cm.g.doubleclick.net	7 redirects urlz.fr
7	x.bidswitch.net	7 redirects
7	ib.adnxs.com	6 redirects ads.themoneytizer.com
6	ww1097.smartadserver.com	1 redirects ced-ns.sascdn.com
5	euc-ice.360yield.com	2 redirects
5	pixel.mathtag.com	2 redirects urlz.fr
5	rtb.mfadsrvr.com	5 redirects
5	sb.scorecardresearch.com	1 redirects cdn.taboola.com urlz.fr
5	s.cpx.to	p.cpx.to
4	b1sync.zemanta.com	4 redirects
4	sync.mathtag.com	4 redirects
4	intake.prod.pubstack.io	urlz.fr
4	shb.richaudience.com	ads.themoneytizer.com
4	id5-sync.com	ads.themoneytizer.com
3	hal900018.redintelligence.net	1 redirects urlz.fr hal900018.redintelligence.net
3	px.powerlinks.com	3 redirects
3	match.adsrvr.org	2 redirects js-sec.indexww.com
3	c.tmyzer.com	ads.themoneytizer.com
3	ced-ns.sascdn.com	ww1097.smartadserver.com
2	ad.360yield.com	1 redirects
2	track.adform.net	2 redirects
2	match.360yield.com	1 redirects
2	ads.creative-serving.com	2 redirects
2	static.criteo.net	ads.themoneytizer.com static.criteo.net
2	cds.taboola.com	urlz.fr
2	bttrack.com	urlz.fr cdn.taboola.com
2	www.storygize.net	2 redirects
2	simage2.pubmatic.com	urlz.fr
2	bh.contextweb.com	2 redirects
2	pixel.rubiconproject.com	urlz.fr
2	match.zorosrv.com	urlz.fr
2	match.taboola.com	2 redirects
2	tags.mathtag.com	ced-ns.sascdn.com tags.mathtag.com
2	image2.pubmatic.com	2 redirects
2	sync.smartadserver.com	2 redirects
2	ice.360yield.com	1 redirects
2	script.4dex.io	ads.themoneytizer.com script.4dex.io
2	www.google-analytics.com	www.googletagmanager.com
2	onetag-sys.com	ads.themoneytizer.com
2	tag.leadplace.fr	ads.themoneytizer.com tag.leadplace.fr
2	www.amazondede.com	urlz.fr
1	sync.richaudience.com
1	www.zenaps.com	urlz.fr
1	www.awin1.com	1 redirects
1	stags.bluekai.com	tags.mathtag.com
1	hal9000.redintelligence.net	urlz.fr
1	sync.srv.stackadapt.com	1 redirects
1	ec-ns.sascdn.com	ced-ns.sascdn.com
1	as-sec.casalemedia.com	js-sec.indexww.com
1	adtrack.adleadevent.com	ajax.googleapis.com
1	ajax.googleapis.com	d2zur9cc2gf1tx.cloudfront.net
1	pool.grid-data.bidswitch.net
1	secure.adnxs.com	1 redirects
1	dmp.truoptik.com
1	pixel.quantserve.com
1	cdn.prod.pubstack.io	tmzr.pubstack.io
1	rules.quantcount.com	secure.quantserve.com
1	a.teads.tv	ads.themoneytizer.com
1	fastlane.rubiconproject.com	ads.themoneytizer.com
1	bidder.criteo.com	ads.themoneytizer.com
1	ads.servenobid.com	ads.themoneytizer.com
1	js-sec.indexww.com	ads.themoneytizer.com
1	d2zur9cc2gf1tx.cloudfront.net	ads.themoneytizer.com
1	tmzr.pubstack.io	ads.themoneytizer.com
1	p.cpx.to	ads.themoneytizer.com
1	secure.quantserve.com	ads.themoneytizer.com
1	spl.zeotap.com	ads.themoneytizer.com
1	gum.criteo.com	ads.themoneytizer.com
1	tag.contextweb.com	ads.themoneytizer.com
1	g.themoneytizer.net	ads.themoneytizer.com
1	www.googletagmanager.com	ajax.cloudflare.com
1	ajax.cloudflare.com	urlz.fr
1	urlz.fr
147	77

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-01-29` - `2020-10-09`	8 months	crt.sh
cloudflare.com CloudFlare Inc ECC CA-2	`2020-01-07` - `2020-10-09`	9 months	crt.sh
www.amazondede.com Cloudflare Inc ECC CA-3	`2020-06-06` - `2021-06-06`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
*.themoneytizer.com Sectigo RSA Domain Validation Secure Server CA	`2019-02-15` - `2021-02-14`	2 years	crt.sh
g.themoneytizer.net GoGetSSL RSA DV CA	`2019-10-16` - `2022-01-17`	2 years	crt.sh
*.contextweb.com DigiCert SHA2 Secure Server CA	`2020-05-07` - `2022-05-12`	2 years	crt.sh
*.sascdn.com DigiCert SHA2 Secure Server CA	`2019-10-17` - `2020-10-16`	a year	crt.sh
*.criteo.com DigiCert ECC Secure Server CA	`2020-03-30` - `2020-06-28`	3 months	crt.sh
*.leadplace.fr Gandi Standard SSL CA 2	`2018-09-06` - `2020-09-12`	2 years	crt.sh
onetag-sys.com Let's Encrypt Authority X3	`2020-05-23` - `2020-08-21`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2019-10-04` - `2020-10-07`	a year	crt.sh
p.cpx.to Sectigo RSA Domain Validation Secure Server CA	`2020-01-27` - `2021-02-08`	a year	crt.sh
*.prod.pubstack.io Amazon	`2019-09-18` - `2020-10-18`	a year	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2020-05-26` - `2021-04-21`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2020-03-02` - `2021-04-01`	a year	crt.sh
*.servenobid.com Amazon	`2020-03-12` - `2021-04-12`	a year	crt.sh
*.360yield.com Amazon	`2019-09-24` - `2020-10-24`	a year	crt.sh
*.richaudience.com RapidSSL RSA CA 2018	`2019-03-07` - `2021-04-05`	2 years	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-01-10` - `2021-01-14`	2 years	crt.sh
teads.tv Let's Encrypt Authority X3	`2020-05-12` - `2020-08-10`	3 months	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
s.cpx.to Sectigo RSA Domain Validation Secure Server CA	`2020-01-27` - `2021-02-08`	a year	crt.sh
cdn.prod.pubstack.io GTS CA 1D2	`2020-05-19` - `2020-08-17`	3 months	crt.sh
*.truoptik.com Go Daddy Secure Certificate Authority - G2	`2018-11-13` - `2020-11-13`	2 years	crt.sh
pool.grid-data.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-03-06` - `2022-03-06`	2 years	crt.sh
upload.video.google.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
adtrack.adleadevent.com Amazon	`2020-06-15` - `2021-07-15`	a year	crt.sh
*.smartadserver.com DigiCert Global CA G2	`2020-02-03` - `2022-02-03`	2 years	crt.sh
c.tmyzer.com Let's Encrypt Authority X3	`2020-06-10` - `2020-09-08`	3 months	crt.sh
*.taboola.com DigiCert SHA2 Secure Server CA	`2020-06-01` - `2020-09-10`	3 months	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2 years	crt.sh
*.mathtag.com DigiCert SHA2 Secure Server CA	`2020-04-15` - `2022-04-22`	2 years	crt.sh
sb.scorecardresearch.com DigiCert Secure Site ECC CA-1	`2020-06-02` - `2021-06-02`	a year	crt.sh
*.zorosrv.com DigiCert SHA2 Secure Server CA	`2020-06-07` - `2021-05-19`	a year	crt.sh
*.pubmatic.com Sectigo RSA Organization Validation Secure Server CA	`2019-02-22` - `2021-02-21`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
*.bttrack.com Sectigo RSA Domain Validation Secure Server CA	`2019-03-19` - `2021-04-13`	2 years	crt.sh
*.criteo.net DigiCert ECC Secure Server CA	`2020-03-30` - `2020-06-28`	3 months	crt.sh
redintelligence.net Let's Encrypt Authority X3	`2020-04-22` - `2020-07-21`	3 months	crt.sh
pixel.mathtag.com DigiCert SHA2 Secure Server CA	`2020-04-15` - `2021-07-15`	a year	crt.sh
odc-prod-01.oracle.com DigiCert Secure Site ECC CA-1	`2020-04-14` - `2021-04-10`	a year	crt.sh
www.awin1.com DigiCert Secure Site ECC CA-1	`2020-04-21` - `2021-07-21`	a year	crt.sh
*.id5-sync.com Let's Encrypt Authority X3	`2020-04-02` - `2020-07-01`	3 months	crt.sh

This page contains 15 frames:

Primary Page: https://urlz.fr/cXp6
Frame ID: ADA3FC1241CA5401889FE96E3DC6922B
Requests: 78 HTTP requests in this frame

Frame: https://www.amazondede.com/
Frame ID: 5EC45686ABB43B4F65EA519277E71CF6
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1592404083520
Frame ID: 88AE85B1F62BFCF87588A225BCB9B15A
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
Frame ID: DFF06EC6BCAD0FCA35CB0658D762EADC
Requests: 1 HTTP requests in this frame

Frame: https://www.amazondede.com/
Frame ID: 68F622C25D5EB24A152F8A7550C2029A
Requests: 1 HTTP requests in this frame

Frame: https://tag.leadplace.fr/wckr.php?nogdpr&id=MTIZ
Frame ID: 41C45442DA3A704FBDD362B41AB38DF4
Requests: 1 HTTP requests in this frame

Frame: https://cdn.taboola.com/shared/tbframe.js
Frame ID: BE9FB870FE97C897C9D4D6F122E21DB8
Requests: 1 HTTP requests in this frame

Frame: https://ec-ns.sascdn.com/diff/rtb/handler/st.min.html?%7b%22bid%22%3a%22249491189159754960%22%2c%22adomain%22%3a%22soberberlin.com%22%2c%22page%22%3a%22890545%22%2c%22format%22%3a%2226328%22%2c%22crid%22%3a%226815988%22%2c%22dsp%22%3a%2225%22%2c%22buyer%22%3a%2267013%22%2c%22cid%22%3a%22669970%22%2c%22adid%22%3a%226815988%22%2c%22hash%22%3a%22-6763331082740690303%22%7d
Frame ID: 8EBF5D468E192F2FF4ADDA2900E155C7
Requests: 1 HTTP requests in this frame

Frame: https://tags.mathtag.com/notify/js?exch=sas&id=5aW95q2jLzIyLyAvTVRFNE1tSmhabVl0T1dZME9DMHhZVEV5TFRBd01EQXRNREF3TURBd01EQXdNREF3LzcwNjA2NDMxNDU4OTMxMDMyNC82ODE1OTg4LzQ3Mzk2MTkvMzkvV2dldHdTajhJMXNTYzdGdmx4RHJVR3pJUS0wTFlVbDlfblRqa1MxMjBiOC8xLzM5LzAvMC85OTgwODgvMzExODA1MDA2MC8yMTY1MzYvNjY5OTcwLzEvMC8wL01EQXdNREF3TURBdE1EQXdNQzB3TURBd0xUQXdNREF0TURBd01EQXdNREF3TURBdy8wLzAvMC8wLzAvNzA2MDY0MzE0NTg5MzEwMzI0L3pyaC8wLzM5MjgvNjgvOTk5LzAvMTg1LjIxNy4xNzEuMC8wLjAwMC8xNTkyNDA0MDg0LzE1OTI0MTY2ODQvMzkv/p7Q0AMTU_wvO8z_lYvs91fy9AL8&nodeid=39&group=eu&auctionid=706064314589310324&sid=4739619&cid=6815988&price=0.057999302&bp=a_ahcaab&nfy_act=LD5wfnw&type=adm&client=c2s&act=LiIiJiQocHxrPSwuJCMqcHxrKy5wfGshIioqJCMqcHxrOiwkOQsiPwQgPQMiOSQrcH0&bfip=185.29.134.124
Frame ID: F2716ADEBDE11DF0D13B50AF850FC2CB
Requests: 11 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/themonetizer-network/loader.js
Frame ID: 375CA7F546C44EA047250B03F8ECC98C
Requests: 8 HTTP requests in this frame

Frame: https://cdn.taboola.com/shared/tbframe.js
Frame ID: 83185683030E342A16CB22947219D896
Requests: 1 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/themonetizer-network/loader.js
Frame ID: B5A353CA6ECC25C3228C2DB3C83A0E6D
Requests: 9 HTTP requests in this frame

Frame: https://match.zorosrv.com/match?tabid=98a9af38-fd26-4b17-984c-036248f26a29-tuct5e3adf5&extuid=e7b2cccc-192c-4f1e-af5a-b10f5aaddc13&excid=218&query=taboola_hm%3De7b2cccc-192c-4f1e-af5a-b10f5aaddc13
Frame ID: D601D70D95BFD49D175474731C8EA3E1
Requests: 16 HTTP requests in this frame

Frame: https://match.zorosrv.com/match?tabid=98a9af38-fd26-4b17-984c-036248f26a29-tuct5e3adf5&extuid=8126769b-d2f3-4a68-a7fa-79f7408c5544&excid=218&query=taboola_hm%3D8126769b-d2f3-4a68-a7fa-79f7408c5544
Frame ID: 99461A8E4A49DE33012180813DBA5AF5
Requests: 16 HTTP requests in this frame

Frame: https://hal900018.redintelligence.net/request_content.php?s=67003100137042301041204011263018&a=0a883d4d
Frame ID: E2881EF30CCD4AF20916621D45B8A720
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /\/prebid\.js/i

Quantcast (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /\.quantserve\.com\/quant\.js/i

Page Statistics

147
Requests

99 %
HTTPS

18 %
IPv6

54
Domains

77
Subdomains

56
IPs

8
Countries

1173 kB
Transfer

3908 kB
Size

8
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13

https://ww1097.smartadserver.com/config.js?nwid=1097 HTTP 302
https://ced-ns.sascdn.com/diff/js/smart.js

Request Chain 25

https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent= HTTP 302
https://id5-sync.com/c/12/0/9/1.gif?gdpr=1&gdpr_consent= HTTP 302
https://ib.adnxs.com/getuid?https://id5-sync.com/c/12/2/8/2.gif?puid=$UID&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/12/2/8/2.gif?puid=6140288308793808704&gdpr=1&gdpr_consent= HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-ZHMO1rrksZ3AgexLEyKzyT-pwM47Q5nB04vRp-comw&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F3%2F7%2F3.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/12/3/7/3.gif?puid=17d45eea-2873-4f00-919e-d7199f237712&gdpr=1&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F10%2F6%2F4.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F10%2F6%2F4.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/12/10/6/4.gif?puid=5513467460069844713&gdpr=1&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/12/19/5/5.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/12/19/5/5.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/12/19/5/5.gif?puid=6386072df3786160cdbbdab3e2b6f662&gdpr=1&gdpr_consent= HTTP 302
https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F4%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F4%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/12/101/4/6.gif?puid=5377da18-ddb9-4876-b8ee-17ad78ad3d8a&gdpr=1&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F3%2F7.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F3%2F7.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/12/108/3/7.gif?puid=c1dc2031-b0a6-11ea-bc62-6a2063dbafe3&gdpr=1&gdpr_consent= HTTP 302
https://uipglob.semasio.net/id5/1/get?gdpr=1&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F112%2F2%2F8.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://uipglob.semasio.net/id5/1/get2?gdpr=1&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F112%2F2%2F8.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/12/112/2/8.gif?puid=0&gdpr=1&gdpr_consent=

Request Chain 29

https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%22389f5ea71e0003%22%2C%22version%22%3A%227.0.0-JS-6.3.0%22%2C%22referrer%22%3A%22https%3A%2F%2Furlz.fr%2FcXp6%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2215056%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22686cf6dd575a76%22%2C%22pid%22%3A%2222124029%22%2C%22tid%22%3A%22f640d62e-9c26-49b0-a655-bb6b68d8a94f%22%2C%22banner%22%3A%7B%7D%7D%2C%7B%22id%22%3A%2273a31cef28e9ec%22%2C%22pid%22%3A%2212065816%22%2C%22tid%22%3A%2284093908-1c92-4da9-9df3-362c6127e4ce%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A1%2C%22h%22%3A1%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A90%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A30%7D%2C%7B%22w%22%3A990%2C%22h%22%3A90%7D%2C%7B%22w%22%3A950%2C%22h%22%3A90%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%2285176cddb10611%22%2C%22pid%22%3A%221121190%22%2C%22tid%22%3A%22250cf6b7-16ce-4e27-b2f5-9e93aff41e26%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%5D%7D%7D%2C%7B%22id%22%3A%229c469375e5c038%22%2C%22pid%22%3A%221121191%22%2C%22tid%22%3A%22133d0431-9918-4bb9-9447-7d7237144b94%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%5D%7D%7D%5D%7D%7D HTTP 302
https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%22389f5ea71e0003%22%2C%22version%22%3A%227.0.0-JS-6.3.0%22%2C%22referrer%22%3A%22https%3A%2F%2Furlz.fr%2FcXp6%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2215056%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22686cf6dd575a76%22%2C%22pid%22%3A%2222124029%22%2C%22tid%22%3A%22f640d62e-9c26-49b0-a655-bb6b68d8a94f%22%2C%22banner%22%3A%7B%7D%7D%2C%7B%22id%22%3A%2273a31cef28e9ec%22%2C%22pid%22%3A%2212065816%22%2C%22tid%22%3A%2284093908-1c92-4da9-9df3-362c6127e4ce%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A1%2C%22h%22%3A1%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A90%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A30%7D%2C%7B%22w%22%3A990%2C%22h%22%3A90%7D%2C%7B%22w%22%3A950%2C%22h%22%3A90%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%2285176cddb10611%22%2C%22pid%22%3A%221121190%22%2C%22tid%22%3A%22250cf6b7-16ce-4e27-b2f5-9e93aff41e26%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%5D%7D%7D%2C%7B%22id%22%3A%229c469375e5c038%22%2C%22pid%22%3A%221121191%22%2C%22tid%22%3A%22133d0431-9918-4bb9-9447-7d7237144b94%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%5D%7D%7D%5D%7D%7D

Request Chain 50

https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3D2425c139-e78f-451f-aa8a-3a95bcad20ee HTTP 302
https://sync.smartadserver.com/getuid?url=https%3a%2f%2fs.cpx.to%2fsync%3fdsp%3dsmart_ad_server%26dsp_uid%3d%5bsas_uid%5d%26fid%3d2425c139-e78f-451f-aa8a-3a95bcad20ee&cklb=1 HTTP 302
https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=6302788866178844394&fid=2425c139-e78f-451f-aa8a-3a95bcad20ee

Request Chain 52

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D2425c139-e78f-451f-aa8a-3a95bcad20ee HTTP 302
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D2425c139-e78f-451f-aa8a-3a95bcad20ee HTTP 302
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=AE80936C-A686-4882-BEC8-ED2A71D493CB&fid=2425c139-e78f-451f-aa8a-3a95bcad20ee

Request Chain 53

https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=2425c139-e78f-451f-aa8a-3a95bcad20ee HTTP 302
https://s.cpx.to/ca.png?dsp=dbm&fid=2425c139-e78f-451f-aa8a-3a95bcad20ee&google_gid=CAESEFC_Hc0KRFURNZgdkRVmimg&google_cver=1

Request Chain 54

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12773%26ref%3D%26hn_ver%3D10%26fid%3D2425c139-e78f-451f-aa8a-3a95bcad20ee HTTP 302
https://s.cpx.to/an_fire?app_nexus_uid=6140288308793808704&pid=12773&ref=&hn_ver=10&fid=2425c139-e78f-451f-aa8a-3a95bcad20ee

Request Chain 80

https://sb.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1592404084891&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Furlz.fr%2FcXp6&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1592404084891&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Furlz.fr%2FcXp6&c9=&cs_ak_ss=1

Request Chain 87

https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola HTTP 302
https://trc.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=e7b2cccc-192c-4f1e-af5a-b10f5aaddc13 HTTP 302
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=e7b2cccc-192c-4f1e-af5a-b10f5aaddc13&tbid=98a9af38-fd26-4b17-984c-036248f26a29-tuct5e3adf5&query=taboola_hm%3De7b2cccc-192c-4f1e-af5a-b10f5aaddc13&isDirect=0 HTTP 302
https://match.zorosrv.com/match?tabid=98a9af38-fd26-4b17-984c-036248f26a29-tuct5e3adf5&extuid=e7b2cccc-192c-4f1e-af5a-b10f5aaddc13&excid=218&query=taboola_hm%3De7b2cccc-192c-4f1e-af5a-b10f5aaddc13

Request Chain 89

https://px.powerlinks.com/user/identify?sourceId=d4a7a706-ab0f-11e8-a038-127202fb7690&rurl=https%3A%2F%2Fam-sync.taboola.com%2Fsg%2Fpowerlinksdsp-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%24%7BUSER%7D&orig=trc HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=113&redir=%2F%2Fpx.powerlinks.com%2Fuser%2Fsync%2Fdsps%3FuserId%3D%5BMM_UUID%5D%26sourceId%3Daa4e7548-789b-4df8-a72f-d951a5b206eb%26sync%3D0%26rurl%3Dhttps%25253A%25252F%25252Fam-sync.taboola.com%25252Fsg%25252Fpowerlinksdsp-network%25252F1%25252Frtb-h%25252F%25253Ftaboola_hm%25253Dc2ujnlxwwJe4ZrNo6bhkJGv3iD2QDbbUeXoje2LieWY%2525253D HTTP 302
https://px.powerlinks.com/user/sync/dsps?userId=17d45eea-2873-4f00-919e-d7199f237712&sourceId=aa4e7548-789b-4df8-a72f-d951a5b206eb&sync=0&rurl=https%3A%2F%2Fam-sync.taboola.com%2Fsg%2Fpowerlinksdsp-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3Dc2ujnlxwwJe4ZrNo6bhkJGv3iD2QDbbUeXoje2LieWY%253D HTTP 302
https://am-sync.taboola.com/sg/powerlinksdsp-network/1/rtb-h/?taboola_hm=c2ujnlxwwJe4ZrNo6bhkJGv3iD2QDbbUeXoje2LieWY%3D

Request Chain 90

https://sync.mathtag.com/sync/img?mt_exid=92&redir=https://am-sync.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=[MM_UUID]&orig=trc HTTP 302
https://am-sync.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=17d45eea-2873-4f00-919e-d7199f237712

Request Chain 91

https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fam-sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc HTTP 302
https://am-sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=0W3XKagsqt7V&ev=1&orig=trc&pid=562107

Request Chain 92

https://b1sync.zemanta.com/usersync/taboola/?puid={user_id}&cb=https://am-sync.taboola.com/sg/zemantartb-network/1/rtb-h/?taboola_hm=__ZUID__&orig=trc HTTP 302
https://b1sync.zemanta.com/usersync/taboola/?cb=https%3A%2F%2Fam-sync.taboola.com%2Fsg%2Fzemantartb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D__ZUID__&orig=trc&puid=%7Buser_id%7D&s=2 HTTP 302
https://am-sync.taboola.com/sg/zemantartb-network/1/rtb-h/?taboola_hm=_MEAeckz_IFxgOtkVTiu

Request Chain 93

https://ib.adnxs.com/getuidnb?https://am-sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID&orig=trc HTTP 302
https://am-sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=6140288308793808704&orig=trc

