urlscan.io logo urlscan.io
SecurityTrails logo

line-seguro-com.umbler.net Open in urlscan Pro
177.55.116.74  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://urlz.fr/bGAO
Effective URL: https://line-seguro-com.umbler.net/
Submission: On March 06 via api from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 33 IPs in 9 countries across 33 domains to perform 64 HTTP transactions. The main IP is 177.55.116.74, located in Brazil and belongs to RedeHost Internet Ltda., BR. The main domain is line-seguro-com.umbler.net.
TLS certificate: Issued by RapidSSL TLS RSA CA G1 on April 18th 2018. Valid for: 2 years.
This is the only time line-seguro-com.umbler.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 177.55.116.74 53057 (RedeHost ...)
8 151.139.241.23 33438 (HIGHWINDS2)
1 145.239.193.145 16276 (OVH)
1 74.214.194.131 59940 (PULSEPOIN...)
1 13.225.87.96 16509 (AMAZON-02)
1 2 185.86.137.32 201081 (SMARTADSE...)
1 68.232.35.16 15133 (EDGECAST)
1 2a02:2638:1::13 44788 (ASN-CRITE...)
2 145.239.192.166 16276 (OVH)
2 51.89.9.252 16276 (OVH)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 91.228.74.145 27281 (QUANTCAST)
1 13.225.84.175 16509 (AMAZON-02)
1 2.18.234.21 16625 (AKAMAI-AS)
3 5.179.192.20 34235 (ASPSERVEU...)
1 94.23.196.203 16276 (OVH)
2 2606:4700:e6:... 13335 (CLOUDFLAR...)
1 178.250.2.152 44788 (ASN-CRITE...)
1 3 35.156.217.79 16509 (AMAZON-02)
1 52.29.128.237 16509 (AMAZON-02)
1 69.173.144.143 26667 (RUBICONPR...)
1 37.252.173.27 29990 (ASN-APPNEX)
1 2600:9000:21f... 16509 (AMAZON-02)
4 54.194.146.225 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 91.228.74.152 27281 (QUANTCAST)
1 54.246.118.35 16509 (AMAZON-02)
1 2600:9000:215... 16509 (AMAZON-02)
1 1 37.252.173.22 29990 (ASN-APPNEX)
1 1 172.217.22.2 15169 (GOOGLE)
1 1 104.16.91.60 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
10 187.84.237.146 53057 (RedeHost ...)
64 33
1    2606:4700:3038::681f:ab2 (United States)

ASN13335 (CLOUDFLARENET, US)
urlz.fr
1    2606:4700::6811:4004 (United States)

ASN13335 (CLOUDFLARENET, US)
ajax.cloudflare.com
3    177.55.116.74 (Brazil)

ASN53057 (RedeHost Internet Ltda., BR)
line-seguro-com.umbler.net
8    151.139.241.23 (Dallas, United States)

ASN33438 (HIGHWINDS2, US)
ads.themoneytizer.com
1    145.239.193.145 (France)

ASN16276 (OVH, FR)
g.themoneytizer.net
1    74.214.194.131 (Amsterdam, Netherlands)

ASN59940 (PULSEPOINT-EU, NL)
tag.contextweb.com
1    13.225.87.96 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-96.fra2.r.cloudfront.net
p.cpx.to
2    185.86.137.32 (France)

ASN201081 (SMARTADSERVER, FR)
ww1097.smartadserver.com
1    68.232.35.16 (United States)

ASN15133 (EDGECAST, US)
ced-ns.sascdn.com
1    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    145.239.192.166 (France)

ASN16276 (OVH, FR)
tag.leadplace.fr
2    51.89.9.252 (Germany)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu
onetag-sys.com
1    2606:4700:10::6814:8238 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
1    91.228.74.145 (United Kingdom)

ASN27281 (QUANTCAST, US)
secure.quantserve.com
1    13.225.84.175 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-84-175.fra2.r.cloudfront.net
d2zur9cc2gf1tx.cloudfront.net
1    2.18.234.21 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
js-sec.indexww.com
3    5.179.192.20 (Paris, France)

ASN34235 (ASPSERVEUR-AS, FR)
PTR: 5-179-192-20.dynamixhost.net
player.pepsia.com
1    94.23.196.203 (France)

ASN16276 (OVH, FR)
PTR: serveur8.wilsoftech.com
www.noowho.com
2    2606:4700:e6::ac40:cd03 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
1    178.250.2.152 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
3    35.156.217.79 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-217-79.eu-central-1.compute.amazonaws.com
ice.360yield.com
1    52.29.128.237 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-128-237.eu-central-1.compute.amazonaws.com
prebid-server.rubiconproject.com
1    69.173.144.143 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    37.252.173.27 (Ascension Island)

ASN29990 (ASN-APPNEX, US)
PTR: 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
1    2600:9000:21f3:200:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
4    54.194.146.225 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-146-225.eu-west-1.compute.amazonaws.com
s.cpx.to
1    2a00:1450:4001:816::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    91.228.74.152 (United Kingdom)

ASN27281 (QUANTCAST, US)
pixel.quantserve.com
1    54.246.118.35 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-246-118-35.eu-west-1.compute.amazonaws.com
adtrack.adleadevent.com
1    2600:9000:2156:1a00:c:a9b7:ddc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
c.sharethis.mgr.consensu.org
1    37.252.173.22 (Ascension Island)

ASN29990 (ASN-APPNEX, US)
PTR: 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
1    172.217.22.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s14-in-f2.1e100.net
cm.g.doubleclick.net
1    104.16.91.60 (United States)

ASN13335 (CLOUDFLARENET, US)
dmp.truoptik.com
1    2a00:1450:4001:815::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
10    187.84.237.146 (Brazil)

ASN53057 (RedeHost Internet Ltda., BR)
static.umbler.com
Apex Domain
Subdomains		 Transfer
10 umbler.com
static.umbler.com
152 KB
8 themoneytizer.com
ads.themoneytizer.com
211 KB
5 cpx.to
p.cpx.to
s.cpx.to
6 KB
3 360yield.com
ice.360yield.com
4 KB
3 pepsia.com
player.pepsia.com
40 KB
3 umbler.net
line-seguro-com.umbler.net
1 KB
2 googleapis.com
ajax.googleapis.com
fonts.googleapis.com
31 KB
2 adnxs.com
ib.adnxs.com
secure.adnxs.com
2 KB
2 rubiconproject.com
prebid-server.rubiconproject.com
fastlane.rubiconproject.com
2 KB
2 4dex.io
script.4dex.io
19 KB
2 quantserve.com
secure.quantserve.com
pixel.quantserve.com
7 KB
2 onetag-sys.com
onetag-sys.com
604 B
2 leadplace.fr
tag.leadplace.fr
3 KB
2 criteo.com
gum.criteo.com
bidder.criteo.com
508 B
2 smartadserver.com
ww1097.smartadserver.com
2 KB
1 truoptik.com
dmp.truoptik.com
660 B
1 doubleclick.net
cm.g.doubleclick.net
154 B
1 consensu.org
c.sharethis.mgr.consensu.org
406 B
1 adleadevent.com
adtrack.adleadevent.com
518 B
1 quantcount.com
rules.quantcount.com
965 B
1 noowho.com
www.noowho.com
1 KB
1 indexww.com
js-sec.indexww.com
454 B
1 cloudfront.net
d2zur9cc2gf1tx.cloudfront.net
26 KB
1 zeotap.com
spl.zeotap.com
1 sascdn.com
ced-ns.sascdn.com
8 KB
1 contextweb.com
tag.contextweb.com
11 KB
1 themoneytizer.net
g.themoneytizer.net
200 B
1 cloudflare.com
ajax.cloudflare.com
4 KB
1 urlz.fr
urlz.fr
1 KB
0 taboola.com Failed
cdn.taboola.com Failed
0 tmyzer.com Failed
c.tmyzer.com Failed
0 bidswitch.net Failed
pool.grid-data.bidswitch.net Failed
0 creative-serving.com Failed
ads.creative-serving.com Failed
64 33
Domain Requested by
10 static.umbler.com line-seguro-com.umbler.net
8 ads.themoneytizer.com ajax.cloudflare.com
ads.themoneytizer.com
4 s.cpx.to ads.themoneytizer.com
3 ice.360yield.com 1 redirects
3 player.pepsia.com urlz.fr
player.pepsia.com
3 line-seguro-com.umbler.net urlz.fr
2 script.4dex.io ads.themoneytizer.com
script.4dex.io
2 onetag-sys.com ads.themoneytizer.com
2 tag.leadplace.fr ads.themoneytizer.com
2 ww1097.smartadserver.com 1 redirects ads.themoneytizer.com
1 fonts.googleapis.com line-seguro-com.umbler.net
1 dmp.truoptik.com 1 redirects
1 cm.g.doubleclick.net 1 redirects
1 secure.adnxs.com 1 redirects
1 c.sharethis.mgr.consensu.org player.pepsia.com
1 adtrack.adleadevent.com ajax.googleapis.com
1 pixel.quantserve.com
1 ajax.googleapis.com ads.themoneytizer.com
1 rules.quantcount.com secure.quantserve.com
1 ib.adnxs.com ads.themoneytizer.com
1 fastlane.rubiconproject.com ads.themoneytizer.com
1 prebid-server.rubiconproject.com ads.themoneytizer.com
1 bidder.criteo.com ads.themoneytizer.com
1 www.noowho.com
1 js-sec.indexww.com ads.themoneytizer.com
1 d2zur9cc2gf1tx.cloudfront.net ads.themoneytizer.com
1 secure.quantserve.com ads.themoneytizer.com
1 spl.zeotap.com ads.themoneytizer.com
1 gum.criteo.com ads.themoneytizer.com
1 ced-ns.sascdn.com
1 p.cpx.to ads.themoneytizer.com
1 tag.contextweb.com ads.themoneytizer.com
1 g.themoneytizer.net ads.themoneytizer.com
1 ajax.cloudflare.com urlz.fr
1 urlz.fr
0 cdn.taboola.com Failed urlz.fr
0 c.tmyzer.com Failed ads.themoneytizer.com
0 pool.grid-data.bidswitch.net Failed
0 ads.creative-serving.com Failed
64 39

This site contains links to these domains. Also see Links.

