lecourrier-du-soir.com Open in urlscan Pro
2001:41d0:1:1b00:213:186:33:40 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://lecourrier-du-soir.com/wp-content/plugins/the-moneytizer/lazy-loading/iframe-src-31.html
Submission: On February 20 via manual (February 20th 2024, 1:44:19 pm UTC) from FR — Scanned from FR

Summary HTTP 47 Redirects Behaviour Indicators

Summary

This website contacted 24 IPs in 5 countries across 28 domains to perform 47 HTTP transactions. The main IP is 2001:41d0:1:1b00:213:186:33:40, located in France and belongs to OVH, FR. The main domain is lecourrier-du-soir.com.
TLS certificate: Issued by R3 on December 22nd 2023. Valid for: 3 months.

This is the only time lecourrier-du-soir.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2001:41d0:1:1... 2001:41d0:1:1b00:213:186:33:40	16276 (OVH) (OVH)
4	2a02:6ea0:c70... 2a02:6ea0:c700::17	60068 (CDN77 _) (CDN77 _)
1	18.244.18.47 18.244.18.47	16509 (AMAZON-02) (AMAZON-02)
1	184.24.77.162 184.24.77.162	() ()
3	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
8	145.239.193.51 145.239.193.51	16276 (OVH) (OVH)
1	51.89.9.253 51.89.9.253	16276 (OVH) (OVH)
2	2620:116:800d... 2620:116:800d:21:ef75:8280:f209:5ba1	16509 (AMAZON-02) (AMAZON-02)
1	54.228.205.150 54.228.205.150	() ()
1	54.76.75.94 54.76.75.94	16509 (AMAZON-02) (AMAZON-02)
1	2a02:6ea0:c70... 2a02:6ea0:c700::22	60068 (CDN77 _) (CDN77 _)
1	2600:9000:223... 2600:9000:223c:e00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
3 4	185.89.210.20 185.89.210.20	29990 (ASN-APPNEX) (ASN-APPNEX)
3	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
3 3	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
2 2	217.182.178.233 217.182.178.233	16276 (OVH) (OVH)
2 2	52.210.135.107 52.210.135.107	16509 (AMAZON-02) (AMAZON-02)
2 2	35.190.24.218 35.190.24.218	15169 (GOOGLE) (GOOGLE)
1 1	2607:ae80:4::25 2607:ae80:4::25	26558 (FREEWHEEL) (FREEWHEEL)
4	145.239.192.166 145.239.192.166	16276 (OVH) (OVH)
1 4	54.78.254.47 54.78.254.47	16509 (AMAZON-02) (AMAZON-02)
1	52.48.53.237 52.48.53.237	16509 (AMAZON-02) (AMAZON-02)
1 1	151.101.193.91 151.101.193.91	54113 (FASTLY) (FASTLY)
2	18.184.216.10 18.184.216.10	16509 (AMAZON-02) (AMAZON-02)
1 1	2a04:4e42:600... 2a04:4e42:600::300	54113 (FASTLY) (FASTLY)
3	162.19.138.83 162.19.138.83	16276 (OVH) (OVH)
1	52.208.170.205 52.208.170.205	16509 (AMAZON-02) (AMAZON-02)
1	54.76.70.18 54.76.70.18	16509 (AMAZON-02) (AMAZON-02)
1	141.95.98.64 141.95.98.64	16276 (OVH) (OVH)
1	2.16.97.41 2.16.97.41	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
47	24

1 2001:41d0:1:1b00:213:186:33:40 (France)

ASN16276 (OVH, FR)

lecourrier-du-soir.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:6ea0:c700::17 (Frankfurt am Main, Germany)

ASN60068 (CDN77 _, GB)

ads.themoneytizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.244.18.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-18-47.fra56.r.cloudfront.net

sdk.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.24.77.162 (Frankfurt am Main, Germany)

ASN- ()
PTR: a184-24-77-162.deploy.static.akamaitechnologies.com

ced.sascdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 145.239.193.51 (France)

ASN16276 (OVH, FR)

tag.leadplace.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.253 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:ef75:8280:f209:5ba1 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.228.205.150 (Dublin, Ireland)

ASN- ()
PTR: ec2-54-228-205-150.eu-west-1.compute.amazonaws.com

p.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.76.75.94 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-75-94.eu-west-1.compute.amazonaws.com

adtrack.adleadevent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::22 (Frankfurt am Main, Germany)

ASN60068 (CDN77 _, GB)

tmzr.themoneytizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:e00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.89.210.20 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.194 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 217.182.178.233 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: ip233.ip-217-182-178.eu

sync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.210.135.107 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-135-107.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.24.218 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 218.24.190.35.bc.googleusercontent.com

rd.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:ae80:4::25 (United States) 1 redirects

ASN26558 (FREEWHEEL, US)

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 145.239.192.166 (France)

ASN16276 (OVH, FR)

sync.leadplace.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync-uid.leadplace.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
md5sync.leadplace.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.78.254.47 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com

loadeu.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
load.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.48.53.237 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-53-237.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.91 (United States) 1 redirects

ASN54113 (FASTLY, US)

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.184.216.10 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-216-10.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::300 (United States) 1 redirects

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.19.138.83 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532338.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.208.170.205 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-170-205.eu-west-1.compute.amazonaws.com

id.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.76.70.18 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-70-18.eu-west-1.compute.amazonaws.com

s.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.97.41 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-97-41.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	leadplace.fr tag.leadplace.fr — Cisco Umbrella Rank: 48200 sync.leadplace.fr — Cisco Umbrella Rank: 258002 sync-uid.leadplace.fr — Cisco Umbrella Rank: 62339 md5sync.leadplace.fr — Cisco Umbrella Rank: 245022	9 KB
5	themoneytizer.com ads.themoneytizer.com — Cisco Umbrella Rank: 53469 tmzr.themoneytizer.com — Cisco Umbrella Rank: 70050	155 KB
4	exelator.com 1 redirects loadeu.exelator.com — Cisco Umbrella Rank: 9055 load.exelator.com — Cisco Umbrella Rank: 9218 loadm.exelator.com — Cisco Umbrella Rank: 2079	4 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 272	4 KB
3	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 442	1 KB
3	doubleclick.net 3 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 278	943 B
3	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 389	722 B
3	criteo.com gum.criteo.com — Cisco Umbrella Rank: 461	671 B
2	eyeota.net ps.eyeota.net — Cisco Umbrella Rank: 1188	2 KB
2	weborama.fr 2 redirects rd.frontend.weborama.fr — Cisco Umbrella Rank: 23828	628 B
2	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 250	1 KB
2	smartadserver.com 2 redirects sync.smartadserver.com — Cisco Umbrella Rank: 1438	1 KB
2	cpx.to p.cpx.to — Cisco Umbrella Rank: 12251 s.cpx.to — Cisco Umbrella Rank: 9100	5 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1423 pixel.quantserve.com — Cisco Umbrella Rank: 1207	10 KB
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 935	395 B
1	teads.tv sync.teads.tv — Cisco Umbrella Rank: 1531	153 B
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1001	282 B
1	crwdcntrl.net id.crwdcntrl.net — Cisco Umbrella Rank: 2727	322 B
1	taboola.com 1 redirects trc.taboola.com — Cisco Umbrella Rank: 652	294 B
1	mathtag.com 1 redirects pixel.mathtag.com — Cisco Umbrella Rank: 2227	476 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 1090	44 B
1	stickyadstv.com 1 redirects ads.stickyadstv.com — Cisco Umbrella Rank: 619	508 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1404	1 KB
1	adleadevent.com adtrack.adleadevent.com — Cisco Umbrella Rank: 51282	859 B
1	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 711
1	sascdn.com ced.sascdn.com — Cisco Umbrella Rank: 11166	36 KB
1	amazonaws.com sdk.amazonaws.com — Cisco Umbrella Rank: 15961	429 KB
1	lecourrier-du-soir.com lecourrier-du-soir.com	323 B
47	28

	Domain	Requested by
8	tag.leadplace.fr	ads.themoneytizer.com tag.leadplace.fr
4	ib.adnxs.com	3 redirects p.cpx.to
4	ads.themoneytizer.com	lecourrier-du-soir.com ads.themoneytizer.com
3	id5-sync.com	ced.sascdn.com tmzr.themoneytizer.com
3	cm.g.doubleclick.net	3 redirects
3	match.adsrvr.org	p.cpx.to tag.leadplace.fr
3	gum.criteo.com	ads.themoneytizer.com tmzr.themoneytizer.com
2	md5sync.leadplace.fr	tag.leadplace.fr
2	ps.eyeota.net	tag.leadplace.fr ps.eyeota.net
2	loadeu.exelator.com	1 redirects tag.leadplace.fr
2	rd.frontend.weborama.fr	2 redirects
2	dpm.demdex.net	2 redirects
2	sync.smartadserver.com	2 redirects
1	analytics.twitter.com	tag.leadplace.fr
1	loadm.exelator.com	tag.leadplace.fr
1	load.exelator.com	tag.leadplace.fr
1	sync.teads.tv	tag.leadplace.fr
1	lb.eu-1-id5-sync.com	tmzr.themoneytizer.com
1	s.cpx.to	p.cpx.to
1	pixel.quantserve.com	lecourrier-du-soir.com
1	id.crwdcntrl.net	tmzr.themoneytizer.com
1	sync-uid.leadplace.fr	tag.leadplace.fr
1	trc.taboola.com	1 redirects
1	pixel.mathtag.com	1 redirects
1	beacon.krxd.net	tag.leadplace.fr
1	sync.leadplace.fr	tag.leadplace.fr
1	ads.stickyadstv.com	1 redirects
1	rules.quantcount.com	secure.quantserve.com
1	tmzr.themoneytizer.com	ads.themoneytizer.com
1	adtrack.adleadevent.com	ads.themoneytizer.com
1	p.cpx.to	ads.themoneytizer.com
1	secure.quantserve.com	ads.themoneytizer.com
1	onetag-sys.com	ads.themoneytizer.com
1	ced.sascdn.com	ads.themoneytizer.com
1	sdk.amazonaws.com	ads.themoneytizer.com
1	lecourrier-du-soir.com
47	36

This site contains no links.