Request Chain 94

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEM3T4gm14Plw4FQfEakjk5o&google_cver=1

Request Chain 96

https://am-sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=9f8afdcc-aefb-44df-a766-1e7780dc32e9-tuct5e3adf4

Request Chain 97

https://ib.adnxs.com/getuidnb?https://am-sync.taboola.com/sg/nca-appnexus-network/1/rtb-h/?taboola_hm=$UID&orig=trc HTTP 302
https://am-sync.taboola.com/sg/nca-appnexus-network/1/rtb-h/?taboola_hm=6140288308793808704&orig=trc

Request Chain 98

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=e8274fe0-501f-476f-81df-99efa983762a

Request Chain 99

https://www.storygize.net/ccm/4b560cdd-91f9-422b-adb7-e9dff26bc3ad?u=9f8afdcc-aefb-44df-a766-1e7780dc32e9-tuct5e3adf4 HTTP 302
https://trc.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=37cf273d-6031-4a9e-b4c2-17b86d952301

Request Chain 102

https://x.bidswitch.net/sync?ssp=taboola HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=taboola HTTP 302
https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=taboola&bsw_user_id=71fc465e-66ff-424b-bb61-c1d682796376 HTTP 302
https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=8126769b-d2f3-4a68-a7fa-79f7408c5544&ssp=taboola HTTP 302
https://trc.taboola.com/sg/bidswitch-network/1/rtb-h/?taboola_hm=71fc465e-66ff-424b-bb61-c1d682796376

Request Chain 104

https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola HTTP 302
https://trc.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=8126769b-d2f3-4a68-a7fa-79f7408c5544 HTTP 302
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=8126769b-d2f3-4a68-a7fa-79f7408c5544&tbid=98a9af38-fd26-4b17-984c-036248f26a29-tuct5e3adf5&query=taboola_hm%3D8126769b-d2f3-4a68-a7fa-79f7408c5544&isDirect=0 HTTP 302
https://match.zorosrv.com/match?tabid=98a9af38-fd26-4b17-984c-036248f26a29-tuct5e3adf5&extuid=8126769b-d2f3-4a68-a7fa-79f7408c5544&excid=218&query=taboola_hm%3D8126769b-d2f3-4a68-a7fa-79f7408c5544

Request Chain 105

https://px.powerlinks.com/user/identify?sourceId=d4a7a706-ab0f-11e8-a038-127202fb7690&rurl=https%3A%2F%2Fam-sync.taboola.com%2Fsg%2Fpowerlinksdsp-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%24%7BUSER%7D&orig=trc HTTP 302
https://am-sync.taboola.com/sg/powerlinksdsp-network/1/rtb-h/?taboola_hm=c2ujnlxwwJe4ZrNo6bhkJGv3iD2QDbbUeXoje2LieWY%3D

Request Chain 106

https://sync.mathtag.com/sync/img?mt_exid=92&redir=https://am-sync.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=[MM_UUID]&orig=trc HTTP 302
https://am-sync.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=17d45eea-2873-4f00-919e-d7199f237712

Request Chain 107

https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fam-sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc HTTP 302
https://am-sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=isHCnOhZaMjr&ev=1&orig=trc&pid=562107

Request Chain 108

https://b1sync.zemanta.com/usersync/taboola/?puid={user_id}&cb=https://am-sync.taboola.com/sg/zemantartb-network/1/rtb-h/?taboola_hm=__ZUID__&orig=trc HTTP 302
https://b1sync.zemanta.com/usersync/taboola/?cb=https%3A%2F%2Fam-sync.taboola.com%2Fsg%2Fzemantartb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D__ZUID__&orig=trc&puid=%7Buser_id%7D&s=2 HTTP 302
https://am-sync.taboola.com/sg/zemantartb-network/1/rtb-h/?taboola_hm=5jUQ1ZSqpsCHCLRlWiZv

Request Chain 109

https://ib.adnxs.com/getuidnb?https://am-sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID&orig=trc HTTP 302
https://am-sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=6140288308793808704&orig=trc

Request Chain 110

https://am-sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=98a9af38-fd26-4b17-984c-036248f26a29-tuct5e3adf5

Request Chain 111

https://ib.adnxs.com/getuidnb?https://am-sync.taboola.com/sg/nca-appnexus-network/1/rtb-h/?taboola_hm=$UID&orig=trc HTTP 302
https://am-sync.taboola.com/sg/nca-appnexus-network/1/rtb-h/?taboola_hm=6140288308793808704&orig=trc

Request Chain 113

https://x.bidswitch.net/sync?ssp=taboola HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=taboola HTTP 302
https://sync.srv.stackadapt.com/sync?nid=50&ssp=taboola HTTP 302
https://x.bidswitch.net/sync?dsp_id=188&user_id=_m44C0IVTvR_W9qgw9yfz7nZqww&user_group=1&ssp=taboola HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=188&user_id=_m44C0IVTvR_W9qgw9yfz7nZqww&user_group=1&ssp=taboola HTTP 302
https://trc.taboola.com/sg/bidswitch-network/1/rtb-h/?taboola_hm=3f628c12-4a82-40e0-86f6-725957dd902b

Request Chain 116

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEM3T4gm14Plw4FQfEakjk5o&google_cver=1

Request Chain 118

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=e8274fe0-501f-476f-81df-99efa983762a

Request Chain 119

https://www.storygize.net/ccm/4b560cdd-91f9-422b-adb7-e9dff26bc3ad?u=98a9af38-fd26-4b17-984c-036248f26a29-tuct5e3adf5 HTTP 302
https://trc.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=37cf273d-6031-4a9e-b4c2-17b86d952301

Request Chain 128

https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=39&v2=706064314589310324&v3=669970&v4=4739619&v5=6815988&mt_nsync=1&no_attr=1 HTTP 302
https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=39&v2=706064314589310324&v3=669970&v4=4739619&v5=6815988&mt_nsync=1&no_attr=1&mm_bnc&mm_bct&UUID=17795eea-2877-4800-a4ac-eefcd8c57ae1

Request Chain 130

https://pixel.mathtag.com/sync/js?sync=auto&mt_lim=5 HTTP 302
https://pixel.mathtag.com/sync/js?sync=auto&mt_lim=5&mm_bnc&mm_bct&UUID=42d55eea-2877-4200-bd79-c235985d17ff

Request Chain 131

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_cm&google_hm=MTE4MmJhZmYtOWY0OC0xYTEyLTAwMDAtMDAwMDAwMDAwMDAw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_cm=&google_hm=MTE4MmJhZmYtOWY0OC0xYTEyLTAwMDAtMDAwMDAwMDAwMDAw&google_tc= HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=4&mt_ec=64ws&mt_exuid=&google_gid=CAESEJiXPhgs7hABJq7Q_Ix5d3U&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=QtVe6ih3QgC9ecI1mF0X_w

Request Chain 133

https://hal900018.redintelligence.net/request.php?zone=uq58aj9csjm3&nw=20&renderingType=javascript&namespace=170fd49b7c&subid=&uid=067ad994a8f08f25&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&tcfGdpr=&tcfGdprConsent=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D706064314589310324%26mt_id%3D6815988%26mt_adid%3D216536%26mt_sid%3D4739619%26mt_exid%3D39%26mt_inapp%3D0%26mt_uuid%3D17d45eea-2873-4f00-919e-d7199f237712%26redirect%3D&documentReferer=https%3A%2F%2Furlz.fr%2FcXp6&ancestorOrigins=https%3A%2F%2Furlz.fr&random=62952626353&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900018.redintelligence.net/request.php?zone=uq58aj9csjm3&nw=20&renderingType=javascript&namespace=170fd49b7c&subid=&uid=067ad994a8f08f25&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&tcfGdpr=&tcfGdprConsent=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D706064314589310324%26mt_id%3D6815988%26mt_adid%3D216536%26mt_sid%3D4739619%26mt_exid%3D39%26mt_inapp%3D0%26mt_uuid%3D17d45eea-2873-4f00-919e-d7199f237712%26redirect%3D&documentReferer=https%3A%2F%2Furlz.fr%2FcXp6&ancestorOrigins=https%3A%2F%2Furlz.fr&random=62952626353&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 135

https://www.awin1.com/cshow.php?s=2664739&v=8488&q=391888&r=235229&pref1=67003100137042301041204011263018&pv=1 HTTP 302
https://www.zenaps.com/cshow.php?pvr=c450c9b0-b0a6-11ea-8153-692d0acd98d1&v=8488&r=235229&q=391888&s=2664739&viewref=67003100137042301041204011263018&pv=1

Request Chain 140

https://id5-sync.com/match?publisher_user_id=153fdd8a-85a2-4b57-99d7-bfaa1b2feedf&publisher_dsp_id=79&publisher_call_type=redirect&gdpr=1&gdpr_consent=BOo5R8OO1H0owCLAAAENDO-AAAAwLAAA&publisher_redirecturl=https://euc-ice.360yield.com/match HTTP 302
https://id5-sync.com/c/124/124/1/1.gif?puid=153fdd8a-85a2-4b57-99d7-bfaa1b2feedf&gdpr=1&gdpr_consent=BOo5R8OO1H0owCLAAAENDO-AAAAwLAAA HTTP 302
https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F124%2F101%2F0%2F2.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3DBOo5R8OO1H0owCLAAAENDO-AAAAwLAAA HTTP 302
https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F124%2F101%2F0%2F2.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3DBOo5R8OO1H0owCLAAAENDO-AAAAwLAAA HTTP 302
https://id5-sync.com/c/124/101/0/2.gif?puid=2404c82d-f4f3-4ad8-a77d-346ee1c1b18f&gdpr=1&gdpr_consent=BOo5R8OO1H0owCLAAAENDO-AAAAwLAAA HTTP 302
https://euc-ice.360yield.com/match?publisher_dsp_id=79&external_user_id=ID5-ZHMO4wM2ZYFkgKlFDv3M8hxd0CnNMeYo6SbuCVohOg&dsp_callback=0&gdpr=1&gdpr_consent=BOo5R8OO1H0owCLAAAENDO-AAAAwLAAA

Request Chain 141

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=FT_dioWiS1eZ17-qGy_u3w&google_cm&dsp_callback=0&publisher_dsp_id=340&gdpr=1&gdpr_consent=BOo5R8OO1H0owCLAAAENDO-AAAAwLAAA HTTP 302
https://match.360yield.com/match?dsp_callback=0&publisher_dsp_id=340&gdpr=1&gdpr_consent=BOo5R8OO1H0owCLAAAENDO-AAAAwLAAA&google_gid=CAESEJj1qoT3uBviOgad1JlGPts&google_cver=1 HTTP 302
https://match.360yield.com/ul_cb/match?dsp_callback=0&publisher_dsp_id=340&gdpr=1&gdpr_consent=BOo5R8OO1H0owCLAAAENDO-AAAAwLAAA&google_gid=CAESEJj1qoT3uBviOgad1JlGPts&google_cver=1

Request Chain 142

https://track.adform.net/serving/cookie/match/?party=5&publisher_user_id=153fdd8a-85a2-4b57-99d7-bfaa1b2feedf&publisher_dsp_id=42&publisher_call_type=redirect&gdpr=1&gdpr_consent=BOo5R8OO1H0owCLAAAENDO-AAAAwLAAA&publisher_redirecturl=https://euc-ice.360yield.com/match HTTP 302
https://track.adform.net/serving/cookie/match/?CC=1&party=5&publisher_user_id=153fdd8a-85a2-4b57-99d7-bfaa1b2feedf&publisher_dsp_id=42&publisher_call_type=redirect&gdpr=1&gdpr_consent=BOo5R8OO1H0owCLAAAENDO-AAAAwLAAA&publisher_redirecturl=https://euc-ice.360yield.com/match HTTP 302
https://euc-ice.360yield.com/match?publisher_dsp_id=42&Expiration=1593613691&external_user_id=2033655754986404700 HTTP 302
https://euc-ice.360yield.com/ul_cb/match?publisher_dsp_id=42&Expiration=1593613691&external_user_id=2033655754986404700

Request Chain 143

https://cm.g.doubleclick.net/pixel?google_nid=improvedigital&google_cm&google_sc&google_hm=MTUzZmRkOGEtODVhMi00YjU3LTk5ZDctYmZhYTFiMmZlZWRm&dsp_callback=0&gdpr=1&gdpr_consent=BOo5R8OO1H0owCLAAAENDO-AAAAwLAAA HTTP 302
https://ad.360yield.com/match?publisher_dsp_id=55&dsp_callback=0&gdpr=1&gdpr_consent=BOo5R8OO1H0owCLAAAENDO-AAAAwLAAA&external_user_id=CAESEHSZwbnmkz9tXJsEpfR9gik&google_cver=1 HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=55&dsp_callback=0&gdpr=1&gdpr_consent=BOo5R8OO1H0owCLAAAENDO-AAAAwLAAA&external_user_id=CAESEHSZwbnmkz9tXJsEpfR9gik&google_cver=1

Request Chain 144

https://ib.adnxs.com/getuid?https://euc-ice.360yield.com/match?dsp_callback=0&external_user_id=$UID&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOo5R8OO1H0owCLAAAENDO-AAAAwLAAA HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Feuc-ice.360yield.com%2Fmatch%3Fdsp_callback%3D0%26external_user_id%3D%24UID%26publisher_dsp_id%3D40%26gdpr%3D1%26gdpr_consent%3DBOo5R8OO1H0owCLAAAENDO-AAAAwLAAA HTTP 302
https://euc-ice.360yield.com/match?dsp_callback=0&external_user_id=6667153774039163463&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOo5R8OO1H0owCLAAAENDO-AAAAwLAAA HTTP 302
https://euc-ice.360yield.com/ul_cb/match?dsp_callback=0&external_user_id=6667153774039163463&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOo5R8OO1H0owCLAAAENDO-AAAAwLAAA

147 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request cXp6 Show response
urlz.fr/ 3 KB
1 KB 115ms
63ms Document
text/html 2606:4700:3038::681f:bb2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://urlz.fr/cXp6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::681f:bb2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e04cfecbc9803e54522bc33b7534fac26cff7bb75efacc757ee59b6cb2ad5b5

Request headers

:method: GET
:authority: urlz.fr
:scheme: https
:path: /cXp6
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Wed, 17 Jun 2020 14:28:02 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d55ac9b1ed9bd3727ad41ef8e36d85b271592404082; expires=Fri, 17-Jul-20 14:28:02 GMT; path=/; domain=.urlz.fr; HttpOnly; SameSite=Lax
cf-cache-status: DYNAMIC
cf-request-id: 03644717970000c8373c376200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5a4d746c2dc0c837-AMS
content-encoding: br

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/ 12 KB
4 KB 11ms
10ms Script
application/javascript 2606:4700::6810:84e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Requested by

Host: urlz.fr
URL: https://urlz.fr/cXp6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:84e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://urlz.fr/cXp6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 14:28:02 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Tue, 16 Jun 2020 12:55:55 GMT
server: cloudflare
etag: W/"5ee8c15b-3016"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/javascript
status: 200
cache-control: max-age=172800, public
strict-transport-security: max-age=15780000; includeSubDomains
cf-ray: 5a4d746c88930746-FRA
cf-request-id: 03644717d8000007468312c200000001
expires: Fri, 19 Jun 2020 14:28:02 GMT

GET
H2 200 /
www.amazondede.com/ Frame 5EC4 0
0 83ms
42ms Document
text/html 2606:4700::6811:186d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.amazondede.com/
Requested by: Host: urlz.fr
URL: https://urlz.fr/cXp6
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:186d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: www.amazondede.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://urlz.fr/cXp6
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://urlz.fr/cXp6

Response headers

status: 200
date: Wed, 17 Jun 2020 14:28:02 GMT
content-type: text/html;charset=UTF-8
set-cookie: __cfduid=d3416b2631e720077c18e21b17aebd07d1592404082; expires=Fri, 17-Jul-20 14:28:02 GMT; path=/; domain=.www.amazondede.com; HttpOnly; SameSite=Lax; Secure
cache-control: public, max-age=0, s-maxage=2592000
vary: Accept-Encoding
x-ua-compatible: IE=edge,chrome=1
cf-cache-status: HIT
age: 872494
cf-request-id: 036447180200003237ca173200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5a4d746cdcf23237-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 83 KB
33 KB 32ms
31ms Script
application/javascript 2a00:1450:4001:825::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-162669458-1

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bf5a3af4518eecd15993056eb0774776d9b9f52073a1e062002cd0b9924328ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://urlz.fr/cXp6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 14:28:02 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33239
x-xss-protection: 0
last-modified: Wed, 17 Jun 2020 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 17 Jun 2020 14:28:02 GMT

GET
H2 200 requestform.js Show response
ads.themoneytizer.com/s/ 55 KB
10 KB 64ms
31ms Script
text/html 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=6
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx / PHP/5.4.45
Resource Hash: 6ab164fe0128161a88bbc22795bfa6af933c21a272464f849b506b992b645049

Request headers

Referer: https://urlz.fr/cXp6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 14:28:02 GMT
content-encoding: gzip
server: nginx
x-powered-by: PHP/5.4.45
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
status: 200
cache-control: max-age=86400
accept-ranges: bytes
expires: Thu, 18 Jun 2020 14:28:02 GMT

GET
H2 200 gen.js Show response
ads.themoneytizer.com/s/ 9 KB
4 KB 65ms
32ms Script
text/html 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/gen.js?type=6
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx / PHP/5.4.45
Resource Hash: 380333b0b75ec9ad51d95668ab00662d4c63a0913ec1c10304c6f312e1ee2c8e

Request headers

Referer: https://urlz.fr/cXp6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 14:28:02 GMT
content-encoding: gzip
server: nginx
x-powered-by: PHP/5.4.45
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 3371
expires: Thu, 18 Jun 2020 14:28:02 GMT

GET
H2 200 requestform.js Show response
ads.themoneytizer.com/s/ 57 KB
11 KB 60ms
28ms Script
text/html 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx / PHP/5.4.45
Resource Hash: 5b6709d87140bcbf216fe0a0e37ce51939647ed0eb219c84e8630edb2460e92f

Request headers

Referer: https://urlz.fr/cXp6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 14:28:02 GMT
content-encoding: gzip
server: nginx
x-powered-by: PHP/5.4.45
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
status: 200
cache-control: max-age=86400
accept-ranges: bytes
expires: Thu, 18 Jun 2020 14:28:02 GMT

GET
H2 200 gen.js Show response
ads.themoneytizer.com/s/ 9 KB
4 KB 46ms
14ms Script
text/html 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/gen.js?type=28
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx / PHP/5.4.45
Resource Hash: 380333b0b75ec9ad51d95668ab00662d4c63a0913ec1c10304c6f312e1ee2c8e

Request headers

Referer: https://urlz.fr/cXp6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 14:28:02 GMT
content-encoding: gzip
server: nginx
x-powered-by: PHP/5.4.45
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 3371
expires: Thu, 18 Jun 2020 14:27:04 GMT

GET
H2 200 requestform.js Show response
ads.themoneytizer.com/s/ 57 KB
11 KB 57ms
25ms Script
text/html 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx / PHP/5.4.45
Resource Hash: 3396e94bd648e3a567d945e89f48313811e20be09b7a1dfc692d7412ae65d6d3

Request headers

Referer: https://urlz.fr/cXp6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 14:28:02 GMT
content-encoding: gzip
server: nginx
x-powered-by: PHP/5.4.45
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
status: 200
cache-control: max-age=86400
accept-ranges: bytes
expires: Thu, 18 Jun 2020 14:28:02 GMT

GET
H2 200 gen.js Show response
ads.themoneytizer.com/s/ 9 KB
4 KB 47ms
14ms Script
text/html 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/gen.js?type=1
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx / PHP/5.4.45
Resource Hash: 380333b0b75ec9ad51d95668ab00662d4c63a0913ec1c10304c6f312e1ee2c8e

Request headers

Referer: https://urlz.fr/cXp6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 14:28:02 GMT
content-encoding: gzip
server: nginx
x-powered-by: PHP/5.4.45
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 3371
expires: Thu, 18 Jun 2020 14:27:57 GMT

GET
H/1.1 200
OK / Show response
g.themoneytizer.net/g/ 26 B
200 B 141ms
47ms Script
text/html 145.239.193.145
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://g.themoneytizer.net/g/
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 145.239.193.145 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 278393caf9e3b1246267fb79e95027449f041bbf8e8774a4cf46d72cc09b7405

Request headers

Referer: https://urlz.fr/cXp6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Jun 2020 14:28:03 GMT
Server: nginx
X-IPLB-Instance: 29821
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 moneyvisibility.js Show response
ads.themoneytizer.com/ 12 KB
4 KB 16ms
14ms Script
text/javascript 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneyvisibility.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: 22185f510bff003e8504a6bff1759a96e745cb019155405c55fd2263898c6151

Request headers

Referer: https://urlz.fr/cXp6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 14:28:03 GMT
content-encoding: gzip
last-modified: Wed, 08 Jan 2020 19:01:35 GMT
server: nginx
etag: "779a-30ad-59ba5857e2265"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 3955
expires: Thu, 18 Jun 2020 14:27:37 GMT

GET
H2 200 moneybile.js Show response
ads.themoneytizer.com/ 37 KB
16 KB 17ms
16ms Script
text/javascript 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneybile.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: 94666aec361fee9a9294bb32a5bc11867e479d41c199dd6ec8053122ae105a4b

Request headers

Referer: https://urlz.fr/cXp6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 14:28:03 GMT
content-encoding: gzip
last-modified: Wed, 27 Feb 2019 16:57:00 GMT
server: nginx
etag: "7ff1-9390-582e30fefbc74"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 15733
expires: Thu, 18 Jun 2020 14:27:43 GMT

GET
H2 200 getjs.static.js Show response
tag.contextweb.com/ 32 KB
11 KB 344ms
95ms Script
application/x-javascript 198.148.27.131
PULSEPOINT

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.contextweb.com/getjs.static.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.148.27.131 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software: envoy /
Resource Hash: bf0e17523e8f57ccb02223b6e5adea462a5479afc4e79d9cbf80ca7f6186dc69

Request headers

Referer: https://urlz.fr/cXp6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 14:28:03 GMT
content-encoding: gzip
server: envoy
etag: d13c8ae45565efb782b52cb7f6a3b3828e3d77a7
p3p: policyref="/TagPublish/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
status: 200
cache-control: max-age=432000, public
x-envoy-upstream-service-time: 2
content-type: application/x-javascript
content-length: 11296

GET
H/1.1

200
OK

smart.js Show response
ced-ns.sascdn.com/diff/js/
Redirect Chain

https://ww1097.smartadserver.com/config.js?nwid=1097
https://ced-ns.sascdn.com/diff/js/smart.js

28 KB
9 KB

127ms
7ms

Script
application/x-javascript

2a01:4a0:1338:28::c38a:ff10
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to

Full URL: https://ced-ns.sascdn.com/diff/js/smart.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff10 , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 3f6464f9ad74909c3fdc357f6062e3e90f71c994a19154e7b27a148185848b9a

Request headers

Referer: https://urlz.fr/cXp6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Jun 2020 14:28:03 GMT
Content-Encoding: gzip
Last-Modified: Thu, 04 Jun 2020 08:09:39 GMT
Server: AkamaiNetStorage
ETag: "5f7fddb9b97f8eb48a8bdb4b04e2554a:1591258182.317141"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9186