Domain
help.umbler.com
app.umbler.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2020-01-29 -
2020-10-09		 8 months crt.sh
cloudflare.com
CloudFlare Inc ECC CA-2		 2020-01-07 -
2020-10-09		 9 months crt.sh
*.umbler.net
RapidSSL TLS RSA CA G1		 2018-04-18 -
2020-04-17		 2 years crt.sh
*.themoneytizer.com
Sectigo RSA Domain Validation Secure Server CA		 2019-02-15 -
2021-02-14		 2 years crt.sh
g.themoneytizer.net
GoGetSSL RSA DV CA		 2019-10-16 -
2022-01-17		 2 years crt.sh
*.contextweb.com
DigiCert SHA2 Secure Server CA		 2018-07-07 -
2020-06-03		 2 years crt.sh
p.cpx.to
Sectigo RSA Domain Validation Secure Server CA		 2020-01-27 -
2021-02-08		 a year crt.sh
*.sascdn.com
DigiCert SHA2 Secure Server CA		 2017-10-25 -
2020-05-12		 3 years crt.sh
*.criteo.com
DigiCert ECC Secure Server CA		 2019-12-05 -
2021-04-08		 a year crt.sh
*.leadplace.fr
Gandi Standard SSL CA 2		 2018-09-06 -
2020-09-12		 2 years crt.sh
onetag-sys.com
Let's Encrypt Authority X3		 2020-03-02 -
2020-05-31		 3 months crt.sh
ssl828800.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2020-02-25 -
2020-09-02		 6 months crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2019-10-04 -
2020-10-07		 a year crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2019-07-17 -
2020-07-05		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2020-03-02 -
2021-04-01		 a year crt.sh
player.pepsia.com
Let's Encrypt Authority X3		 2020-02-07 -
2020-05-07		 3 months crt.sh
www.noowho.com
Gandi Standard SSL CA 2		 2017-02-07 -
2020-02-07		 3 years crt.sh
*.360yield.com
Amazon		 2019-09-24 -
2020-10-24		 a year crt.sh
*.rubiconproject.com
DigiCert SHA2 Secure Server CA		 2019-01-10 -
2021-01-14		 2 years crt.sh
*.adnxs.com
DigiCert ECC Secure Server CA		 2019-01-23 -
2021-03-08		 2 years crt.sh
s.cpx.to
Sectigo RSA Domain Validation Secure Server CA		 2020-01-27 -
2021-02-08		 a year crt.sh
*.storage.googleapis.com
GTS CA 1O1		 2020-02-12 -
2020-05-06		 3 months crt.sh
adtrack.adleadevent.com
Amazon		 2019-06-30 -
2020-07-30		 a year crt.sh
*.sharethis.mgr.consensu.org
Go Daddy Secure Certificate Authority - G2		 2018-05-21 -
2020-05-21		 2 years crt.sh
*.smartadserver.com
DigiCert Global CA G2		 2020-02-03 -
2022-02-03		 2 years crt.sh
*.umbler.com
RapidSSL TLS RSA CA G1		 2018-10-04 -
2020-12-02		 2 years crt.sh

This page contains 7 frames:

Primary Page: https://line-seguro-com.umbler.net/
Frame ID: AA8ABCF79CDBE21D06C51EC622CF9F7C
Requests: 58 HTTP requests in this frame

Frame: https://line-seguro-com.umbler.net/
Frame ID: 0883648E6CDD4D685E73D05C85EC3EA8
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1583464328630
Frame ID: B52A8023C185042E39FC7377D66EA64A
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
Frame ID: 463E113577ABD5AD3F76ABA1A5EF30AD
Requests: 1 HTTP requests in this frame

Frame: https://line-seguro-com.umbler.net/
Frame ID: DEA2CB22854D6C3BCA072629903FF43D
Requests: 1 HTTP requests in this frame

Frame: https://tag.leadplace.fr/wckr.php?nogdpr&id=MTIZ
Frame ID: CA7DD9EB6E8A8B7FC0CD7EEC38B83EC1
Requests: 1 HTTP requests in this frame

Frame: https://cdn.taboola.com/shared/tbframe.js
Frame ID: 014FCC5A7CC01C2D87304CB77673DB42
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://urlz.fr/bGAO Page URL
  2. https://line-seguro-com.umbler.net/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

64
Requests

91 %
HTTPS

26 %
IPv6

33
Domains

39
Subdomains

33
IPs

9
Countries

533 kB
Transfer

1354 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://urlz.fr/bGAO Page URL
  2. https://line-seguro-com.umbler.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10
  • https://ww1097.smartadserver.com/config.js?nwid=1097 HTTP 302
  • https://ced-ns.sascdn.com/diff/js/smart.js
Request Chain 22
  • https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/12/0/9/1.gif?gdpr=1&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/12/2/8/2.gif?puid=$UID&gdpr=1&gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fid5-sync.com%2Fc%2F12%2F2%2F8%2F2.gif%3Fpuid%3D%24UID%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/12/2/8/2.gif?puid=5729491751047954771&gdpr=1&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F10%2F7%2F3.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/12/10/7/3.gif?puid=1980640717671380771&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/12/19/6/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/12/19/6/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/12/19/6/4.gif?puid=2341142f5969d41cf9cbbc602c4bae48&gdpr=1&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F5%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
Request Chain 26
  • https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2217516abc1d4ca74%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Furlz.fr%2FbGAO%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2215056%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2264d639cc5c0e9c%22%2C%22pid%22%3A%2222124029%22%2C%22tid%22%3A%22ecd0e7a1-4a81-487f-856c-c566330b480c%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A355%2C%22h%22%3A50%7D%5D%7D%7D%2C%7B%22id%22%3A%227268e485b92966%22%2C%22pid%22%3A%221121191%22%2C%22tid%22%3A%22d3367965-ee9a-4375-996e-db5c4c1813b5%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%5D%7D%7D%5D%7D%7D HTTP 302
  • https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2217516abc1d4ca74%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Furlz.fr%2FbGAO%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2215056%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2264d639cc5c0e9c%22%2C%22pid%22%3A%2222124029%22%2C%22tid%22%3A%22ecd0e7a1-4a81-487f-856c-c566330b480c%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A355%2C%22h%22%3A50%7D%5D%7D%7D%2C%7B%22id%22%3A%227268e485b92966%22%2C%22pid%22%3A%221121191%22%2C%22tid%22%3A%22d3367965-ee9a-4375-996e-db5c4c1813b5%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%5D%7D%7D%5D%7D%7D
Request Chain 43
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D11528%26ref%3D%26hn_ver%3D10%26fid%3D727079bc-4012-472a-95ce-1d0b72aea9c6 HTTP 302
  • https://s.cpx.to/an_fire?app_nexus_uid=5729491751047954771&pid=11528&ref=&hn_ver=10&fid=727079bc-4012-472a-95ce-1d0b72aea9c6
Request Chain 44
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D727079bc-4012-472a-95ce-1d0b72aea9c6 HTTP 302
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D727079bc-4012-472a-95ce-1d0b72aea9c6 HTTP 302
  • https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=D900FE24-DC39-4257-8738-808B4DB6DBD4&fid=727079bc-4012-472a-95ce-1d0b72aea9c6
Request Chain 45
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=727079bc-4012-472a-95ce-1d0b72aea9c6 HTTP 302
  • https://s.cpx.to/ca.png?dsp=dbm&fid=727079bc-4012-472a-95ce-1d0b72aea9c6&google_gid=CAESEJdBUv0G2t1TDIuFWgsSwEc&google_cver=1
Request Chain 46
  • https://dmp.truoptik.com/0362536315099b06/sync.gif?cbk=https%3A%2F%2Fs.cpx.to%2Fsync&dsp=TRUOPTIK&fid=727079bc-4012-472a-95ce-1d0b72aea9c6&fck=1685e23625fe087c&cbp=dsp_uid HTTP 302
  • https://s.cpx.to/sync?dsp_uid=3e9eb83bfc07c1d5a092dda5d37ef52d&fck=1685e23625fe087c