Subject Issuer	Validity	Valid
lecourrier-du-soir.com R3	`2023-12-22` - `2024-03-21`	3 months	crt.sh
1266287590.rsc.cdn77.org R3	`2024-02-15` - `2024-05-15`	3 months	crt.sh
sdk.amazonaws.com Amazon RSA 2048 M03	`2023-10-24` - `2024-11-21`	a year	crt.sh
*.sascdn.com DigiCert TLS RSA SHA256 2020 CA1	`2023-07-14` - `2024-07-17`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-08` - `2024-05-07`	3 months	crt.sh
*.leadplace.fr Gandi Standard SSL CA 2	`2023-08-30` - `2024-09-11`	a year	crt.sh
*.onetag-sys.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-01-23` - `2025-01-29`	a year	crt.sh
quantserve.com R3	`2023-12-27` - `2024-03-26`	3 months	crt.sh
p.cpx.to Sectigo RSA Domain Validation Secure Server CA	`2024-01-09` - `2025-01-13`	a year	crt.sh
*.adleadevent.com Amazon RSA 2048 M01	`2023-06-27` - `2024-07-25`	a year	crt.sh
1564776789.rsc.cdn77.org R3	`2024-01-26` - `2024-04-25`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2024-01-31` - `2025-01-29`	a year	crt.sh
eyeota.net GoGetSSL RSA DV CA	`2023-03-08` - `2024-04-07`	a year	crt.sh
*.id5-sync.com R3	`2024-01-01` - `2024-03-31`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M02	`2023-10-08` - `2024-11-06`	a year	crt.sh
s.cpx.to Sectigo RSA Domain Validation Secure Server CA	`2024-01-09` - `2025-01-17`	a year	crt.sh
*.eu-1-id5-sync.com R3	`2024-01-01` - `2024-03-31`	3 months	crt.sh
teads.tv R3	`2024-01-22` - `2024-04-21`	3 months	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-19` - `2024-09-17`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://lecourrier-du-soir.com/wp-content/plugins/the-moneytizer/lazy-loading/iframe-src-31.html
Frame ID: 3FCD81666E9C364AE1C2A8DD527621DC
Requests: 24 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1708436655074
Frame ID: F27D7D545EA9EEF3C3C0EB3BD616490E
Requests: 1 HTTP requests in this frame

Frame: https://tag.leadplace.fr/wckr.php?ref=https%3A%2F%2Flecourrier-du-soir.com%2Fwp-content%2Fplugins%2Fthe-moneytizer%2Flazy-loading%2Fiframe-src-31.html&id=MTIZ
Frame ID: 756ECBF26E50C6496CA1848974519F03
Requests: 19 HTTP requests in this frame

Frame: https://md5sync.leadplace.fr/wapcrto.php?part=livedatasolutions
Frame ID: 7EFC56396453BF3F0D62F4039C78FA5C
Requests: 1 HTTP requests in this frame

Frame: https://md5sync.leadplace.fr/wapcrto.php?part=remailme
Frame ID: 33B10974470BA45B9EB8A83A8E110766
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Page Statistics

47
Requests

77 %
HTTPS

26 %
IPv6

28
Domains

36
Subdomains

24
IPs

5
Countries

656 kB
Transfer

3930 kB
Size

23
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17

https://cm.g.doubleclick.net/pixel?google_nid=temelio_dmp&google_sc&google_cm&uid=1369094701317283244 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=temelio_dmp&google_sc=&google_cm=&uid=1369094701317283244&google_tc= HTTP 302
https://tag.leadplace.fr/wappdbm.php?uid=1369094701317283244&google_gid=CAESEEJuRD3ZXXAWbckALYaWcpA&google_cver=1

Request Chain 18

https://sync.smartadserver.com/getuid?url=https%3A%2F%2Ftag.leadplace.fr%2Fwappsma.php%3Fid%3D%5Bsas_uid%5D%26uid%3D1369094701317283244 HTTP 302
https://sync.smartadserver.com/getuid?url=https://tag.leadplace.fr/wappsma.php?id=[sas_uid]&uid=1369094701317283244&cklb=1 HTTP 302
https://tag.leadplace.fr/wappsma.php?id=8463612401721710827

Request Chain 19

https://dpm.demdex.net/ibs:dpid=58578&dpuuid=1369094701317283244&redir=https%3A%2F%2Ftag.leadplace.fr%2Fwappad.php%3Fuid%3D1369094701317283244%26dd_uuid%3D%24%7BDD_UUID%7D HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=58578&dpuuid=1369094701317283244&redir=https%3A%2F%2Ftag.leadplace.fr%2Fwappad.php%3Fuid%3D1369094701317283244%26dd_uuid%3D%24%7BDD_UUID%7D HTTP 302
https://tag.leadplace.fr/wappad.php?uid=1369094701317283244&dd_uuid=75030140511408149630758751333657967975

Request Chain 20

https://rd.frontend.weborama.fr/rd?url=https://tag.leadplace.fr/wappweb.php%3FWEBO_CID=%7BWEBO_CID%7D%26uid=1369094701317283244 HTTP 307
https://rd.frontend.weborama.fr/rd?url=https%3A%2F%2Ftag.leadplace.fr%2Fwappweb.php%3FWEBO_CID%3D%7BWEBO_CID%7D%26uid%3D1369094701317283244&bounce=1&random=4093660248 HTTP 302
https://tag.leadplace.fr/wappweb.php?WEBO_CID=ydoIXDWl0P34m/6Dx9PTee&uid=1369094701317283244

Request Chain 21

https://ads.stickyadstv.com/data-registering?dataProviderId=1073&redirectId=1521 HTTP 302
https://sync.leadplace.fr/callback.php?id=ab98bb86bf73af5648c3d85bfd3a4&id_part=stickyads

Request Chain 23

https://loadeu.exelator.com/load/?p=830&g=001&gdpr=&gdpr_consent= HTTP 302
https://loadeu.exelator.com/load/?p=830&g=001&gdpr=&gdpr_consent=&xl8blockcheck=1

Request Chain 25

https://pixel.mathtag.com/sync/img?sync=auto&redir=https%3A%2F%2Ftag.leadplace.fr%2Fwappmed.php%3Fmmuuid%3D[UUID]%26uid%3D1369094701317283244 HTTP 302
https://tag.leadplace.fr/wappmed.php?mmuuid=412a65d4-acaf-4c00-be2d-6ce7269cb2a0&uid=1369094701317283244

Request Chain 26

https://ib.adnxs.com/getuid?https://tag.leadplace.fr/wappnxs.php?uid=1369094701317283244&id=%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Ftag.leadplace.fr%2Fwappnxs.php%3Fuid%3D1369094701317283244%26id%3D%2524UID HTTP 302
https://tag.leadplace.fr/wappnxs.php?uid=1369094701317283244&id=2498690348302828906

Request Chain 28

https://trc.taboola.com/sg/ermes/1/cm?redirect=https://sync-uid.leadplace.fr/sync-uid.php?part%3Dtaboola%26id%3D%3CTUID%3E%26gdpr%3D%26gdpr_consent%3D HTTP 302
https://sync-uid.leadplace.fr/sync-uid.php?part=taboola&id=c8874e17-4965-44dd-8e39-14859a59ee31-tuctcce322f&gdpr=&gdpr_consent=

Request Chain 40

https://cm.g.doubleclick.net/pixel?google_nid=exelate&google_hm=ODg4YmVkMDBiMjJkOTE1YTlkZmNlZDg5NzE2NDFmMGQ&&google_redir=https://load.exelator.com/load/?p=204&g=109 HTTP 302
https://load.exelator.com/load/?p=204&g=109

Request Chain 41

https://ib.adnxs.com/getuid?https://loadm.exelator.com/load/?p=204&g=013&bi=$UID&j=0 HTTP 302
https://loadm.exelator.com/load/?p=204&g=013&bi=2498690348302828906&j=0

47 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request iframe-src-31.html Show response
lecourrier-du-soir.com/wp-content/plugins/the-moneytizer/lazy-loading/ 268 B
323 B 205ms
22ms Document
text/html 2001:41d0:1:1b00:213:186:33:40
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://lecourrier-du-soir.com/wp-content/plugins/the-moneytizer/lazy-loading/iframe-src-31.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:1:1b00:213:186:33:40 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: Apache /
Resource Hash: db8077401b213e9236640174af4261b17313ba85af9309992e50a4c5d34eba06

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: none
content-encoding: gzip
content-length: 193
content-type: text/html
date: Tue, 20 Feb 2024 13:44:14 GMT
server: Apache
vary: Accept-Encoding

GET
H2 200 gen.js Show response
ads.themoneytizer.com/s/ 4 KB
2 KB 149ms
63ms Script
text/html 2a02:6ea0:c700::17
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/gen.js?type=31
Requested by: Host: lecourrier-du-soir.com
URL: https://lecourrier-du-soir.com/wp-content/plugins/the-moneytizer/lazy-loading/iframe-src-31.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: aa08ed3725920fefd909f8763945e103af21df309cc27a821dc9b3b5b6dd8773