Redirect headers

location: https://ced-ns.sascdn.com/diff/js/smart.js
date: Wed, 17 Jun 2020 14:28:03 GMT
cache-control: private
content-length: 159
content-type: text/html; charset=utf-8

GET
H2 200 sync Show response
gum.criteo.com/ 49 B
329 B 50ms
13ms Script
text/javascript 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://urlz.fr/cXp6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 14:28:03 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
status: 200
cache-control: private, max-age=3600
strict-transport-security: max-age=31536000
content-length: 165
expires: 60

GET
H/1.1 200
OK libJsLP.js Show response
tag.leadplace.fr/ 3 KB
3 KB 139ms
48ms Script
application/javascript 145.239.193.51
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.leadplace.fr/libJsLP.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 145.239.193.51 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 90e6f92e956b0b2b6e655f63d36cd44cef727f54c2b2a175ab5144de14ba2a31

Request headers

Referer: https://urlz.fr/cXp6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Jun 2020 14:28:03 GMT
Last-Modified: Wed, 28 Nov 2018 09:16:40 GMT
Server: nginx/1.14.2
ETag: "5bfe5cf8-a72"
X-IPLB-Instance: 29923
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 2674

GET
H2 200 /
onetag-sys.com/usync/ Frame 88AE 0
0 73ms
22ms Document
text/html 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1592404083520

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.89.9.251 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?pubId=2a897e3f18e6769&cb=1592404083520
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://urlz.fr/cXp6
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://urlz.fr/cXp6

Response headers

status: 200
content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
strict-transport-security: max-age=2592000

GET
H2 200 /
spl.zeotap.com/ Frame DFF0 0
0 59ms
23ms Document
text/html 2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: spl.zeotap.com
:scheme: https
:path: /?env=mWeb&uc=2&zdid=1258&eventType=map
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://urlz.fr/cXp6
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://urlz.fr/cXp6

Response headers

status: 200
date: Wed, 17 Jun 2020 14:28:03 GMT
content-type: text/html
set-cookie: __cfduid=dcc59b8d00aed5c1864a9eb9cc72afadf1592404083; expires=Fri, 17-Jul-20 14:28:03 GMT; path=/; domain=.zeotap.com; HttpOnly; SameSite=Lax zc=811eb236-4809-4f4e-54fb-a1030ad8bf18; Path=/; Domain=.zeotap.com; Max-Age=315360000; SameSite=None; Secure zsc=h%CF%9F%C3%07i%00pP%28%FFw%DF%AB%F4%90%05%F5%B2h%DE%26%D5DF%02%1A%F9%7DA%95%60%1BQ%848%01O%29%FF%F9zI%7F%BB%BD%19kU%8F%3C%9BI%BFr%3E4%CF%80%0E%DB%C6%2F%09%B5%FE%B1j4%E6%C4%DAr%AD%04%9A%1F%AD%EB%96%5CQ%3EOq%B6%CF%C5%B5X%F1%81%DF%82%99%AE.v; Path=/; Domain=.zeotap.com; Max-Age=86400; SameSite=None; Secure
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://urlz.fr
vary: Origin
via: 1.1 google
cf-cache-status: DYNAMIC
cf-request-id: 0364471b6f0000d6b1b2876200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5a4d74724ab6d6b1-FRA
content-encoding: br

GET
H/1.1 200
OK quant.js Show response
secure.quantserve.com/ 22 KB
8 KB 93ms
22ms Script
application/x-javascript 91.228.74.154
QUANTCAST

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.quantserve.com/quant.js

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.154 , United Kingdom, ASN27281 (QUANTCAST, US),

Reverse DNS

Software

QS /

Resource Hash

e6e50fd1047f835e02b1b4140c8a63062dff27f25906501694c4829624150955

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://urlz.fr/cXp6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Jun 2020 14:28:03 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17-Jun-2020 14:28:03 GMT
Server: QS
Etag: M0-4cca824e
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=604800
Strict-Transport-Security: max-age=86400
Content-Length: 8082
Expires: Wed, 24 Jun 2020 14:28:03 GMT

GET
H/1.1 200
OK px.js Show response
p.cpx.to/p/12773/ 1 KB
2 KB 99ms
22ms Script
application/javascript 13.226.154.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.cpx.to/p/12773/px.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.154.85 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-154-85.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 290de7c8649cb5dc76203b48ee6fbe96f65880b16beb918d2c4a30e915f45856

Request headers

Referer: https://urlz.fr/cXp6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 16 Jun 2020 23:33:01 GMT
Content-Encoding: UTF-8
Connection: keep-alive
Last-Modified: Thu, 04 Jun 2020 14:07:59 GMT
Server: AmazonS3
Age: 53703
ETag: "cff01043bc20408622ff6a3f411fdd59"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 877a7509af39a63279b2520fa0b455fa.cloudfront.net (CloudFront)
Cache-Control: max-age=2419200
X-Amz-Cf-Pop: DUS51-C1
Accept-Ranges: bytes
Content-Length: 1498
X-Amz-Cf-Id: ZdWw-5fbR-uP-yodXihl2-i-tHUUipX_5iqPrjg-6hFeNQRl1oDB_Q==

GET
H2 200 d086759d-86af-4b34-852b-bb5d4c87aa38 Show response
tmzr.pubstack.io/v1/tag/ 1 KB
836 B 168ms
30ms Script
application/javascript 52.31.182.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tmzr.pubstack.io/v1/tag/d086759d-86af-4b34-852b-bb5d4c87aa38
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.182.127 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-182-127.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 1acf17dad927051175d864f022b4b8323a99a11ae3caf02cce8b638634a64dec

Request headers

Referer: https://urlz.fr/cXp6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Wed, 17 Jun 2020 14:28:03 GMT
cache-control: private,max-age=120
content-encoding: gzip
content-length: 718
content-type: application/javascript

GET
H/1.1 200
OK notifyme.js Show response
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/ 25 KB
26 KB 527ms
92ms Script
text/javascript 13.226.156.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.156.32 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-156-32.dus51.r.cloudfront.net
Software: Apache /
Resource Hash: b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213

Request headers

Referer: https://urlz.fr/cXp6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 16 Jun 2020 14:28:50 GMT
Via: 1.1 498cdb7d5db845f8fbb098d88d764204.cloudfront.net (CloudFront)
Last-Modified: Mon, 18 Feb 2019 16:54:28 GMT
Server: Apache
Age: 147029
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
X-Amz-Cf-Pop: DUS51-C1
Accept-Ranges: bytes
Content-Length: 25704
X-Amz-Cf-Id: x8AgB3fwAeUGwfY2G_UUFOYoVnm1PcIE8GkddhZM6ACpJzqTR0xLOA==

GET
H/1.1 200
OK 186329-261067657875242.js Show response
js-sec.indexww.com/ht/p/ 35 KB
12 KB 1081ms
715ms Script
text/javascript 72.247.225.98
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.247.225.98 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-225-98.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: f869c2dff8faee0c62fe6b9eb479f2b326557fadefd778d35dabb9d7cd18a958

Request headers

Referer: https://urlz.fr/cXp6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Jun 2020 14:28:04 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Jun 2020 13:41:42 GMT
Server: Apache
ETag: "da2308-8bdb-5a847d1ff96c5"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 12319
Expires: Wed, 17 Jun 2020 15:28:04 GMT

GET
H2 200 prebid.js Show response
ads.themoneytizer.com/moneybid3_20/build/dist/ 372 KB
119 KB 27ms
19ms Script
text/javascript 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneybid3_20/build/dist/prebid.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: 9927bfa69df2f37ab9bf7766fc14a8bbfa91940a9ddcd30132d90e8b6352330a

Request headers

Referer: https://urlz.fr/cXp6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 14:28:03 GMT
content-encoding: gzip
last-modified: Wed, 10 Jun 2020 21:49:08 GMT
server: nginx
etag: "4d6d3-5d128-5a7c1d04797f1"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 121273
expires: Thu, 18 Jun 2020 14:27:10 GMT

GET
H2 200 /
www.amazondede.com/ Frame 68F6 0
0 51ms
50ms Document
text/html 2606:4700::6811:186d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.amazondede.com/
Requested by: Host: urlz.fr
URL: https://urlz.fr/cXp6
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:186d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: www.amazondede.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://urlz.fr/cXp6
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: fwww=3209125029737b70181c5462c59c368813c95182fa54910d24c52217209e8dd3; webs-stats-visitor-id=960304175; __utma=1.1619712659.1592404083.1592404083.1592404083.1; __utmc=1; __utmz=1.1592404083.1.1.utmcsr=urlz.fr|utmccn=(referral)|utmcmd=referral|utmcct=/cXp6; __utmt=1; __utmb=1.1.10.1592404083
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://urlz.fr/cXp6

Response headers

status: 200
date: Wed, 17 Jun 2020 14:28:03 GMT
content-type: text/html;charset=UTF-8
set-cookie: __cfduid=d98c1f19b2790fc14c55b6475e32473e71592404083; expires=Fri, 17-Jul-20 14:28:03 GMT; path=/; domain=.www.amazondede.com; HttpOnly; SameSite=Lax; Secure
cache-control: public, max-age=0, s-maxage=2592000
vary: Accept-Encoding
x-ua-compatible: IE=edge,chrome=1
cf-cache-status: HIT
age: 872495
cf-request-id: 0364471b7200003237ca1af200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5a4d74725fa23237-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400

GET

8.gif
id5-sync.com/c/12/112/2/
Redirect Chain

https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent=
https://id5-sync.com/c/12/0/9/1.gif?gdpr=1&gdpr_consent=
https://ib.adnxs.com/getuid?https://id5-sync.com/c/12/2/8/2.gif?puid=$UID&gdpr=1&gdpr_consent=
https://id5-sync.com/c/12/2/8/2.gif?puid=6140288308793808704&gdpr=1&gdpr_consent=
https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-ZHMO1rrksZ3AgexLEyKzyT-pwM47Q5nB04vRp-comw&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F3%2F7%2F3.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D1%26gd...
https://id5-sync.com/c/12/3/7/3.gif?puid=17d45eea-2873-4f00-919e-d7199f237712&gdpr=1&gdpr_consent=
https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F10%2F6%2F4.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D1%26gdpr_consent%3D
https://c1.adform.net/serving/cookie/match?CC=1&party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F10%2F6%2F4.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D1%26gdpr_consent%3D
https://id5-sync.com/c/12/10/6/4.gif?puid=5513467460069844713&gdpr=1&gdpr_consent=
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/12/19/5/5.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/12/19/5/5.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
https://id5-sync.com/c/12/19/5/5.gif?puid=6386072df3786160cdbbdab3e2b6f662&gdpr=1&gdpr_consent=
https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F4%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F4%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
https://id5-sync.com/c/12/101/4/6.gif?puid=5377da18-ddb9-4876-b8ee-17ad78ad3d8a&gdpr=1&gdpr_consent=
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F3%2F7.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_cons...
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F3%2F7.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdp...
https://id5-sync.com/c/12/108/3/7.gif?puid=c1dc2031-b0a6-11ea-bc62-6a2063dbafe3&gdpr=1&gdpr_consent=
https://uipglob.semasio.net/id5/1/get?gdpr=1&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F112%2F2%2F8.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D1%26gdpr_consent%3D
https://uipglob.semasio.net/id5/1/get2?gdpr=1&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F112%2F2%2F8.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D1%26gdpr_consent%3D
https://id5-sync.com/c/12/112/2/8.gif?puid=0&gdpr=1&gdpr_consent=

0
0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-162669458-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://urlz.fr/cXp6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 Jun 2020 23:38:14 GMT
server: Golfe2
age: 6505
date: Wed, 17 Jun 2020 12:39:38 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18469
expires: Wed, 17 Jun 2020 14:39:38 GMT

GET
H2 200 localstore.js Show response
script.4dex.io/ 450 B
748 B 86ms
13ms Script
application/javascript 2606:4700:e2::ac40:8720
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid3_20/build/dist/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8720 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ca8e213054d163276dedede01f9eaedf3daf414063621030719d3cbde1eca51

Request headers

Referer: https://urlz.fr/cXp6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 14:28:03 GMT
content-encoding: br
cf-cache-status: HIT
age: 1410
status: 200
x-amz-request-id: DBFC3C55F40C443C
x-amz-id-2: mwDJsm80Bqk6xZLy1w7QYThSQNNegPLQLlW2W7KVSRTDiQiEyGrGBezw1bMurbaDGE0rsPZVOYI=
last-modified: Mon, 06 Apr 2020 11:18:51 GMT
server: cloudflare
etag: W/"bfa52622781c173885812009122c3f7c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=1800
cf-request-id: 0364471bf30000976088299200000001
cf-ray: 5a4d74731cd99760-FRA

POST
H2 200 adreq Show response
ads.servenobid.com/ 109 B
376 B 176ms
85ms XHR
application/json 52.31.203.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servenobid.com/adreq?cb=8298
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid3_20/build/dist/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.203.53 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-203-53.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 9ef27341dca9400a9c48c9c5781b996e400eb24505f087d0d8572ae517faa597

Request headers

Referer: https://urlz.fr/cXp6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 17 Jun 2020 14:28:03 GMT
content-encoding: gzip
amp-access-control-allow-source-origin: *
status: 200
vary: accept-encoding
content-type: application/json
access-control-allow-origin: https://urlz.fr
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
access-control-allow-credentials: true

GET
H2

200

hb Show response
ice.360yield.com/ul_cb/
Redirect Chain

https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%22389f5ea71e0003%22%2C%22version%22%3A%227.0.0-JS-6.3.0%22%2C%22referrer%22%3A%22https%3A%2F%2Furlz.fr%2Fc...
https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%22389f5ea71e0003%22%2C%22version%22%3A%227.0.0-JS-6.3.0%22%2C%22referrer%22%3A%22https%3A%2F%2Furlz....

11 KB
5 KB

385ms
385ms

XHR
application/json

18.195.112.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%22389f5ea71e0003%22%2C%22version%22%3A%227.0.0-JS-6.3.0%22%2C%22referrer%22%3A%22https%3A%2F%2Furlz.fr%2FcXp6%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2215056%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22686cf6dd575a76%22%2C%22pid%22%3A%2222124029%22%2C%22tid%22%3A%22f640d62e-9c26-49b0-a655-bb6b68d8a94f%22%2C%22banner%22%3A%7B%7D%7D%2C%7B%22id%22%3A%2273a31cef28e9ec%22%2C%22pid%22%3A%2212065816%22%2C%22tid%22%3A%2284093908-1c92-4da9-9df3-362c6127e4ce%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A1%2C%22h%22%3A1%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A90%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A30%7D%2C%7B%22w%22%3A990%2C%22h%22%3A90%7D%2C%7B%22w%22%3A950%2C%22h%22%3A90%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%2285176cddb10611%22%2C%22pid%22%3A%221121190%22%2C%22tid%22%3A%22250cf6b7-16ce-4e27-b2f5-9e93aff41e26%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%5D%7D%7D%2C%7B%22id%22%3A%229c469375e5c038%22%2C%22pid%22%3A%221121191%22%2C%22tid%22%3A%22133d0431-9918-4bb9-9447-7d7237144b94%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%5D%7D%7D%5D%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.112.7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-112-7.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 7999053d0348ab50b1e1f509644adfd3a20423c3253b8e9f178c38476c968d39

Request headers

Referer: https://urlz.fr/cXp6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 14:28:04 GMT
content-encoding: gzip
status: 200
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: https://urlz.fr
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 4454

Redirect headers

date: Wed, 17 Jun 2020 14:28:03 GMT
status: 302
location: https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%22389f5ea71e0003%22%2C%22version%22%3A%227.0.0-JS-6.3.0%22%2C%22referrer%22%3A%22https%3A%2F%2Furlz.fr%2FcXp6%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2215056%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22686cf6dd575a76%22%2C%22pid%22%3A%2222124029%22%2C%22tid%22%3A%22f640d62e-9c26-49b0-a655-bb6b68d8a94f%22%2C%22banner%22%3A%7B%7D%7D%2C%7B%22id%22%3A%2273a31cef28e9ec%22%2C%22pid%22%3A%2212065816%22%2C%22tid%22%3A%2284093908-1c92-4da9-9df3-362c6127e4ce%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A1%2C%22h%22%3A1%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A90%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A30%7D%2C%7B%22w%22%3A990%2C%22h%22%3A90%7D%2C%7B%22w%22%3A950%2C%22h%22%3A90%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%2285176cddb10611%22%2C%22pid%22%3A%221121190%22%2C%22tid%22%3A%22250cf6b7-16ce-4e27-b2f5-9e93aff41e26%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%5D%7D%7D%2C%7B%22id%22%3A%229c469375e5c038%22%2C%22pid%22%3A%221121191%22%2C%22tid%22%3A%22133d0431-9918-4bb9-9447-7d7237144b94%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%5D%7D%7D%5D%7D%7D
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: https://urlz.fr
access-control-allow-credentials: true
content-type: text/plain
content-length: 0

POST
H2 200 / Show response
shb.richaudience.com/hb/ 4 B
212 B 172ms
79ms XHR
text/html 116.202.160.31
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://shb.richaudience.com/hb/
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid3_20/build/dist/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.160.31 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.31.160.202.116.clients.your-server.de
Software: nginx/1.10.3 /
Resource Hash: d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808

Request headers

Referer: https://urlz.fr/cXp6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 17 Jun 2020 14:28:03 GMT
content-encoding: gzip
server: nginx/1.10.3
status: 200
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://urlz.fr
access-control-max-age: 86400
access-control-allow-credentials: true

POST
H2 200 / Show response
shb.richaudience.com/hb/ 4 B
212 B 172ms
80ms XHR
text/html 116.202.160.31
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://shb.richaudience.com/hb/
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid3_20/build/dist/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.160.31 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.31.160.202.116.clients.your-server.de
Software: nginx/1.10.3 /
Resource Hash: d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808

Request headers

Referer: https://urlz.fr/cXp6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 17 Jun 2020 14:28:03 GMT
content-encoding: gzip
server: nginx/1.10.3
status: 200
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://urlz.fr
access-control-max-age: 86400
access-control-allow-credentials: true

POST
H2 200 / Show response
shb.richaudience.com/hb/ 4 B
212 B 171ms
79ms XHR
text/html 116.202.160.31
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://shb.richaudience.com/hb/
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid3_20/build/dist/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.160.31 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.31.160.202.116.clients.your-server.de
Software: nginx/1.10.3 /
Resource Hash: d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808

Request headers

Referer: https://urlz.fr/cXp6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 17 Jun 2020 14:28:03 GMT
content-encoding: gzip
server: nginx/1.10.3
status: 200
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://urlz.fr
access-control-max-age: 86400
access-control-allow-credentials: true

POST
H2 200 / Show response
shb.richaudience.com/hb/ 4 B
212 B 169ms
78ms XHR
text/html 116.202.160.31
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://shb.richaudience.com/hb/
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid3_20/build/dist/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.160.31 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.31.160.202.116.clients.your-server.de
Software: nginx/1.10.3 /
Resource Hash: d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808

Request headers

Referer: https://urlz.fr/cXp6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 17 Jun 2020 14:28:03 GMT
content-encoding: gzip
server: nginx/1.10.3
status: 200
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://urlz.fr
access-control-max-age: 86400
access-control-allow-credentials: true

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
137 B 152ms
71ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=31&wv=3.20.0&cb=29967936439
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid3_20/build/dist/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://urlz.fr/cXp6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Wed, 17 Jun 2020 14:28:03 GMT
access-control-allow-credentials: true
server: Finatra
access-control-allow-origin: https://urlz.fr
timing-allow-origin: *
vary: Origin

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 487 B
4 KB 443ms
192ms XHR
application/json 69.173.144.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11740&site_id=39544&zone_id=1124628%3B1078226%3B1078310&size_id=15%3B2%3B2&alt_size_ids=2%2C55%2C58%2C221%3B19%2C43%2C44%2C117%3B19%2C43%2C44%2C117&p_pos=atf&gdpr=0&rp_schain=1.0,1!themoneytizer.com,15056,1,,,&rf=https%3A%2F%2Furlz.fr&kw=15056&tg_i.siteid=15056&tk_flint=pbjs_lite_v3.20.0&x_source.tid=84093908-1c92-4da9-9df3-362c6127e4ce%3B250cf6b7-16ce-4e27-b2f5-9e93aff41e26%3B133d0431-9918-4bb9-9447-7d7237144b94&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=3&rand=0.7161948227594535
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid3_20/build/dist/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 53078894a98488fced85a7f50964e4ff41a550a599e1dc5ce902d39c511bc8d2

Request headers

Referer: https://urlz.fr/cXp6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 17 Jun 2020 14:28:04 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://urlz.fr
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 487
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
438 B 25ms
22ms XHR
application/json 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid3_20/build/dist/prebid.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.89.9.251 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://urlz.fr/cXp6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=2592000
content-encoding: gzip
status: 200
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://urlz.fr
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 16 B
293 B 294ms
161ms XHR
application/json 2.21.37.179
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid3_20/build/dist/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.37.179 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-21-37-179.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer: https://urlz.fr/cXp6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 17 Jun 2020 14:28:04 GMT
content-encoding: gzip
status: 200
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://urlz.fr
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Wed, 17 Jun 2020 14:28:04 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 487 B
1 KB 122ms
121ms XHR
application/json 37.252.173.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid3_20/build/dist/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.38 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

400c40080f79cbeee565ac00ea8cc5dc9c32f021fda84a87f30221fde86ee9d3

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://urlz.fr/cXp6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 17 Jun 2020 14:28:05 GMT
X-Proxy-Origin: 185.217.171.12; 185.217.171.12; 537.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.202:80
AN-X-Request-Uuid: 2e228c48-bfd6-4ad5-95a2-f7f0bd9620bd
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://urlz.fr
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 487
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 moneybid.js Show response
ads.themoneytizer.com/bidder1/ 75 B
270 B 104ms
72ms XHR
text/html 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=15056&adid=11&formatid=video&size=desktop&country=undefined
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid3_20/build/dist/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx / PHP/5.4.45
Resource Hash: 649144be1fa79362df36ab951a8b94ba05f5e7f1a484224bf9dc7f333fdb60dd

Request headers

Referer: https://urlz.fr/cXp6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 17 Jun 2020 14:28:03 GMT
server: nginx
x-powered-by: PHP/5.4.45
status: 200
x-cache: HIT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 75
expires: Thu, 18 Jun 2020 14:27:44 GMT

GET
H2 200 moneybid.js Show response
ads.themoneytizer.com/bidder1/ 624 B
659 B 105ms
74ms XHR
text/html 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=15056&adid=1&formatid=26322&size=desktop
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid3_20/build/dist/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx / PHP/5.4.45
Resource Hash: c1f3d5b8f9aebad647eb95d6e7ee1d40bcdf98c52de9028fc9ec87e209f1148f

Request headers

Referer: https://urlz.fr/cXp6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 17 Jun 2020 14:28:03 GMT
content-encoding: gzip
server: nginx
status: 200
x-powered-by: PHP/5.4.45
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 428
expires: Thu, 18 Jun 2020 14:27:44 GMT

GET
H2 200 moneybid.js Show response
ads.themoneytizer.com/bidder1/ 631 B
666 B 104ms
73ms XHR
text/html 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=15056&adid=28&formatid=30012&size=desktop
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid3_20/build/dist/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx / PHP/5.4.45
Resource Hash: 87d0504a593794695c2f77db0efde1f65e73a7086abf260f07f491482517cd07