64 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
bGAO
urlz.fr/ 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://urlz.fr/bGAO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::681f:ab2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08345a0970c6f2f908ff73df257b8cfe4a1c271bea2269c4bc95c0228534f36c

Request headers

:method
GET
:authority
urlz.fr
:scheme
https
:path
/bGAO
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
document
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document

Response headers

status
200
date
Fri, 06 Mar 2020 03:12:06 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=dd7918e5fde537e7948f53e06105015f61583464326; expires=Sun, 05-Apr-20 03:12:06 GMT; path=/; domain=.urlz.fr; HttpOnly; SameSite=Lax
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
56f8e4a8995f1f19-FRA
content-encoding
br
rocket-loader.min.js
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Requested by
Host: urlz.fr
URL: https://urlz.fr/bGAO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4004 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://urlz.fr/bGAO
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 06 Mar 2020 03:12:06 GMT
content-encoding
gzip
last-modified
Thu, 05 Mar 2020 14:09:25 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5e610815-3016"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=172800, public
strict-transport-security
max-age=15780000; includeSubDomains
cf-ray
56f8e4a919eec2a9-FRA
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
expires
Sun, 08 Mar 2020 03:12:06 GMT
/
line-seguro-com.umbler.net/ Frame 0883 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://line-seguro-com.umbler.net/
Requested by
Host: urlz.fr
URL: https://urlz.fr/bGAO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
177.55.116.74 , Brazil, ASN53057 (RedeHost Internet Ltda., BR),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Host
line-seguro-com.umbler.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Referer
https://urlz.fr/bGAO
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://urlz.fr/bGAO

Response headers

Date
Fri, 06 Mar 2020 03:12:07 GMT
Server
Apache
Last-Modified
Tue, 12 Apr 2016 16:56:10 GMT
ETag
"a38-5304c89bbfe80-gzip"
Accept-Ranges
bytes
Cache-Control
max-age=86400
Expires
Sat, 07 Mar 2020 03:12:07 GMT
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
974
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html
requestform.js
ads.themoneytizer.com/s/ 		42 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx / PHP/5.4.45
Resource Hash
4dc266b37d3787686ec7aa83444a7b2142b85081e56c934cd68793fa0aeae641

Request headers

Referer
https://urlz.fr/bGAO
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 06 Mar 2020 03:12:06 GMT
content-encoding
gzip
server
nginx
x-powered-by
PHP/5.4.45
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
status
200
cache-control
max-age=86400
accept-ranges
bytes
expires
Sat, 07 Mar 2020 03:12:06 GMT
gen.js
ads.themoneytizer.com/s/ 		7 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/gen.js?type=28
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx / PHP/5.4.45
Resource Hash
410ecc514c7dd899d76995a8976a9a1217a6c418525d0350bea33ad5cb1283ca

Request headers

Referer
https://urlz.fr/bGAO
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 06 Mar 2020 03:12:06 GMT
server
nginx
x-powered-by
PHP/5.4.45
x-cache
HIT
content-type
text/html; charset=UTF-8
status
200
cache-control
max-age=86400
accept-ranges
bytes
content-length
7172
expires
Sat, 07 Mar 2020 03:11:38 GMT
/
g.themoneytizer.net/g/ 		26 B
200 B 		Script
General
Check archive.org
Download Go to
Full URL
https://g.themoneytizer.net/g/
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=28
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.193.145 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
00e0444dc2b1c43780931d55acf76738a0d25a4227007127984b44dbbd7d2aaa

Request headers

Referer
https://urlz.fr/bGAO
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Fri, 06 Mar 2020 03:12:08 GMT
Server
nginx
X-IPLB-Instance
29895
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
moneyvisibility.js
ads.themoneytizer.com/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/moneyvisibility.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=28
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
22185f510bff003e8504a6bff1759a96e745cb019155405c55fd2263898c6151

Request headers

Referer
https://urlz.fr/bGAO
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 06 Mar 2020 03:12:08 GMT
content-encoding
gzip
last-modified
Wed, 08 Jan 2020 19:01:35 GMT
server
nginx
etag
"779a-30ad-59ba5857e2265"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
status
200
cache-control
max-age=86400
accept-ranges
bytes
content-length
3955
expires
Sat, 07 Mar 2020 03:11:34 GMT
moneybile.js
ads.themoneytizer.com/ 		37 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/moneybile.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=28
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
94666aec361fee9a9294bb32a5bc11867e479d41c199dd6ec8053122ae105a4b

Request headers

Referer
https://urlz.fr/bGAO
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 06 Mar 2020 03:12:08 GMT
last-modified
Wed, 27 Feb 2019 16:57:00 GMT
server
nginx
etag
"7ff1-9390-582e30fefbc74"
x-cache
HIT
content-type
text/javascript
status
200
cache-control
max-age=86400
accept-ranges
bytes
content-length
37776
expires
Sat, 07 Mar 2020 03:11:24 GMT
getjs.static.js
tag.contextweb.com/ 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.contextweb.com/getjs.static.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=28
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.214.194.131 Amsterdam, Netherlands, ASN59940 (PULSEPOINT-EU, NL),
Reverse DNS
Software
envoy /
Resource Hash
bf0e17523e8f57ccb02223b6e5adea462a5479afc4e79d9cbf80ca7f6186dc69

Request headers

Referer
https://urlz.fr/bGAO
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 06 Mar 2020 03:12:08 GMT
content-encoding
gzip
server
envoy
etag
d13c8ae45565efb782b52cb7f6a3b3828e3d77a7
p3p
policyref="/TagPublish/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
status
200
cache-control
max-age=432000, public
x-envoy-upstream-service-time
2
content-type
application/x-javascript
content-length
11296
px.js
p.cpx.to/p/11528/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.cpx.to/p/11528/px.js?r=114c3
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=28
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.87.96 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-96.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
759d88dd7c8fa0d1e31323bd2ebf3f238156fdcbd1ed108215f69fece482d0c2

Request headers

Referer
https://urlz.fr/bGAO
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Wed, 12 Feb 2020 02:21:53 GMT
Content-Encoding
UTF-8
Last-Modified
Wed, 10 Oct 2018 10:49:46 GMT
Server
AmazonS3
Age
1990216
ETag
"f30057c89bf67afeaf18ceba624fa4b7"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
Cache-Control
max-age=2419200
X-Amz-Cf-Pop
FRA2-C2
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1498
X-Amz-Cf-Id
AX0f7kXBmQbrTwUJg5i9CGxFT-b3jPuhAdacnF7y7lvd5xyVTQ7lyg==
smart.js
ced-ns.sascdn.com/diff/js/
Redirect Chain
  • https://ww1097.smartadserver.com/config.js?nwid=1097
  • https://ced-ns.sascdn.com/diff/js/smart.js
24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ced-ns.sascdn.com/diff/js/smart.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.232.35.16 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lcy/1D59) /
Resource Hash
0214d392d4e27028b59a53de3a937de0211ca40bc070387c0d68da05a3d8cc4c

Request headers

Referer
https://urlz.fr/bGAO
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 06 Mar 2020 03:12:08 GMT
content-encoding
gzip
last-modified
Mon, 27 Jan 2020 10:13:07 GMT
server
ECS (lcy/1D59)
age
61083
x-n
S
etag
"0f11d3e54b5ff26b5828eaa172f1ef2a:1580119987"
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript
status
200
cache-control
max-age=86400
accept-ranges
bytes
content-length
8149

Redirect headers

Location
https://ced-ns.sascdn.com/diff/js/smart.js
Date
Fri, 06 Mar 2020 03:12:08 GMT
Cache-Control
private
Content-Length
159
Content-Type
text/html; charset=utf-8
sync
gum.criteo.com/ 		49 B
371 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=28
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://urlz.fr/bGAO
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
status
200
cache-control
private, max-age=3600
date
Fri, 06 Mar 2020 03:12:07 GMT
content-length
165
expires
60
libJsLP.js
tag.leadplace.fr/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.leadplace.fr/libJsLP.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=28
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.192.166 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
90e6f92e956b0b2b6e655f63d36cd44cef727f54c2b2a175ab5144de14ba2a31

Request headers

Referer
https://urlz.fr/bGAO
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Fri, 06 Mar 2020 03:12:08 GMT
Last-Modified
Wed, 28 Nov 2018 09:16:40 GMT
Server
nginx/1.14.2
ETag
"5bfe5cf8-a72"
X-IPLB-Instance
30196
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
2674
/
onetag-sys.com/usync/ Frame B52A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1583464328630
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.89.9.252 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?pubId=2a897e3f18e6769&cb=1583464328630
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://urlz.fr/bGAO
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://urlz.fr/bGAO

Response headers

status
200
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
set-cookie
OTP=wJXfUAsKXQEsaIizwD9Sbi-sAkeOZvM3unZSd-GqFf4; path=/; expires=Sun, 06 Mar 2022 03:12:08; domain=onetag-sys.com; SameSite=None; Secure;
content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
strict-transport-security
max-age=2592000
/
spl.zeotap.com/ Frame 463E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:8238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
spl.zeotap.com
:scheme
https
:path
/?env=mWeb&uc=2&zdid=1258&eventType=map
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://urlz.fr/bGAO
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://urlz.fr/bGAO

