urlscan.io logo urlscan.io
SecurityTrails logo

urlz.fr Open in urlscan Pro
2606:4700:3038::6815:ead7  Public Scan

Go To Rescan Add Verdict Report
URL: https://urlz.fr/insJ
Submission: On May 30 via manual from NL — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 45 IPs in 7 countries across 44 domains to perform 124 HTTP transactions. The main IP is 2606:4700:3038::6815:ead7, located in United States and belongs to CLOUDFLARENET, US. The main domain is urlz.fr. The Cisco Umbrella rank of the primary domain is 650234.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 12th 2021. Valid for: a year.
This is the only time urlz.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2606:4700:303... 13335 (CLOUDFLAR...)
2 27 82.223.3.178 8560 (IONOS-AS ...)
1 2a00:1450:400... 15169 (GOOGLE)
9 2a02:6ea0:c70... 60068 (CDN77 ^_^)
1 2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
4 192.229.221.25 15133 (EDGECAST)
4 2a03:2880:f01... 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 4 2a03:2880:f12... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 2600:9000:203... 16509 (AMAZON-02)
3 54.38.64.100 16276 (OVH)
1 92.123.225.57 20940 (AKAMAI-ASN1)
1 2a02:2638::1c 44788 (ASN-CRITE...)
8 2606:4700:10:... 13335 (CLOUDFLAR...)
1 145.239.192.166 16276 (OVH)
1 51.89.9.254 16276 (OVH)
1 2620:116:800d... 16509 (AMAZON-02)
1 52.211.75.9 16509 (AMAZON-02)
1 52.222.137.10 16509 (AMAZON-02)
2 23.35.236.247 16625 (AKAMAI-AS)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 143.204.95.188 16509 (AMAZON-02)
3 5.39.39.173 16276 (OVH)
1 2a00:1450:400... 15169 (GOOGLE)
1 34.120.133.55 15169 (GOOGLE)
3 52.223.40.198 16509 (AMAZON-02)
1 2600:9000:215... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2 185.33.221.52 29990 (ASN-APPNEX)
2 2 142.250.185.66 15169 (GOOGLE)
2 2 52.49.145.37 16509 (AMAZON-02)
1 2 109.232.196.59 50234 (EULERIAN-AS)
1 1 18.156.126.13 16509 (AMAZON-02)
1 1 2.18.233.201 16625 (AKAMAI-AS)
1 1 176.34.72.130 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 46.137.175.60 16509 (AMAZON-02)
1 2600:9000:215... 16509 (AMAZON-02)
4 52.19.184.31 16509 (AMAZON-02)
1 141.95.98.65 16276 (OVH)
1 54.246.7.169 16509 (AMAZON-02)
1 2600:9000:215... 16509 (AMAZON-02)
1 18.192.153.157 16509 (AMAZON-02)
2 2 185.64.190.80 62713 (AS-PUBMATIC)
1 1 185.33.221.15 29990 (ASN-APPNEX)
1 2 185.86.139.106 201081 (SMARTADSE...)
124 45
2    2606:4700:3038::6815:ead7 (United States)

ASN13335 (CLOUDFLARENET, US)
urlz.fr
27    82.223.3.178 (Spain)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)
xurl.es
1    2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
9    2a02:6ea0:c700::11 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
ads.themoneytizer.com
2    2606:4700:10::6816:30e3 (United States)

ASN13335 (CLOUDFLARENET, US)
ad.adxcore.com
1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
adaccess.fr
2    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
10    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
4    192.229.221.25 (United States)

ASN15133 (EDGECAST, US)
www.paypalobjects.com
4    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
4    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
4    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.fr
1    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
5    2600:9000:2038:2200:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)
quantcast.mgr.consensu.org
3    54.38.64.100 (France)

ASN16276 (OVH, FR)
c.tmyzer.com
1    92.123.225.57 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a92-123-225-57.deploy.static.akamaitechnologies.com
ced.sascdn.com
1    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
8    2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
1    145.239.192.166 (France)

ASN16276 (OVH, FR)
tag.leadplace.fr
1    51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu
onetag-sys.com
1    2620:116:800d:21:b314:a0ef:ab7c:d546 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
1    52.211.75.9 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-75-9.eu-west-1.compute.amazonaws.com
p.cpx.to
1    52.222.137.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-137-10.ams50.r.cloudfront.net
d2zur9cc2gf1tx.cloudfront.net
2    23.35.236.247 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-247.deploy.static.akamaitechnologies.com
js-sec.indexww.com
as-sec.casalemedia.com
2    2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    143.204.95.188 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-95-188.fra50.r.cloudfront.net
c.amazon-adsystem.com
3    5.39.39.173 (France)