Request headers

Referer: https://urlz.fr/cXp6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 17 Jun 2020 14:28:03 GMT
content-encoding: gzip
server: nginx
status: 200
x-powered-by: PHP/5.4.45
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 435
expires: Thu, 18 Jun 2020 14:27:44 GMT

GET
H2 200 rules-p-6Fv0cGNfc_bw8.js Show response
rules.quantcount.com/ 1 KB
968 B 117ms
9ms Script
application/x-javascript 2600:9000:2182:9a00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2182:9a00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681

Request headers

Referer: https://urlz.fr/cXp6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 13:58:01 GMT
content-encoding: gzip
last-modified: Mon, 19 Mar 2018 22:28:36 GMT
server: AmazonS3
age: 1818
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=3600
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: ieur2Pk4kH2wXwjBaQYs3lSnSLTmBqGKmoOcNM1UcXgWKpZ0XnvZfw==
via: 1.1 dc81a30f5f4fc309ae9445723779b894.cloudfront.net (CloudFront)

GET
H/1.1 200
OK fire.js Show response
s.cpx.to/ 957 B
2 KB 267ms
91ms Script
application/javascript 52.214.251.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.cpx.to/fire.js?pid=12773&ref=&hn_ver=10&fid=2425c139-e78f-451f-aa8a-3a95bcad20ee

Requested by

Host: p.cpx.to
URL: https://p.cpx.to/p/12773/px.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.214.251.91 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-214-251-91.eu-west-1.compute.amazonaws.com

Software

Resource Hash

2f060afe0b01451889202592fad7fc1cc85baa0b56a9fe19dd1a8e14c42912f3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://urlz.fr/cXp6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Wed, 17 Jun 2020 14:28:03 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/javascript; charset=UTF-8
Content-Length: 957
Expires: Thu, 07 May 2020 10:39:36 GMT

GET
H/1.1 200
OK wckr.php
tag.leadplace.fr/ Frame 41C4 0
0 79ms
76ms Document
text/html 145.239.193.51
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.leadplace.fr/wckr.php?nogdpr&id=MTIZ
Requested by: Host: tag.leadplace.fr
URL: https://tag.leadplace.fr/libJsLP.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 145.239.193.51 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash

Request headers

Host: tag.leadplace.fr
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://urlz.fr/cXp6
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://urlz.fr/cXp6

Response headers

Server: nginx/1.14.2
Date: Wed, 17 Jun 2020 14:28:03 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
X-IPLB-Instance: 29923

GET
H2 200 monitoring-70c0177.js Show response
cdn.prod.pubstack.io/ 95 KB
29 KB 118ms
14ms XHR
application/javascript 34.95.76.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.pubstack.io/monitoring-70c0177.js
Requested by: Host: tmzr.pubstack.io
URL: https://tmzr.pubstack.io/v1/tag/d086759d-86af-4b34-852b-bb5d4c87aa38
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.76.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.76.95.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 0b15b196669b98bc7462629109ed9d3e587ce96154c804813eb737eba6a2ef48

Request headers

Referer: https://urlz.fr/cXp6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 09:05:14 GMT
content-encoding: gzip
age: 19369
x-guploader-uploadid: AAANsUkLMeFs2uaYbwGR2eVxHwHf3COJpvDtVajruD75nTFkQP2s8r25nK1rnUpFXjvUisqf39dMYIP77N2gIUOByWw
x-goog-storage-class: STANDARD
status: 200
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 29371
last-modified: Wed, 10 Jun 2020 06:26:12 GMT
server: UploadServer
etag: "68f032db2d0e2fe93483cdb9e07d72e6"
vary: Accept-Encoding
x-goog-hash: crc32c=S51QxQ==, md5=aPAy2y0OL+k0g8254H1y5g==
x-goog-generation: 1591770372031824
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public,max-age=604800,immutable
x-goog-stored-content-length: 29371
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 24 Jun 2020 09:05:14 GMT

GET
H2 200 adagio.js Show response
script.4dex.io/ 62 KB
18 KB 166ms
63ms Fetch
application/javascript 2606:4700:e2::ac40:8720
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8720 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b21b082670143ac16a71038445d789a8875da5206df9b45e97ceeb44d50e0926

Request headers

Referer: https://urlz.fr/cXp6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 14:28:03 GMT
content-encoding: br
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
age: 1456
status: 200
x-amz-request-id: 8DF3550FA7A3304E
x-amz-id-2: Bfq+rwFF8yVD9+L9dRezlVOA1awlKs2heUTBeB8ec5G1XdDvRIt/ECDQmEl5vqDJq3k8IbyzWho=
last-modified: Mon, 06 Apr 2020 11:18:49 GMT
server: cloudflare
etag: W/"69fac1b60dfd5d00b8ff023e19aca7e0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
cf-request-id: 0364471cbc0000d6ed6b0c9200000001
cf-ray: 5a4d74746b2fd6ed-FRA

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
100 B 15ms
13ms Image
image/gif 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j83&a=1376709394&t=pageview&_s=1&dl=https%3A%2F%2Furlz.fr%2FcXp6&ul=en-us&de=UTF-8&dt=controi&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=528718388&gjid=1150381842&cid=50142893.1592404084&tid=UA-162669458-1&_gid=1502734568.1592404084&_r=1&gtm=2ou640&z=202502519

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://urlz.fr/cXp6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Jun 2020 14:28:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK pixel;r=467997514;labels=Categories.hobbiesandinterests;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Furlz.fr%2FcXp6;fpan=1;fpa=P0-1077206977-1592404083972;ns=0;ce=1;qjs=1;qv=3d595974-20200604132620;cm=...
pixel.quantserve.com/ 35 B
544 B 185ms
73ms Image
image/gif 91.228.74.154
QUANTCAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=467997514;labels=Categories.hobbiesandinterests;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Furlz.fr%2FcXp6;fpan=1;fpa=P0-1077206977-1592404083972;ns=0;ce=1;qjs=1;qv=3d595974-20200604132620;cm=;gdpr=0;ref=;d=urlz.fr;je=0;sr=1600x1200x24;enc=n;dst=1;et=1592404083972;tzo=-120;ogl=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.154 , United Kingdom, ASN27281 (QUANTCAST, US),

Reverse DNS

Software

QS /

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://urlz.fr/cXp6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 17 Jun 2020 14:28:04 GMT
Server: QS
Strict-Transport-Security: max-age=86400
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
Cache-Control: private, no-cache, no-store, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 bundle.js Show response
ads.themoneytizer.com/cs2/dist/ 103 KB
24 KB 14ms
14ms Script
text/javascript 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/cs2/dist/bundle.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: 7c97f6e3a63cde2ec40a982359b3aefff892560577e4846a629556da52e75391

Request headers

Referer: https://urlz.fr/cXp6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 14:28:04 GMT
content-encoding: gzip
last-modified: Mon, 10 Feb 2020 10:52:38 GMT
server: nginx
etag: "3d387-19a8c-59e3689a88147"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 24569
expires: Thu, 18 Jun 2020 14:27:07 GMT

GET
H/1.1

200
OK

sync
s.cpx.to/
Redirect Chain

https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3D2425c139-e78f-451f-aa8a-3a95bcad20ee
https://sync.smartadserver.com/getuid?url=https%3a%2f%2fs.cpx.to%2fsync%3fdsp%3dsmart_ad_server%26dsp_uid%3d%5bsas_uid%5d%26fid%3d2425c139-e78f-451f-aa8a-3a95bcad20ee&cklb=1
https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=6302788866178844394&fid=2425c139-e78f-451f-aa8a-3a95bcad20ee

95 B
871 B

60ms
60ms

Image
image/png

52.214.251.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=6302788866178844394&fid=2425c139-e78f-451f-aa8a-3a95bcad20ee

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.214.251.91 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-214-251-91.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://urlz.fr/cXp6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Wed, 17 Jun 2020 14:28:04 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Content-Length: 95
Expires: Wed, 17 Jun 2020 14:28:04 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 17 Jun 2020 14:28:04 GMT
Transfer-Encoding: chunked
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Location: https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=6302788866178844394&fid=2425c139-e78f-451f-aa8a-3a95bcad20ee
Cache-Control: no-cache, no-store
Content-Type: text/html; charset=utf-8
Expires: -1

GET
H2 403 sync.gif
dmp.truoptik.com/0362536315099b06/ 0
0 106ms
23ms Image
text/html 104.16.92.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.truoptik.com/0362536315099b06/sync.gif?cbk=https%3A%2F%2Fs.cpx.to%2Fsync&dsp=TRUOPTIK&fid=2425c139-e78f-451f-aa8a-3a95bcad20ee&fck=3a4d7129627ee6a1&cbp=dsp_uid
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.92.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://urlz.fr/cXp6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H/1.1

200
OK

sync
s.cpx.to/
Redirect Chain

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D2425c139-e78f-451f-aa8a-3a95bcad20ee
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D2425c139-e78f-451f-aa8a-3a95bcad20ee
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=AE80936C-A686-4882-BEC8-ED2A71D493CB&fid=2425c139-e78f-451f-aa8a-3a95bcad20ee

95 B
881 B

31ms
30ms

Image
image/png

52.214.251.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=AE80936C-A686-4882-BEC8-ED2A71D493CB&fid=2425c139-e78f-451f-aa8a-3a95bcad20ee

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.214.251.91 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-214-251-91.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://urlz.fr/cXp6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Wed, 17 Jun 2020 14:28:04 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Content-Length: 95
Expires: Wed, 17 Jun 2020 14:28:04 GMT

Redirect headers

Location: https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=AE80936C-A686-4882-BEC8-ED2A71D493CB&fid=2425c139-e78f-451f-aa8a-3a95bcad20ee
Date: Wed, 17 Jun 2020 14:28:04 GMT
X-Cnection: close
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Content-Length: 448
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1

200
OK

ca.png
s.cpx.to/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=2425c139-e78f-451f-aa8a-3a95bcad20ee
https://s.cpx.to/ca.png?dsp=dbm&fid=2425c139-e78f-451f-aa8a-3a95bcad20ee&google_gid=CAESEFC_Hc0KRFURNZgdkRVmimg&google_cver=1

95 B
804 B

33ms
31ms

Image
image/png

52.214.251.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/ca.png?dsp=dbm&fid=2425c139-e78f-451f-aa8a-3a95bcad20ee&google_gid=CAESEFC_Hc0KRFURNZgdkRVmimg&google_cver=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.214.251.91 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-214-251-91.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://urlz.fr/cXp6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Wed, 17 Jun 2020 14:28:04 GMT
X-Frame-Options: sameorigin
Content-Type: image/png
Cache-Control: no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 95

Redirect headers

pragma: no-cache
date: Wed, 17 Jun 2020 14:28:04 GMT
server: HTTP server (unknown)
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://s.cpx.to/ca.png?dsp=dbm&fid=2425c139-e78f-451f-aa8a-3a95bcad20ee&google_gid=CAESEFC_Hc0KRFURNZgdkRVmimg&google_cver=1
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 334
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

an_fire
s.cpx.to/
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12773%26ref%3D%26hn_ver%3D10%26fid%3D2425c139-e78f-451f-aa8a-3a95bcad20ee
https://s.cpx.to/an_fire?app_nexus_uid=6140288308793808704&pid=12773&ref=&hn_ver=10&fid=2425c139-e78f-451f-aa8a-3a95bcad20ee

95 B
865 B

96ms
32ms

Image
image/png

52.214.251.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/an_fire?app_nexus_uid=6140288308793808704&pid=12773&ref=&hn_ver=10&fid=2425c139-e78f-451f-aa8a-3a95bcad20ee

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.214.251.91 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-214-251-91.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://urlz.fr/cXp6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Wed, 17 Jun 2020 14:28:04 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Content-Length: 95
Expires: Wed, 17 Jun 2020 14:28:04 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 17 Jun 2020 14:28:06 GMT
X-Proxy-Origin: 185.217.171.12; 185.217.171.12; 536.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.229:80
AN-X-Request-Uuid: 654ad3d9-e986-4451-a448-03616a30f4fc
Server: nginx/1.13.4
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://s.cpx.to/an_fire?app_nexus_uid=6140288308793808704&pid=12773&ref=&hn_ver=10&fid=2425c139-e78f-451f-aa8a-3a95bcad20ee
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK sync
pool.grid-data.bidswitch.net/ 43 B
300 B 228ms
26ms Image
image/gif 18.185.173.123
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pool.grid-data.bidswitch.net/sync?pid=42
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.173.123 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-173-123.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://urlz.fr/cXp6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Jun 2020 14:28:04 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Content-Length: 43
Content-Type: image/gif

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.0.0/ 84 KB
30 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js

Requested by

Host: d2zur9cc2gf1tx.cloudfront.net
URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://urlz.fr/cXp6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Jun 2020 06:21:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 461192
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30186
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 12 Jun 2021 06:21:32 GMT

GET
H/1.1 200
OK notifyme.php Show response
adtrack.adleadevent.com/ 0
518 B 167ms
33ms XHR
application/x-javascript 54.228.220.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.228.220.169 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-228-220-169.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://urlz.fr/cXp6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 17 Jun 2020 14:28:04 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Jun 2020 14:28:04 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: https://urlz.fr
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK ac Show response
ww1097.smartadserver.com/ 22 B
463 B 237ms
236ms Script
application/javascript 185.86.137.32
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://ww1097.smartadserver.com/ac?nwid=1097&siteid=205724&pgid=890545&fmtid=26322&async=1&visit=m&tmstp=4640917553&tag=sas_26322&sh=1200&sw=1600&pgDomain=https%3A%2F%2Furlz.fr%2FcXp6&hb_bid=moneytizer&hb_cpm=0.01&hb_ccy=USD&hb_dealid=0&noadcbk=sas.noad&schain=1.0,1!themoneytizer.com,15056,1,urlz.fr,urlz.fr
Requested by: Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/js/smart.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 7d1e21f8edaeae8919082e33c1936ab06fda5ce438d16f3fe9c7a3666d01a61b

Request headers

Referer: https://urlz.fr/cXp6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Jun 2020 14:28:04 GMT
content-encoding: gzip
x-smrt-d: 3%3b234%3b110
vary: Accept-Encoding
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache, no-store
content-type: application/javascript; charset=utf-8
content-length: 140
expires: -1

GET
H/1.1 200
OK / Show response
c.tmyzer.com/c/ 0
200 B 129ms
41ms XHR
text/html 54.38.64.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tmyzer.com/c/?s=15056&f=1&fi=0
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://urlz.fr/cXp6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 17 Jun 2020 14:28:04 GMT
Server: nginx
X-IPLB-Instance: 20684
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK ac Show response
ww1097.smartadserver.com/ 13 KB
5 KB 289ms
238ms Script
application/javascript 185.86.137.32
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://ww1097.smartadserver.com/ac?nwid=1097&siteid=205724&pgid=890545&fmtid=26328&async=1&visit=s&tmstp=4640917553&tgt=%3Bhb_adid%3Dundefined%3Bhb_pb%3Dundefined%3Bhb_bidder%3Dundefined%3Bhb_format%3D26328&tag=sas_26328&sh=1200&sw=1600&pgDomain=https%3A%2F%2Furlz.fr%2FcXp6&noadcbk=sas.noad
Requested by: Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/js/smart.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: ca2a248a95a0254d36641d0a76a8843c790018bfd99ccd7b0ee46fdfab33e6e0

Request headers

Referer: https://urlz.fr/cXp6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Jun 2020 14:28:04 GMT
content-encoding: gzip
x-smrt-d: 3%3b234%3b118
vary: Accept-Encoding
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
x-smrt-i: 4842280
cache-control: no-cache, no-store
content-type: application/javascript; charset=utf-8
content-length: 4932
expires: -1

GET
H/1.1 200
OK / Show response
c.tmyzer.com/c/ 0
200 B 138ms
36ms XHR
text/html 54.38.64.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tmyzer.com/c/?s=15056&f=6&fi=0
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://urlz.fr/cXp6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 17 Jun 2020 14:28:04 GMT
Server: nginx
X-IPLB-Instance: 24855
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK ac Show response
ww1097.smartadserver.com/ 22 B
463 B 352ms
118ms Script
application/javascript 185.86.137.32
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://ww1097.smartadserver.com/ac?nwid=1097&siteid=205724&pgid=890545&fmtid=30012&async=1&visit=s&tmstp=4640917553&tag=sas_30012&sh=1200&sw=1600&pgDomain=https%3A%2F%2Furlz.fr%2FcXp6&hb_bid=moneytizer&hb_cpm=0.01&hb_ccy=USD&hb_dealid=0&noadcbk=sas.noad&schain=1.0,1!themoneytizer.com,15056,1,urlz.fr,urlz.fr
Requested by: Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/js/smart.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: cb5e68ea98339921426942e8f8c0756dda0f90adeec0ca8067db577e8ca32e3e

Request headers

Referer: https://urlz.fr/cXp6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Jun 2020 14:28:04 GMT
content-encoding: gzip
x-smrt-d: 3%3b234%3b105
vary: Accept-Encoding
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache, no-store
content-type: application/javascript; charset=utf-8
content-length: 140
expires: -1

GET
H/1.1 200
OK / Show response
c.tmyzer.com/c/ 0
200 B 180ms
52ms XHR
text/html 54.38.64.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tmyzer.com/c/?s=15056&f=28&fi=0
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://urlz.fr/cXp6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 17 Jun 2020 14:28:04 GMT
Server: nginx
X-IPLB-Instance: 20684
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 tbframe.js Show response
cdn.taboola.com/shared/ Frame BE9F 14 KB
4 KB 60ms
19ms Script
application/x-javascript 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/shared/tbframe.js
Requested by: Host: urlz.fr
URL: https://urlz.fr/cXp6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d01d7e89b4d641722a6ee3361a74140f0271768fa9c0fb75168cc1f3dc90ad09

Request headers

Referer: https://urlz.fr/cXp6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: 0pDr76RrkFiLTlb_BYFV8nfS5Xv_eohq
content-encoding: gzip
etag: "0c6cdb6c2f89bf98124c3679a3412fb6"
age: 22014
x-cache: HIT
status: 200
x-amz-replication-status: COMPLETED
content-length: 3897
x-amz-id-2: +9hThpZgqSmaNAz6qSOZ5ntBC+PmswuvE+g624KMXtRCjhrN0gRwMPV1+v8IRh54vtpXJbg9sPo=
x-served-by: cache-hhn4074-HHN
last-modified: Thu, 14 Apr 2016 14:04:36 GMT
server: AmazonS3
x-timer: S1592404085.668801,VS0,VE0
date: Wed, 17 Jun 2020 14:28:04 GMT
vary: Accept-Encoding
x-amz-request-id: 95F04980218A6F57
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/x-javascript
abp: 62
x-cache-hits: 26074

GET
H2 200 rid Show response
match.adsrvr.org/track/ 108 B
646 B 31ms
31ms XHR
application/json 52.49.73.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=186329
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.73.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-73-64.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 4f47fb19c7052ad91baa894f001cd906ecd086800bab2bdd6ac24802c73cece9

Request headers

Referer: https://urlz.fr/cXp6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 17 Jun 2020 14:28:04 GMT
x-aspnet-version: 4.0.30319
status: 200
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://urlz.fr
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 108
expires: Fri, 17 Jul 2020 14:28:04 GMT

POST
H/1.1 200
OK headerstats Show response
as-sec.casalemedia.com/ 0
331 B 99ms
46ms XHR
text/plain 72.247.225.98
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=415712&u=https%3A%2F%2Furlz.fr%2FcXp6&v=3
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.247.225.98 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-225-98.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://urlz.fr/cXp6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Wed, 17 Jun 2020 14:28:04 GMT
Server: Apache
Content-Type: text/plain
Access-Control-Allow-Origin: https://urlz.fr
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Wed, 17 Jun 2020 14:28:04 GMT

GET
H/1.1 200
OK sas-interstitial-3.0.js Show response
ced-ns.sascdn.com/diff/templates/ts/dist/interstitial/ 46 KB
13 KB 8ms
8ms Script
application/x-javascript 2a01:4a0:1338:28::c38a:ff10
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to

Full URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/interstitial/sas-interstitial-3.0.js
Requested by: Host: ww1097.smartadserver.com
URL: https://ww1097.smartadserver.com/ac?nwid=1097&siteid=205724&pgid=890545&fmtid=26328&async=1&visit=s&tmstp=4640917553&tgt=%3Bhb_adid%3Dundefined%3Bhb_pb%3Dundefined%3Bhb_bidder%3Dundefined%3Bhb_format%3D26328&tag=sas_26328&sh=1200&sw=1600&pgDomain=https%3A%2F%2Furlz.fr%2FcXp6&noadcbk=sas.noad
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff10 , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: Apache /
Resource Hash: 7b1b6ea3d55a5468c1f3515d20290bc839b596efa1e2865707d15ba039f8a2e9

Request headers

Referer: https://urlz.fr/cXp6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Jun 2020 14:28:04 GMT
Content-Encoding: gzip
Last-Modified: Tue, 12 May 2020 12:03:26 GMT
Server: Apache
ETag: "964e678788343989fc24d4ad01a624e6:1589285006"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12601

GET
H2 200 st.min.html
ec-ns.sascdn.com/diff/rtb/handler/ Frame 8EBF 0
0 1313ms
13ms Document
text/html 68.232.35.16
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ec-ns.sascdn.com/diff/rtb/handler/st.min.html?%7b%22bid%22%3a%22249491189159754960%22%2c%22adomain%22%3a%22soberberlin.com%22%2c%22page%22%3a%22890545%22%2c%22format%22%3a%2226328%22%2c%22crid%22%3a%226815988%22%2c%22dsp%22%3a%2225%22%2c%22buyer%22%3a%2267013%22%2c%22cid%22%3a%22669970%22%2c%22adid%22%3a%226815988%22%2c%22hash%22%3a%22-6763331082740690303%22%7d
Requested by: Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/interstitial/sas-interstitial-3.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.232.35.16 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BB2) /
Resource Hash

Request headers

:method: GET
:authority: ec-ns.sascdn.com
:scheme: https
:path: /diff/rtb/handler/st.min.html?%7b%22bid%22%3a%22249491189159754960%22%2c%22adomain%22%3a%22soberberlin.com%22%2c%22page%22%3a%22890545%22%2c%22format%22%3a%2226328%22%2c%22crid%22%3a%226815988%22%2c%22dsp%22%3a%2225%22%2c%22buyer%22%3a%2267013%22%2c%22cid%22%3a%22669970%22%2c%22adid%22%3a%226815988%22%2c%22hash%22%3a%22-6763331082740690303%22%7d
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://urlz.fr/cXp6
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://urlz.fr/cXp6

Response headers

status: 200
content-encoding: gzip
age: 54521
cache-control: max-age=86400
content-type: text/html
date: Wed, 17 Jun 2020 14:28:05 GMT
etag: "cf77ec65ee9c36afad6942d47dda53fb:1515417051+gzip"
last-modified: Mon, 08 Jan 2018 13:10:51 GMT
server: ECS (amb/6BB2)
vary: Accept-Encoding
x-cache: HIT
content-length: 320