Response headers

status
200
date
Fri, 06 Mar 2020 03:12:08 GMT
content-type
text/html
set-cookie
__cfduid=da419bcfc5ef9e6ed24f3c62547aba3821583464328; expires=Sun, 05-Apr-20 03:12:08 GMT; path=/; domain=.zeotap.com; HttpOnly; SameSite=Lax zc=88674a82-ff74-400b-550a-6d3b500cee1a; Path=/; Domain=.zeotap.com; Max-Age=315360000; SameSite=None; Secure zc1=88674a82-ff74-400b-550a-6d3b500cee1a; Path=/; Domain=.zeotap.com; Max-Age=315360000 zsc=%DC%10%EF%C9.%84%B11%02HuT%A0%EE%D7%22M%7Ci%EB%19QS%B1M%9A%1Fc%03%ACGs%CF%81g%DEB%1D%D2%9E%E6%2C%E6lV%D1%DCi%DA%A2%CEH%BC%06%40%93%B4~%BB%8C%FA%00%C7%01cG%E4%D8%97T%FD%FDNua%D1%9C%B2%EB%A3%29%19%9C%8F%D3%8E%8Dj%A3; Path=/; Domain=.zeotap.com; Max-Age=86400; SameSite=None; Secure
access-control-allow-headers
*
access-control-allow-origin
*
via
1.1 google
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
56f8e4b619c7c290-FRA
content-encoding
br
quant.js
secure.quantserve.com/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.145 , United Kingdom, ASN27281 (QUANTCAST, US),
Reverse DNS
Software
QS /
Resource Hash
e8d7c60749c1d62942a8e0a6f901800bd14ff3094251373626cd99a8875c6391
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://urlz.fr/bGAO
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Fri, 06 Mar 2020 03:12:08 GMT
Content-Encoding
gzip
Last-Modified
Fri, 06-Mar-2020 03:12:08 GMT
Server
QS
Etag
M0-56c8c653
Vary
Accept-Encoding
Strict-Transport-Security
max-age=86400
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=604800
Connection
keep-alive
Content-Length
5651
Expires
Fri, 13 Mar 2020 03:12:08 GMT
notifyme.js
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/ 		25 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.84.175 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-175.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213

Request headers

Referer
https://urlz.fr/bGAO
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Thu, 05 Mar 2020 13:23:54 GMT
Via
1.1 ac0e9b19969df989a920e6d1b834d009.cloudfront.net (CloudFront)
Last-Modified
Mon, 18 Feb 2019 16:54:28 GMT
Server
Apache
Age
49701
X-Cache
Hit from cloudfront
Content-Type
text/javascript
X-Amz-Cf-Pop
FRA2-C2
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25704
X-Amz-Cf-Id
2E0xAJIDyZh7TsPN7UiX76r9_B7A8wbbiL4_8wwQZPU7vDWSc696xw==
186329-261067657875242.js
js-sec.indexww.com/ht/p/ 		0
454 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://urlz.fr/bGAO
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Fri, 06 Mar 2020 03:12:08 GMT
Content-Encoding
gzip
Last-Modified
Fri, 06 Mar 2020 03:05:26 GMT
Server
Apache
ETag
"90553e-0-5a026ecdb8352"
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=3331
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
20
Expires
Fri, 06 Mar 2020 04:07:39 GMT
prebid.js
ads.themoneytizer.com/moneybid2_445_2/build/dist/ 		402 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
30b51d7291d0a41272bb2175b6320473e8271617e510b597ebcc15f63563bf6c

Request headers

Referer
https://urlz.fr/bGAO
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 06 Mar 2020 03:12:08 GMT
content-encoding
gzip
last-modified
Thu, 20 Feb 2020 18:40:54 GMT
server
nginx
etag
"4099c-64855-59f063eb1a1bd"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
status
200
cache-control
max-age=86400
accept-ranges
bytes
content-length
130994
expires
Sat, 07 Mar 2020 03:11:56 GMT
sdk.js
player.pepsia.com/ 		39 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.pepsia.com/sdk.js?d=170add42dba
Requested by
Host: urlz.fr
URL: https://urlz.fr/bGAO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.179.192.20 Paris, France, ASN34235 (ASPSERVEUR-AS, FR),
Reverse DNS
5-179-192-20.dynamixhost.net
Software
nginx /
Resource Hash
83e7227079d44c2e0241e283dbc3b163b21d7ddf589b78645ec0b70e2dba9f57

Request headers

Referer
https://urlz.fr/bGAO
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Fri, 06 Mar 2020 03:12:08 GMT
Last-Modified
Wed, 15 Jan 2020 14:29:42 GMT
Server
nginx
Accept-Ranges
bytes
ETag
"5e1f21d6-9c1b"
Content-Length
39963
Content-Type
application/javascript
/
line-seguro-com.umbler.net/ Frame DEA2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://line-seguro-com.umbler.net/
Requested by
Host: urlz.fr
URL: https://urlz.fr/bGAO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
177.55.116.74 , Brazil, ASN53057 (RedeHost Internet Ltda., BR),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Host
line-seguro-com.umbler.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Referer
https://urlz.fr/bGAO
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
i18next=en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://urlz.fr/bGAO

Response headers

Date
Fri, 06 Mar 2020 03:12:08 GMT
Server
Apache
Last-Modified
Tue, 12 Apr 2016 16:56:10 GMT
ETag
"a38-5304c89bbfe80-gzip"
Accept-Ranges
bytes
Cache-Control
max-age=86400
Expires
Sat, 07 Mar 2020 03:12:08 GMT
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
974
Keep-Alive
timeout=5, max=99
Connection
Keep-Alive
Content-Type
text/html
image.php
www.noowho.com/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.noowho.com/image.php?site=23690713&ref=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.23.196.203 , France, ASN16276 (OVH, FR),
Reverse DNS
serveur8.wilsoftech.com
Software
Apache/2.4.7 (Ubuntu) / PHP/5.5.9-1ubuntu4.22
Resource Hash
c2d5f331d09b9a259832acdee3d079099995c012289a6aadc349e9d0c4061b4b

Request headers

Referer
https://urlz.fr/bGAO
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Fri, 06 Mar 2020 03:24:36 GMT
Cache-Control
no-store, no-cache, must-revalidate
Server
Apache/2.4.7 (Ubuntu)
Connection
close
X-Powered-By
PHP/5.5.9-1ubuntu4.22
Content-Length
1051
Content-Type
image/gif
id5_cm
ads.creative-serving.com/
Redirect Chain
  • https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent=
  • https://id5-sync.com/c/12/0/9/1.gif?gdpr=1&gdpr_consent=
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/12/2/8/2.gif?puid=$UID&gdpr=1&gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fid5-sync.com%2Fc%2F12%2F2%2F8%2F2.gif%3Fpuid%3D%24UID%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/12/2/8/2.gif?puid=5729491751047954771&gdpr=1&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F10%2F7%2F3.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/12/10/7/3.gif?puid=1980640717671380771&gdpr=1&gdpr_consent=
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/12/19/6/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
  • https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/12/19/6/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/12/19/6/4.gif?puid=2341142f5969d41cf9cbbc602c4bae48&gdpr=1&gdpr_consent=
  • https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F5%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
0
0
localstore.js
script.4dex.io/ 		450 B
710 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:cd03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ca8e213054d163276dedede01f9eaedf3daf414063621030719d3cbde1eca51

Request headers

Referer
https://urlz.fr/bGAO
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 06 Mar 2020 03:12:08 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 05 Mar 2020 17:01:08 GMT
server
cloudflare
age
602
etag
W/"bfa52622781c173885812009122c3f7c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=1800
cf-ray
56f8e4b6b97b323c-FRA
x-amz-request-id
3893F7C648106FAD
x-amz-id-2
dGOEm870Qun7j4Q8owwgVYMyXTrnaOmatGlGRb6crftYvIP77RgVQe6Vnna0hZWp/Ehy/2df44c=
cdb
bidder.criteo.com/ 		0
137 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=23&wv=2.44.5&cb=91213037177
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.152 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://urlz.fr/bGAO
Origin
https://urlz.fr
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Fri, 06 Mar 2020 03:12:08 GMT
access-control-allow-credentials
true
server
Finatra
access-control-allow-origin
https://urlz.fr
timing-allow-origin
*
vary
Origin
prebid-request
onetag-sys.com/ 		15 B
604 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.89.9.252 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://urlz.fr/bGAO
Origin
https://urlz.fr
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=2592000
content-encoding
gzip
status
200
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://urlz.fr
cache-control
no-cache, no-transform
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
Content-Type, Origin, Referer, User-Agent, x-ak-clientip
hb
ice.360yield.com/ul_cb/
Redirect Chain
  • https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2217516abc1d4ca74%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Furlz.fr%2F...
  • https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2217516abc1d4ca74%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Furlz...
0
-1 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2217516abc1d4ca74%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Furlz.fr%2FbGAO%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2215056%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2264d639cc5c0e9c%22%2C%22pid%22%3A%2222124029%22%2C%22tid%22%3A%22ecd0e7a1-4a81-487f-856c-c566330b480c%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A355%2C%22h%22%3A50%7D%5D%7D%7D%2C%7B%22id%22%3A%227268e485b92966%22%2C%22pid%22%3A%221121191%22%2C%22tid%22%3A%22d3367965-ee9a-4375-996e-db5c4c1813b5%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%5D%7D%7D%5D%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.217.79 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-217-79.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://urlz.fr/bGAO
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 06 Mar 2020 03:12:08 GMT
access-control-allow-origin
https://urlz.fr
location
https://ice.360yield.com:443/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2217516abc1d4ca74%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Furlz.fr%2FbGAO%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2215056%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2264d639cc5c0e9c%22%2C%22pid%22%3A%2222124029%22%2C%22tid%22%3A%22ecd0e7a1-4a81-487f-856c-c566330b480c%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A355%2C%22h%22%3A50%7D%5D%7D%7D%2C%7B%22id%22%3A%227268e485b92966%22%2C%22pid%22%3A%221121191%22%2C%22tid%22%3A%22d3367965-ee9a-4375-996e-db5c4c1813b5%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%5D%7D%7D%5D%7D%7D
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
status
302
access-control-allow-credentials
true
content-type
text/plain
content-length
0