ASN16276 (OVH, FR)
l.adxcore.com
1    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com
api.rlcdn.com
3    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    2600:9000:2156:c200:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    2a00:1450:4001:803::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    185.33.221.52 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
2    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
cm.g.doubleclick.net
2    52.49.145.37 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-145-37.eu-west-1.compute.amazonaws.com
dpm.demdex.net
2    109.232.196.59 (France)

ASN50234 (EULERIAN-AS, FR)
PTR: sfr.eulerian.net
elr.sfr.fr
netc.sfr.fr
1    18.156.126.13 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-126-13.eu-central-1.compute.amazonaws.com
aa.agkn.com
1    2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com
pixel.mathtag.com
1    176.34.72.130 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-176-34-72-130.eu-west-1.compute.amazonaws.com
obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com
1    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    46.137.175.60 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-46-137-175-60.eu-west-1.compute.amazonaws.com
adtrack.adleadevent.com
1    2600:9000:2156:5800:3:a4cd:8380:93a1 (United States)

ASN16509 (AMAZON-02, US)
test.quantcast.mgr.consensu.org
4    52.19.184.31 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-184-31.eu-west-1.compute.amazonaws.com
s.cpx.to
1    141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu
id5-sync.com
1    54.246.7.169 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-246-7-169.eu-west-1.compute.amazonaws.com
ad.missena.io
1    2600:9000:2156:5c00:19:2cf2:a900:93a1 (United States)

ASN16509 (AMAZON-02, US)
currency.prebid.org
1    18.192.153.157 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-153-157.eu-central-1.compute.amazonaws.com
audit-tcfv2.quantcast.mgr.consensu.org
2    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    185.33.221.15 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com
2    185.86.139.106 (France)