GET
H/1.1 200
OK js Show response
tags.mathtag.com/notify/ Frame F271 2 KB
1 KB 3169ms
40ms Script
application/x-javascript 185.29.133.223
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.mathtag.com/notify/js?exch=sas&id=5aW95q2jLzIyLyAvTVRFNE1tSmhabVl0T1dZME9DMHhZVEV5TFRBd01EQXRNREF3TURBd01EQXdNREF3LzcwNjA2NDMxNDU4OTMxMDMyNC82ODE1OTg4LzQ3Mzk2MTkvMzkvV2dldHdTajhJMXNTYzdGdmx4RHJVR3pJUS0wTFlVbDlfblRqa1MxMjBiOC8xLzM5LzAvMC85OTgwODgvMzExODA1MDA2MC8yMTY1MzYvNjY5OTcwLzEvMC8wL01EQXdNREF3TURBdE1EQXdNQzB3TURBd0xUQXdNREF0TURBd01EQXdNREF3TURBdy8wLzAvMC8wLzAvNzA2MDY0MzE0NTg5MzEwMzI0L3pyaC8wLzM5MjgvNjgvOTk5LzAvMTg1LjIxNy4xNzEuMC8wLjAwMC8xNTkyNDA0MDg0LzE1OTI0MTY2ODQvMzkv/p7Q0AMTU_wvO8z_lYvs91fy9AL8&nodeid=39&group=eu&auctionid=706064314589310324&sid=4739619&cid=6815988&price=0.057999302&bp=a_ahcaab&nfy_act=LD5wfnw&type=adm&client=c2s&act=LiIiJiQocHxrPSwuJCMqcHxrKy5wfGshIioqJCMqcHxrOiwkOQsiPwQgPQMiOSQrcH0&bfip=185.29.134.124
Requested by: Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/interstitial/sas-interstitial-3.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.133.223 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.173.1 /
Resource Hash: b498679eb960d89b4577cfc850fa481aa517a76a77b0a0aca955a6220be26900

Request headers

Referer: https://urlz.fr/cXp6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Jun 2020 14:28:07 GMT
Content-Encoding: gzip
x-mm-bid-request-time: 1592404084
Last-Modified: Wed, 17 Jun 2020 14:28:04 GMT
Server: MMBD/3.173.1
x-mm-latency: 2 (0)
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
x-mm-dbg: Count
Cache-Control: no-cache
x-mm-host: zrh-router-x43, zrh-bidder-x7
Connection: close
Content-Type: application/x-javascript; charset=UTF-8
Expires: Wed, 17 Jun 2020 14:28:06 GMT

GET
H/1.1 200
OK aip
ww1097.smartadserver.com/h/ Frame F271 43 B
265 B 27ms
26ms Image
image/gif 185.86.137.32
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ww1097.smartadserver.com/h/aip?tmstp=4640917553&ckid=6302788866178844394&pubid=234&systgt=%24qc%3d1313935576%3b%24ql%3dUnknown%3b%24qpc%3d3509%3b%24qt%3d212_97_40421t%3b%24dma%3d0%3b%24b%3d16830%3b%24o%3d12100%3b%24sw%3d1600%3b%24sh%3d1200%3b%24wpc%3d19&uii=249491189159700936&acd=1592404084430&envtype=0&visit=S&statid=19&tgt=%24dt%3d1t%3b%3bhb_adid%3dundefined%3bhb_pb%3dundefined%3bhb_bidder%3dundefined%3bhb_format%3d26328%3b%24hc&imptype=0&pgDomain=https%3a%2f%2furlz.fr%2fcXp6&capp=0&mcrdbt=1&insid=4842280&siteid=205724&imgid=0&pgid=890545&fmtid=26328&rtb=1&rtbnid=1097&rtbbid=249491189159754960&rtbh=e8f48c0cbe759b99128b5d344a3c37e76a508feb&rtblt=637280008845548341&rtbet=0&rtbptnid=25&cftgid=16448ff28253
Requested by: Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/interstitial/sas-interstitial-3.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://urlz.fr/cXp6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Jun 2020 14:28:04 GMT
cache-control: no-cache, no-store
expires: -1
content-type: image/gif
content-length: 43
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H/1.1 200
OK aip
ww1097.smartadserver.com/h/ 43 B
168 B 52ms
28ms Image
image/gif 185.86.137.32
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ww1097.smartadserver.com/h/aip?tmstp=4640917553&ckid=6302788866178844394&pubid=234&systgt=%24qc%3d1313935576%3b%24ql%3dUnknown%3b%24qpc%3d3509%3b%24qt%3d212_97_40421t%3b%24dma%3d0%3b%24b%3d16830%3b%24o%3d12100%3b%24sw%3d1600%3b%24sh%3d1200%3b%24wpc%3d19&uii=249491189159700936&acd=1592404084430&envtype=0&visit=S&statid=19&tgt=%24dt%3d1t%3b%3bhb_adid%3dundefined%3bhb_pb%3dundefined%3bhb_bidder%3dundefined%3bhb_format%3d26328%3b%24hc&imptype=0&pgDomain=https%3a%2f%2furlz.fr%2fcXp6&capp=0&mcrdbt=1&insid=4842280&siteid=205724&imgid=0&pgid=890545&fmtid=26328&rtb=1&rtbnid=1097&rtbbid=249491189159754960&rtbh=e8f48c0cbe759b99128b5d344a3c37e76a508feb&rtblt=637280008845548341&rtbet=0&rtbptnid=25&cftgid=16448ff28253&rtbnc=nc
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://urlz.fr/cXp6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 14:28:04 GMT
cache-control: private
content-length: 43
content-type: image/gif

GET
H/1.1 200
OK close-retina.png
ced-ns.sascdn.com/diff/templates/images/ 2 KB
2 KB 5ms
4ms Image
image/png 2a01:4a0:1338:28::c38a:ff10
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ced-ns.sascdn.com/diff/templates/images/close-retina.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff10 , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: Apache /
Resource Hash: 4bf7264f30deeb81d01c84f1391db13744a4addf86af434cfd1d609cec819d14

Request headers

Referer: https://urlz.fr/cXp6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Jun 2020 14:28:04 GMT
Last-Modified: Tue, 21 Nov 2017 13:19:51 GMT
Server: Apache
ETag: "dc45791e534223d16a4d14fa1a1a5f4e:1511270391"
Content-Type: image/png
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1802

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/themonetizer-network/ Frame 375C 723 KB
184 KB 23ms
23ms Script
application/javascript 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/themonetizer-network/loader.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/shared/tbframe.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4a80672baada9cdf1620ff8677fa689013fcf5671acd022eb6434af56912a8e1

Request headers

Referer: https://urlz.fr/cXp6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: sDnKEv45SGVQkT74otNlv1kZtpf0tqXT
content-encoding: gzip
etag: "da9f8b0a44f4945ecb27e35aeed63417"
age: 54
x-cache: HIT
status: 200
content-length: 188350
x-amz-id-2: r7uF3cZnDwmNkcHj8x3lJD5alAjuo3DPPv8UQsFU0Mu/XoD/lb5dV0EJAlNJvjj9Qi6oWVgfYNQ=
x-served-by: cache-hhn4074-HHN
last-modified: Mon, 15 Jun 2020 21:18:25 GMT
server: AmazonS3
x-timer: S1592404085.724175,VS0,VE0
date: Wed, 17 Jun 2020 14:28:04 GMT
vary: Accept-Encoding
x-amz-request-id: 175E83D81A83AE35
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 93
x-cache-hits: 13

POST
H2 204 impression Show response
intake.prod.pubstack.io/v1/intake/ 0
57 B 96ms
31ms XHR
text/plain 52.31.182.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://intake.prod.pubstack.io/v1/intake/impression?sId=dd8810a6&tId=d086759d-86af-4b34-852b-bb5d4c87aa38&c=2&ctr=NL
Requested by: Host: urlz.fr
URL: https://urlz.fr/cXp6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.182.127 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-182-127.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://urlz.fr/cXp6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
access-control-allow-origin: *
date: Wed, 17 Jun 2020 14:28:04 GMT

GET
H2 200 tbframe.js Show response
cdn.taboola.com/shared/ Frame 8318 14 KB
4 KB 25ms
19ms Script
application/x-javascript 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/shared/tbframe.js
Requested by: Host: urlz.fr
URL: https://urlz.fr/cXp6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d01d7e89b4d641722a6ee3361a74140f0271768fa9c0fb75168cc1f3dc90ad09

Request headers

Referer: https://urlz.fr/cXp6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: 0pDr76RrkFiLTlb_BYFV8nfS5Xv_eohq
content-encoding: gzip
etag: "0c6cdb6c2f89bf98124c3679a3412fb6"
age: 22014
x-cache: HIT
status: 200
x-amz-replication-status: COMPLETED
content-length: 3897
x-amz-id-2: +9hThpZgqSmaNAz6qSOZ5ntBC+PmswuvE+g624KMXtRCjhrN0gRwMPV1+v8IRh54vtpXJbg9sPo=
x-served-by: cache-hhn4074-HHN
last-modified: Thu, 14 Apr 2016 14:04:36 GMT
server: AmazonS3
x-timer: S1592404085.797400,VS0,VE0
date: Wed, 17 Jun 2020 14:28:04 GMT
vary: Accept-Encoding
x-amz-request-id: 95F04980218A6F57
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/x-javascript
abp: 62
x-cache-hits: 26075

GET
H2 200 impl.20200615-28-RELEASE.js Show response
cdn.taboola.com/libtrc/ Frame 375C 446 KB
126 KB 21ms
20ms Script
application/javascript 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20200615-28-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/themonetizer-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 88c765bcfcdeddab2b1765c94f9656a3a5e03c5653f193d89939fc58d75bc055

Request headers

Referer: https://urlz.fr/cXp6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: QlRauXQBDxk1r5Q.okKrHutX_HdgDWc1
content-encoding: gzip
etag: "84f07b018b14e04d63dfcb7680da3eb4"
age: 109
x-cache: HIT
status: 200
x-amz-replication-status: COMPLETED
content-length: 128921
x-amz-id-2: H2lgXOS9iUeRpvRPMF+xTXTsVCyXOJthZ1BlCvZFfh2KycX/E0ugvGYDZem5TS2XWTQZd3H6YkE=
x-served-by: cache-hhn4074-HHN
last-modified: Mon, 15 Jun 2020 20:33:00 GMT
server: AmazonS3
x-timer: S1592404085.817972,VS0,VE0
date: Wed, 17 Jun 2020 14:28:04 GMT
vary: Accept-Encoding
x-amz-request-id: 93F0753F352FC386
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 62
x-cache-hits: 1001

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ Frame 375C 1 KB
1 KB 67ms
21ms Script
application/x-javascript 104.89.19.71
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/themonetizer-network/loader.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.89.19.71 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-89-19-71.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://urlz.fr/cXp6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Jun 2020 14:28:04 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 884
Expires: Thu, 18 Jun 2020 14:28:04 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/themonetizer-network/ Frame B5A3 723 KB
184 KB 21ms
21ms Script
application/javascript 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/themonetizer-network/loader.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/shared/tbframe.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4a80672baada9cdf1620ff8677fa689013fcf5671acd022eb6434af56912a8e1

Request headers

Referer: https://urlz.fr/cXp6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: sDnKEv45SGVQkT74otNlv1kZtpf0tqXT
content-encoding: gzip
etag: "da9f8b0a44f4945ecb27e35aeed63417"
age: 54
x-cache: HIT
status: 200
content-length: 188350
x-amz-id-2: r7uF3cZnDwmNkcHj8x3lJD5alAjuo3DPPv8UQsFU0Mu/XoD/lb5dV0EJAlNJvjj9Qi6oWVgfYNQ=
x-served-by: cache-hhn4074-HHN
last-modified: Mon, 15 Jun 2020 21:18:25 GMT
server: AmazonS3
x-timer: S1592404085.851972,VS0,VE0
date: Wed, 17 Jun 2020 14:28:04 GMT
vary: Accept-Encoding
x-amz-request-id: 175E83D81A83AE35
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 93
x-cache-hits: 14

GET
H2 200 json Show response
trc.taboola.com/themonetizer-urlz/trc/3/ Frame 375C 6 KB
3 KB 143ms
141ms Script
application/javascript 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/themonetizer-urlz/trc/3/json?tim=16%3A28%3A04.885&lti=deflated&data=%7B%22id%22%3A225%2C%22ii%22%3A%22%2Fcxp6%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22vi%22%3A1592404084881%2C%22cv%22%3A%2220200615-28-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Furlz.fr%2FcXp6%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A0%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A150%2C%22dw%22%3A1%2C%22dh%22%3A150%2C%22nsid%22%3A%22themonetizer-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A2%2C%22uim%22%3A%22thumbnails-a%3Apub%3Dthemonetizer-network%3Aabp%3D0%22%2C%22uip%22%3A%22205724-MEGABANNER%22%2C%22orig_uip%22%3A%22205724-MEGABANNER%22%2C%22cd%22%3A8%2C%22mw%22%3A0%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20200615-28-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3c47dba9375cacb228c707e355c85fdeb5afaf5e0d95d2e65f2f5b3668d2dc12

Request headers

Referer: https://urlz.fr/cXp6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 122
date: Wed, 17 Jun 2020 14:28:05 GMT
content-encoding: gzip
access-control-allow-origin: *
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
x-served-by: cache-hhn4074-HHN
server: nginx
x-timer: S1592404085.899188,VS0,VE122
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/ Frame 375C
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1592404084891&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Furlz.fr%2FcXp6&c9=
https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1592404084891&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Furlz.fr%2FcXp6&c9=&cs_ak_ss=1

0
528 B

44ms
21ms

Image
text/plain

104.89.19.71
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1592404084891&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Furlz.fr%2FcXp6&c9=&cs_ak_ss=1
Requested by: Host: urlz.fr
URL: https://urlz.fr/cXp6
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.89.19.71 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-89-19-71.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://urlz.fr/cXp6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 17 Jun 2020 14:28:04 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1592404084891&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Furlz.fr%2FcXp6&c9=&cs_ak_ss=1
Pragma: no-cache
Date: Wed, 17 Jun 2020 14:28:04 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 impl.20200615-28-RELEASE.js Show response
cdn.taboola.com/libtrc/ Frame B5A3 446 KB
126 KB 20ms
20ms Script
application/javascript 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20200615-28-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/themonetizer-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 88c765bcfcdeddab2b1765c94f9656a3a5e03c5653f193d89939fc58d75bc055

Request headers

Referer: https://urlz.fr/cXp6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: QlRauXQBDxk1r5Q.okKrHutX_HdgDWc1
content-encoding: gzip
etag: "84f07b018b14e04d63dfcb7680da3eb4"
age: 109
x-cache: HIT
status: 200
x-amz-replication-status: COMPLETED
content-length: 128921
x-amz-id-2: H2lgXOS9iUeRpvRPMF+xTXTsVCyXOJthZ1BlCvZFfh2KycX/E0ugvGYDZem5TS2XWTQZd3H6YkE=
x-served-by: cache-hhn4074-HHN
last-modified: Mon, 15 Jun 2020 20:33:00 GMT
server: AmazonS3
x-timer: S1592404085.924162,VS0,VE0
date: Wed, 17 Jun 2020 14:28:04 GMT
vary: Accept-Encoding
x-amz-request-id: 93F0753F352FC386
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 62
x-cache-hits: 1002

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ Frame B5A3 1 KB
1 KB 22ms
21ms Script
application/x-javascript 104.89.19.71
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/themonetizer-network/loader.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.89.19.71 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-89-19-71.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://urlz.fr/cXp6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Jun 2020 14:28:04 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 884
Expires: Thu, 18 Jun 2020 14:28:04 GMT

POST
H2 204 auction Show response
intake.prod.pubstack.io/v1/intake/ 0
57 B 42ms
42ms XHR
text/plain 52.31.182.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://intake.prod.pubstack.io/v1/intake/auction?sId=dd8810a6&tId=d086759d-86af-4b34-852b-bb5d4c87aa38&c=2&ctr=NL
Requested by: Host: urlz.fr
URL: https://urlz.fr/cXp6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.182.127 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-182-127.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://urlz.fr/cXp6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
access-control-allow-origin: *
date: Wed, 17 Jun 2020 14:28:04 GMT

GET
H/1.1 204
No Content b
sb.scorecardresearch.com/ Frame B5A3 0
528 B 22ms
21ms Image
text/plain 104.89.19.71
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1592404084964&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Furlz.fr%2FcXp6&c9=
Requested by: Host: urlz.fr
URL: https://urlz.fr/cXp6
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.89.19.71 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-89-19-71.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://urlz.fr/cXp6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 17 Jun 2020 14:28:04 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 json Show response
trc.taboola.com/themonetizer-urlz/trc/3/ Frame B5A3 6 KB
3 KB 193ms
193ms Script
application/javascript 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/themonetizer-urlz/trc/3/json?tim=16%3A28%3A04.998&lti=deflated&data=%7B%22id%22%3A963%2C%22ii%22%3A%22%2Fcxp6%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22vi%22%3A1592404084881%2C%22cv%22%3A%2220200615-28-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Furlz.fr%2FcXp6%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A0%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A150%2C%22dw%22%3A1%2C%22dh%22%3A150%2C%22nsid%22%3A%22themonetizer-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A2%2C%22uim%22%3A%22thumbnails-a%3Apub%3Dthemonetizer-network%3Aabp%3D0%22%2C%22uip%22%3A%22205724-MEGABANNER%20BAS%22%2C%22orig_uip%22%3A%22205724-MEGABANNER%20BAS%22%2C%22cd%22%3A8%2C%22mw%22%3A0%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20200615-28-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 9b1b45dbf23d4d9d2923f164261ce8802f1201df0c33be47f99d04375676dda7

Request headers

Referer: https://urlz.fr/cXp6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 172
date: Wed, 17 Jun 2020 14:28:05 GMT
content-encoding: gzip
access-control-allow-origin: *
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
x-served-by: cache-hhn4074-HHN
server: nginx
x-timer: S1592404085.010494,VS0,VE172
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 userx.20200615-28-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ Frame 375C 22 KB
8 KB 23ms
21ms Script
application/javascript 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20200615-28-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/themonetizer-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4397d6decd6c9dffca6ec60fa24aeca93f42119235c587ff0c5b8850010ce84b

Request headers

Referer: https://urlz.fr/cXp6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: PS49RO68Q9lFyY.YrHJeEERHymtFzNee
content-encoding: gzip
etag: "124cc027e0ba47783724ca8802da5d06"
age: 75
x-cache: HIT
status: 200
x-amz-replication-status: COMPLETED
content-length: 7713
x-amz-id-2: gsHGjeNmK6lmw3i5oAGoTrcfQK9+NY/fnO2dyyEia06/7/oJiwiGEIzK+BUp7HC7dTk93tVuXwk=
x-served-by: cache-hhn4074-HHN
last-modified: Mon, 15 Jun 2020 20:33:10 GMT
server: AmazonS3
x-timer: S1592404085.077305,VS0,VE0
date: Wed, 17 Jun 2020 14:28:05 GMT
vary: Accept-Encoding
x-amz-request-id: 322556C614276A26
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 52
x-cache-hits: 208

GET
H2

200

match
match.zorosrv.com/ Frame D601
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=taboola
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola
https://trc.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=e7b2cccc-192c-4f1e-af5a-b10f5aaddc13
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=e7b2cccc-192c-4f1e-af5a-b10f5aaddc13&tbid=98a9af38-fd26-4b17-984c-036248f26a29-tuct5e3adf5&query=taboola_hm%3De7b2cccc-192c-...
https://match.zorosrv.com/match?tabid=98a9af38-fd26-4b17-984c-036248f26a29-tuct5e3adf5&extuid=e7b2cccc-192c-4f1e-af5a-b10f5aaddc13&excid=218&query=taboola_hm%3De7b2cccc-192c-4f1e-af5a-b10f5aaddc13

0
56 B

69ms
29ms

Image
text/plain

151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.zorosrv.com/match?tabid=98a9af38-fd26-4b17-984c-036248f26a29-tuct5e3adf5&extuid=e7b2cccc-192c-4f1e-af5a-b10f5aaddc13&excid=218&query=taboola_hm%3De7b2cccc-192c-4f1e-af5a-b10f5aaddc13
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 14:28:05 GMT
via: 1.1 varnish
server: nginx
x-timer: S1592404086.885103,VS0,VE10
x-served-by: cache-hhn4037-HHN
x-cache: MISS
p3p: policyref="/w3c/p3p.xml", CP="NOI IDC DSP COR CURa ADMa OUR IND COM STA NOR UNI"
status: 200
accept-ranges: bytes
access-control-allow-headers: X-Requested-With, X-Prototype-Version, Content-Type, Origin, Allow
content-length: 0
x-cache-hits: 0

Redirect headers

date: Wed, 17 Jun 2020 14:28:05 GMT
via: 1.1 varnish
server: nginx
x-timer: S1592404086.814301,VS0,VE9
x-served-by: cache-hhn4074-HHN
status: 302
x-cache: MISS
location: https://match.zorosrv.com/match?tabid=98a9af38-fd26-4b17-984c-036248f26a29-tuct5e3adf5&extuid=e7b2cccc-192c-4f1e-af5a-b10f5aaddc13&excid=218&query=taboola_hm%3De7b2cccc-192c-4f1e-af5a-b10f5aaddc13
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame D601 0
239 B 104ms
31ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=16698
Requested by: Host: urlz.fr
URL: https://urlz.fr/cXp6
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
Content-Type: image/gif

GET
H2

200

/
am-sync.taboola.com/sg/powerlinksdsp-network/1/rtb-h/ Frame D601
Redirect Chain

https://px.powerlinks.com/user/identify?sourceId=d4a7a706-ab0f-11e8-a038-127202fb7690&rurl=https%3A%2F%2Fam-sync.taboola.com%2Fsg%2Fpowerlinksdsp-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%24%7BUSER%7D...
https://sync.mathtag.com/sync/img?mt_exid=113&redir=%2F%2Fpx.powerlinks.com%2Fuser%2Fsync%2Fdsps%3FuserId%3D%5BMM_UUID%5D%26sourceId%3Daa4e7548-789b-4df8-a72f-d951a5b206eb%26sync%3D0%26rurl%3Dhttps...
https://px.powerlinks.com/user/sync/dsps?userId=17d45eea-2873-4f00-919e-d7199f237712&sourceId=aa4e7548-789b-4df8-a72f-d951a5b206eb&sync=0&rurl=https%3A%2F%2Fam-sync.taboola.com%2Fsg%2Fpowerlinksdsp...
https://am-sync.taboola.com/sg/powerlinksdsp-network/1/rtb-h/?taboola_hm=c2ujnlxwwJe4ZrNo6bhkJGv3iD2QDbbUeXoje2LieWY%3D

45 B
271 B

14ms
14ms

Image
image/gif

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-sync.taboola.com/sg/powerlinksdsp-network/1/rtb-h/?taboola_hm=c2ujnlxwwJe4ZrNo6bhkJGv3iD2QDbbUeXoje2LieWY%3D
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
tbl-x-upstream: 10.41.24.10:10213
date: Wed, 17 Jun 2020 14:28:05 GMT
server: nginx
x-fastly-to-nlb-rtt: 1226

Redirect headers

Location: https://am-sync.taboola.com/sg/powerlinksdsp-network/1/rtb-h/?taboola_hm=c2ujnlxwwJe4ZrNo6bhkJGv3iD2QDbbUeXoje2LieWY%3D
Date: Wed, 17 Jun 2020 14:28:05 GMT
Server: nginx
Connection: close
Etag: "c2ujnlxwwJe4ZrNo6bhkJGv3iD2QDbbUeXoje2LieWY="
Content-Length: 0