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://lecourrier-du-soir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-77-nzt: EgwBnJIhiAH3F3kAAAwB1GY4EQH3BwAAAA
x-accel-expires: @1709010448
date: Tue, 20 Feb 2024 13:44:14 GMT
content-encoding: gzip
x-77-age: 31006
x-77-pop: frankfurtDE
server: CDN77-Turbo
x-77-nzt-ray: f6587a1d644434a3aeacd4657b584b30
vary: Accept-Encoding
x-77-cache: HIT
content-type: text/html; charset=UTF-8
x-cache: HIT
cache-control: max-age=604800
x-age: 30999
x-accel-date: 1708405655

GET
H2 200 requestform.js Show response
ads.themoneytizer.com/s/ 5 KB
1 KB 179ms
94ms Script
text/html 2a02:6ea0:c700::17
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/requestform.js?siteId=116531&formatId=31
Requested by: Host: lecourrier-du-soir.com
URL: https://lecourrier-du-soir.com/wp-content/plugins/the-moneytizer/lazy-loading/iframe-src-31.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: e6f53e27814bfdc70060bfa4fbc8a92c7f74d4f69797347f3f46c8da446f1a3c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://lecourrier-du-soir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-77-nzt: EggBnJIhiAFBDAGckiEfAfd7eAAA
x-accel-expires: @1709010611
date: Tue, 20 Feb 2024 13:44:14 GMT
content-encoding: gzip
x-77-age: 30843
x-77-pop: frankfurtDE
server: CDN77-Turbo
x-77-nzt-ray: f6587a1d644434a3aeacd465ec1d4230
vary: Accept-Encoding
x-77-cache: HIT
content-type: text/html; charset=UTF-8
x-cache: MISS
cache-control: max-age=604800
x-accel-date: 1708405811

GET
H/1.1 200
OK aws-sdk-2.1531.0.min.js Show response
sdk.amazonaws.com/js/ 3 MB
429 KB 195ms
35ms Script
application/javascript 18.244.18.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.amazonaws.com/js/aws-sdk-2.1531.0.min.js

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=116531&formatId=31

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.244.18.47 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-18-47.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

841aa9ca85d7e4bc5124187affee730a2d5d31e8e2e99dde64915d84a24e9a5d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; script-src 'self' 'unsafe-inline' .awsstatic.com .cdn.uis.awsstatic.com *.cdn.console.awsstatic.com docs.aws.amazon.com; object-src 'none'; frame-ancestors 'self'; base-uri 'none'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://lecourrier-du-soir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Tue, 20 Feb 2024 05:50:41 GMT
Content-Encoding: gzip
Via: 1.1 d025091c574ce1bcf1fefea59ac34f2c.cloudfront.net (CloudFront)
Content-Security-Policy: upgrade-insecure-requests; script-src 'self' 'unsafe-inline' *.awsstatic.com *.cdn.uis.awsstatic.com *.cdn.console.awsstatic.com docs.aws.amazon.com; object-src 'none'; frame-ancestors 'self'; base-uri 'none'
Strict-Transport-Security: max-age=31536000
X-Amz-Cf-Pop: FRA56-P11
Age: 41937
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Last-Modified: Fri, 05 Jan 2024 19:29:37 GMT
Server: AmazonS3
ETag: W/"fac5cd87d4c09ab5791034bcb1b0b2a6"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
X-Amz-Cf-Id: Kbc-WsgqWFSPY1fjuCIqbajjEexHtXloazpwFiu0yP8_ZIJOG98UrA==

GET
H2 200 requestform3.js Show response
ads.themoneytizer.com/s/ 118 KB
17 KB 206ms
206ms Script
text/html 2a02:6ea0:c700::17
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/requestform3.js?siteId=116531&formatId=31
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=116531&formatId=31
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 34d5e197eaee2ab0f11d54fb28d7a2c49b90ef247c72dd3560690ed9049473fe

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://lecourrier-du-soir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-77-nzt: EggBnJIhiAFBDAGckiEnAfd8eAAA
x-accel-expires: @1709010611
date: Tue, 20 Feb 2024 13:44:15 GMT
content-encoding: gzip
x-77-age: 30844
x-77-pop: frankfurtDE
server: CDN77-Turbo
x-77-nzt-ray: f6587a1d644434a3aeacd465e9e15537
vary: Accept-Encoding
x-77-cache: HIT
content-type: text/html; charset=UTF-8
x-cache: MISS
cache-control: max-age=604800
x-accel-date: 1708405811

GET
H/1.1 200
OK smart.js Show response
ced.sascdn.com/tag/1097/ 105 KB
36 KB 183ms
44ms Script
application/javascript 184.24.77.162

General

Check archive.org

Show headers Download Go to

Full URL: https://ced.sascdn.com/tag/1097/smart.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform3.js?siteId=116531&formatId=31
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.24.77.162 Frankfurt am Main, Germany, ASN (),
Reverse DNS: a184-24-77-162.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1c062f82ba527666e8157a7cf1d4c4bad7fdf11cdbf8115a0bbe9953582effdb

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://lecourrier-du-soir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Tue, 20 Feb 2024 13:44:15 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=7200
Connection: keep-alive
Content-Length: 36399
Expires: Tue, 20 Feb 2024 15:44:15 GMT

GET
H2 200 sync Show response
gum.criteo.com/ 49 B
291 B 82ms
27ms Script
text/javascript 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform3.js?siteId=116531&formatId=31

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://lecourrier-du-soir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 13:44:14 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 285676
expires: 60

GET
H/1.1 200
OK libJsLP.js Show response
tag.leadplace.fr/ 4 KB
4 KB 119ms
19ms Script
application/javascript 145.239.193.51
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.leadplace.fr/libJsLP.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform3.js?siteId=116531&formatId=31
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 145.239.193.51 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 97c32278e8275102822dd3f18f9de62b7ff1f796bb43cf04c0845114ec912d16

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://lecourrier-du-soir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 13:44:15 GMT
last-modified: Wed, 06 Dec 2023 10:36:32 GMT
server: nginx/1.20.1
x-iplb-request-id: 5CDED412:E580_91EFC133:01BB_65D4ACAF_7DDDD692:2EEA
etag: "65704eb0-f36"
x-iplb-instance: 57201
content-type: application/javascript
accept-ranges: bytes
content-length: 3894

GET
H2 204 /
onetag-sys.com/usync/ Frame F27D 0
0 101ms
31ms Document
text/plain 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1708436655074

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform3.js?siteId=116531&formatId=31

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://lecourrier-du-soir.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 200 quant.js Show response
secure.quantserve.com/ 23 KB
9 KB 125ms
33ms Script
application/javascript 2620:116:800d:21:ef75:8280:f209:5ba1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform3.js?siteId=116531&formatId=31
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://lecourrier-du-soir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 13:44:15 GMT
content-encoding: gzip
etag: "bvEECQq4Zy6gU9J/qv1O6Q=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Tue, 27 Feb 2024 13:44:15 GMT

GET
H2 200 px.js Show response
p.cpx.to/p/12761/ 4 KB
4 KB 133ms
33ms Script
application/javascript 54.228.205.150

General

Check archive.org

Show headers Download Go to

Full URL: https://p.cpx.to/p/12761/px.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform3.js?siteId=116531&formatId=31
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.228.205.150 Dublin, Ireland, ASN (),
Reverse DNS: ec2-54-228-205-150.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 58ef01cf054184b5b7ee5b05ef529f9937708b1b07d4d37277117756d9139a3f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://lecourrier-du-soir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 13:44:15 GMT
cache-control: public, max-age=2419200
content-length: 4396
content-type: application/javascript; charset=UTF-8

GET
H/1.1 200
OK mailNotification.php Show response
adtrack.adleadevent.com/ 0
859 B 171ms
33ms Script
application/x-javascript 54.76.75.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adtrack.adleadevent.com/mailNotification.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform3.js?siteId=116531&formatId=31
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.75.94 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-75-94.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://lecourrier-du-soir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Feb 2024 13:44:15 GMT
Content-Encoding: gzip
Last-Modified: Tue, 20 Feb 2024 13:44:15 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0, no-cache="set-cookie"
Connection: keep-alive
Content-Length: 20
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 prebid.js Show response
tmzr.themoneytizer.com/v8.30.0u2.0.4/b3e816da2844951e0208af424c036e41/ 411 KB
134 KB 167ms
62ms Script
application/javascript 2a02:6ea0:c700::22
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://tmzr.themoneytizer.com/v8.30.0u2.0.4/b3e816da2844951e0208af424c036e41/prebid.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform3.js?siteId=116531&formatId=31
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::22 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 2198f02b98c4ab0f23e6a95fb243577fa38c3bd82f536a90c592451152551f65

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://lecourrier-du-soir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Tue, 20 Feb 2024 13:44:15 GMT
content-encoding: gzip
x-amz-request-id: 90FVTWA4CXTP22HK
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-cache: HIT
x-age: 110965
x-accel-date: 1708325690
x-amz-id-2: fA2X0FL2Wr+eIyAEZBstX5Jrm5bIVHTAnkuWF3hgLMArfIv0DiDe7VSesihonSN/+KLp/FIe9GE=
x-77-nzt: EgwB1GY4tAHXdbEBAAwBnJIhJwH3ZMADAA
x-accel-expires: @1709116630
x-77-age: 356825
last-modified: Fri, 16 Feb 2024 10:14:58 GMT
server: CDN77-Turbo
etag: W/"f0cf28a5e012e8509c03f497de415792"
x-77-nzt-ray: 6d204d1155499ff9afacd46580b6920b
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 lib_count.js Show response
ads.themoneytizer.com/ 400 B
747 B 31ms
31ms Script
application/javascript 2a02:6ea0:c700::17
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/lib_count.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=116531&formatId=31
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: c25e0b533eb17c8b642e942c326af3afb19df59ccc51fe6b7fe95386dce1d277