Redirect headers

date
Fri, 06 Mar 2020 03:12:08 GMT
status
302
location
https://ice.360yield.com:443/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2217516abc1d4ca74%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Furlz.fr%2FbGAO%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2215056%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2264d639cc5c0e9c%22%2C%22pid%22%3A%2222124029%22%2C%22tid%22%3A%22ecd0e7a1-4a81-487f-856c-c566330b480c%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A355%2C%22h%22%3A50%7D%5D%7D%7D%2C%7B%22id%22%3A%227268e485b92966%22%2C%22pid%22%3A%221121191%22%2C%22tid%22%3A%22d3367965-ee9a-4375-996e-db5c4c1813b5%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%5D%7D%7D%5D%7D%7D
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://urlz.fr
access-control-allow-credentials
true
content-type
text/plain
content-length
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		141 B
357 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.128.237 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-128-237.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
b11cccb16528316f36f8b7ceb954a128ac3afb4c7e37e6c04dd80ce69e2588d3

Request headers

Referer
https://urlz.fr/bGAO
Origin
https://urlz.fr
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 06 Mar 2020 03:12:08 GMT
content-encoding
gzip
status
200
content-type
application/json
access-control-allow-origin
https://urlz.fr
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
148
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		285 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11740&site_id=39544&zone_id=1078310&size_id=2&alt_size_ids=19%2C43%2C44%2C117&p_pos=atf&rp_schain=1.0,1!themoneytizer.com,15056,1,,,&rf=https%3A%2F%2Furlz.fr&kw=15056&tg_i.siteid=15056&tk_flint=pbjs_lite_v2.44.5&x_source.tid=d3367965-ee9a-4375-996e-db5c4c1813b5&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.1450432198623326
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
68b5334053cb6df0dbaad91f4cc48b60b6e6e86710b4a49e70c40f2ddf74668c

Request headers

Referer
https://urlz.fr/bGAO
Origin
https://urlz.fr
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 06 Mar 2020 03:12:08 GMT
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://urlz.fr
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=476
Content-Length
285
Expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ 		260 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
ee3a0ea115a43b7c312b5c6040e3c37c36083931f30350bda203de64cd1736e4
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://urlz.fr/bGAO
Origin
https://urlz.fr
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 06 Mar 2020 03:12:10 GMT
X-Proxy-Origin
185.16.206.89; 185.16.206.89; 539.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.187:80
AN-X-Request-Uuid
1c379f05-b073-4463-bc27-6adc3ec7c76c
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://urlz.fr
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
260
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
moneybid.js
ads.themoneytizer.com/bidder1/ 		75 B
270 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=15056&adid=11&formatid=video&size=desktop&country=undefined
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx / PHP/5.4.45
Resource Hash
649144be1fa79362df36ab951a8b94ba05f5e7f1a484224bf9dc7f333fdb60dd

Request headers

Referer
https://urlz.fr/bGAO
Origin
https://urlz.fr
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 06 Mar 2020 03:12:08 GMT
server
nginx
x-powered-by
PHP/5.4.45
status
200
x-cache
HIT
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
75
expires
Sat, 07 Mar 2020 03:12:08 GMT
moneybid.js
ads.themoneytizer.com/bidder1/ 		631 B
666 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=15056&adid=28&formatid=30012&size=desktop
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx / PHP/5.4.45
Resource Hash
87d0504a593794695c2f77db0efde1f65e73a7086abf260f07f491482517cd07

Request headers

Referer
https://urlz.fr/bGAO
Origin
https://urlz.fr
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 06 Mar 2020 03:12:08 GMT
content-encoding
gzip
server
nginx
status
200
x-powered-by
PHP/5.4.45
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
435
expires
Sat, 07 Mar 2020 03:12:08 GMT
wckr.php
tag.leadplace.fr/ Frame CA7D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tag.leadplace.fr/wckr.php?nogdpr&id=MTIZ
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.192.166 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash

Request headers

Host
tag.leadplace.fr
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Referer
https://urlz.fr/bGAO
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://urlz.fr/bGAO

Response headers

Server
nginx/1.14.2
Date
Fri, 06 Mar 2020 03:12:08 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
X-IPLB-Instance
30196
adagio.js
script.4dex.io/ 		60 KB
18 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:cd03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3c3b544c3ab388c72930dabc9d87dbb3e0afc2dcac6dd807c52269eee0f2fda

Request headers

Referer
https://urlz.fr/bGAO
Origin
https://urlz.fr
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 06 Mar 2020 03:12:08 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
age
45
status
200
x-amz-request-id
2DF0923BBDFC39C7
x-amz-id-2
pq9Q25aGqPl9Pkbvc9GlebX+AOqp+w8UnpqsLX+MHdE/iATbpGFkzLwQrMRmhYHDWDg8IzT+mCQ=
last-modified
Thu, 05 Mar 2020 17:01:06 GMT
server
cloudflare
etag
W/"31ae294da0ce944d8402ed6eb49f5a05"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
cf-ray
56f8e4b70f13bf05-FRA
rules-p-6Fv0cGNfc_bw8.js
rules.quantcount.com/ 		1 KB
965 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:200:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681

Request headers

Referer
https://urlz.fr/bGAO
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 06 Mar 2020 02:26:37 GMT
content-encoding
gzip
last-modified
Mon, 19 Mar 2018 22:28:36 GMT
server
AmazonS3
age
2743
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
status
200
cache-control
max-age=3600
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
kAqG_q72BcNQGlvmcuEpu1crbeA-o7IS5eK6Y3cAK4tjqXobk-H3uw==
via
1.1 f99b5b46e77cfe9c3413f99dc8a4088c.cloudfront.net (CloudFront)
fire.js
s.cpx.to/ 		772 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.cpx.to/fire.js?pid=11528&ref=&hn_ver=10&fid=727079bc-4012-472a-95ce-1d0b72aea9c6
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.146.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-146-225.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
28de0b4fa09ef4cb517e8eaa7c254b9ad896e010f81aad59aadabed603a00197
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://urlz.fr/bGAO
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Fri, 06 Mar 2020 03:12:08 GMT
X-Frame-Options
sameorigin
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Type
application/javascript; charset=UTF-8
Content-Length
772
Expires
Fri, 14 Feb 2020 09:45:11 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.0.0/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://urlz.fr/bGAO
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 23 Jan 2020 18:41:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3659437
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
30186
x-xss-protection
0
last-modified
Tue, 20 Dec 2016 18:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Jan 2021 18:41:31 GMT
pixel;r=1243643373;labels=Categories.hobbiesandinterests;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Furlz.fr%2FbGAO;fpan=1;fpa=P0-1555152400-1583464328878;ns=0;ce=1;qjs=1;qv=0e9a7da-20191205140709;cm=...
pixel.quantserve.com/ 		35 B
658 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1243643373;labels=Categories.hobbiesandinterests;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Furlz.fr%2FbGAO;fpan=1;fpa=P0-1555152400-1583464328878;ns=0;ce=1;qjs=1;qv=0e9a7da-20191205140709;cm=;ref=;je=0;sr=1600x1200x24;enc=n;dst=1;et=1583464328878;tzo=-60;ogl=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.152 , United Kingdom, ASN27281 (QUANTCAST, US),
Reverse DNS
Software
QS /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://urlz.fr/bGAO
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Pragma
no-cache
Date
Fri, 06 Mar 2020 03:12:09 GMT
Server
QS
Strict-Transport-Security
max-age=86400
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
Cache-Control
private, no-cache, no-store, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
Fri, 04 Aug 1978 12:00:00 GMT
hb
ice.360yield.com/ul_cb/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2217516abc1d4ca74%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Furlz.fr%2FbGAO%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2215056%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2264d639cc5c0e9c%22%2C%22pid%22%3A%2222124029%22%2C%22tid%22%3A%22ecd0e7a1-4a81-487f-856c-c566330b480c%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A355%2C%22h%22%3A50%7D%5D%7D%7D%2C%7B%22id%22%3A%227268e485b92966%22%2C%22pid%22%3A%221121191%22%2C%22tid%22%3A%22d3367965-ee9a-4375-996e-db5c4c1813b5%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%5D%7D%7D%5D%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.217.79 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-217-79.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://urlz.fr/bGAO
Origin
https://urlz.fr
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 06 Mar 2020 03:12:09 GMT
content-encoding
gzip
status
200
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://urlz.fr
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
2762
notifyme.php
adtrack.adleadevent.com/ 		0
518 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.246.118.35 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-246-118-35.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://urlz.fr/bGAO
Origin
https://urlz.fr
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 06 Mar 2020 03:12:09 GMT
Content-Encoding
gzip
Last-Modified
Fri, 06 Mar 2020 03:12:09 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
https://urlz.fr
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
Expires
Sat, 26 Jul 1997 05:00:00 GMT
get_consent
c.sharethis.mgr.consensu.org/ 		13 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.sharethis.mgr.consensu.org/get_consent
Requested by
Host: player.pepsia.com
URL: https://player.pepsia.com/sdk.js?d=170add42dba
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2156:1a00:c:a9b7:ddc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
38bc0f256821a9c0a02a1c0cedf8ff70c211e637ef77ac199de2fe0cf36ba9ec