ASN201081 (SMARTADSERVER, FR)
sync.smartadserver.com
Apex Domain
Subdomains		 Transfer
27 xurl.es
xurl.es
47 KB
13 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 90
tpc.googlesyndication.com — Cisco Umbrella Rank: 136
537 KB
9 themoneytizer.com
ads.themoneytizer.com — Cisco Umbrella Rank: 24611
230 KB
8 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 1625
mwzeom.zeotap.com — Cisco Umbrella Rank: 1383
22 KB
7 consensu.org
quantcast.mgr.consensu.org — Cisco Umbrella Rank: 2050
test.quantcast.mgr.consensu.org — Cisco Umbrella Rank: 5486
audit-tcfv2.quantcast.mgr.consensu.org — Cisco Umbrella Rank: 9861
178 KB
6 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 40
cm.g.doubleclick.net — Cisco Umbrella Rank: 191
6 KB
5 cpx.to
p.cpx.to — Cisco Umbrella Rank: 8428
s.cpx.to — Cisco Umbrella Rank: 1823
6 KB
5 adxcore.com
ad.adxcore.com — Cisco Umbrella Rank: 335616
l.adxcore.com — Cisco Umbrella Rank: 416386
204 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 97
3 KB
4 google-analytics.com
ssl.google-analytics.com — Cisco Umbrella Rank: 286
www.google-analytics.com — Cisco Umbrella Rank: 35
54 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 144
169 KB
4 paypalobjects.com
www.paypalobjects.com — Cisco Umbrella Rank: 2004
7 KB
3 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 214
secure.adnxs.com — Cisco Umbrella Rank: 391
3 KB
3 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 329
913 B
3 tmyzer.com
c.tmyzer.com — Cisco Umbrella Rank: 25145
824 B
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 42
ajax.googleapis.com — Cisco Umbrella Rank: 277
32 KB
2 smartadserver.com
sync.smartadserver.com — Cisco Umbrella Rank: 1374
1 KB
2 pubmatic.com
image2.pubmatic.com — Cisco Umbrella Rank: 819
631 B
2 sfr.fr
elr.sfr.fr — Cisco Umbrella Rank: 302574
netc.sfr.fr — Cisco Umbrella Rank: 206106
1 KB
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 194
2 KB
2 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 280
40 KB
2 google.com
adservice.google.com — Cisco Umbrella Rank: 70
www.google.com — Cisco Umbrella Rank: 2
2 KB
2 urlz.fr
urlz.fr — Cisco Umbrella Rank: 650234
7 KB
1 prebid.org
currency.prebid.org — Cisco Umbrella Rank: 29549
2 KB
1 missena.io
ad.missena.io — Cisco Umbrella Rank: 295938
8 KB
1 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 600
1 KB
1 adleadevent.com
adtrack.adleadevent.com — Cisco Umbrella Rank: 28811
518 B
1 casalemedia.com
as-sec.casalemedia.com — Cisco Umbrella Rank: 1313
422 B
1 gstatic.com
fonts.gstatic.com
14 KB
1 imrworldwide.com
obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com — Cisco Umbrella Rank: 45988
201 B
1 mathtag.com
pixel.mathtag.com — Cisco Umbrella Rank: 1177
754 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 415
542 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 862
1 KB
1 rlcdn.com
api.rlcdn.com — Cisco Umbrella Rank: 783
355 B
1 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 586
13 KB
1 cloudfront.net
d2zur9cc2gf1tx.cloudfront.net
26 KB
1 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 890
10 KB
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 741
1 leadplace.fr
tag.leadplace.fr — Cisco Umbrella Rank: 25484
6 KB
1 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 358
373 B
1 sascdn.com
ced.sascdn.com — Cisco Umbrella Rank: 9601
30 KB
1 google.fr
adservice.google.fr — Cisco Umbrella Rank: 28268
792 B
1 adaccess.fr
adaccess.fr — Cisco Umbrella Rank: 398995
2 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 64
39 KB
124 44
Domain Requested by
27 xurl.es 2 redirects urlz.fr
xurl.es
10 pagead2.googlesyndication.com xurl.es
pagead2.googlesyndication.com
ad.adxcore.com
tpc.googlesyndication.com
9 ads.themoneytizer.com urlz.fr
ads.themoneytizer.com
6 mwzeom.zeotap.com
5 quantcast.mgr.consensu.org urlz.fr
quantcast.mgr.consensu.org
4 s.cpx.to p.cpx.to
4 www.facebook.com 2 redirects connect.facebook.net
4 googleads.g.doubleclick.net pagead2.googlesyndication.com
4 connect.facebook.net xurl.es
connect.facebook.net
4 www.paypalobjects.com xurl.es
3 match.adsrvr.org js-sec.indexww.com
3 l.adxcore.com
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
3 c.tmyzer.com ads.themoneytizer.com
2 sync.smartadserver.com 1 redirects
2 image2.pubmatic.com 2 redirects
2 dpm.demdex.net 2 redirects
2 cm.g.doubleclick.net 2 redirects
2 ib.adnxs.com 2 redirects
2 c.amazon-adsystem.com ad.adxcore.com
c.amazon-adsystem.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 spl.zeotap.com ads.themoneytizer.com
spl.zeotap.com
2 ssl.google-analytics.com xurl.es
2 fonts.googleapis.com xurl.es
2 ad.adxcore.com 1 redirects ad.adxcore.com
2 urlz.fr urlz.fr
1 secure.adnxs.com 1 redirects
1 audit-tcfv2.quantcast.mgr.consensu.org quantcast.mgr.consensu.org
1 currency.prebid.org ad.adxcore.com
1 ad.missena.io ad.adxcore.com
1 id5-sync.com
1 test.quantcast.mgr.consensu.org quantcast.mgr.consensu.org
1 adtrack.adleadevent.com ajax.googleapis.com
1 as-sec.casalemedia.com js-sec.indexww.com
1 fonts.gstatic.com fonts.googleapis.com
1 obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com 1 redirects
1 pixel.mathtag.com 1 redirects
1 aa.agkn.com 1 redirects
1 netc.sfr.fr
1 elr.sfr.fr 1 redirects
1 www.google.com tpc.googlesyndication.com
1 rules.quantcount.com secure.quantserve.com
1 api.rlcdn.com js-sec.indexww.com
1 ajax.googleapis.com d2zur9cc2gf1tx.cloudfront.net
1 js-sec.indexww.com ads.themoneytizer.com
1 d2zur9cc2gf1tx.cloudfront.net ads.themoneytizer.com
1 p.cpx.to ads.themoneytizer.com
1 secure.quantserve.com ads.themoneytizer.com
1 onetag-sys.com ads.themoneytizer.com
1 tag.leadplace.fr ads.themoneytizer.com
1 gum.criteo.com ads.themoneytizer.com
1 ced.sascdn.com ads.themoneytizer.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.fr pagead2.googlesyndication.com
1 adaccess.fr urlz.fr
1 www.googletagmanager.com urlz.fr
124 56