GET
H2

200

/
am-sync.taboola.com/sg/mediamath-ssp-network/1/rtb-h/ Frame D601
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=92&redir=https://am-sync.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=[MM_UUID]&orig=trc
https://am-sync.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=17d45eea-2873-4f00-919e-d7199f237712

0
226 B

153ms
16ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-sync.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=17d45eea-2873-4f00-919e-d7199f237712
Requested by: Host: urlz.fr
URL: https://urlz.fr/cXp6
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
tbl-x-upstream: 10.40.20.14:10213
date: Wed, 17 Jun 2020 14:28:05 GMT
server: nginx
x-fastly-to-nlb-rtt: 1223

Redirect headers

Date: Wed, 17 Jun 2020 14:28:05 GMT
Server: MT3 2567 b8d0938 master zrh-pixel-x18
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://am-sync.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=17d45eea-2873-4f00-919e-d7199f237712
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 17 Jun 2020 14:28:04 GMT

GET
H2

204

/
am-sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/ Frame D601
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fam-sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc
https://am-sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=0W3XKagsqt7V&ev=1&orig=trc&pid=562107

0
217 B

14ms
14ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=0W3XKagsqt7V&ev=1&orig=trc&pid=562107
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
tbl-x-upstream: 10.40.20.9:10213
date: Wed, 17 Jun 2020 14:28:06 GMT
server: nginx
x-fastly-to-nlb-rtt: 13668

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
status: 302
content-language: en-US
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
location: https://am-sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=0W3XKagsqt7V&ev=1&orig=trc&pid=562107
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-6b7d6786d5-226mc
expires: -1

GET
H2

204

/
am-sync.taboola.com/sg/zemantartb-network/1/rtb-h/ Frame D601
Redirect Chain

https://b1sync.zemanta.com/usersync/taboola/?puid={user_id}&cb=https://am-sync.taboola.com/sg/zemantartb-network/1/rtb-h/?taboola_hm=__ZUID__&orig=trc
https://b1sync.zemanta.com/usersync/taboola/?cb=https%3A%2F%2Fam-sync.taboola.com%2Fsg%2Fzemantartb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D__ZUID__&orig=trc&puid=%7Buser_id%7D&s=2
https://am-sync.taboola.com/sg/zemantartb-network/1/rtb-h/?taboola_hm=_MEAeckz_IFxgOtkVTiu

0
218 B

15ms
14ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-sync.taboola.com/sg/zemantartb-network/1/rtb-h/?taboola_hm=_MEAeckz_IFxgOtkVTiu
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
tbl-x-upstream: 10.41.32.34:10213
date: Wed, 17 Jun 2020 14:28:07 GMT
server: nginx
x-fastly-to-nlb-rtt: 10706

Redirect headers

Pragma: no-cache
Date: Wed, 17 Jun 2020 14:28:07 GMT
P3p: CP="We do not support P3P header."
Location: https://am-sync.taboola.com/sg/zemantartb-network/1/rtb-h/?taboola_hm=_MEAeckz_IFxgOtkVTiu
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=utf-8
Content-Length: 113
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2

200

/
am-sync.taboola.com/sg/appnexus-network/1/rtb-h/ Frame D601
Redirect Chain

https://ib.adnxs.com/getuidnb?https://am-sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID&orig=trc
https://am-sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=6140288308793808704&orig=trc

0
227 B

170ms
16ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=6140288308793808704&orig=trc
Requested by: Host: urlz.fr
URL: https://urlz.fr/cXp6
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
tbl-x-upstream: 10.41.30.10:10213
date: Wed, 17 Jun 2020 14:28:05 GMT
server: nginx
x-fastly-to-nlb-rtt: 1112

Redirect headers

Pragma: no-cache
Date: Wed, 17 Jun 2020 14:28:07 GMT
X-Proxy-Origin: 185.217.171.12; 185.217.171.12; 537.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.41:80
AN-X-Request-Uuid: b3512d32-ef97-41be-83ac-787f124dc4be
Server: nginx/1.13.4
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://am-sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=6140288308793808704&orig=trc
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame D601
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEM3T4gm14Plw4FQfEakjk5o&google_cver=1

0
55 B

33ms
33ms

Image
text/plain

151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEM3T4gm14Plw4FQfEakjk5o&google_cver=1
Requested by: Host: urlz.fr
URL: https://urlz.fr/cXp6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 8
date: Wed, 17 Jun 2020 14:28:05 GMT
via: 1.1 varnish
server: nginx
x-timer: S1592404085.114659,VS0,VE8
x-cache: MISS
status: 200
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-hhn4074-HHN

Redirect headers

pragma: no-cache
date: Wed, 17 Jun 2020 14:28:05 GMT
server: HTTP server (unknown)
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEM3T4gm14Plw4FQfEakjk5o&google_cver=1
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 304
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK Pug
simage2.pubmatic.com/AdServer/ Frame D601 42 B
939 B 1318ms
14ms Image
image/gif 185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMxNjAmdGw9MTI5NjAw&piggybackCookie=9f8afdcc-aefb-44df-a766-1e7780dc32e9-tuct5e3adf4
Requested by: Host: urlz.fr
URL: https://urlz.fr/cXp6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection: close
Pragma: no-cache
Date: Wed, 17 Jun 2020 14:28:06 GMT
X-lat: Pug22040:0:442
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Content-Type: image/gif; charset=utf-8
Content-Length: 42

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame D601
Redirect Chain

https://am-sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=9f8afdcc-aefb-44df-a766-1e7780dc32e9-tuct5e3adf4

170 B
242 B

33ms
31ms

Image
image/png

216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=9f8afdcc-aefb-44df-a766-1e7780dc32e9-tuct5e3adf4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Jun 2020 14:28:05 GMT
server: HTTP server (unknown)
content-type: image/png
status: 200
cache-control: no-cache, must-revalidate
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

status: 302
tbl-x-upstream: 10.40.20.9:10213
date: Wed, 17 Jun 2020 14:28:05 GMT
server: nginx
x-fastly-to-nlb-rtt: 1223
location: https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=9f8afdcc-aefb-44df-a766-1e7780dc32e9-tuct5e3adf4

GET
H2

204

/
am-sync.taboola.com/sg/nca-appnexus-network/1/rtb-h/ Frame D601
Redirect Chain

https://ib.adnxs.com/getuidnb?https://am-sync.taboola.com/sg/nca-appnexus-network/1/rtb-h/?taboola_hm=$UID&orig=trc
https://am-sync.taboola.com/sg/nca-appnexus-network/1/rtb-h/?taboola_hm=6140288308793808704&orig=trc

0
217 B

51ms
17ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-sync.taboola.com/sg/nca-appnexus-network/1/rtb-h/?taboola_hm=6140288308793808704&orig=trc
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
tbl-x-upstream: 10.41.30.18:10213
date: Wed, 17 Jun 2020 14:28:05 GMT
server: nginx
x-fastly-to-nlb-rtt: 1223

Redirect headers

Pragma: no-cache
Date: Wed, 17 Jun 2020 14:28:07 GMT
X-Proxy-Origin: 185.217.171.12; 185.217.171.12; 537.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.54:80
AN-X-Request-Uuid: 8b657cd2-fc60-460a-b6a2-b04314a9a7c2
Server: nginx/1.13.4
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://am-sync.taboola.com/sg/nca-appnexus-network/1/rtb-h/?taboola_hm=6140288308793808704&orig=trc
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame D601
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=e8274fe0-501f-476f-81df-99efa983762a

0
228 B

33ms
33ms

Image
text/plain

151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=e8274fe0-501f-476f-81df-99efa983762a
Requested by: Host: urlz.fr
URL: https://urlz.fr/cXp6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 8
date: Wed, 17 Jun 2020 14:28:05 GMT
via: 1.1 varnish
server: nginx
x-timer: S1592404085.114676,VS0,VE8
x-cache: MISS
status: 200
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-hhn4074-HHN

Redirect headers

pragma: no-cache
date: Wed, 17 Jun 2020 14:28:05 GMT
x-aspnet-version: 4.0.30319
status: 302
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=e8274fe0-501f-476f-81df-99efa983762a
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 239

GET
H2

200

rtb-h
trc.taboola.com/sg/storygize-network/1/ Frame D601
Redirect Chain

https://www.storygize.net/ccm/4b560cdd-91f9-422b-adb7-e9dff26bc3ad?u=9f8afdcc-aefb-44df-a766-1e7780dc32e9-tuct5e3adf4
https://trc.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=37cf273d-6031-4a9e-b4c2-17b86d952301

0
54 B

29ms
29ms

Image
text/plain

151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=37cf273d-6031-4a9e-b4c2-17b86d952301
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 8
date: Wed, 17 Jun 2020 14:28:06 GMT
via: 1.1 varnish
server: nginx
x-timer: S1592404086.192969,VS0,VE8
x-cache: MISS
status: 200
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-hhn4074-HHN

Redirect headers

Location: https://trc.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=37cf273d-6031-4a9e-b4c2-17b86d952301
Pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
Connection: keep-alive
P3P: CP ALL ADM DEV PSAi COM OUR OTRo STP IND ONL
Content-Length: 0
expires: 0

GET
H/1.1 200
OK cookiesync
bttrack.com/pixel/ Frame D601 35 B
380 B 376ms
95ms Image
image/gif 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bttrack.com/pixel/cookiesync?source=14b8c562-d12b-418b-b680-ad517d5839ec
Requested by: Host: urlz.fr
URL: https://urlz.fr/cXp6
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-ServerName: Track003-dc3
Pragma: no-cache
Date: Wed, 17 Jun 2020 14:28:05 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control: private,no-cache
Content-Type: image/gif
Content-Length: 35
Expires: -1

GET
H/1.1 204
No Content /
cds.taboola.com/ Frame D601 0
157 B 1571ms
105ms Image
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cds.taboola.com/?uid=9f8afdcc-aefb-44df-a766-1e7780dc32e9-tuct5e3adf4&_r=2050710
Requested by: Host: urlz.fr
URL: https://urlz.fr/cXp6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Jun 2020 14:28:06 GMT
cache-control: no-store
x-envoy-upstream-service-time: 0
Server: nginx
Connection: close

GET
H2

200

/
trc.taboola.com/sg/bidswitch-network/1/rtb-h/ Frame D601
Redirect Chain

https://x.bidswitch.net/sync?ssp=taboola
https://x.bidswitch.net/ul_cb/sync?ssp=taboola
https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=taboola&bsw_user_id=71fc465e-66ff-424b-bb61-c1d682796376
https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=8126769b-d2f3-4a68-a7fa-79f7408c5544&ssp=taboola
https://trc.taboola.com/sg/bidswitch-network/1/rtb-h/?taboola_hm=71fc465e-66ff-424b-bb61-c1d682796376

0
54 B

27ms
27ms

Image
text/plain

151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/bidswitch-network/1/rtb-h/?taboola_hm=71fc465e-66ff-424b-bb61-c1d682796376
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 8
date: Wed, 17 Jun 2020 14:28:06 GMT
via: 1.1 varnish
server: nginx
x-timer: S1592404086.437440,VS0,VE8
x-cache: MISS
status: 200
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-hhn4074-HHN

Redirect headers

status: 302
date: Wed, 17 Jun 2020 14:28:06 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
location: //trc.taboola.com/sg/bidswitch-network/1/rtb-h/?taboola_hm=71fc465e-66ff-424b-bb61-c1d682796376
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame 375C 254 B
674 B 19ms
19ms Image
image/png 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/userx.20200615-28-RELEASE.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Referer: https://urlz.fr/cXp6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via: 1.1 varnish
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
age: 24976
x-cache: HIT
status: 200
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: grODyaFUyHwi27S6u2hd746yPHwUf+y1im5Wn93DxT7wozhn8KMFUP712WAAG3eD1t2rnF4k3Bs=
x-served-by: cache-hhn4074-HHN
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1592404085.114641,VS0,VE0
date: Wed, 17 Jun 2020 14:28:05 GMT
x-amz-request-id: 29D722C296265892
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: image/png
abp: 52
x-cache-hits: 68918

GET
H2

200

match
match.zorosrv.com/ Frame 9946
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=taboola
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola
https://trc.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=8126769b-d2f3-4a68-a7fa-79f7408c5544
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=8126769b-d2f3-4a68-a7fa-79f7408c5544&tbid=98a9af38-fd26-4b17-984c-036248f26a29-tuct5e3adf5&query=taboola_hm%3D8126769b-d2f3-...
https://match.zorosrv.com/match?tabid=98a9af38-fd26-4b17-984c-036248f26a29-tuct5e3adf5&extuid=8126769b-d2f3-4a68-a7fa-79f7408c5544&excid=218&query=taboola_hm%3D8126769b-d2f3-4a68-a7fa-79f7408c5544

0
388 B

50ms
29ms

Image
text/plain

151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.zorosrv.com/match?tabid=98a9af38-fd26-4b17-984c-036248f26a29-tuct5e3adf5&extuid=8126769b-d2f3-4a68-a7fa-79f7408c5544&excid=218&query=taboola_hm%3D8126769b-d2f3-4a68-a7fa-79f7408c5544
Requested by: Host: urlz.fr
URL: https://urlz.fr/cXp6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 14:28:05 GMT
via: 1.1 varnish
server: nginx
x-timer: S1592404086.884928,VS0,VE9
x-served-by: cache-hhn4037-HHN
x-cache: MISS
p3p: policyref="/w3c/p3p.xml", CP="NOI IDC DSP COR CURa ADMa OUR IND COM STA NOR UNI"
status: 200
accept-ranges: bytes
access-control-allow-headers: X-Requested-With, X-Prototype-Version, Content-Type, Origin, Allow
content-length: 0
x-cache-hits: 0

Redirect headers

date: Wed, 17 Jun 2020 14:28:05 GMT
via: 1.1 varnish
server: nginx
x-timer: S1592404086.833949,VS0,VE9
x-served-by: cache-hhn4074-HHN
status: 302
x-cache: MISS
location: https://match.zorosrv.com/match?tabid=98a9af38-fd26-4b17-984c-036248f26a29-tuct5e3adf5&extuid=8126769b-d2f3-4a68-a7fa-79f7408c5544&excid=218&query=taboola_hm%3D8126769b-d2f3-4a68-a7fa-79f7408c5544
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2

200

/
am-sync.taboola.com/sg/powerlinksdsp-network/1/rtb-h/ Frame 9946
Redirect Chain

https://px.powerlinks.com/user/identify?sourceId=d4a7a706-ab0f-11e8-a038-127202fb7690&rurl=https%3A%2F%2Fam-sync.taboola.com%2Fsg%2Fpowerlinksdsp-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%24%7BUSER%7D...
https://am-sync.taboola.com/sg/powerlinksdsp-network/1/rtb-h/?taboola_hm=c2ujnlxwwJe4ZrNo6bhkJGv3iD2QDbbUeXoje2LieWY%3D

45 B
271 B

14ms
14ms

Image
image/gif

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-sync.taboola.com/sg/powerlinksdsp-network/1/rtb-h/?taboola_hm=c2ujnlxwwJe4ZrNo6bhkJGv3iD2QDbbUeXoje2LieWY%3D
Requested by: Host: urlz.fr
URL: https://urlz.fr/cXp6
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
tbl-x-upstream: 10.40.0.111:10213
date: Wed, 17 Jun 2020 14:28:06 GMT
server: nginx
x-fastly-to-nlb-rtt: 7222

Redirect headers

Location: https://am-sync.taboola.com/sg/powerlinksdsp-network/1/rtb-h/?taboola_hm=c2ujnlxwwJe4ZrNo6bhkJGv3iD2QDbbUeXoje2LieWY%3D
Date: Wed, 17 Jun 2020 14:28:06 GMT
Server: nginx
Connection: close
Etag: "c2ujnlxwwJe4ZrNo6bhkJGv3iD2QDbbUeXoje2LieWY="
Content-Length: 0

GET
H2

200

/
am-sync.taboola.com/sg/mediamath-ssp-network/1/rtb-h/ Frame 9946
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=92&redir=https://am-sync.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=[MM_UUID]&orig=trc
https://am-sync.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=17d45eea-2873-4f00-919e-d7199f237712

0
226 B

14ms
14ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-sync.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=17d45eea-2873-4f00-919e-d7199f237712
Requested by: Host: urlz.fr
URL: https://urlz.fr/cXp6
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
tbl-x-upstream: 10.41.32.36:10213
date: Wed, 17 Jun 2020 14:28:05 GMT
server: nginx
x-fastly-to-nlb-rtt: 2091

Redirect headers

Date: Wed, 17 Jun 2020 14:28:05 GMT
Server: MT3 2567 b8d0938 master zrh-pixel-x23
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://am-sync.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=17d45eea-2873-4f00-919e-d7199f237712
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 17 Jun 2020 14:28:04 GMT

GET
H2

204

/
am-sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/ Frame 9946
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fam-sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc
https://am-sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=isHCnOhZaMjr&ev=1&orig=trc&pid=562107

0
218 B

14ms
14ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=isHCnOhZaMjr&ev=1&orig=trc&pid=562107
Requested by: Host: urlz.fr
URL: https://urlz.fr/cXp6
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
tbl-x-upstream: 10.40.0.111:10213
date: Wed, 17 Jun 2020 14:28:06 GMT
server: nginx
x-fastly-to-nlb-rtt: 13668

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
status: 302
content-language: en-US
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
location: https://am-sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=isHCnOhZaMjr&ev=1&orig=trc&pid=562107
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-6b7d6786d5-kj54s
expires: -1

GET
H2

204

/
am-sync.taboola.com/sg/zemantartb-network/1/rtb-h/ Frame 9946
Redirect Chain

https://b1sync.zemanta.com/usersync/taboola/?puid={user_id}&cb=https://am-sync.taboola.com/sg/zemantartb-network/1/rtb-h/?taboola_hm=__ZUID__&orig=trc
https://b1sync.zemanta.com/usersync/taboola/?cb=https%3A%2F%2Fam-sync.taboola.com%2Fsg%2Fzemantartb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D__ZUID__&orig=trc&puid=%7Buser_id%7D&s=2
https://am-sync.taboola.com/sg/zemantartb-network/1/rtb-h/?taboola_hm=5jUQ1ZSqpsCHCLRlWiZv

0
217 B

14ms
14ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-sync.taboola.com/sg/zemantartb-network/1/rtb-h/?taboola_hm=5jUQ1ZSqpsCHCLRlWiZv
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
tbl-x-upstream: 10.41.32.36:10213
date: Wed, 17 Jun 2020 14:28:07 GMT
server: nginx
x-fastly-to-nlb-rtt: 9533

Redirect headers

Pragma: no-cache
Date: Wed, 17 Jun 2020 14:28:07 GMT
P3p: CP="We do not support P3P header."
Location: https://am-sync.taboola.com/sg/zemantartb-network/1/rtb-h/?taboola_hm=5jUQ1ZSqpsCHCLRlWiZv
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=utf-8
Content-Length: 113
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2

200

/
am-sync.taboola.com/sg/appnexus-network/1/rtb-h/ Frame 9946
Redirect Chain

https://ib.adnxs.com/getuidnb?https://am-sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID&orig=trc
https://am-sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=6140288308793808704&orig=trc

0
225 B

14ms
13ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=6140288308793808704&orig=trc
Requested by: Host: urlz.fr
URL: https://urlz.fr/cXp6
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
tbl-x-upstream: 10.40.20.9:10213
date: Wed, 17 Jun 2020 14:28:06 GMT
server: nginx
x-fastly-to-nlb-rtt: 6620

Redirect headers

Pragma: no-cache
Date: Wed, 17 Jun 2020 14:28:08 GMT
X-Proxy-Origin: 185.217.171.12; 185.217.171.12; 537.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.169:80
AN-X-Request-Uuid: 4f9e501b-9a3e-4a54-9177-16b6f69bafc6
Server: nginx/1.13.4
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://am-sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=6140288308793808704&orig=trc
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 9946
Redirect Chain

https://am-sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=98a9af38-fd26-4b17-984c-036248f26a29-tuct5e3adf5

170 B
231 B

34ms
34ms

Image
image/png

216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=98a9af38-fd26-4b17-984c-036248f26a29-tuct5e3adf5

Requested by

Host: urlz.fr
URL: https://urlz.fr/cXp6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Jun 2020 14:28:06 GMT
server: HTTP server (unknown)
content-type: image/png
status: 200
cache-control: no-cache, must-revalidate
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

status: 302
tbl-x-upstream: 10.40.20.14:10213
date: Wed, 17 Jun 2020 14:28:06 GMT
server: nginx
x-fastly-to-nlb-rtt: 7389
location: https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=98a9af38-fd26-4b17-984c-036248f26a29-tuct5e3adf5

GET
H2

204

/
am-sync.taboola.com/sg/nca-appnexus-network/1/rtb-h/ Frame 9946
Redirect Chain

https://ib.adnxs.com/getuidnb?https://am-sync.taboola.com/sg/nca-appnexus-network/1/rtb-h/?taboola_hm=$UID&orig=trc
https://am-sync.taboola.com/sg/nca-appnexus-network/1/rtb-h/?taboola_hm=6140288308793808704&orig=trc

0
217 B

14ms
14ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-sync.taboola.com/sg/nca-appnexus-network/1/rtb-h/?taboola_hm=6140288308793808704&orig=trc
Requested by: Host: urlz.fr
URL: https://urlz.fr/cXp6
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
tbl-x-upstream: 10.41.32.34:10213
date: Wed, 17 Jun 2020 14:28:06 GMT
server: nginx
x-fastly-to-nlb-rtt: 9084

Redirect headers

Pragma: no-cache
Date: Wed, 17 Jun 2020 14:28:08 GMT
X-Proxy-Origin: 185.217.171.12; 185.217.171.12; 537.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.254:80
AN-X-Request-Uuid: 22c5d2f5-1e75-4768-9789-6657094e0f94
Server: nginx/1.13.4
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://am-sync.taboola.com/sg/nca-appnexus-network/1/rtb-h/?taboola_hm=6140288308793808704&orig=trc
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK cookiesync
bttrack.com/pixel/ Frame 9946 35 B
380 B 95ms
95ms Image
image/gif 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bttrack.com/pixel/cookiesync?source=14b8c562-d12b-418b-b680-ad517d5839ec
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20200615-28-RELEASE.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-ServerName: Track002-dc3
Pragma: no-cache
Date: Wed, 17 Jun 2020 14:28:06 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control: private,no-cache
Content-Type: image/gif
Content-Length: 35
Expires: -1

GET
H2

200

/
trc.taboola.com/sg/bidswitch-network/1/rtb-h/ Frame 9946
Redirect Chain

https://x.bidswitch.net/sync?ssp=taboola
https://x.bidswitch.net/ul_cb/sync?ssp=taboola
https://sync.srv.stackadapt.com/sync?nid=50&ssp=taboola
https://x.bidswitch.net/sync?dsp_id=188&user_id=_m44C0IVTvR_W9qgw9yfz7nZqww&user_group=1&ssp=taboola
https://x.bidswitch.net/ul_cb/sync?dsp_id=188&user_id=_m44C0IVTvR_W9qgw9yfz7nZqww&user_group=1&ssp=taboola
https://trc.taboola.com/sg/bidswitch-network/1/rtb-h/?taboola_hm=3f628c12-4a82-40e0-86f6-725957dd902b