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://lecourrier-du-soir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Tue, 20 Feb 2024 13:44:15 GMT
content-encoding: gzip
x-77-cache: HIT
x-cache: HIT
x-age: 31003
x-accel-date: 1708405652
x-77-nzt: EgwBnJIhiAH3G3kAAAwBJRPCNAH3CgAAAA
pragma: public
x-accel-expires: @1708492042
x-77-age: 31013
last-modified: Wed, 07 Feb 2024 09:05:17 GMT
server: CDN77-Turbo
x-77-nzt-ray: f6587a1d644434a3afacd465c85ed30b
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400, public, no-transform
expires: Wed, 21 Feb 2024 05:07:22 GMT

GET
H/1.1 200
OK wckr.php Show response
tag.leadplace.fr/ Frame 756E 2 KB
2 KB 39ms
39ms Document
text/html 145.239.193.51
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.leadplace.fr/wckr.php?ref=https%3A%2F%2Flecourrier-du-soir.com%2Fwp-content%2Fplugins%2Fthe-moneytizer%2Flazy-loading%2Fiframe-src-31.html&id=MTIZ
Requested by: Host: tag.leadplace.fr
URL: https://tag.leadplace.fr/libJsLP.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 145.239.193.51 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: b0842d6c036540592222c2e3b36952a30235351b706fe2d518e1029ad6de21fd

Request headers

Referer: https://lecourrier-du-soir.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

content-type: text/html; charset=UTF-8
date: Tue, 20 Feb 2024 13:44:15 GMT
server: nginx/1.20.1
transfer-encoding: chunked
x-iplb-instance: 57201
x-iplb-request-id: 5CDED412:E580_91EFC133:01BB_65D4ACAF_7DDDD6A8:2EEA

GET
H2 200 rules-p-6Fv0cGNfc_bw8.js Show response
rules.quantcount.com/ 1 KB
1 KB 105ms
32ms Script
application/javascript 2600:9000:223c:e00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:e00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1cc6de1a4f6a561a6aa75d08bae33388b2e8905d01753aa41e4886a466d7c28c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://lecourrier-du-soir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 12:55:21 GMT
content-encoding: gzip
via: 1.1 367a4718be97a49df7ac0500a986437a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 2935
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Thu, 13 Oct 2022 22:35:53 GMT
server: AmazonS3
etag: W/"1f431dc94c1f033d6666f0fe637e2d7b"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-id: 8RqzV3hWku3QL3gTIXeLm54FRhBnyGeeSduaHhFgnueNo11uikA-sQ==

GET
H2 200 getuidj Show response
ib.adnxs.com/ 11 B
702 B 101ms
32ms Fetch
application/json 185.89.210.20
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/getuidj

Requested by

Host: p.cpx.to
URL: https://p.cpx.to/p/12761/px.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://lecourrier-du-soir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 13:44:15 GMT
an-x-request-uuid: 31166fd8-32a2-42c6-9c95-9192252f3333
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://lecourrier-du-soir.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 92.222.212.18; 92.222.212.18; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 11
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
426 B 127ms
40ms Fetch
application/json 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=0fkciot&fmt=json
Requested by: Host: p.cpx.to
URL: https://p.cpx.to/p/12761/px.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 1e17f36171dcc913f6ac0588a5db14df3b8b66c82b02b409c5425a289a2a4958

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://lecourrier-du-soir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 13:44:15 GMT
content-encoding: gzip
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/json
access-control-allow-origin: https://lecourrier-du-soir.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires: Thu, 21 Mar 2024 13:44:15 GMT

GET
H/1.1

200
OK

wappdbm.php
tag.leadplace.fr/ Frame 756E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=temelio_dmp&google_sc&google_cm&uid=1369094701317283244
https://cm.g.doubleclick.net/pixel?google_nid=temelio_dmp&google_sc=&google_cm=&uid=1369094701317283244&google_tc=
https://tag.leadplace.fr/wappdbm.php?uid=1369094701317283244&google_gid=CAESEEJuRD3ZXXAWbckALYaWcpA&google_cver=1

35 B
272 B

32ms
21ms

Image
image/gif

145.239.193.51
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tag.leadplace.fr/wappdbm.php?uid=1369094701317283244&google_gid=CAESEEJuRD3ZXXAWbckALYaWcpA&google_cver=1
Requested by: Host: tag.leadplace.fr
URL: https://tag.leadplace.fr/wckr.php?ref=https%3A%2F%2Flecourrier-du-soir.com%2Fwp-content%2Fplugins%2Fthe-moneytizer%2Flazy-loading%2Fiframe-src-31.html&id=MTIZ
Protocol: HTTP/1.1
Server: 145.239.193.51 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tag.leadplace.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 13:44:15 GMT
server: nginx/1.20.1
x-iplb-request-id: 5CDED412:E590_91EFC133:01BB_65D4ACAF_7DDDD731:2EEA
x-iplb-instance: 57201
transfer-encoding: chunked
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 20 Feb 2024 13:44:15 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://tag.leadplace.fr/wappdbm.php?uid=1369094701317283244&google_gid=CAESEEJuRD3ZXXAWbckALYaWcpA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 318
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

wappsma.php
tag.leadplace.fr/ Frame 756E
Redirect Chain

https://sync.smartadserver.com/getuid?url=https%3A%2F%2Ftag.leadplace.fr%2Fwappsma.php%3Fid%3D%5Bsas_uid%5D%26uid%3D1369094701317283244
https://sync.smartadserver.com/getuid?url=https://tag.leadplace.fr/wappsma.php?id=[sas_uid]&uid=1369094701317283244&cklb=1
https://tag.leadplace.fr/wappsma.php?id=8463612401721710827

35 B
272 B

20ms
19ms

Image
image/gif

145.239.193.51
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tag.leadplace.fr/wappsma.php?id=8463612401721710827
Requested by: Host: tag.leadplace.fr
URL: https://tag.leadplace.fr/wckr.php?ref=https%3A%2F%2Flecourrier-du-soir.com%2Fwp-content%2Fplugins%2Fthe-moneytizer%2Flazy-loading%2Fiframe-src-31.html&id=MTIZ
Protocol: HTTP/1.1
Server: 145.239.193.51 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tag.leadplace.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 13:44:15 GMT
server: nginx/1.20.1
x-iplb-request-id: 5CDED412:E590_91EFC133:01BB_65D4ACAF_7DDDD745:2EEA
x-iplb-instance: 57201
transfer-encoding: chunked
content-type: image/gif

Redirect headers

location: https://tag.leadplace.fr/wappsma.php?id=8463612401721710827
pragma: no-cache
date: Tue, 20 Feb 2024 13:44:14 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H/1.1

200
OK

wappad.php
tag.leadplace.fr/ Frame 756E
Redirect Chain

https://dpm.demdex.net/ibs:dpid=58578&dpuuid=1369094701317283244&redir=https%3A%2F%2Ftag.leadplace.fr%2Fwappad.php%3Fuid%3D1369094701317283244%26dd_uuid%3D%24%7BDD_UUID%7D
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=58578&dpuuid=1369094701317283244&redir=https%3A%2F%2Ftag.leadplace.fr%2Fwappad.php%3Fuid%3D1369094701317283244%26dd_uuid%3D%24%7BDD_UUID%7D
https://tag.leadplace.fr/wappad.php?uid=1369094701317283244&dd_uuid=75030140511408149630758751333657967975

35 B
272 B

31ms
21ms

Image
image/gif

145.239.193.51
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tag.leadplace.fr/wappad.php?uid=1369094701317283244&dd_uuid=75030140511408149630758751333657967975
Requested by: Host: tag.leadplace.fr
URL: https://tag.leadplace.fr/wckr.php?ref=https%3A%2F%2Flecourrier-du-soir.com%2Fwp-content%2Fplugins%2Fthe-moneytizer%2Flazy-loading%2Fiframe-src-31.html&id=MTIZ
Protocol: HTTP/1.1
Server: 145.239.193.51 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tag.leadplace.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 13:44:15 GMT
server: nginx/1.20.1
x-iplb-request-id: 5CDED412:E580_91EFC133:01BB_65D4ACAF_7DDDD71B:2EEA
x-iplb-instance: 57201
transfer-encoding: chunked
content-type: image/gif

Redirect headers

dcs: dcs-prod-irl1-2-v055-0717dc677.edge-irl1.demdex.com 3 ms
pragma: no-cache
date: Tue, 20 Feb 2024 13:44:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: LLCozfd0Ruk=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://tag.leadplace.fr/wappad.php?uid=1369094701317283244&dd_uuid=75030140511408149630758751333657967975
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1

200
OK

wappweb.php
tag.leadplace.fr/ Frame 756E
Redirect Chain

https://rd.frontend.weborama.fr/rd?url=https://tag.leadplace.fr/wappweb.php%3FWEBO_CID=%7BWEBO_CID%7D%26uid=1369094701317283244
https://rd.frontend.weborama.fr/rd?url=https%3A%2F%2Ftag.leadplace.fr%2Fwappweb.php%3FWEBO_CID%3D%7BWEBO_CID%7D%26uid%3D1369094701317283244&bounce=1&random=4093660248
https://tag.leadplace.fr/wappweb.php?WEBO_CID=ydoIXDWl0P34m/6Dx9PTee&uid=1369094701317283244

35 B
272 B

21ms
21ms

Image
image/gif

145.239.193.51
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tag.leadplace.fr/wappweb.php?WEBO_CID=ydoIXDWl0P34m/6Dx9PTee&uid=1369094701317283244
Requested by: Host: tag.leadplace.fr
URL: https://tag.leadplace.fr/wckr.php?ref=https%3A%2F%2Flecourrier-du-soir.com%2Fwp-content%2Fplugins%2Fthe-moneytizer%2Flazy-loading%2Fiframe-src-31.html&id=MTIZ
Protocol: HTTP/1.1
Server: 145.239.193.51 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tag.leadplace.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 13:44:15 GMT
server: nginx/1.20.1
x-iplb-request-id: 5CDED412:E580_91EFC133:01BB_65D4ACAF_7DDDD70A:2EEA
x-iplb-instance: 57201
transfer-encoding: chunked
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 20 Feb 2024 13:44:14 GMT
via: 1.1 google
last-modified: Tue, 20 Feb 2024 13:44:15 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location: https://tag.leadplace.fr/wappweb.php?WEBO_CID=ydoIXDWl0P34m/6Dx9PTee&uid=1369094701317283244
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H/1.1