Request headers

Referer
https://urlz.fr/bGAO
Origin
https://urlz.fr
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 06 Mar 2020 03:12:08 GMT
via
1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
status
200
etag
W/"d-+DingHfG0CPg0LypXw8zXfS4tGg"
vary
Origin,Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
https://urlz.fr
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-length
13
x-amz-cf-id
QIqTA5AZeNQBzzCTudIB6WbRrgvEzKcSKZiVf2WwsOzGxZuSWFU9og==
indexv2.php
player.pepsia.com/V2/ 		170 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://player.pepsia.com/V2/indexv2.php?token=00I4&controls=1&autoplay=1&logo=true&volume=1&api=1&id=0&origin=https://urlz.fr&gdpr=1&d=170add42edf
Requested by
Host: player.pepsia.com
URL: https://player.pepsia.com/sdk.js?d=170add42dba
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.179.192.20 Paris, France, ASN34235 (ASPSERVEUR-AS, FR),
Reverse DNS
5-179-192-20.dynamixhost.net
Software
nginx /
Resource Hash
89085930fdff263d643c4fa37f489efadd7d9f8361661113d67eb61aa7d6311a

Request headers

Referer
https://urlz.fr/bGAO
Origin
https://urlz.fr
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://urlz.fr
Date
Fri, 06 Mar 2020 03:12:08 GMT
Content-Encoding
gzip
Access-Control-Allow-Credentials
true
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
algov2.php
player.pepsia.com/V2/ 		1021 B
749 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://player.pepsia.com/V2/algov2.php?token=00I4&num=9&origin=https://urlz.fr&d=170add42edf
Requested by
Host: player.pepsia.com
URL: https://player.pepsia.com/sdk.js?d=170add42dba
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.179.192.20 Paris, France, ASN34235 (ASPSERVEUR-AS, FR),
Reverse DNS
5-179-192-20.dynamixhost.net
Software
nginx /
Resource Hash

Request headers

Referer
https://urlz.fr/bGAO
Origin
https://urlz.fr
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://urlz.fr
Date
Fri, 06 Mar 2020 03:12:09 GMT
Content-Encoding
gzip
Access-Control-Allow-Credentials
true
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
an_fire
s.cpx.to/
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D11528%26ref%3D%26hn_ver%3D10%26fid%3D727079bc-4012-472a-95ce-1d0b72aea9c6
  • https://s.cpx.to/an_fire?app_nexus_uid=5729491751047954771&pid=11528&ref=&hn_ver=10&fid=727079bc-4012-472a-95ce-1d0b72aea9c6
95 B
865 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/an_fire?app_nexus_uid=5729491751047954771&pid=11528&ref=&hn_ver=10&fid=727079bc-4012-472a-95ce-1d0b72aea9c6
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.146.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-146-225.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://urlz.fr/bGAO
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Fri, 06 Mar 2020 03:12:09 GMT
X-Frame-Options
sameorigin
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Type
image/png
Content-Length
95
Expires
Fri, 06 Mar 2020 03:12:09 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 06 Mar 2020 03:12:11 GMT
AN-X-Request-Uuid
83ca4a02-8964-41c8-a7d3-7df8fedba293
Content-Type
text/html; charset=utf-8
Server
nginx/1.13.4
Location
https://s.cpx.to/an_fire?app_nexus_uid=5729491751047954771&pid=11528&ref=&hn_ver=10&fid=727079bc-4012-472a-95ce-1d0b72aea9c6
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.16.206.89; 185.16.206.89; 536.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.12:80
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
s.cpx.to/
Redirect Chain
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D727079bc-4012-472a-95ce-1d0b72aea9c6
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D727079bc-4012-472a-95ce-1d0b72aea9c6
  • https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=D900FE24-DC39-4257-8738-808B4DB6DBD4&fid=727079bc-4012-472a-95ce-1d0b72aea9c6
0
0
ca.png
s.cpx.to/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=727079bc-4012-472a-95ce-1d0b72aea9c6
  • https://s.cpx.to/ca.png?dsp=dbm&fid=727079bc-4012-472a-95ce-1d0b72aea9c6&google_gid=CAESEJdBUv0G2t1TDIuFWgsSwEc&google_cver=1
95 B
804 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/ca.png?dsp=dbm&fid=727079bc-4012-472a-95ce-1d0b72aea9c6&google_gid=CAESEJdBUv0G2t1TDIuFWgsSwEc&google_cver=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.146.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-146-225.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://urlz.fr/bGAO
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
X-Frame-Options
sameorigin
Date
Fri, 06 Mar 2020 03:12:09 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Cache-Control
no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
95

Redirect headers

pragma
no-cache
date
Fri, 06 Mar 2020 03:12:09 GMT
server
HTTP server (unknown)
location
https://s.cpx.to/ca.png?dsp=dbm&fid=727079bc-4012-472a-95ce-1d0b72aea9c6&google_gid=CAESEJdBUv0G2t1TDIuFWgsSwEc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
302
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
334
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
s.cpx.to/
Redirect Chain
  • https://dmp.truoptik.com/0362536315099b06/sync.gif?cbk=https%3A%2F%2Fs.cpx.to%2Fsync&dsp=TRUOPTIK&fid=727079bc-4012-472a-95ce-1d0b72aea9c6&fck=1685e23625fe087c&cbp=dsp_uid
  • https://s.cpx.to/sync?dsp_uid=3e9eb83bfc07c1d5a092dda5d37ef52d&fck=1685e23625fe087c
95 B
708 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/sync?dsp_uid=3e9eb83bfc07c1d5a092dda5d37ef52d&fck=1685e23625fe087c
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.146.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-146-225.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://urlz.fr/bGAO
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Fri, 06 Mar 2020 03:12:09 GMT
X-Frame-Options
sameorigin
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Type
image/png
Content-Length
95
Expires
Fri, 06 Mar 2020 03:12:09 GMT

Redirect headers

date
Fri, 06 Mar 2020 03:12:09 GMT
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
302
to-dmp-balancer
balancer3-dmp-nyc1-do.truoptik.com
content-length
154
pragma
no-cache
to-dmp-sync
sync4-dmp-nyc1-do.truoptik.com
server
cloudflare
user-agent
Tru Optik DMP 1.3.1
location
https://s.cpx.to/sync?dsp_uid=3e9eb83bfc07c1d5a092dda5d37ef52d&fck=1685e23625fe087c
content-type
text/html
access-control-allow-origin
*
cache-control
no-store
cf-ray
56f8e4b889336a6b-LHR
expires
0
sync
pool.grid-data.bidswitch.net/ 		0
0
ac
ww1097.smartadserver.com/ 		22 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ww1097.smartadserver.com/ac?nwid=1097&siteid=205724&pgid=890545&fmtid=30012&async=1&visit=m&tmstp=2418510403&tag=sas_30012&sh=1200&sw=1600&pgDomain=https%3A%2F%2Furlz.fr%2FbGAO&hb_bid=moneytizer&hb_cpm=0.01&hb_ccy=USD&hb_dealid=0&noadcbk=sas.noad
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.86.137.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://urlz.fr/bGAO
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Pragma
no-cache
Date
Fri, 06 Mar 2020 03:12:08 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
X-SMRT-D
3%3b8%3b94
P3P
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Cache-Control
no-cache, no-store
Content-Type
application/javascript; charset=utf-8
Content-Length
140
Expires
-1
/
c.tmyzer.com/c/ 		0
0
Primary Request /
line-seguro-com.umbler.net/ 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://line-seguro-com.umbler.net/
Requested by
Host: urlz.fr
URL: https://urlz.fr/bGAO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
177.55.116.74 , Brazil, ASN53057 (RedeHost Internet Ltda., BR),
Reverse DNS
Software
Apache /
Resource Hash
b726566494ab46323a01ff17d2770b29f64ef636c4d67bdfac7558b347f50a04