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-12 -
2022-07-11		 a year crt.sh
xurl.es
R3		 2022-05-05 -
2022-08-03		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
1266287590.rsc.cdn77.org
R3		 2022-05-24 -
2022-08-22		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2022-04-25 -
2023-04-25		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-03-08 -
2022-06-06		 3 months crt.sh
*.google.fr
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
*.cmp.quantcast.com
R3		 2022-04-26 -
2022-07-25		 3 months crt.sh
c.tmyzer.com
R3		 2022-03-31 -
2022-06-29		 3 months crt.sh
*.sascdn.com
DigiCert SHA2 Secure Server CA		 2021-09-13 -
2022-09-13		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-11 -
2022-07-07		 3 months crt.sh
*.leadplace.fr
Gandi Standard SSL CA 2		 2021-09-12 -
2022-09-12		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
p.cpx.to
Sectigo RSA Domain Validation Secure Server CA		 2022-01-13 -
2023-01-13		 a year crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
*.adxcore.com
Gandi Standard SSL CA 2		 2022-01-25 -
2023-02-25		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
adtrack.adleadevent.com
Amazon		 2021-05-17 -
2022-06-15		 a year crt.sh
s.cpx.to
Sectigo RSA Domain Validation Secure Server CA		 2022-01-17 -
2023-01-17		 a year crt.sh
*.id5-sync.com
R3		 2022-03-08 -
2022-06-06		 3 months crt.sh
*.missena.io
Amazon		 2022-05-04 -
2023-06-02		 a year crt.sh
*.prebid.org
Amazon		 2021-08-28 -
2022-09-26		 a year crt.sh

This page contains 12 frames:

Primary Page: https://urlz.fr/insJ
Frame ID: B9E0A971A76E2E5398575E2C576D1FBD
Requests: 65 HTTP requests in this frame

Frame: https://xurl.es/
Frame ID: A10F972F6EE6D37AFA2D0B70F8130020
Requests: 23 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220525/r20190131/zrt_lookup.html
Frame ID: 95EB57CB5C9E2A02AB8B909F8D612AA8
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Flike_box.php%3Fapp_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Dfe2980d81c353%2526domain%253Dxurl.es%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fxurl.es%25252Ff39b4df407513e8%2526relation%253Dparent.parent%26connections%3D16%26container_width%3D0%26header%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fpages%252FXURLes-Haz-tus-url-mas-cortas%252F135298596525315%26locale%3Des_ES%26sdk%3Djoey%26stream%3Dfalse%26width%3D300
Frame ID: 672C5F6644C043556A77D55BD9116E8F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4793209335833860&output=html&h=90&slotname=4639160287&adk=271488381&adf=3173046732&pi=t.ma~as.4639160287&w=970&psa=0&format=970x90&url=https%3A%2F%2Furlz.fr%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653920286401&bpp=15&bdt=438&idt=216&shv=r20220525&mjsv=m202205240101&ptt=9&saldr=aa&correlator=2445716505298&frm=24&ife=1&pv=2&ga_vid=626363721.1653920287&ga_sid=1653920287&ga_hid=1438464439&ga_fc=0&ga_wpids=UA-266266-17&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=575131221&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44760475&oid=2&pvsid=2715657578282979&pem=98&tmod=1570211041&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.xe5ikcioak6q&fsb=1&dtd=249
Frame ID: 1DE0270175AEE685CBA2267EE377202B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4793209335833860&output=html&h=250&slotname=7732227484&adk=2257642287&adf=3458493280&pi=t.ma~as.7732227484&w=300&psa=0&format=300x250&url=https%3A%2F%2Furlz.fr%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653920286417&bpp=1&bdt=454&idt=237&shv=r20220525&mjsv=m202205240101&ptt=9&saldr=aa&prev_fmts=970x90&correlator=2445716505298&frm=24&ife=1&pv=1&ga_vid=626363721.1653920287&ga_sid=1653920287&ga_hid=1438464439&ga_fc=0&ga_wpids=UA-266266-17&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=575131221&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44760475&oid=2&pvsid=2715657578282979&pem=98&tmod=1570211041&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=d%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.3mjmc8jjegw1&fsb=1&dtd=258
Frame ID: 89DC3041D43E21426D5194D0A7D5E4F5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4793209335833860&output=html&h=90&slotname=4639160287&adk=271488381&adf=3493768500&pi=t.ma~as.4639160287&w=970&psa=0&format=970x90&url=https%3A%2F%2Furlz.fr%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653920286418&bpp=1&bdt=455&idt=261&shv=r20220525&mjsv=m202205240101&ptt=9&saldr=aa&prev_fmts=970x90%2C300x250&correlator=2445716505298&frm=24&ife=1&pv=1&ga_vid=626363721.1653920287&ga_sid=1653920287&ga_hid=1438464439&ga_fc=0&ga_wpids=UA-266266-17&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=575131221&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44760475&oid=2&pvsid=2715657578282979&pem=98&tmod=1570211041&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=3.wgnj5hkfxe80&fsb=1&dtd=280
Frame ID: 63395D04D9756F1B2AE772B589688242
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1653920287102
Frame ID: CA5514CF8BC51B20872EE6DE366A1980
Requests: 1 HTTP requests in this frame