200
OK

callback.php
sync.leadplace.fr/ Frame 756E
Redirect Chain

https://ads.stickyadstv.com/data-registering?dataProviderId=1073&redirectId=1521
https://sync.leadplace.fr/callback.php?id=ab98bb86bf73af5648c3d85bfd3a4&id_part=stickyads

35 B
272 B

107ms
30ms

Image
image/gif

145.239.192.166
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.leadplace.fr/callback.php?id=ab98bb86bf73af5648c3d85bfd3a4&id_part=stickyads
Requested by: Host: tag.leadplace.fr
URL: https://tag.leadplace.fr/wckr.php?ref=https%3A%2F%2Flecourrier-du-soir.com%2Fwp-content%2Fplugins%2Fthe-moneytizer%2Flazy-loading%2Fiframe-src-31.html&id=MTIZ
Protocol: HTTP/1.1
Server: 145.239.192.166 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tag.leadplace.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 13:44:15 GMT
server: nginx/1.20.1
x-iplb-request-id: 5CDED412:9974_91EFC0A6:01BB_65D4ACAF_8E05EABF:10B0
x-iplb-instance: 54208
transfer-encoding: chunked
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Tue, 20 Feb 2024 13:44:15 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://sync.leadplace.fr/callback.php?id=ab98bb86bf73af5648c3d85bfd3a4&id_part=stickyads
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1708436655337047-526

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 756E 70 B
148 B 88ms
41ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=lx9z2st&ttd_puid=1369094701317283244&ttd_tpi=1
Requested by: Host: tag.leadplace.fr
URL: https://tag.leadplace.fr/wckr.php?ref=https%3A%2F%2Flecourrier-du-soir.com%2Fwp-content%2Fplugins%2Fthe-moneytizer%2Flazy-loading%2Fiframe-src-31.html&id=MTIZ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tag.leadplace.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 13:44:15 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2

200

/ Show response
loadeu.exelator.com/load/ Frame 756E
Redirect Chain

https://loadeu.exelator.com/load/?p=830&g=001&gdpr=&gdpr_consent=
https://loadeu.exelator.com/load/?p=830&g=001&gdpr=&gdpr_consent=&xl8blockcheck=1

1 KB
2 KB

53ms
53ms

Script
application/x-javascript

54.78.254.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://loadeu.exelator.com/load/?p=830&g=001&gdpr=&gdpr_consent=&xl8blockcheck=1
Requested by: Host: tag.leadplace.fr
URL: https://tag.leadplace.fr/wckr.php?ref=https%3A%2F%2Flecourrier-du-soir.com%2Fwp-content%2Fplugins%2Fthe-moneytizer%2Flazy-loading%2Fiframe-src-31.html&id=MTIZ
Protocol: H2
Server: 54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: c0c8096b70d01ab8f3af28ac746b02b741e587ee8823b76bba135e490d6fcdd7

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tag.leadplace.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-type: application/x-javascript;charset=UTF-8
date: Tue, 20 Feb 2024 13:44:15 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date: Tue, 20 Feb 2024 13:44:21 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://loadeu.exelator.com/load/?p=830&g=001&gdpr=&gdpr_consent=&xl8blockcheck=1
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
content-length: 0

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 756E 0
44 B 146ms
32ms Image
text/plain 52.48.53.237
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=temelio&partner_uid=1369094701317283244
Requested by: Host: tag.leadplace.fr
URL: https://tag.leadplace.fr/wckr.php?ref=https%3A%2F%2Flecourrier-du-soir.com%2Fwp-content%2Fplugins%2Fthe-moneytizer%2Flazy-loading%2Fiframe-src-31.html&id=MTIZ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.53.237 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-53-237.eu-west-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tag.leadplace.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 13:44:15 GMT
server: awselb/2.0

GET
H/1.1

200
OK

wappmed.php
tag.leadplace.fr/ Frame 756E
Redirect Chain

https://pixel.mathtag.com/sync/img?sync=auto&redir=https%3A%2F%2Ftag.leadplace.fr%2Fwappmed.php%3Fmmuuid%3D[UUID]%26uid%3D1369094701317283244
https://tag.leadplace.fr/wappmed.php?mmuuid=412a65d4-acaf-4c00-be2d-6ce7269cb2a0&uid=1369094701317283244

35 B
272 B

41ms
23ms

Image
image/gif

145.239.193.51
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tag.leadplace.fr/wappmed.php?mmuuid=412a65d4-acaf-4c00-be2d-6ce7269cb2a0&uid=1369094701317283244
Requested by: Host: tag.leadplace.fr
URL: https://tag.leadplace.fr/wckr.php?ref=https%3A%2F%2Flecourrier-du-soir.com%2Fwp-content%2Fplugins%2Fthe-moneytizer%2Flazy-loading%2Fiframe-src-31.html&id=MTIZ
Protocol: HTTP/1.1
Server: 145.239.193.51 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tag.leadplace.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 13:44:15 GMT
server: nginx/1.20.1
x-iplb-request-id: 5CDED412:E580_91EFC133:01BB_65D4ACAF_7DDDD72B:2EEA
x-iplb-instance: 57201
transfer-encoding: chunked
content-type: image/gif

Redirect headers

x-cache-hits: 0
date: Tue, 20 Feb 2024 13:44:15 GMT
via: 1.1 varnish
expires: Tue, 20 Feb 2024 13:44:14 GMT
server: MT3 1487 7fd7a36 master iad iad-pixel-x3 config_version:"567"
x-timer: S1708436655.311548,VS0,VE79
x-cache: MISS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
location: https://tag.leadplace.fr/wappmed.php?mmuuid=412a65d4-acaf-4c00-be2d-6ce7269cb2a0&uid=1369094701317283244
content-type: image/gif
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-served-by: cache-lcy-eglc8600052-LCY

GET
H/1.1

200
OK

wappnxs.php
tag.leadplace.fr/ Frame 756E
Redirect Chain

https://ib.adnxs.com/getuid?https://tag.leadplace.fr/wappnxs.php?uid=1369094701317283244&id=%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Ftag.leadplace.fr%2Fwappnxs.php%3Fuid%3D1369094701317283244%26id%3D%2524UID
https://tag.leadplace.fr/wappnxs.php?uid=1369094701317283244&id=2498690348302828906

35 B
272 B

22ms
21ms

Image
image/gif

145.239.193.51
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tag.leadplace.fr/wappnxs.php?uid=1369094701317283244&id=2498690348302828906
Requested by: Host: tag.leadplace.fr
URL: https://tag.leadplace.fr/wckr.php?ref=https%3A%2F%2Flecourrier-du-soir.com%2Fwp-content%2Fplugins%2Fthe-moneytizer%2Flazy-loading%2Fiframe-src-31.html&id=MTIZ
Protocol: HTTP/1.1
Server: 145.239.193.51 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tag.leadplace.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 13:44:15 GMT
server: nginx/1.20.1
x-iplb-request-id: 5CDED412:E580_91EFC133:01BB_65D4ACAF_7DDDD6F7:2EEA
x-iplb-instance: 57201
transfer-encoding: chunked
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 20 Feb 2024 13:44:15 GMT
an-x-request-uuid: 5f93980b-3457-49a0-bc31-d580f82b9196
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://tag.leadplace.fr/wappnxs.php?uid=1369094701317283244&id=2498690348302828906
x-proxy-origin: 92.222.212.18; 92.222.212.18; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK pixel Show response
ps.eyeota.net/ Frame 756E 1 KB
2 KB 138ms
32ms Script
text/plain 18.184.216.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ps.eyeota.net/pixel?pid=mhoi0ru&t=ajs&uid=1369094701317283244&gdpr=&gdpr_consent=
Requested by: Host: tag.leadplace.fr
URL: https://tag.leadplace.fr/wckr.php?ref=https%3A%2F%2Flecourrier-du-soir.com%2Fwp-content%2Fplugins%2Fthe-moneytizer%2Flazy-loading%2Fiframe-src-31.html&id=MTIZ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 18.184.216.10 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-184-216-10.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 474719cfb6487fc7c327b25462eb90cdb496dcd4c745a6c5d2b41480e4891843

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tag.leadplace.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Tue, 20 Feb 2024 13:44:15 GMT
Content-Length: 1357
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H/1.1

200
OK

sync-uid.php
sync-uid.leadplace.fr/ Frame 756E
Redirect Chain

https://trc.taboola.com/sg/ermes/1/cm?redirect=https://sync-uid.leadplace.fr/sync-uid.php?part%3Dtaboola%26id%3D%3CTUID%3E%26gdpr%3D%26gdpr_consent%3D
https://sync-uid.leadplace.fr/sync-uid.php?part=taboola&id=c8874e17-4965-44dd-8e39-14859a59ee31-tuctcce322f&gdpr=&gdpr_consent=