Request headers

Host
line-seguro-com.umbler.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Referer
https://urlz.fr/bGAO
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
i18next=en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document
Referer
https://urlz.fr/bGAO

Response headers

Date
Fri, 06 Mar 2020 03:12:09 GMT
Server
Apache
Last-Modified
Tue, 12 Apr 2016 16:56:10 GMT
ETag
"a38-5304c89bbfe80-gzip"
Accept-Ranges
bytes
Cache-Control
max-age=86400
Expires
Sat, 07 Mar 2020 03:12:09 GMT
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
974
Keep-Alive
timeout=5, max=98
Connection
Keep-Alive
Content-Type
text/html
bundle.js
ads.themoneytizer.com/cs2/dist/ 		103 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/cs2/dist/bundle.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://urlz.fr/bGAO
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 06 Mar 2020 03:12:09 GMT
content-encoding
gzip
last-modified
Mon, 10 Feb 2020 10:52:38 GMT
server
nginx
etag
"3d387-19a8c-59e3689a88147"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
status
200
cache-control
max-age=86400
accept-ranges
bytes
content-length
24569
expires
Sat, 07 Mar 2020 03:11:12 GMT
tbframe.js
cdn.taboola.com/shared/ Frame 014F 		0
0
css
fonts.googleapis.com/ 		25 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800
Requested by
Host: line-seguro-com.umbler.net
URL: https://line-seguro-com.umbler.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d3fb385aad2757e720c0e49ca0b807172ff255ad2dc2bf4b1998e632297800a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://line-seguro-com.umbler.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 06 Mar 2020 03:12:09 GMT
server
ESF
date
Fri, 06 Mar 2020 03:12:09 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 06 Mar 2020 03:12:09 GMT
theme.min.css
static.umbler.com/mybootstrap/themes/umbler/css/ 		206 KB
46 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.umbler.com/mybootstrap/themes/umbler/css/theme.min.css
Requested by
Host: line-seguro-com.umbler.net
URL: https://line-seguro-com.umbler.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
187.84.237.146 , Brazil, ASN53057 (RedeHost Internet Ltda., BR),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET, ARR/2.5, ASP.NET
Resource Hash
44511b5cf84b1ac0f9352cd46ed215ab55a937c97fcbc6433d5df61935ca5c6a

Request headers

Referer
https://line-seguro-com.umbler.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

Date
Fri, 06 Mar 2020 03:12:08 GMT
Content-Encoding
gzip
Last-Modified
Sat, 29 Sep 2018 17:03:29 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET, ARR/2.5, ASP.NET
ETag
"70f68581658d41:0"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=1209600
Accept-Ranges
bytes
Content-Length
47177
spock_2.png
static.umbler.com/umbler/errorpages/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.umbler.com/umbler/errorpages/spock_2.png
Requested by
Host: line-seguro-com.umbler.net
URL: https://line-seguro-com.umbler.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
187.84.237.146 , Brazil, ASN53057 (RedeHost Internet Ltda., BR),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET, ARR/2.5, ASP.NET
Resource Hash
c0e13372406be5d16a0e2ba9b7d905adabbce3b5203294c6b19991a812c042d0

Request headers

Referer
https://line-seguro-com.umbler.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Fri, 06 Mar 2020 03:12:08 GMT
ETag
"d2738e15821bd01:0"
Last-Modified
Fri, 19 Dec 2014 11:51:11 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET, ARR/2.5, ASP.NET
Content-Type
image/png
Cache-Control
max-age=604800
Accept-Ranges
bytes
Content-Length
16381
logotipo.png
static.umbler.com/mybootstrap/themes/umbler/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.umbler.com/mybootstrap/themes/umbler/logotipo.png
Requested by
Host: line-seguro-com.umbler.net
URL: https://line-seguro-com.umbler.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
187.84.237.146 , Brazil, ASN53057 (RedeHost Internet Ltda., BR),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET, ARR/2.5, ASP.NET
Resource Hash
3a2947ecea1bad7f807f7bcc046526582b17175ecd3126a2afc7bd67796bdfe2

Request headers

Referer
https://line-seguro-com.umbler.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Fri, 06 Mar 2020 03:12:08 GMT
ETag
"3d7dd01f1658d41:0"
Last-Modified
Sat, 29 Sep 2018 17:01:54 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET, ARR/2.5, ASP.NET
Content-Type
image/png
Cache-Control
max-age=1209600
Accept-Ranges
bytes
Content-Length
1043
jquery-1.8.2.min.js
static.umbler.com/umbler/errorpages/ 		91 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.umbler.com/umbler/errorpages/jquery-1.8.2.min.js
Requested by
Host: line-seguro-com.umbler.net
URL: https://line-seguro-com.umbler.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
187.84.237.146 , Brazil, ASN53057 (RedeHost Internet Ltda., BR),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET, ARR/2.5, ASP.NET
Resource Hash
f23d4b309b72743aa8afe1f8c98a25b3ee31246fa572c66d9d8cb1982cae4fbc

Request headers

Referer
https://line-seguro-com.umbler.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Fri, 06 Mar 2020 03:12:08 GMT
Content-Encoding
gzip
Last-Modified
Fri, 19 Dec 2014 11:51:11 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET, ARR/2.5, ASP.NET
ETag
"6d118c15821bd01:0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=604800
Accept-Ranges
bytes
Content-Length
42570
i18next-1.7.4.min.js
static.umbler.com/umbler/errorpages/ 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.umbler.com/umbler/errorpages/i18next-1.7.4.min.js
Requested by
Host: line-seguro-com.umbler.net
URL: https://line-seguro-com.umbler.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
187.84.237.146 , Brazil, ASN53057 (RedeHost Internet Ltda., BR),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET, ARR/2.5, ASP.NET
Resource Hash
cb66e408e48ab71492e9c92161f18ae721fe391a57980cb34ba3c986baa0e65f

Request headers

Referer
https://line-seguro-com.umbler.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Fri, 06 Mar 2020 03:12:08 GMT
Content-Encoding
gzip
Last-Modified
Fri, 19 Dec 2014 11:51:11 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET, ARR/2.5, ASP.NET
ETag
"8af8915821bd01:0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=604800
Accept-Ranges
bytes
Content-Length
12762
error_page_translate.js
static.umbler.com/umbler/errorpages/ 		49 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.umbler.com/umbler/errorpages/error_page_translate.js
Requested by
Host: line-seguro-com.umbler.net
URL: https://line-seguro-com.umbler.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
187.84.237.146 , Brazil, ASN53057 (RedeHost Internet Ltda., BR),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET, ARR/2.5, ASP.NET
Resource Hash
1466af45b1ec3ad1d259f5ceb850410eef7622d6607cef43332b791721840ebd

Request headers

Referer
https://line-seguro-com.umbler.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Fri, 06 Mar 2020 03:12:08 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Nov 2018 12:21:55 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET, ARR/2.5, ASP.NET
ETag
"0ca1cccdd7cd41:0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=604800
Accept-Ranges
bytes
Content-Length
13556
close.png
static.umbler.com/mybootstrap/assets/libs/lightbox/ 		280 B
605 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.umbler.com/mybootstrap/assets/libs/lightbox/close.png
Requested by
Host: line-seguro-com.umbler.net
URL: https://line-seguro-com.umbler.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
187.84.237.146 , Brazil, ASN53057 (RedeHost Internet Ltda., BR),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET, ARR/2.5, ASP.NET
Resource Hash
5d62e6c90005bfb71f6abb440f9e4753681cb23bbd5e60477ab6f442d2f0e69c

Request headers

Referer
https://static.umbler.com/mybootstrap/themes/umbler/css/theme.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Fri, 06 Mar 2020 03:12:08 GMT
ETag
"2afd714c65a7d21:0"
Last-Modified
Tue, 28 Mar 2017 01:47:46 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET, ARR/2.5, ASP.NET
Content-Type
image/png
Cache-Control
max-age=1209600
Accept-Ranges
bytes
Content-Length
280
loading.gif
static.umbler.com/mybootstrap/assets/libs/lightbox/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.umbler.com/mybootstrap/assets/libs/lightbox/loading.gif
Requested by
Host: line-seguro-com.umbler.net
URL: https://line-seguro-com.umbler.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
187.84.237.146 , Brazil, ASN53057 (RedeHost Internet Ltda., BR),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET, ARR/2.5, ASP.NET
Resource Hash
737f8727b515432494f5030b3b59ff9585ab6c5e7e2b28c44f9ad87f2bdd918d