0
239 B

29ms
29ms

Image
text/plain

151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/bidswitch-network/1/rtb-h/?taboola_hm=3f628c12-4a82-40e0-86f6-725957dd902b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 10
date: Wed, 17 Jun 2020 14:28:07 GMT
via: 1.1 varnish
server: nginx
x-timer: S1592404087.080134,VS0,VE10
x-cache: MISS
status: 200
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-hhn4074-HHN

Redirect headers

status: 302
date: Wed, 17 Jun 2020 14:28:07 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
location: //trc.taboola.com/sg/bidswitch-network/1/rtb-h/?taboola_hm=3f628c12-4a82-40e0-86f6-725957dd902b
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 userx.20200615-28-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ Frame B5A3 22 KB
8 KB 23ms
22ms Script
application/javascript 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20200615-28-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/themonetizer-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4397d6decd6c9dffca6ec60fa24aeca93f42119235c587ff0c5b8850010ce84b

Request headers

Referer: https://urlz.fr/cXp6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: PS49RO68Q9lFyY.YrHJeEERHymtFzNee
content-encoding: gzip
etag: "124cc027e0ba47783724ca8802da5d06"
age: 75
x-cache: HIT
status: 200
x-amz-replication-status: COMPLETED
content-length: 7713
x-amz-id-2: gsHGjeNmK6lmw3i5oAGoTrcfQK9+NY/fnO2dyyEia06/7/oJiwiGEIzK+BUp7HC7dTk93tVuXwk=
x-served-by: cache-hhn4074-HHN
last-modified: Mon, 15 Jun 2020 20:33:10 GMT
server: AmazonS3
x-timer: S1592404085.219612,VS0,VE0
date: Wed, 17 Jun 2020 14:28:05 GMT
vary: Accept-Encoding
x-amz-request-id: 322556C614276A26
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 99
x-cache-hits: 209

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 9946 0
239 B 31ms
31ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=16698
Requested by: Host: urlz.fr
URL: https://urlz.fr/cXp6
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
Content-Type: image/gif

GET
H2

200

/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame 9946
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEM3T4gm14Plw4FQfEakjk5o&google_cver=1

0
58 B

29ms
29ms

Image
text/plain

151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEM3T4gm14Plw4FQfEakjk5o&google_cver=1
Requested by: Host: urlz.fr
URL: https://urlz.fr/cXp6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Wed, 17 Jun 2020 14:28:05 GMT
via: 1.1 varnish
server: nginx
x-timer: S1592404085.252881,VS0,VE9
x-cache: MISS
status: 200
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-hhn4074-HHN

Redirect headers

pragma: no-cache
date: Wed, 17 Jun 2020 14:28:05 GMT
server: HTTP server (unknown)
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEM3T4gm14Plw4FQfEakjk5o&google_cver=1
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 304
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK Pug
simage2.pubmatic.com/AdServer/ Frame 9946 42 B
939 B 25ms
14ms Image
image/gif 185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMxNjAmdGw9MTI5NjAw&piggybackCookie=98a9af38-fd26-4b17-984c-036248f26a29-tuct5e3adf5
Requested by: Host: urlz.fr
URL: https://urlz.fr/cXp6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection: close
Pragma: no-cache
Date: Wed, 17 Jun 2020 14:28:06 GMT
X-lat: Pug22070:0:415
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Content-Type: image/gif; charset=utf-8
Content-Length: 42

GET
H2

200

/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame 9946
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=e8274fe0-501f-476f-81df-99efa983762a

0
205 B

28ms
28ms

Image
text/plain

151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=e8274fe0-501f-476f-81df-99efa983762a
Requested by: Host: urlz.fr
URL: https://urlz.fr/cXp6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 8
date: Wed, 17 Jun 2020 14:28:05 GMT
via: 1.1 varnish
server: nginx
x-timer: S1592404085.252825,VS0,VE8
x-cache: MISS
status: 200
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-hhn4074-HHN

Redirect headers

pragma: no-cache
date: Wed, 17 Jun 2020 14:28:05 GMT
x-aspnet-version: 4.0.30319
status: 302
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=e8274fe0-501f-476f-81df-99efa983762a
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 239

GET
H2

200

rtb-h
trc.taboola.com/sg/storygize-network/1/ Frame 9946
Redirect Chain

https://www.storygize.net/ccm/4b560cdd-91f9-422b-adb7-e9dff26bc3ad?u=98a9af38-fd26-4b17-984c-036248f26a29-tuct5e3adf5
https://trc.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=37cf273d-6031-4a9e-b4c2-17b86d952301

0
60 B

27ms
27ms

Image
text/plain

151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=37cf273d-6031-4a9e-b4c2-17b86d952301
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 8
date: Wed, 17 Jun 2020 14:28:06 GMT
via: 1.1 varnish
server: nginx
x-timer: S1592404087.552422,VS0,VE8
x-cache: MISS
status: 200
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-hhn4074-HHN

Redirect headers

Location: https://trc.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=37cf273d-6031-4a9e-b4c2-17b86d952301
Pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
Connection: keep-alive
P3P: CP ALL ADM DEV PSAi COM OUR OTRo STP IND ONL
Content-Length: 0
expires: 0

GET
H/1.1 204
No Content /
cds.taboola.com/ Frame 9946 0
157 B 1343ms
114ms Image
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cds.taboola.com/?uid=98a9af38-fd26-4b17-984c-036248f26a29-tuct5e3adf5&_r=3109294
Requested by: Host: urlz.fr
URL: https://urlz.fr/cXp6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Jun 2020 14:28:07 GMT
cache-control: no-store
x-envoy-upstream-service-time: 0
Server: nginx
Connection: close

GET
H2 204 fix-user-id
trc.taboola.com/themonetizer-urlz/log/3/ Frame B5A3 0
59 B 30ms
29ms Image
image/gif 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/themonetizer-urlz/log/3/fix-user-id?lti=deflated&ri=b26e0134ecca3efffe349fbaa2cf11fb&sd=v2_56162f621a81afe65a7fe581b97d1548_98a9af38-fd26-4b17-984c-036248f26a29-tuct5e3adf5_1592404085_1592404085_CNawjgYQgYlJGJGRuJWsLiABKAEwoQE4l-oLQJKXEEiWh9oDUP___________wFYAGAAaOKmqpGyrZficA&ui=9f8afdcc-aefb-44df-a766-1e7780dc32e9-tuct5e3adf4&pi=/cxp6&wi=4249082884909085&pt=text&vi=1592404084881&time=1592404085202&fromUser=9f8afdcc-aefb-44df-a766-1e7780dc32e9-tuct5e3adf4&toUser=98a9af38-fd26-4b17-984c-036248f26a29-tuct5e3adf5&fromSD=v2_cfd452cf861cbd0260fd4749b8183df7_9f8afdcc-aefb-44df-a766-1e7780dc32e9-tuct5e3adf4_1592404084_1592404084_CNawjgYQgYlJGJGRuJWsLiABKAEwoQE4l-oLQJKXEEiWh9oDUP___________wFYAGAAaOKmqpGyrZficA&toSD=v2_56162f621a81afe65a7fe581b97d1548_98a9af38-fd26-4b17-984c-036248f26a29-tuct5e3adf5_1592404085_1592404085_CNawjgYQgYlJGJGRuJWsLiABKAEwoQE4l-oLQJKXEEiWh9oDUP___________wFYAGAAaOKmqpGyrZficA&tim=16%3A28%3A05.202&id=9680&llvl=1&cv=20200615-28-RELEASE&
Requested by: Host: urlz.fr
URL: https://urlz.fr/cXp6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://urlz.fr/cXp6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Wed, 17 Jun 2020 14:28:06 GMT
via: 1.1 varnish
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 204
x-served-by: cache-hhn4074-HHN
pragma: no-cache
server: nginx
x-timer: S1592404086.398745,VS0,VE9
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame B5A3 254 B
647 B 19ms
19ms Image
image/png 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/userx.20200615-28-RELEASE.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Referer: https://urlz.fr/cXp6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via: 1.1 varnish
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
age: 24976
x-cache: HIT
status: 200
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: grODyaFUyHwi27S6u2hd746yPHwUf+y1im5Wn93DxT7wozhn8KMFUP712WAAG3eD1t2rnF4k3Bs=
x-served-by: cache-hhn4074-HHN
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1592404085.249168,VS0,VE0
date: Wed, 17 Jun 2020 14:28:05 GMT
x-amz-request-id: 29D722C296265892
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: image/png
abp: 99
x-cache-hits: 68919

POST
H2 204 bulk Show response
trc.taboola.com/themonetizer-urlz/log/3/ Frame 375C 0
377 B 30ms
30ms XHR
image/gif 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/themonetizer-urlz/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20200615-28-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://urlz.fr/cXp6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 9
date: Wed, 17 Jun 2020 14:28:06 GMT
via: 1.1 varnish
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 204
x-served-by: cache-hhn4074-HHN
pragma: no-cache
server: nginx
x-timer: S1592404086.103480,VS0,VE9
content-type: image/gif
access-control-allow-origin: https://urlz.fr
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

POST
H2 204 bulk Show response
trc.taboola.com/themonetizer-urlz/log/3/ Frame B5A3 0
56 B 28ms
27ms XHR
image/gif 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/themonetizer-urlz/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20200615-28-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://urlz.fr/cXp6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 8
date: Wed, 17 Jun 2020 14:28:06 GMT
via: 1.1 varnish
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 204
x-served-by: cache-hhn4074-HHN
pragma: no-cache
server: nginx
x-timer: S1592404086.226542,VS0,VE8
content-type: image/gif
access-control-allow-origin: https://urlz.fr
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 68 KB
21 KB 52ms
17ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid3_20/build/dist/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 7614223cc63035d8f95aa40644bb983d4e9c144537b61983a412ceb0aad53a71

Request headers

Referer: https://urlz.fr/cXp6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 14:28:06 GMT
content-encoding: gzip
last-modified: Tue, 09 Jun 2020 14:26:17 GMT
server: nginx
etag: W/"5edf9c09-10fe8"
status: 200
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Thu, 18 Jun 2020 14:28:06 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 68 KB
21 KB 60ms
29ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 7614223cc63035d8f95aa40644bb983d4e9c144537b61983a412ceb0aad53a71

Request headers

Referer: https://urlz.fr/cXp6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Jun 2020 14:28:06 GMT
content-encoding: gzip
last-modified: Tue, 09 Jun 2020 14:26:17 GMT
server: nginx
etag: W/"5edf9c09-10fe8"
status: 200
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Thu, 18 Jun 2020 14:28:06 GMT

GET
H/1.1 200
OK uq58aj9csjm3 Show response
hal9000.redintelligence.net/zone/ Frame F271 10 KB
3 KB 75ms
24ms Script
text/html 138.201.220.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/uq58aj9csjm3?subid=&rnd=706064314589310324&extVar[]=DOUBLEBORDER:1&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D706064314589310324%26mt_id%3D6815988%26mt_adid%3D216536%26mt_sid%3D4739619%26mt_exid%3D39%26mt_inapp%3D0%26mt_uuid%3D17d45eea-2873-4f00-919e-d7199f237712%26redirect%3D
Requested by: Host: urlz.fr
URL: https://urlz.fr/cXp6
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.220.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 82c466e587ac4e34600666d65b6cc7ae037e911c98a1b4750c663b88d42451f6

Request headers

Referer: https://urlz.fr/cXp6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Jun 2020 14:28:07 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 2791
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1

200
OK

img
pixel.mathtag.com/event/ Frame F271
Redirect Chain

https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=39&v2=706064314589310324&v3=669970&v4=4739619&v5=6815988&mt_nsync=1&no_attr=1
https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=39&v2=706064314589310324&v3=669970&v4=4739619&v5=6815988&mt_nsync=1&no_attr=1&mm_bnc&mm_bct&UUID=17795eea-2877-4800-a4ac-eefcd8c5...

43 B
360 B

65ms
65ms

Image
image/gif

2.21.37.45
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=39&v2=706064314589310324&v3=669970&v4=4739619&v5=6815988&mt_nsync=1&no_attr=1&mm_bnc&mm_bct&UUID=17795eea-2877-4800-a4ac-eefcd8c57ae1
Requested by: Host: urlz.fr
URL: https://urlz.fr/cXp6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.37.45 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-21-37-45.deploy.static.akamaitechnologies.com
Software: MT3 2567 b8d0938 master zrh-pixel-x16 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://urlz.fr/cXp6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Jun 2020 14:28:08 GMT
Server: MT3 2567 b8d0938 master zrh-pixel-x16
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 17 Jun 2020 14:28:06 GMT

Redirect headers

Date: Wed, 17 Jun 2020 14:28:07 GMT
Server: MT3 2567 b8d0938 master cdg-pixel-x13
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=39&v2=706064314589310324&v3=669970&v4=4739619&v5=6815988&mt_nsync=1&no_attr=1&mm_bnc&mm_bct&UUID=17795eea-2877-4800-a4ac-eefcd8c57ae1
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 0
Expires: Wed, 17 Jun 2020 14:28:06 GMT

GET
H/1.1 200
OK img
tags.mathtag.com/event/ Frame F271 49 B
328 B 120ms
40ms Image
image/gif 185.29.133.223
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/event/img?type=mmImpTrack&exch=sas&bid=706064314589310324&st=4739619&time=1592404087&nodeid=39
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=sas&id=5aW95q2jLzIyLyAvTVRFNE1tSmhabVl0T1dZME9DMHhZVEV5TFRBd01EQXRNREF3TURBd01EQXdNREF3LzcwNjA2NDMxNDU4OTMxMDMyNC82ODE1OTg4LzQ3Mzk2MTkvMzkvV2dldHdTajhJMXNTYzdGdmx4RHJVR3pJUS0wTFlVbDlfblRqa1MxMjBiOC8xLzM5LzAvMC85OTgwODgvMzExODA1MDA2MC8yMTY1MzYvNjY5OTcwLzEvMC8wL01EQXdNREF3TURBdE1EQXdNQzB3TURBd0xUQXdNREF0TURBd01EQXdNREF3TURBdy8wLzAvMC8wLzAvNzA2MDY0MzE0NTg5MzEwMzI0L3pyaC8wLzM5MjgvNjgvOTk5LzAvMTg1LjIxNy4xNzEuMC8wLjAwMC8xNTkyNDA0MDg0LzE1OTI0MTY2ODQvMzkv/p7Q0AMTU_wvO8z_lYvs91fy9AL8&nodeid=39&group=eu&auctionid=706064314589310324&sid=4739619&cid=6815988&price=0.057999302&bp=a_ahcaab&nfy_act=LD5wfnw&type=adm&client=c2s&act=LiIiJiQocHxrPSwuJCMqcHxrKy5wfGshIioqJCMqcHxrOiwkOQsiPwQgPQMiOSQrcH0&bfip=185.29.134.124
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.133.223 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.173.1 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Referer: https://urlz.fr/cXp6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Jun 2020 14:28:07 GMT
Server: MMBD/3.173.1
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: zrh-router-x71, zrh-bidder-x7
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Wed, 17 Jun 2020 14:28:06 GMT

GET
H/1.1

200
OK

js Show response
pixel.mathtag.com/sync/ Frame F271
Redirect Chain

https://pixel.mathtag.com/sync/js?sync=auto&mt_lim=5
https://pixel.mathtag.com/sync/js?sync=auto&mt_lim=5&mm_bnc&mm_bct&UUID=42d55eea-2877-4200-bd79-c235985d17ff

597 B
921 B

53ms
42ms

Script
text/javascript

2.21.37.45
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/sync/js?sync=auto&mt_lim=5&mm_bnc&mm_bct&UUID=42d55eea-2877-4200-bd79-c235985d17ff
Requested by: Host: urlz.fr
URL: https://urlz.fr/cXp6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.37.45 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-21-37-45.deploy.static.akamaitechnologies.com
Software: MT3 2334 83311f9 master cdg-pixel-x14 /
Resource Hash: acfa1f03ac087fc08ca7389b23f01c47b31c6d00d412a21d9342af3c070fff57

Request headers

Referer: https://urlz.fr/cXp6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Jun 2020 14:28:07 GMT
Server: MT3 2334 83311f9 master cdg-pixel-x14
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 597
Expires: Wed, 17 Jun 2020 14:28:06 GMT

Redirect headers

Date: Wed, 17 Jun 2020 14:28:07 GMT
Server: MT3 2567 b8d0938 master cdg-pixel-x1
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://pixel.mathtag.com/sync/js?sync=auto&mt_lim=5&mm_bnc&mm_bct&UUID=42d55eea-2877-4200-bd79-c235985d17ff
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 0
Expires: Wed, 17 Jun 2020 14:28:06 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame F271
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_cm&google_hm=MTE4MmJhZmYtOWY0OC0xYTEyLTAwMDAtMDAwMDAwMDAwMDAw
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_cm=&google_hm=MTE4MmJhZmYtOWY0OC0xYTEyLTAwMDAtMDAwMDAwMDAwMDAw&google_tc=
https://sync.mathtag.com/sync/img?mt_exid=4&mt_ec=64ws&mt_exuid=&google_gid=CAESEJiXPhgs7hABJq7Q_Ix5d3U&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=QtVe6ih3QgC9ecI1mF0X_w

170 B
231 B

30ms
30ms

Image
image/png

216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=QtVe6ih3QgC9ecI1mF0X_w

Requested by

Host: urlz.fr
URL: https://urlz.fr/cXp6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://urlz.fr/cXp6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Jun 2020 14:28:07 GMT
server: HTTP server (unknown)
content-type: image/png
status: 200
cache-control: no-cache, must-revalidate
alt-svc: h3-28="googleads.g.doubleclick.net:443"; ma=2592000,h3-28=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 17 Jun 2020 14:28:07 GMT
Server: MT3 2567 b8d0938 master zrh-pixel-x15
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=QtVe6ih3QgC9ecI1mF0X_w
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 17 Jun 2020 14:28:06 GMT

GET
H/1.1 200
OK 4448
stags.bluekai.com/site/ Frame F271 62 B
733 B 218ms
174ms Image
image/gif 92.123.150.214
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/4448?id=1182baff-9f48-1a12-0000-000000000000
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=sas&id=5aW95q2jLzIyLyAvTVRFNE1tSmhabVl0T1dZME9DMHhZVEV5TFRBd01EQXRNREF3TURBd01EQXdNREF3LzcwNjA2NDMxNDU4OTMxMDMyNC82ODE1OTg4LzQ3Mzk2MTkvMzkvV2dldHdTajhJMXNTYzdGdmx4RHJVR3pJUS0wTFlVbDlfblRqa1MxMjBiOC8xLzM5LzAvMC85OTgwODgvMzExODA1MDA2MC8yMTY1MzYvNjY5OTcwLzEvMC8wL01EQXdNREF3TURBdE1EQXdNQzB3TURBd0xUQXdNREF0TURBd01EQXdNREF3TURBdy8wLzAvMC8wLzAvNzA2MDY0MzE0NTg5MzEwMzI0L3pyaC8wLzM5MjgvNjgvOTk5LzAvMTg1LjIxNy4xNzEuMC8wLjAwMC8xNTkyNDA0MDg0LzE1OTI0MTY2ODQvMzkv/p7Q0AMTU_wvO8z_lYvs91fy9AL8&nodeid=39&group=eu&auctionid=706064314589310324&sid=4739619&cid=6815988&price=0.057999302&bp=a_ahcaab&nfy_act=LD5wfnw&type=adm&client=c2s&act=LiIiJiQocHxrPSwuJCMqcHxrKy5wfGshIioqJCMqcHxrOiwkOQsiPwQgPQMiOSQrcH0&bfip=185.29.134.124
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.150.214 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-150-214.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer: https://urlz.fr/cXp6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Jun 2020 14:28:08 GMT
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
BK-Server: 3d24
Content-Type: image/gif

GET
H/1.1

200
OK

request.php Show response
hal900018.redintelligence.net/ Frame F271
Redirect Chain

https://hal900018.redintelligence.net/request.php?zone=uq58aj9csjm3&nw=20&renderingType=javascript&namespace=170fd49b7c&subid=&uid=067ad994a8f08f25&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900018.redintelligence.net/request.php?zone=uq58aj9csjm3&nw=20&renderingType=javascript&namespace=170fd49b7c&subid=&uid=067ad994a8f08f25&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

2 KB
1 KB

138ms
89ms

Script
application/x-javascript

144.76.91.199
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900018.redintelligence.net/request.php?zone=uq58aj9csjm3&nw=20&renderingType=javascript&namespace=170fd49b7c&subid=&uid=067ad994a8f08f25&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&tcfGdpr=&tcfGdprConsent=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D706064314589310324%26mt_id%3D6815988%26mt_adid%3D216536%26mt_sid%3D4739619%26mt_exid%3D39%26mt_inapp%3D0%26mt_uuid%3D17d45eea-2873-4f00-919e-d7199f237712%26redirect%3D&documentReferer=https%3A%2F%2Furlz.fr%2FcXp6&ancestorOrigins=https%3A%2F%2Furlz.fr&random=62952626353&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: urlz.fr
URL: https://urlz.fr/cXp6
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.199.91.76.144.clients.your-server.de
Software: Apache /
Resource Hash: a2084ef18d688ae9ca03a457a232f64f6c4ae2eb011fe0773a3faaa785930857

Request headers

Referer: https://urlz.fr/cXp6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 17 Jun 2020 14:28:08 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 67003100137042301041204011263018
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 726
Expires: Wed, 17 Jun 2020 15:28:08 +0200

Redirect headers

Pragma: no-cache
Date: Wed, 17 Jun 2020 14:28:08 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=uq58aj9csjm3&nw=20&renderingType=javascript&namespace=170fd49b7c&subid=&uid=067ad994a8f08f25&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&tcfGdpr=&tcfGdprConsent=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D706064314589310324%26mt_id%3D6815988%26mt_adid%3D216536%26mt_sid%3D4739619%26mt_exid%3D39%26mt_inapp%3D0%26mt_uuid%3D17d45eea-2873-4f00-919e-d7199f237712%26redirect%3D&documentReferer=https%3A%2F%2Furlz.fr%2FcXp6&ancestorOrigins=https%3A%2F%2Furlz.fr&random=62952626353&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Wed, 17 Jun 2020 15:28:08 +0200

GET
H/1.1 200
OK request_content.php
hal900018.redintelligence.net/ Frame E288 0
0 1110ms
26ms Document
text/html 144.76.91.199
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900018.redintelligence.net/request_content.php?s=67003100137042301041204011263018&a=0a883d4d
Requested by: Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request.php?zone=uq58aj9csjm3&nw=20&renderingType=javascript&namespace=170fd49b7c&subid=&uid=067ad994a8f08f25&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&tcfGdpr=&tcfGdprConsent=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D706064314589310324%26mt_id%3D6815988%26mt_adid%3D216536%26mt_sid%3D4739619%26mt_exid%3D39%26mt_inapp%3D0%26mt_uuid%3D17d45eea-2873-4f00-919e-d7199f237712%26redirect%3D&documentReferer=https%3A%2F%2Furlz.fr%2FcXp6&ancestorOrigins=https%3A%2F%2Furlz.fr&random=62952626353&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.199.91.76.144.clients.your-server.de
Software: Apache /
Resource Hash

Request headers

Host: hal900018.redintelligence.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://urlz.fr/cXp6
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: 8lcfmzhxc8d6_uid=144db2ecc0412b54
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://urlz.fr/cXp6

Response headers

Date: Wed, 17 Jun 2020 14:28:09 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Wed, 17 Jun 2020 15:28:09 +0200
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2102
Connection: close
Content-Type: text/html; charset=utf-8