35 B
418 B

110ms
36ms

Image
image/gif

145.239.192.166
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-uid.leadplace.fr/sync-uid.php?part=taboola&id=c8874e17-4965-44dd-8e39-14859a59ee31-tuctcce322f&gdpr=&gdpr_consent=
Requested by: Host: tag.leadplace.fr
URL: https://tag.leadplace.fr/wckr.php?ref=https%3A%2F%2Flecourrier-du-soir.com%2Fwp-content%2Fplugins%2Fthe-moneytizer%2Flazy-loading%2Fiframe-src-31.html&id=MTIZ
Protocol: HTTP/1.1
Server: 145.239.192.166 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tag.leadplace.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 13:44:15 GMT
server: nginx/1.20.1
x-iplb-request-id: 5CDED412:997E_91EFC0A6:01BB_65D4ACAF_8E05CC6C:27B4
x-iplb-instance: 54293
transfer-encoding: chunked
content-type: image/gif

Redirect headers

x-vcl-time-ms: 10
date: Tue, 20 Feb 2024 13:44:15 GMT
via: 1.1 varnish
x-served-by: cache-lcy-eglc8600050-LCY
server: nginx
x-timer: S1708436655.409638,VS0,VE10
x-fastly-to-nlb-rtt: 7888
x-cache: MISS
location: https://sync-uid.leadplace.fr/sync-uid.php?part=taboola&id=c8874e17-4965-44dd-8e39-14859a59ee31-tuctcce322f&gdpr=&gdpr_consent=
accept-ranges: bytes
content-length: 0
x-service-version: v1
x-cache-hits: 0

GET
H/1.1 200
OK wapcrto.php Show response
md5sync.leadplace.fr/ Frame 7EFC 0
392 B 78ms
30ms Document
text/html 145.239.192.166
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://md5sync.leadplace.fr/wapcrto.php?part=livedatasolutions
Requested by: Host: tag.leadplace.fr
URL: https://tag.leadplace.fr/wckr.php?ref=https%3A%2F%2Flecourrier-du-soir.com%2Fwp-content%2Fplugins%2Fthe-moneytizer%2Flazy-loading%2Fiframe-src-31.html&id=MTIZ
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 145.239.192.166 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tag.leadplace.fr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

content-type: text/html; charset=UTF-8
date: Tue, 20 Feb 2024 13:44:15 GMT
server: nginx/1.20.1
transfer-encoding: chunked
x-iplb-instance: 54208
x-iplb-request-id: 5CDED412:996A_91EFC0A6:01BB_65D4ACAF_8E05EA54:10B0

POST
H2 200 102.json Show response
id5-sync.com/g/v2/ 250 B
538 B 109ms
32ms XHR
application/json 162.19.138.83
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/102.json

Requested by

Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1097/smart.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532338.ip-162-19-138.eu

Software

Resource Hash

f28cfcf54cb94c7ff6215df57dbd68d89c5722d578f644d611d63f6a405fb610

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://lecourrier-du-soir.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://lecourrier-du-soir.com
date: Tue, 20 Feb 2024 13:44:14 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 84ms
30ms Preflight
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Flecourrier-du-soir.com%2F&domain=lecourrier-du-soir.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://lecourrier-du-soir.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://lecourrier-du-soir.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Tue, 20 Feb 2024 13:44:15 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 288693
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 json Show response
gum.criteo.com/sid/ 2 B
380 B 28ms
27ms Fetch
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Flecourrier-du-soir.com%2F&domain=lecourrier-du-soir.com&cw=1&lsw=1

Requested by

Host: tmzr.themoneytizer.com
URL: https://tmzr.themoneytizer.com/v8.30.0u2.0.4/b3e816da2844951e0208af424c036e41/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://lecourrier-du-soir.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
content-type: application/json

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 13:44:14 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://lecourrier-du-soir.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 239850
expires: 0

POST
H2 200 prebid Show response
id5-sync.com/api/config/ 134 B
422 B 95ms
32ms Fetch
application/json 162.19.138.83
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: tmzr.themoneytizer.com
URL: https://tmzr.themoneytizer.com/v8.30.0u2.0.4/b3e816da2844951e0208af424c036e41/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532338.ip-162-19-138.eu

Software

Resource Hash

559ffc5fa5eadd77f8bfaaeb793648763e312a17391d8e6bbb7d8d3dec2147e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://lecourrier-du-soir.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://lecourrier-du-soir.com
date: Tue, 20 Feb 2024 13:44:14 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H2 200 id Show response
id.crwdcntrl.net/ 43 B
322 B 110ms
34ms Fetch
application/json 52.208.170.205
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id?c=17553
Requested by: Host: tmzr.themoneytizer.com
URL: https://tmzr.themoneytizer.com/v8.30.0u2.0.4/b3e816da2844951e0208af424c036e41/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.170.205 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-170-205.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer: https://lecourrier-du-soir.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 13:44:15 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://lecourrier-du-soir.com
cache-control: no-cache
x-server: 10.45.17.105
access-control-allow-credentials: true
content-length: 43
expires: 0

GET
H2 200 pixel;r=2113376878;labels=Categories.news;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Flecourrier-du-soir.com%2Fwp-content%2Fplugins%2Fthe-moneytizer%2Flazy-loading%2Fiframe-src-31.html;uht=2;fpan=1;fp...
pixel.quantserve.com/ 35 B
507 B 35ms
34ms Image
image/gif 2620:116:800d:21:ef75:8280:f209:5ba1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=2113376878;labels=Categories.news;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Flecourrier-du-soir.com%2Fwp-content%2Fplugins%2Fthe-moneytizer%2Flazy-loading%2Fiframe-src-31.html;uht=2;fpan=1;fpa=P0-1532296735-1708436655211;pbc=;ns=0;ce=1;qjs=1;qv=b70d35e8-20231208114759;cm=;gdpr=0;ref=;d=lecourrier-du-soir.com;dst=1;et=1708436655351;tzo=-60;ogl=;ses=1ed1cb41-563f-41ce-b6b2-cde5911f1b7d;mdl=

Requested by

Host: lecourrier-du-soir.com
URL: https://lecourrier-du-soir.com/wp-content/plugins/the-moneytizer/lazy-loading/iframe-src-31.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://lecourrier-du-soir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 13:44:15 GMT
attribution-reporting-register-trigger: {"event_trigger_data":[{"filters":[{"label":["Categories.news"],"pcode":["p-6Fv0cGNfc_bw8"]}],"trigger_data":"1"}]}
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

POST
H2 200 fire.js Show response
s.cpx.to/ 0
172 B 139ms
34ms Fetch 54.76.70.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.cpx.to/fire.js?pid=12761&url=https%3A%2F%2Flecourrier-du-soir.com%2Fwp-content%2Fplugins%2Fthe-moneytizer%2Flazy-loading%2Fiframe-src-31.html&hn_ver=72&fid=791769f0-f5dd-41a7-8456-0ff833f90fc8
Requested by: Host: p.cpx.to
URL: https://p.cpx.to/p/12761/px.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.70.18 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-70-18.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://lecourrier-du-soir.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://lecourrier-du-soir.com
date: Tue, 20 Feb 2024 13:44:15 GMT
access-control-allow-credentials: true
expires: Tue, 20 Feb 2024 13:44:15 GMT
content-length: 0
vary: Origin
p3p: CP="NOI DEV ADM"

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
282 B 103ms
32ms Fetch
application/json 141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: tmzr.themoneytizer.com
URL: https://tmzr.themoneytizer.com/v8.30.0u2.0.4/b3e816da2844951e0208af424c036e41/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

a7bd1f0a08490d36fd4376f9e90f2dd9dd0afa4448502815af4f1dc4debec9bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://lecourrier-du-soir.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://lecourrier-du-soir.com
date: Tue, 20 Feb 2024 13:44:14 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H2 200 sync
sync.teads.tv/ex/ Frame 756E 2 B
153 B 170ms
57ms Image
text/plain 2.16.97.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/ex/sync?gdpr=&gdpr_consent=&us_privacy=
Requested by: Host: tag.leadplace.fr
URL: https://tag.leadplace.fr/wckr.php?ref=https%3A%2F%2Flecourrier-du-soir.com%2Fwp-content%2Fplugins%2Fthe-moneytizer%2Flazy-loading%2Fiframe-src-31.html&id=MTIZ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-41.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Tue, 20 Feb 2024 13:44:15 GMT
pragma: no-cache
date: Tue, 20 Feb 2024 13:44:15 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 2
content-type: text/plain; charset=UTF-8

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 756E 70 B
148 B 42ms
41ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=exelate&;ttd_tpi=1&gdpr=&gdpr_consent=
Requested by: Host: tag.leadplace.fr
URL: https://tag.leadplace.fr/wckr.php?ref=https%3A%2F%2Flecourrier-du-soir.com%2Fwp-content%2Fplugins%2Fthe-moneytizer%2Flazy-loading%2Fiframe-src-31.html&id=MTIZ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 13:44:15 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2

200

/
load.exelator.com/load/ Frame 756E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=exelate&google_hm=ODg4YmVkMDBiMjJkOTE1YTlkZmNlZDg5NzE2NDFmMGQ&&google_redir=https://load.exelator.com/load/?p=204&g=109
https://load.exelator.com/load/?p=204&g=109

134 B
134 B

79ms
35ms

Image
application/x-javascript

54.78.254.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://load.exelator.com/load/?p=204&g=109
Requested by: Host: tag.leadplace.fr
URL: https://tag.leadplace.fr/wckr.php?ref=https%3A%2F%2Flecourrier-du-soir.com%2Fwp-content%2Fplugins%2Fthe-moneytizer%2Flazy-loading%2Fiframe-src-31.html&id=MTIZ
Protocol: H2
Server: 54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-type: application/x-javascript;charset=UTF-8
date: Tue, 20 Feb 2024 13:44:15 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

pragma: no-cache
date: Tue, 20 Feb 2024 13:44:15 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://load.exelator.com/load/?p=204&g=109
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 244
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

/
loadm.exelator.com/load/ Frame 756E
Redirect Chain

https://ib.adnxs.com/getuid?https://loadm.exelator.com/load/?p=204&g=013&bi=$UID&j=0
https://loadm.exelator.com/load/?p=204&g=013&bi=2498690348302828906&j=0