Request headers

Referer
https://static.umbler.com/mybootstrap/themes/umbler/css/theme.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Fri, 06 Mar 2020 03:12:08 GMT
ETag
"2afd714c65a7d21:0"
Last-Modified
Tue, 28 Mar 2017 01:47:46 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET, ARR/2.5, ASP.NET
Content-Type
image/gif
Cache-Control
max-age=1209600
Accept-Ranges
bytes
Content-Length
15721
prev.png
static.umbler.com/mybootstrap/assets/libs/lightbox/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.umbler.com/mybootstrap/assets/libs/lightbox/prev.png
Requested by
Host: line-seguro-com.umbler.net
URL: https://line-seguro-com.umbler.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
187.84.237.146 , Brazil, ASN53057 (RedeHost Internet Ltda., BR),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET, ARR/2.5, ASP.NET
Resource Hash
7fd9273f20fdb1229c224341271a119020a5eee74ccf6b4605730917c864caf2

Request headers

Referer
https://static.umbler.com/mybootstrap/themes/umbler/css/theme.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Fri, 06 Mar 2020 03:12:08 GMT
ETag
"2afd714c65a7d21:0"
Last-Modified
Tue, 28 Mar 2017 01:47:46 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET, ARR/2.5, ASP.NET
Content-Type
image/png
Cache-Control
max-age=1209600
Accept-Ranges
bytes
Content-Length
1360
next.png
static.umbler.com/mybootstrap/assets/libs/lightbox/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.umbler.com/mybootstrap/assets/libs/lightbox/next.png
Requested by
Host: line-seguro-com.umbler.net
URL: https://line-seguro-com.umbler.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
187.84.237.146 , Brazil, ASN53057 (RedeHost Internet Ltda., BR),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET, ARR/2.5, ASP.NET
Resource Hash
15b869b02c6fbaa8c6c26445a2dd2d9bad80fd27b1409f8179e5dd89dc89d90a

Request headers

Referer
https://static.umbler.com/mybootstrap/themes/umbler/css/theme.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Fri, 06 Mar 2020 03:12:08 GMT
ETag
"2afd714c65a7d21:0"
Last-Modified
Tue, 28 Mar 2017 01:47:46 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET, ARR/2.5, ASP.NET
Content-Type
image/png
Cache-Control
max-age=1209600
Accept-Ranges
bytes
Content-Length
1350

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ads.creative-serving.com
URL
https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F5%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
Domain
s.cpx.to
URL
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=D900FE24-DC39-4257-8738-808B4DB6DBD4&fid=727079bc-4012-472a-95ce-1d0b72aea9c6
Domain
pool.grid-data.bidswitch.net
URL
https://pool.grid-data.bidswitch.net/sync?pid=42
Domain
c.tmyzer.com
URL
https://c.tmyzer.com/c/?s=15056&f=28&fi=0
Domain
cdn.taboola.com
URL
https://cdn.taboola.com/shared/tbframe.js

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery object| i18n object| resources string| hostname

1 Cookies

Domain/Path Name / Value
line-seguro-com.umbler.net/ Name: i18next
Value: en-US

2 Console Messages

Source Level URL
Text
console-api log URL: https://script.4dex.io/localstore.js(Line 1)
Message:
TypeError: Cannot read property 'getItem' of null
console-api error URL: https://player.pepsia.com/sdk.js?d=170add42dba(Line 4)
Message:
%c Pepsia.com Player #0 background: #ccc; color: #2176ff Site Désactivé !

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.creative-serving.com
ads.themoneytizer.com
adtrack.adleadevent.com
ajax.cloudflare.com
ajax.googleapis.com
bidder.criteo.com
c.sharethis.mgr.consensu.org
c.tmyzer.com
cdn.taboola.com
ced-ns.sascdn.com
cm.g.doubleclick.net
d2zur9cc2gf1tx.cloudfront.net
dmp.truoptik.com
fastlane.rubiconproject.com
fonts.googleapis.com
g.themoneytizer.net
gum.criteo.com
ib.adnxs.com
ice.360yield.com
js-sec.indexww.com
line-seguro-com.umbler.net
onetag-sys.com
p.cpx.to
pixel.quantserve.com
player.pepsia.com
pool.grid-data.bidswitch.net
prebid-server.rubiconproject.com
rules.quantcount.com
s.cpx.to
script.4dex.io
secure.adnxs.com
secure.quantserve.com
spl.zeotap.com
static.umbler.com
tag.contextweb.com
tag.leadplace.fr
urlz.fr
ww1097.smartadserver.com
www.noowho.com
ads.creative-serving.com
c.tmyzer.com
cdn.taboola.com
pool.grid-data.bidswitch.net
s.cpx.to
104.16.91.60
13.225.84.175
13.225.87.96
145.239.192.166
145.239.193.145
151.139.241.23
172.217.22.2
177.55.116.74
178.250.2.152
185.86.137.32
187.84.237.146
2.18.234.21
2600:9000:2156:1a00:c:a9b7:ddc0:93a1
2600:9000:21f3:200:6:44e3:f8c0:93a1
2606:4700:10::6814:8238
2606:4700:3038::681f:ab2
2606:4700::6811:4004
2606:4700:e6::ac40:cd03
2a00:1450:4001:815::200a
2a00:1450:4001:816::200a
2a02:2638:1::13
35.156.217.79
37.252.173.22
37.252.173.27
5.179.192.20
51.89.9.252
52.29.128.237
54.194.146.225
54.246.118.35
68.232.35.16
69.173.144.143
74.214.194.131
91.228.74.145
91.228.74.152
94.23.196.203
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
00e0444dc2b1c43780931d55acf76738a0d25a4227007127984b44dbbd7d2aaa
0214d392d4e27028b59a53de3a937de0211ca40bc070387c0d68da05a3d8cc4c
08345a0970c6f2f908ff73df257b8cfe4a1c271bea2269c4bc95c0228534f36c
1466af45b1ec3ad1d259f5ceb850410eef7622d6607cef43332b791721840ebd
15b869b02c6fbaa8c6c26445a2dd2d9bad80fd27b1409f8179e5dd89dc89d90a
22185f510bff003e8504a6bff1759a96e745cb019155405c55fd2263898c6151
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
28de0b4fa09ef4cb517e8eaa7c254b9ad896e010f81aad59aadabed603a00197
30b51d7291d0a41272bb2175b6320473e8271617e510b597ebcc15f63563bf6c
38bc0f256821a9c0a02a1c0cedf8ff70c211e637ef77ac199de2fe0cf36ba9ec
3a2947ecea1bad7f807f7bcc046526582b17175ecd3126a2afc7bd67796bdfe2
410ecc514c7dd899d76995a8976a9a1217a6c418525d0350bea33ad5cb1283ca
44511b5cf84b1ac0f9352cd46ed215ab55a937c97fcbc6433d5df61935ca5c6a
46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681
4dc266b37d3787686ec7aa83444a7b2142b85081e56c934cd68793fa0aeae641
5d62e6c90005bfb71f6abb440f9e4753681cb23bbd5e60477ab6f442d2f0e69c
649144be1fa79362df36ab951a8b94ba05f5e7f1a484224bf9dc7f333fdb60dd
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
68b5334053cb6df0dbaad91f4cc48b60b6e6e86710b4a49e70c40f2ddf74668c
737f8727b515432494f5030b3b59ff9585ab6c5e7e2b28c44f9ad87f2bdd918d
759d88dd7c8fa0d1e31323bd2ebf3f238156fdcbd1ed108215f69fece482d0c2
7fd9273f20fdb1229c224341271a119020a5eee74ccf6b4605730917c864caf2
83e7227079d44c2e0241e283dbc3b163b21d7ddf589b78645ec0b70e2dba9f57
87d0504a593794695c2f77db0efde1f65e73a7086abf260f07f491482517cd07
89085930fdff263d643c4fa37f489efadd7d9f8361661113d67eb61aa7d6311a
90e6f92e956b0b2b6e655f63d36cd44cef727f54c2b2a175ab5144de14ba2a31
94666aec361fee9a9294bb32a5bc11867e479d41c199dd6ec8053122ae105a4b
9ca8e213054d163276dedede01f9eaedf3daf414063621030719d3cbde1eca51
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
b11cccb16528316f36f8b7ceb954a128ac3afb4c7e37e6c04dd80ce69e2588d3
b3c3b544c3ab388c72930dabc9d87dbb3e0afc2dcac6dd807c52269eee0f2fda
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213
b726566494ab46323a01ff17d2770b29f64ef636c4d67bdfac7558b347f50a04
bf0e17523e8f57ccb02223b6e5adea462a5479afc4e79d9cbf80ca7f6186dc69
c0e13372406be5d16a0e2ba9b7d905adabbce3b5203294c6b19991a812c042d0
c2d5f331d09b9a259832acdee3d079099995c012289a6aadc349e9d0c4061b4b
cb66e408e48ab71492e9c92161f18ae721fe391a57980cb34ba3c986baa0e65f
d3fb385aad2757e720c0e49ca0b807172ff255ad2dc2bf4b1998e632297800a9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8d7c60749c1d62942a8e0a6f901800bd14ff3094251373626cd99a8875c6391
ee3a0ea115a43b7c312b5c6040e3c37c36083931f30350bda203de64cd1736e4
f23d4b309b72743aa8afe1f8c98a25b3ee31246fa572c66d9d8cb1982cae4fbc