Frame: https://xurl.es/
Frame ID: 508A8AD12F3310CE959F0B1793BC17B2
Requests: 24 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4F41CF9DB4064589DBA75BA0CA14836A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A82AE410A1CBFC70EC99D74C3089C4A0
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Flike_box.php%3Fapp_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df1e0517dac12a4c%2526domain%253Dxurl.es%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fxurl.es%25252Ffafcc16589ce8c%2526relation%253Dparent.parent%26connections%3D16%26container_width%3D0%26header%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fpages%252FXURLes-Haz-tus-url-mas-cortas%252F135298596525315%26locale%3Des_ES%26sdk%3Djoey%26stream%3Dfalse%26width%3D300
Frame ID: 530B8B836181FB794B60CCA537AA4147
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Inloggen - Mijn ICS | International Card Services

Detected technologies

Overall confidence: 100%
Detected patterns
  • paypalobjects\.com
Overall confidence: 100%
Detected patterns
  • (?:ad\.advertstream\.com|adxcore\.com)
Overall confidence: 100%
Detected patterns
  • <(?:iframe|img)[^>]+adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /prebid\.js
Overall confidence: 100%
Detected patterns
  • quantcast\.mgr\.consensu\.org
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

124
Requests

90 %
HTTPS

47 %
IPv6

44
Domains

56
Subdomains

45
IPs

7
Countries

1696 kB
Transfer

5526 kB
Size

31
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://xurl.es/vozxz HTTP 302
  • https://xurl.es/
Request Chain 9
  • https://ad.adxcore.com/a/init/?site=23152 HTTP 302
  • https://adaccess.fr/a/init/index.php?site=23152
Request Chain 28
  • https://www.facebook.com/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfe2980d81c353%26domain%3Dxurl.es%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fxurl.es%252Ff39b4df407513e8%26relation%3Dparent.parent&connections=16&container_width=0&header=false&href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FXURLes-Haz-tus-url-mas-cortas%2F135298596525315&locale=es_ES&sdk=joey&stream=false&width=300 HTTP 302
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Flike_box.php%3Fapp_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Dfe2980d81c353%2526domain%253Dxurl.es%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fxurl.es%25252Ff39b4df407513e8%2526relation%253Dparent.parent%26connections%3D16%26container_width%3D0%26header%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fpages%252FXURLes-Haz-tus-url-mas-cortas%252F135298596525315%26locale%3Des_ES%26sdk%3Djoey%26stream%3Dfalse%26width%3D300
Request Chain 53
  • https://xurl.es/vozxz HTTP 302
  • https://xurl.es/
Request Chain 82
  • https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=pageview&id_mid_4=c78aac05-4186-41db-46e0-add6ee674075&reqId=dc01a82d-e7c4-46a7-7684-c6f75ec67eec&zdid=1258 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fadnxs_uid%3D%24UID%26zpartnerid%3D2%26env%3DmWeb%26eventType%3Dpageview%26id_mid_4%3Dc78aac05-4186-41db-46e0-add6ee674075%26reqId%3Ddc01a82d-e7c4-46a7-7684-c6f75ec67eec%26zdid%3D1258 HTTP 302
  • https://mwzeom.zeotap.com/mw?adnxs_uid=6982627035980458637&zpartnerid=2&env=mWeb&eventType=pageview&id_mid_4=c78aac05-4186-41db-46e0-add6ee674075&reqId=dc01a82d-e7c4-46a7-7684-c6f75ec67eec&zdid=1258
Request Chain 83
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=c78aac05-4186-41db-46e0-add6ee674075&reqId=dc01a82d-e7c4-46a7-7684-c6f75ec67eec&zdid=1258 HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEP5Q76Jj0liAGnVlCrJVvrM&google_cver=1&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=c78aac05-4186-41db-46e0-add6ee674075&reqId=dc01a82d-e7c4-46a7-7684-c6f75ec67eec&zdid=1258
Request Chain 85