GET
H/1.1

200
OK

cshow.php
www.zenaps.com/ Frame F271
Redirect Chain

https://www.awin1.com/cshow.php?s=2664739&v=8488&q=391888&r=235229&pref1=67003100137042301041204011263018&pv=1
https://www.zenaps.com/cshow.php?pvr=c450c9b0-b0a6-11ea-8153-692d0acd98d1&v=8488&r=235229&q=391888&s=2664739&viewref=67003100137042301041204011263018&pv=1

43 B
705 B

1111ms
37ms

Image
image/gif

23.2.214.145
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zenaps.com/cshow.php?pvr=c450c9b0-b0a6-11ea-8153-692d0acd98d1&v=8488&r=235229&q=391888&s=2664739&viewref=67003100137042301041204011263018&pv=1

Requested by

Host: urlz.fr
URL: https://urlz.fr/cXp6

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.2.214.145 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-2-214-145.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://urlz.fr/cXp6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 17 Jun 2020 14:28:10 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

Redirect headers

Date: Wed, 17 Jun 2020 14:28:09 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://www.zenaps.com/cshow.php?pvr=c450c9b0-b0a6-11ea-8153-692d0acd98d1&v=8488&r=235229&q=391888&s=2664739&viewref=67003100137042301041204011263018&pv=1
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ Frame F271 43 B
480 B 56ms
55ms Image
image/gif 2.21.37.45
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by: Host: urlz.fr
URL: https://urlz.fr/cXp6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.37.45 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-21-37-45.deploy.static.akamaitechnologies.com
Software: MT3 2567 b8d0938 master zrh-pixel-x19 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://urlz.fr/cXp6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 17 Jun 2020 14:28:08 GMT
Server: MT3 2567 b8d0938 master zrh-pixel-x19
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 17 Jun 2020 14:28:07 GMT

POST
H2 204 impression Show response
intake.prod.pubstack.io/v1/intake/ 0
57 B 32ms
31ms XHR
text/plain 52.31.182.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://intake.prod.pubstack.io/v1/intake/impression?sId=dd8810a6&tId=d086759d-86af-4b34-852b-bb5d4c87aa38&c=1&ctr=NL
Requested by: Host: urlz.fr
URL: https://urlz.fr/cXp6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.182.127 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-182-127.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://urlz.fr/cXp6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
access-control-allow-origin: *
date: Wed, 17 Jun 2020 14:28:08 GMT

GET
H/1.1 200 12.json Show response
id5-sync.com/g/v1/ 130 B
435 B 26ms
22ms XHR
text/json 54.36.109.186
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v1/12.json?1puid=&gdpr=0&gdpr_consent=

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid3_20/build/dist/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.36.109.186 , Germany, ASN16276 (OVH, FR),

Reverse DNS

p06.id5-sync.com

Software

Resource Hash

35a1ad333e541042c9e1a34e9b7a9c00286f2909c2ef172ac21f872eafa28827

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://urlz.fr/cXp6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://urlz.fr
Date: Wed, 17 Jun 2020 14:28:08 GMT
Access-Control-Allow-Credentials: true
Vary: Origin
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: text/json;charset=utf-8

GET
H/1.1 200
OK /
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ 0
0 1121ms
33ms Image
text/html 159.69.76.252
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?referrer=https%3A%2F%2Furlz.fr%2FcXp6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.69.76.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.252.76.69.159.clients.your-server.de
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://urlz.fr/cXp6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2

200

match
euc-ice.360yield.com/
Redirect Chain

https://id5-sync.com/match?publisher_user_id=153fdd8a-85a2-4b57-99d7-bfaa1b2feedf&publisher_dsp_id=79&publisher_call_type=redirect&gdpr=1&gdpr_consent=BOo5R8OO1H0owCLAAAENDO-AAAAwLAAA&publisher_red...
https://id5-sync.com/c/124/124/1/1.gif?puid=153fdd8a-85a2-4b57-99d7-bfaa1b2feedf&gdpr=1&gdpr_consent=BOo5R8OO1H0owCLAAAENDO-AAAAwLAAA
https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F124%2F101%2F0%2F2.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3DBOo5R8OO1H0owCLAAAENDO-AAAAwLAAA
https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F124%2F101%2F0%2F2.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3DBOo5R8OO1H0owCLAAAENDO-AAAAwLAAA
https://id5-sync.com/c/124/101/0/2.gif?puid=2404c82d-f4f3-4ad8-a77d-346ee1c1b18f&gdpr=1&gdpr_consent=BOo5R8OO1H0owCLAAAENDO-AAAAwLAAA
https://euc-ice.360yield.com/match?publisher_dsp_id=79&external_user_id=ID5-ZHMO4wM2ZYFkgKlFDv3M8hxd0CnNMeYo6SbuCVohOg&dsp_callback=0&gdpr=1&gdpr_consent=BOo5R8OO1H0owCLAAAENDO-AAAAwLAAA

43 B
524 B

25ms
25ms

Image
image/gif

35.157.249.55
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://euc-ice.360yield.com/match?publisher_dsp_id=79&external_user_id=ID5-ZHMO4wM2ZYFkgKlFDv3M8hxd0CnNMeYo6SbuCVohOg&dsp_callback=0&gdpr=1&gdpr_consent=BOo5R8OO1H0owCLAAAENDO-AAAAwLAAA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.249.55 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-249-55.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://urlz.fr/cXp6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Wed, 17 Jun 2020 14:28:09 GMT
access-control-allow-origin: *
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

Location: https://euc-ice.360yield.com/match?publisher_dsp_id=79&external_user_id=ID5-ZHMO4wM2ZYFkgKlFDv3M8hxd0CnNMeYo6SbuCVohOg&dsp_callback=0&gdpr=1&gdpr_consent=BOo5R8OO1H0owCLAAAENDO-AAAAwLAAA
Date: Wed, 17 Jun 2020 14:28:08 GMT
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
P3P: CP="CAO PSA OUR"

GET
H2

200

match
match.360yield.com/ul_cb/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=FT_dioWiS1eZ17-qGy_u3w&google_cm&dsp_callback=0&publisher_dsp_id=340&gdpr=1&gdpr_consent=BOo5R8OO1H0owCLAAAENDO-AAAAwLAAA
https://match.360yield.com/match?dsp_callback=0&publisher_dsp_id=340&gdpr=1&gdpr_consent=BOo5R8OO1H0owCLAAAENDO-AAAAwLAAA&google_gid=CAESEJj1qoT3uBviOgad1JlGPts&google_cver=1
https://match.360yield.com/ul_cb/match?dsp_callback=0&publisher_dsp_id=340&gdpr=1&gdpr_consent=BOo5R8OO1H0owCLAAAENDO-AAAAwLAAA&google_gid=CAESEJj1qoT3uBviOgad1JlGPts&google_cver=1

43 B
435 B

26ms
25ms

Image
image/gif

18.195.112.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.360yield.com/ul_cb/match?dsp_callback=0&publisher_dsp_id=340&gdpr=1&gdpr_consent=BOo5R8OO1H0owCLAAAENDO-AAAAwLAAA&google_gid=CAESEJj1qoT3uBviOgad1JlGPts&google_cver=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.112.7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-112-7.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://urlz.fr/cXp6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Wed, 17 Jun 2020 14:28:09 GMT
access-control-allow-origin: *
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

status: 302
date: Wed, 17 Jun 2020 14:28:09 GMT
content-type: text/plain
content-length: 0
location: https://match.360yield.com/ul_cb/match?dsp_callback=0&publisher_dsp_id=340&gdpr=1&gdpr_consent=BOo5R8OO1H0owCLAAAENDO-AAAAwLAAA&google_gid=CAESEJj1qoT3uBviOgad1JlGPts&google_cver=1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

match
euc-ice.360yield.com/ul_cb/
Redirect Chain

https://track.adform.net/serving/cookie/match/?party=5&publisher_user_id=153fdd8a-85a2-4b57-99d7-bfaa1b2feedf&publisher_dsp_id=42&publisher_call_type=redirect&gdpr=1&gdpr_consent=BOo5R8OO1H0owCLAAA...
https://track.adform.net/serving/cookie/match/?CC=1&party=5&publisher_user_id=153fdd8a-85a2-4b57-99d7-bfaa1b2feedf&publisher_dsp_id=42&publisher_call_type=redirect&gdpr=1&gdpr_consent=BOo5R8OO1H0ow...
https://euc-ice.360yield.com/match?publisher_dsp_id=42&Expiration=1593613691&external_user_id=2033655754986404700
https://euc-ice.360yield.com/ul_cb/match?publisher_dsp_id=42&Expiration=1593613691&external_user_id=2033655754986404700

43 B
423 B

24ms
24ms

Image
image/gif

35.157.249.55
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://euc-ice.360yield.com/ul_cb/match?publisher_dsp_id=42&Expiration=1593613691&external_user_id=2033655754986404700
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.249.55 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-249-55.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://urlz.fr/cXp6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Wed, 17 Jun 2020 14:28:11 GMT
access-control-allow-origin: *
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

status: 302
date: Wed, 17 Jun 2020 14:28:11 GMT
content-type: text/plain
content-length: 0
location: https://euc-ice.360yield.com/ul_cb/match?publisher_dsp_id=42&Expiration=1593613691&external_user_id=2033655754986404700
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

match
ad.360yield.com/ul_cb/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=improvedigital&google_cm&google_sc&google_hm=MTUzZmRkOGEtODVhMi00YjU3LTk5ZDctYmZhYTFiMmZlZWRm&dsp_callback=0&gdpr=1&gdpr_consent=BOo5R8OO1H0owCLAAAENDO...
https://ad.360yield.com/match?publisher_dsp_id=55&dsp_callback=0&gdpr=1&gdpr_consent=BOo5R8OO1H0owCLAAAENDO-AAAAwLAAA&external_user_id=CAESEHSZwbnmkz9tXJsEpfR9gik&google_cver=1
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=55&dsp_callback=0&gdpr=1&gdpr_consent=BOo5R8OO1H0owCLAAAENDO-AAAAwLAAA&external_user_id=CAESEHSZwbnmkz9tXJsEpfR9gik&google_cver=1

43 B
433 B

26ms
25ms

Image
image/gif

18.195.112.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=55&dsp_callback=0&gdpr=1&gdpr_consent=BOo5R8OO1H0owCLAAAENDO-AAAAwLAAA&external_user_id=CAESEHSZwbnmkz9tXJsEpfR9gik&google_cver=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.112.7 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-112-7.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://urlz.fr/cXp6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Wed, 17 Jun 2020 14:28:09 GMT
access-control-allow-origin: *
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

status: 302
date: Wed, 17 Jun 2020 14:28:09 GMT
content-type: text/plain
content-length: 0
location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=55&dsp_callback=0&gdpr=1&gdpr_consent=BOo5R8OO1H0owCLAAAENDO-AAAAwLAAA&external_user_id=CAESEHSZwbnmkz9tXJsEpfR9gik&google_cver=1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

match
euc-ice.360yield.com/ul_cb/
Redirect Chain

https://ib.adnxs.com/getuid?https://euc-ice.360yield.com/match?dsp_callback=0&external_user_id=$UID&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOo5R8OO1H0owCLAAAENDO-AAAAwLAAA
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Feuc-ice.360yield.com%2Fmatch%3Fdsp_callback%3D0%26external_user_id%3D%24UID%26publisher_dsp_id%3D40%26gdpr%3D1%26gdpr_consent%3DBOo5R8OO1H0owCL...
https://euc-ice.360yield.com/match?dsp_callback=0&external_user_id=6667153774039163463&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOo5R8OO1H0owCLAAAENDO-AAAAwLAAA
https://euc-ice.360yield.com/ul_cb/match?dsp_callback=0&external_user_id=6667153774039163463&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOo5R8OO1H0owCLAAAENDO-AAAAwLAAA

43 B
495 B

30ms
29ms

Image
image/gif

35.157.249.55
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://euc-ice.360yield.com/ul_cb/match?dsp_callback=0&external_user_id=6667153774039163463&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOo5R8OO1H0owCLAAAENDO-AAAAwLAAA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.249.55 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-249-55.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://urlz.fr/cXp6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Wed, 17 Jun 2020 14:28:09 GMT
access-control-allow-origin: *
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

status: 302
date: Wed, 17 Jun 2020 14:28:09 GMT
content-type: text/plain
content-length: 0
location: https://euc-ice.360yield.com/ul_cb/match?dsp_callback=0&external_user_id=6667153774039163463&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOo5R8OO1H0owCLAAAENDO-AAAAwLAAA
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

POST
H2 204 auction Show response
intake.prod.pubstack.io/v1/intake/ 0
57 B 33ms
32ms XHR
text/plain 52.31.182.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://intake.prod.pubstack.io/v1/intake/auction?sId=dd8810a6&tId=d086759d-86af-4b34-852b-bb5d4c87aa38&c=2&ctr=NL
Requested by: Host: urlz.fr
URL: https://urlz.fr/cXp6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.182.127 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-182-127.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://urlz.fr/cXp6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
access-control-allow-origin: *
date: Wed, 17 Jun 2020 14:28:09 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: id5-sync.com
URL: https://id5-sync.com/c/12/112/2/8.gif?puid=0&gdpr=1&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

153 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.amazondede.com/	1970-01-19 10:20:05	Name: __utmb Value: 1.1.10.1592404083
www.amazondede.com/	1970-01-19 10:20:04	Name: __utmt Value: 1
www.amazondede.com/	1969-12-31 23:59:59	Name: __utmc Value: 1
.urlz.fr/	1970-01-19 11:03:16	Name: __cfduid Value: d55ac9b1ed9bd3727ad41ef8e36d85b271592404082
www.amazondede.com/	1970-01-20 03:51:16	Name: __utma Value: 1.1619712659.1592404083.1592404083.1592404083.1
www.amazondede.com/	1970-01-19 10:21:30	Name: webs-stats-visitor-id Value: 960304175
www.amazondede.com/	1970-01-19 14:42:52	Name: __utmz Value: 1.1592404083.1.1.utmcsr=urlz.fr\|utmccn=(referral)\|utmcmd=referral\|utmcct=/cXp6
www.amazondede.com/	1969-12-31 23:59:59	Name: fwww Value: 3209125029737b70181c5462c59c368813c95182fa54910d24c52217209e8dd3

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1(Line 749) Message: undefined

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.teads.tv
ad.360yield.com
ads.creative-serving.com
ads.servenobid.com
ads.themoneytizer.com
adtrack.adleadevent.com
ajax.cloudflare.com
ajax.googleapis.com
am-sync.taboola.com
as-sec.casalemedia.com
b1sync.zemanta.com
bh.contextweb.com
bidder.criteo.com
bttrack.com
c.tmyzer.com
cdn.prod.pubstack.io
cdn.taboola.com
cds.taboola.com
ced-ns.sascdn.com
cm.g.doubleclick.net
d2zur9cc2gf1tx.cloudfront.net
dmp.truoptik.com
ec-ns.sascdn.com
euc-ice.360yield.com
fastlane.rubiconproject.com
g.themoneytizer.net
gum.criteo.com
hal9000.redintelligence.net
hal900018.redintelligence.net
ib.adnxs.com
ice.360yield.com
id5-sync.com
image2.pubmatic.com
intake.prod.pubstack.io
js-sec.indexww.com
match.360yield.com
match.adsrvr.org
match.taboola.com
match.zorosrv.com
onetag-sys.com
p.cpx.to
pixel.mathtag.com
pixel.quantserve.com
pixel.rubiconproject.com
pool.grid-data.bidswitch.net
px.powerlinks.com
rtb.mfadsrvr.com
rules.quantcount.com
s.cpx.to
sb.scorecardresearch.com
script.4dex.io
secure.adnxs.com
secure.quantserve.com
shb.richaudience.com
simage2.pubmatic.com
spl.zeotap.com
stags.bluekai.com
static.criteo.net
sync.mathtag.com
sync.richaudience.com
sync.smartadserver.com
sync.srv.stackadapt.com
tag.contextweb.com
tag.leadplace.fr
tags.mathtag.com
tmzr.pubstack.io
track.adform.net
trc.taboola.com
urlz.fr
ww1097.smartadserver.com
www.amazondede.com
www.awin1.com
www.google-analytics.com
www.googletagmanager.com
www.storygize.net
www.zenaps.com
x.bidswitch.net
id5-sync.com
104.16.92.60
104.89.19.71
116.202.160.31
13.226.154.85
13.226.156.32
138.201.220.30
141.226.224.32
141.226.228.48
144.76.91.199
145.239.193.145
145.239.193.51
151.101.113.44
151.139.241.23
159.69.76.252
178.250.2.131
18.185.173.123
18.185.191.218
18.195.112.7
18.195.154.255
185.29.133.223
185.29.133.52
185.64.189.110
185.86.137.110
185.86.137.32
192.132.33.46
198.148.27.131
198.148.27.140
2.21.37.179
2.21.37.45
216.58.206.2
23.2.214.145
2600:9000:2182:9a00:6:44e3:f8c0:93a1
2606:4700:10::6816:1957
2606:4700:3038::681f:bb2
2606:4700::6810:84e5
2606:4700::6811:186d
2606:4700:e2::ac40:8720
2a00:1450:4001:809::200e
2a00:1450:4001:820::200a
2a00:1450:4001:825::2008
2a01:4a0:1338:28::c38a:ff10
2a02:2638:1::13
2a02:2638::3
34.95.76.218
35.157.249.55
35.157.51.244
35.160.142.237
37.157.4.40
37.252.173.22
37.252.173.38
40.113.136.100
50.16.38.94
51.89.9.251
52.214.251.91
52.31.182.127
52.31.203.53
52.49.73.64
54.228.220.169
54.36.109.186
54.38.64.100
68.232.35.16
69.173.144.138
69.173.144.141
70.42.32.31
72.247.225.98
91.228.74.154
92.123.150.214
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b15b196669b98bc7462629109ed9d3e587ce96154c804813eb737eba6a2ef48
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
1acf17dad927051175d864f022b4b8323a99a11ae3caf02cce8b638634a64dec
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1e04cfecbc9803e54522bc33b7534fac26cff7bb75efacc757ee59b6cb2ad5b5
22185f510bff003e8504a6bff1759a96e745cb019155405c55fd2263898c6151
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
278393caf9e3b1246267fb79e95027449f041bbf8e8774a4cf46d72cc09b7405
290de7c8649cb5dc76203b48ee6fbe96f65880b16beb918d2c4a30e915f45856
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f060afe0b01451889202592fad7fc1cc85baa0b56a9fe19dd1a8e14c42912f3
3396e94bd648e3a567d945e89f48313811e20be09b7a1dfc692d7412ae65d6d3
35a1ad333e541042c9e1a34e9b7a9c00286f2909c2ef172ac21f872eafa28827
380333b0b75ec9ad51d95668ab00662d4c63a0913ec1c10304c6f312e1ee2c8e
3c47dba9375cacb228c707e355c85fdeb5afaf5e0d95d2e65f2f5b3668d2dc12
3f6464f9ad74909c3fdc357f6062e3e90f71c994a19154e7b27a148185848b9a
400c40080f79cbeee565ac00ea8cc5dc9c32f021fda84a87f30221fde86ee9d3
4397d6decd6c9dffca6ec60fa24aeca93f42119235c587ff0c5b8850010ce84b
46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681
4a80672baada9cdf1620ff8677fa689013fcf5671acd022eb6434af56912a8e1
4bf7264f30deeb81d01c84f1391db13744a4addf86af434cfd1d609cec819d14
4f47fb19c7052ad91baa894f001cd906ecd086800bab2bdd6ac24802c73cece9
53078894a98488fced85a7f50964e4ff41a550a599e1dc5ce902d39c511bc8d2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5b6709d87140bcbf216fe0a0e37ce51939647ed0eb219c84e8630edb2460e92f
649144be1fa79362df36ab951a8b94ba05f5e7f1a484224bf9dc7f333fdb60dd
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6ab164fe0128161a88bbc22795bfa6af933c21a272464f849b506b992b645049
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
7614223cc63035d8f95aa40644bb983d4e9c144537b61983a412ceb0aad53a71
7999053d0348ab50b1e1f509644adfd3a20423c3253b8e9f178c38476c968d39
7b1b6ea3d55a5468c1f3515d20290bc839b596efa1e2865707d15ba039f8a2e9
7c97f6e3a63cde2ec40a982359b3aefff892560577e4846a629556da52e75391
7d1e21f8edaeae8919082e33c1936ab06fda5ce438d16f3fe9c7a3666d01a61b
82c466e587ac4e34600666d65b6cc7ae037e911c98a1b4750c663b88d42451f6
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87d0504a593794695c2f77db0efde1f65e73a7086abf260f07f491482517cd07
88c765bcfcdeddab2b1765c94f9656a3a5e03c5653f193d89939fc58d75bc055
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
90e6f92e956b0b2b6e655f63d36cd44cef727f54c2b2a175ab5144de14ba2a31
94666aec361fee9a9294bb32a5bc11867e479d41c199dd6ec8053122ae105a4b
9927bfa69df2f37ab9bf7766fc14a8bbfa91940a9ddcd30132d90e8b6352330a
9b1b45dbf23d4d9d2923f164261ce8802f1201df0c33be47f99d04375676dda7
9ca8e213054d163276dedede01f9eaedf3daf414063621030719d3cbde1eca51
9ef27341dca9400a9c48c9c5781b996e400eb24505f087d0d8572ae517faa597
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a2084ef18d688ae9ca03a457a232f64f6c4ae2eb011fe0773a3faaa785930857
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
acfa1f03ac087fc08ca7389b23f01c47b31c6d00d412a21d9342af3c070fff57
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b21b082670143ac16a71038445d789a8875da5206df9b45e97ceeb44d50e0926
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213
b498679eb960d89b4577cfc850fa481aa517a76a77b0a0aca955a6220be26900
bf0e17523e8f57ccb02223b6e5adea462a5479afc4e79d9cbf80ca7f6186dc69
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
bf5a3af4518eecd15993056eb0774776d9b9f52073a1e062002cd0b9924328ba
c1f3d5b8f9aebad647eb95d6e7ee1d40bcdf98c52de9028fc9ec87e209f1148f
ca2a248a95a0254d36641d0a76a8843c790018bfd99ccd7b0ee46fdfab33e6e0
cb5e68ea98339921426942e8f8c0756dda0f90adeec0ca8067db577e8ca32e3e
d01d7e89b4d641722a6ee3361a74140f0271768fa9c0fb75168cc1f3dc90ad09
d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6e50fd1047f835e02b1b4140c8a63062dff27f25906501694c4829624150955
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f869c2dff8faee0c62fe6b9eb479f2b326557fadefd778d35dabb9d7cd18a958
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

urlz.fr Open in urlscan Pro 2606:4700:3038::681f:bb2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

147 Requests

99 %HTTPS

18 %IPv6

54 Domains

77 Subdomains

56 IPs

8 Countries

1173 kBTransfer

3908 kBSize

8 Cookies

0 Outgoing links

Redirected requests

147 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

urlz.fr Open in urlscan Pro
2606:4700:3038::681f:bb2 Public Scan

Screenshot
Live screenshot

Full Image

147
Requests

99 %
HTTPS

18 %
IPv6

54
Domains

77
Subdomains

56
IPs

8
Countries

1173 kB
Transfer

3908 kB
Size

8
Cookies

147 HTTP transactions
0 data transactions