0
1 KB

41ms
33ms

Image
text/plain

54.78.254.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=013&bi=2498690348302828906&j=0
Requested by: Host: tag.leadplace.fr
URL: https://tag.leadplace.fr/wckr.php?ref=https%3A%2F%2Flecourrier-du-soir.com%2Fwp-content%2Fplugins%2Fthe-moneytizer%2Flazy-loading%2Fiframe-src-31.html&id=MTIZ
Protocol: H2
Server: 54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tag.leadplace.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 13:44:15 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

pragma: no-cache
date: Tue, 20 Feb 2024 13:44:15 GMT
an-x-request-uuid: 6bdf2569-014a-4bc9-a824-312db387aee2
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://loadm.exelator.com/load/?p=204&g=013&bi=2498690348302828906&j=0
x-proxy-origin: 92.222.212.18; 92.222.212.18; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 adsct
analytics.twitter.com/i/ Frame 756E 43 B
395 B 189ms
133ms Image
image/gif 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?p_user_id=888bed00b22d915a9dfced8971641f0d&p_id=28539

Requested by

Host: tag.leadplace.fr
URL: https://tag.leadplace.fr/wckr.php?ref=https%3A%2F%2Flecourrier-du-soir.com%2Fwp-content%2Fplugins%2Fthe-moneytizer%2Flazy-loading%2Fiframe-src-31.html&id=MTIZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-response-time: 106
date: Tue, 20 Feb 2024 13:44:15 GMT
strict-transport-security: max-age=631138519
server: tsa_f
content-type: image/gif;charset=utf-8
x-transaction-id: 489ba686e6e90932
cache-control: no-cache, no-store, max-age=0
perf: 7469935968
x-connection-hash: e5fe00021d88347730e3922c4c9f2cd8bb5b669edb852181b21868050ba70444
content-length: 43

GET
H/1.1 200
OK wapcrto.php Show response
md5sync.leadplace.fr/ Frame 33B1 0
392 B 32ms
32ms Document
text/html 145.239.192.166
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://md5sync.leadplace.fr/wapcrto.php?part=remailme
Requested by: Host: tag.leadplace.fr
URL: https://tag.leadplace.fr/wckr.php?ref=https%3A%2F%2Flecourrier-du-soir.com%2Fwp-content%2Fplugins%2Fthe-moneytizer%2Flazy-loading%2Fiframe-src-31.html&id=MTIZ
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 145.239.192.166 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tag.leadplace.fr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

content-type: text/html; charset=UTF-8
date: Tue, 20 Feb 2024 13:44:15 GMT
server: nginx/1.20.1
transfer-encoding: chunked
x-iplb-instance: 54208
x-iplb-request-id: 5CDED412:996A_91EFC0A6:01BB_65D4ACAF_8E05EAE7:10B0

GET
H/1.1 200
OK pixel Show response
ps.eyeota.net/ Frame 756E 0
344 B 39ms
39ms Script
text/plain 18.184.216.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ps.eyeota.net/pixel?pid=mhoi0ru&t=ajs&uid=1369094701317283244&gdpr=&gdpr_consent=&c_b=1&gdpr=0&gdpr_consent=&c_l=0&c_s=1&c_e=
Requested by: Host: ps.eyeota.net
URL: https://ps.eyeota.net/pixel?pid=mhoi0ru&t=ajs&uid=1369094701317283244&gdpr=&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 18.184.216.10 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-184-216-10.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tag.leadplace.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Tue, 20 Feb 2024 13:44:15 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

POST
H2 200 12.json Show response
id5-sync.com/g/v2/ 251 B
538 B 33ms
33ms Fetch
application/json 162.19.138.83
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/12.json

Requested by

Host: tmzr.themoneytizer.com
URL: https://tmzr.themoneytizer.com/v8.30.0u2.0.4/b3e816da2844951e0208af424c036e41/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532338.ip-162-19-138.eu

Software

Resource Hash

5a40c914c4a99050d50ad4f7f04bb2d14e0df35c800e909ae6fda6947d75a337

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://lecourrier-du-soir.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://lecourrier-du-soir.com
date: Tue, 20 Feb 2024 13:44:14 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

Verdicts & Comments Add Verdict or Comment

130 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

23 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
adtrack.adleadevent.com/	1969-12-31 23:59:59	Name: AWSELBCORS Value: 9FC54D150466C174912E5199B1F8E822A79961F459747D218DA8067809F8238A086EE8BF67D63A2A90D1DB19587375008B81DF393E974B37DE71BA6F26DE79F63E8F5DED51
.leadplace.fr/	1970-01-21 03:12:20	Name: uid Value: 1369094701317283244
.adnxs.com/	1970-01-20 20:43:32	Name: XANDR_PANID Value: qfytnEBEIMFHsfUbSYuKo-6OerY-wPbA4Oew7RivwMA9_xnnJxqIlyBz4VgrXofl9BV_FZeelC9GxtRjLU6OhzSS39ug6P8bZCbFcMfSB1Y.
.adnxs.com/	1970-01-21 04:09:56	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 20:43:32	Name: uuid2 Value: 2498690348302828906
.lecourrier-du-soir.com/	1970-01-20 20:43:32	Name: sharedid Value: 316b6d26-8744-454d-ab49-f89a2f04d6bb
.lecourrier-du-soir.com/	1970-01-20 20:43:32	Name: sharedid_cst Value: zix7LPQsHA%3D%3D
.weborama.fr/	1970-01-21 03:59:51	Name: AFFICHE_W Value: B0Rit4RVB9UH38
.demdex.net/	1970-01-20 22:53:08	Name: demdex Value: 75030140511408149630758751333657967975
.quantserve.com/	1970-01-21 04:04:11	Name: mc Value: 65d4acaf-59543-6ce94-d1fc9
.ads.stickyadstv.com/	1970-01-20 19:17:08	Name: UID Value: ab98bb86bf73af5648c3d85bfd3a4
.lecourrier-du-soir.com/	1970-01-21 03:58:25	Name: __qca Value: P0-1532296735-1708436655211
.dpm.demdex.net/	1970-01-20 22:53:08	Name: dpm Value: 75030140511408149630758751333657967975
.mathtag.com/	1970-01-21 03:59:51	Name: uuid Value: 412a65d4-acaf-4c00-be2d-6ce7269cb2a0
.doubleclick.net/	1970-01-21 03:55:32	Name: IDE Value: AHWqTUndAAnYVG7Z6aqDnyVg0XHw2bhqGhlAF3HwYi8kgp0xZUVfj6lPggHhFQNzZYo
.smartadserver.com/	1970-01-21 03:20:59	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-21 03:20:59	Name: pbw Value: %24b%3d16999%3b%24o%3d11100
.exelator.com/	1970-01-20 21:26:44	Name: EE Value: "888bed00b22d915a9dfced8971641f0d"
.smartadserver.com/	1970-01-21 03:20:59	Name: pid Value: 8463612401721710827
.eyeota.net/	1970-01-20 18:33:57	Name: SERVERID Value: 21653~DM
.exelator.com/	1970-01-20 21:26:44	Name: ud Value: "eJxrXxzq6XKLQcHCwiIpNcXAIMnIKMXS0DTRMiUtOTXFwtLc0MzEMM0gZXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDIcEl%252BUWb6IregxUUpaQyLSopPBR97nAgAtx0q5A%253D%253D"
.exelator.com/	1970-01-20 21:26:44	Name: hsk_350 Value: "gAAAAAQAAABjKLUv%252FSBjGQMAiKRidWlkszI0OTg2OTAzNDgzMDI4Mjg5MDajaHNrpDYyNTmoZGVsaXZlcnmkNjI1OaN2ZXIHpWJuYW1lp1MyMDRBUE6ldHNlZ3OnMTYxOTcwMKViY29kZc0BXqJ0c8pTxuNh"
.twitter.com/	1970-01-21 04:09:56	Name: personalization_id Value: "v1_Wq2pLqWDF36GW1ZNvMtvoA=="