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=c78aac05-4186-41db-46e0-add6ee674075&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dpageview%26id_mid_4%3Dc78aac05-4186-41db-46e0-add6ee674075%26reqId%3Ddc01a82d-e7c4-46a7-7684-c6f75ec67eec%26zdid%3D1258 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=c78aac05-4186-41db-46e0-add6ee674075&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dpageview%26id_mid_4%3Dc78aac05-4186-41db-46e0-add6ee674075%26reqId%3Ddc01a82d-e7c4-46a7-7684-c6f75ec67eec%26zdid%3D1258 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=59609289078674729314332637854476515593&zpartnerid=314&env=mWeb&eventType=pageview&id_mid_4=c78aac05-4186-41db-46e0-add6ee674075&reqId=dc01a82d-e7c4-46a7-7684-c6f75ec67eec&zdid=1258
Request Chain 86
  • https://elr.sfr.fr/rpset/sfr-fr/44742096?zeotapid=c78aac05-4186-41db-46e0-add6ee674075 HTTP 302
  • https://netc.sfr.fr/rpset/sfr-fr/44742096?zeotapid=c78aac05-4186-41db-46e0-add6ee674075
Request Chain 87
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=FRA&env=mWeb&eventType=pageview&id_mid_4=c78aac05-4186-41db-46e0-add6ee674075&reqId=dc01a82d-e7c4-46a7-7684-c6f75ec67eec&zdid=1258 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=FRA&zdid=1258&cid=vopkNd%2FXwqK9NOsdRe9Wdr7re%2BWZZNHd%2BS41iYitP1U%3D
Request Chain 88
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dpageview%26id_mid_4%3Dc78aac05-4186-41db-46e0-add6ee674075%26reqId%3Ddc01a82d-e7c4-46a7-7684-c6f75ec67eec%26zdid%3D1258 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=64ad6294-d21f-4700-bf40-891301e24f2e&env=mWeb&zpartnerid=979&env=mWeb&eventType=pageview&id_mid_4=c78aac05-4186-41db-46e0-add6ee674075&reqId=dc01a82d-e7c4-46a7-7684-c6f75ec67eec&zdid=1258
Request Chain 89
  • https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dpageview%26id_mid_4%3Dc78aac05-4186-41db-46e0-add6ee674075%26reqId%3Ddc01a82d-e7c4-46a7-7684-c6f75ec67eec%26zdid%3D1258 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=pageview&id_mid_4=c78aac05-4186-41db-46e0-add6ee674075&reqId=dc01a82d-e7c4-46a7-7684-c6f75ec67eec&zdid=1258
Request Chain 103
  • https://www.facebook.com/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1e0517dac12a4c%26domain%3Dxurl.es%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fxurl.es%252Ffafcc16589ce8c%26relation%3Dparent.parent&connections=16&container_width=0&header=false&href=https%3A%2F%2Fwww.facebook.com%2Fpages%2FXURLes-Haz-tus-url-mas-cortas%2F135298596525315&locale=es_ES&sdk=joey&stream=false&width=300 HTTP 302
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Flike_box.php%3Fapp_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df1e0517dac12a4c%2526domain%253Dxurl.es%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fxurl.es%25252Ffafcc16589ce8c%2526relation%253Dparent.parent%26connections%3D16%26container_width%3D0%26header%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fpages%252FXURLes-Haz-tus-url-mas-cortas%252F135298596525315%26locale%3Des_ES%26sdk%3Djoey%26stream%3Dfalse%26width%3D300
Request Chain 117
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Df0bd4810-78fe-4540-ba04-6973fdfb9e8d HTTP 302
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Df0bd4810-78fe-4540-ba04-6973fdfb9e8d HTTP 302
  • https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=7D5CCF89-F1BE-4903-AC37-92AF6023B765&fid=f0bd4810-78fe-4540-ba04-6973fdfb9e8d
Request Chain 118
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12773%26ref%3D%26url%3Dhttps%253A%252F%252Furlz.fr%252FinsJ%26hn_ver%3D40%26fid%3Df0bd4810-78fe-4540-ba04-6973fdfb9e8d HTTP 302
  • https://s.cpx.to/an_fire?app_nexus_uid=6982627035980458637&pid=12773&ref=&url=https%3A%2F%2Furlz.fr%2FinsJ&hn_ver=40&fid=f0bd4810-78fe-4540-ba04-6973fdfb9e8d
Request Chain 119
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3Df0bd4810-78fe-4540-ba04-6973fdfb9e8d&gdpr=0 HTTP 302
  • https://sync.smartadserver.com/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=f0bd4810-78fe-4540-ba04-6973fdfb9e8d&gdpr=0&cklb=1
Request Chain 120
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=f0bd4810-78fe-4540-ba04-6973fdfb9e8d HTTP 302
  • https://s.cpx.to/ca.png?dsp=dbm&fid=f0bd4810-78fe-4540-ba04-6973fdfb9e8d&google_gid=CAESEEnwk217Khcgc3Y5OqfNalg&google_cver=1