59 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://lecourrier-du-soir.com/wp-content/plugins/the-moneytizer/lazy-loading/iframe-src-31.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://lecourrier-du-soir.com/wp-content/plugins/the-moneytizer/lazy-loading/iframe-src-31.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://lecourrier-du-soir.com/wp-content/plugins/the-moneytizer/lazy-loading/iframe-src-31.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://lecourrier-du-soir.com/wp-content/plugins/the-moneytizer/lazy-loading/iframe-src-31.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://lecourrier-du-soir.com/wp-content/plugins/the-moneytizer/lazy-loading/iframe-src-31.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://lecourrier-du-soir.com/wp-content/plugins/the-moneytizer/lazy-loading/iframe-src-31.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://lecourrier-du-soir.com/wp-content/plugins/the-moneytizer/lazy-loading/iframe-src-31.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://lecourrier-du-soir.com/wp-content/plugins/the-moneytizer/lazy-loading/iframe-src-31.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://lecourrier-du-soir.com/wp-content/plugins/the-moneytizer/lazy-loading/iframe-src-31.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://lecourrier-du-soir.com/wp-content/plugins/the-moneytizer/lazy-loading/iframe-src-31.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://lecourrier-du-soir.com/wp-content/plugins/the-moneytizer/lazy-loading/iframe-src-31.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://lecourrier-du-soir.com/wp-content/plugins/the-moneytizer/lazy-loading/iframe-src-31.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://lecourrier-du-soir.com/wp-content/plugins/the-moneytizer/lazy-loading/iframe-src-31.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://lecourrier-du-soir.com/wp-content/plugins/the-moneytizer/lazy-loading/iframe-src-31.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://lecourrier-du-soir.com/wp-content/plugins/the-moneytizer/lazy-loading/iframe-src-31.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://lecourrier-du-soir.com/wp-content/plugins/the-moneytizer/lazy-loading/iframe-src-31.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://lecourrier-du-soir.com/wp-content/plugins/the-moneytizer/lazy-loading/iframe-src-31.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://lecourrier-du-soir.com/wp-content/plugins/the-moneytizer/lazy-loading/iframe-src-31.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://lecourrier-du-soir.com/wp-content/plugins/the-moneytizer/lazy-loading/iframe-src-31.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://lecourrier-du-soir.com/wp-content/plugins/the-moneytizer/lazy-loading/iframe-src-31.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://lecourrier-du-soir.com/wp-content/plugins/the-moneytizer/lazy-loading/iframe-src-31.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://lecourrier-du-soir.com/wp-content/plugins/the-moneytizer/lazy-loading/iframe-src-31.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://lecourrier-du-soir.com/wp-content/plugins/the-moneytizer/lazy-loading/iframe-src-31.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://lecourrier-du-soir.com/wp-content/plugins/the-moneytizer/lazy-loading/iframe-src-31.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://lecourrier-du-soir.com/wp-content/plugins/the-moneytizer/lazy-loading/iframe-src-31.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://lecourrier-du-soir.com/wp-content/plugins/the-moneytizer/lazy-loading/iframe-src-31.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://lecourrier-du-soir.com/wp-content/plugins/the-moneytizer/lazy-loading/iframe-src-31.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://lecourrier-du-soir.com/wp-content/plugins/the-moneytizer/lazy-loading/iframe-src-31.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://lecourrier-du-soir.com/wp-content/plugins/the-moneytizer/lazy-loading/iframe-src-31.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://lecourrier-du-soir.com/wp-content/plugins/the-moneytizer/lazy-loading/iframe-src-31.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://lecourrier-du-soir.com/wp-content/plugins/the-moneytizer/lazy-loading/iframe-src-31.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://lecourrier-du-soir.com/wp-content/plugins/the-moneytizer/lazy-loading/iframe-src-31.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://lecourrier-du-soir.com/wp-content/plugins/the-moneytizer/lazy-loading/iframe-src-31.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://lecourrier-du-soir.com/wp-content/plugins/the-moneytizer/lazy-loading/iframe-src-31.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://lecourrier-du-soir.com/wp-content/plugins/the-moneytizer/lazy-loading/iframe-src-31.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://lecourrier-du-soir.com/wp-content/plugins/the-moneytizer/lazy-loading/iframe-src-31.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://lecourrier-du-soir.com/wp-content/plugins/the-moneytizer/lazy-loading/iframe-src-31.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://lecourrier-du-soir.com/wp-content/plugins/the-moneytizer/lazy-loading/iframe-src-31.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://lecourrier-du-soir.com/wp-content/plugins/the-moneytizer/lazy-loading/iframe-src-31.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://lecourrier-du-soir.com/wp-content/plugins/the-moneytizer/lazy-loading/iframe-src-31.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://lecourrier-du-soir.com/wp-content/plugins/the-moneytizer/lazy-loading/iframe-src-31.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://lecourrier-du-soir.com/wp-content/plugins/the-moneytizer/lazy-loading/iframe-src-31.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://lecourrier-du-soir.com/wp-content/plugins/the-moneytizer/lazy-loading/iframe-src-31.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://lecourrier-du-soir.com/wp-content/plugins/the-moneytizer/lazy-loading/iframe-src-31.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://lecourrier-du-soir.com/wp-content/plugins/the-moneytizer/lazy-loading/iframe-src-31.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://lecourrier-du-soir.com/wp-content/plugins/the-moneytizer/lazy-loading/iframe-src-31.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://lecourrier-du-soir.com/wp-content/plugins/the-moneytizer/lazy-loading/iframe-src-31.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://lecourrier-du-soir.com/wp-content/plugins/the-moneytizer/lazy-loading/iframe-src-31.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://lecourrier-du-soir.com/wp-content/plugins/the-moneytizer/lazy-loading/iframe-src-31.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://lecourrier-du-soir.com/wp-content/plugins/the-moneytizer/lazy-loading/iframe-src-31.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://lecourrier-du-soir.com/wp-content/plugins/the-moneytizer/lazy-loading/iframe-src-31.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://lecourrier-du-soir.com/wp-content/plugins/the-moneytizer/lazy-loading/iframe-src-31.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://lecourrier-du-soir.com/wp-content/plugins/the-moneytizer/lazy-loading/iframe-src-31.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://lecourrier-du-soir.com/wp-content/plugins/the-moneytizer/lazy-loading/iframe-src-31.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://lecourrier-du-soir.com/wp-content/plugins/the-moneytizer/lazy-loading/iframe-src-31.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://lecourrier-du-soir.com/wp-content/plugins/the-moneytizer/lazy-loading/iframe-src-31.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://lecourrier-du-soir.com/wp-content/plugins/the-moneytizer/lazy-loading/iframe-src-31.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://lecourrier-du-soir.com/wp-content/plugins/the-moneytizer/lazy-loading/iframe-src-31.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://lecourrier-du-soir.com/wp-content/plugins/the-moneytizer/lazy-loading/iframe-src-31.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.stickyadstv.com
ads.themoneytizer.com
adtrack.adleadevent.com
analytics.twitter.com
beacon.krxd.net
ced.sascdn.com
cm.g.doubleclick.net
dpm.demdex.net
gum.criteo.com
ib.adnxs.com
id.crwdcntrl.net
id5-sync.com
lb.eu-1-id5-sync.com
lecourrier-du-soir.com
load.exelator.com
loadeu.exelator.com
loadm.exelator.com
match.adsrvr.org
md5sync.leadplace.fr
onetag-sys.com
p.cpx.to
pixel.mathtag.com
pixel.quantserve.com
ps.eyeota.net
rd.frontend.weborama.fr
rules.quantcount.com
s.cpx.to
sdk.amazonaws.com
secure.quantserve.com
sync-uid.leadplace.fr
sync.leadplace.fr
sync.smartadserver.com
sync.teads.tv
tag.leadplace.fr
tmzr.themoneytizer.com
trc.taboola.com
104.244.42.195
141.95.98.64
142.250.185.194
145.239.192.166
145.239.193.51
151.101.193.91
162.19.138.83
18.184.216.10
18.244.18.47
184.24.77.162
185.89.210.20
2.16.97.41
2001:41d0:1:1b00:213:186:33:40
217.182.178.233
2600:9000:223c:e00:6:44e3:f8c0:93a1
2607:ae80:4::25
2620:116:800d:21:ef75:8280:f209:5ba1
2a02:2638:3::c
2a02:6ea0:c700::17
2a02:6ea0:c700::22
2a04:4e42:600::300
35.190.24.218
35.71.131.137
51.89.9.253
52.208.170.205
52.210.135.107
52.48.53.237
54.228.205.150
54.76.70.18
54.76.75.94
54.78.254.47
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
1c062f82ba527666e8157a7cf1d4c4bad7fdf11cdbf8115a0bbe9953582effdb
1cc6de1a4f6a561a6aa75d08bae33388b2e8905d01753aa41e4886a466d7c28c
1e17f36171dcc913f6ac0588a5db14df3b8b66c82b02b409c5425a289a2a4958
2198f02b98c4ab0f23e6a95fb243577fa38c3bd82f536a90c592451152551f65
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
34d5e197eaee2ab0f11d54fb28d7a2c49b90ef247c72dd3560690ed9049473fe
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d
474719cfb6487fc7c327b25462eb90cdb496dcd4c745a6c5d2b41480e4891843
559ffc5fa5eadd77f8bfaaeb793648763e312a17391d8e6bbb7d8d3dec2147e1
58ef01cf054184b5b7ee5b05ef529f9937708b1b07d4d37277117756d9139a3f
5a40c914c4a99050d50ad4f7f04bb2d14e0df35c800e909ae6fda6947d75a337
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3
841aa9ca85d7e4bc5124187affee730a2d5d31e8e2e99dde64915d84a24e9a5d
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
97c32278e8275102822dd3f18f9de62b7ff1f796bb43cf04c0845114ec912d16
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a7bd1f0a08490d36fd4376f9e90f2dd9dd0afa4448502815af4f1dc4debec9bb
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
aa08ed3725920fefd909f8763945e103af21df309cc27a821dc9b3b5b6dd8773
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b0842d6c036540592222c2e3b36952a30235351b706fe2d518e1029ad6de21fd
c0c8096b70d01ab8f3af28ac746b02b741e587ee8823b76bba135e490d6fcdd7
c25e0b533eb17c8b642e942c326af3afb19df59ccc51fe6b7fe95386dce1d277
db8077401b213e9236640174af4261b17313ba85af9309992e50a4c5d34eba06
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6f53e27814bfdc70060bfa4fbc8a92c7f74d4f69797347f3f46c8da446f1a3c
f28cfcf54cb94c7ff6215df57dbd68d89c5722d578f644d611d63f6a405fb610

lecourrier-du-soir.com Open in urlscan Pro 2001:41d0:1:1b00:213:186:33:40 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

47 Requests

77 %HTTPS

26 %IPv6

28 Domains

36 Subdomains

24 IPs

5 Countries

656 kBTransfer

3930 kBSize

23 Cookies

0 Outgoing links

Redirected requests

47 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

lecourrier-du-soir.com Open in urlscan Pro
2001:41d0:1:1b00:213:186:33:40 Public Scan

Screenshot
Live screenshot

Full Image

47
Requests

77 %
HTTPS

26 %
IPv6

28
Domains

36
Subdomains

24
IPs

5
Countries

656 kB
Transfer

3930 kB
Size

23
Cookies

47 HTTP transactions
0 data transactions