124 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request insJ
urlz.fr/ 		9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://urlz.fr/insJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:ead7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44176f0e78c1841a5b4b077e2e5e4f845dc5159c688c063036984049e1f90fe5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=60
cf-cache-status
DYNAMIC
cf-ray
713818d64b979705-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 30 May 2022 14:18:05 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Mon, 30 May 2022 14:19:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ReAN0dAvwJcUC3WHUMPy20dv1MaY7TBKEy9ZZ7oMjbyWIQmpJklXHOm5cx7tpyKlaf7AsrhIfBl0u8GVLOU8sva6lrFI6lYEbf6OXXfz%2Fbf%2BTNF18IiyC%2FYVAaVUJVYTiyDDC9SN"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-fastcgi-cache
MISS
rocket-loader.min.js
urlz.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://urlz.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: urlz.fr
URL: https://urlz.fr/insJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:ead7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://urlz.fr/insJ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 30 May 2022 14:18:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 25 May 2022 09:50:37 GMT
server
cloudflare
etag
W/"628dfbed-302c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=msKon4E%2F%2FWUP5I%2FUR2etks2a734Uia99x5GAcNHKyUb0Z%2FdL6jIpUjHHKRpX1YLVUJcRd51zS4GvtgNU1N%2BqZXI0bluK5C5s4nOH%2FWRHO9uRtbkf0yYqypOMbOqXVeXFGSiDNQbz"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
713818d72dc09705-AMS
vary
Accept-Encoding
expires
Wed, 01 Jun 2022 14:18:05 GMT
/
xurl.es/ Frame A10F
Redirect Chain
  • https://xurl.es/vozxz
  • https://xurl.es/
11 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xurl.es/
Requested by
Host: urlz.fr
URL: https://urlz.fr/insJ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
82.223.3.178 , Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx / PHP/7.4.29 PleskLin
Resource Hash
669020881155e9402d450fca0eded4efef18adfcc245516c229b1293b6f0a3c1
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

Referer
https://urlz.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

content-encoding
gzip
content-length
3578
content-type
text/html; charset=UTF-8
date
Mon, 30 May 2022 14:18:05 GMT
server
nginx
strict-transport-security
max-age=15768000; includeSubDomains
vary
Accept-Encoding
x-powered-by
PHP/7.4.29 PleskLin

Redirect headers

content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 30 May 2022 14:18:05 GMT
location
https://xurl.es
server
nginx
strict-transport-security
max-age=15768000; includeSubDomains
x-powered-by
PHP/7.4.29 PleskLin
js
www.googletagmanager.com/gtag/ 		100 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-162669458-1
Requested by
Host: urlz.fr
URL: https://urlz.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
93c2c8ebc94c695e8c381a1ec604612a9cadf7a4ba92632f57d727b2ee18f4a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 30 May 2022 14:18:05 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39618
x-xss-protection
0
last-modified
Mon, 30 May 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 30 May 2022 14:18:05 GMT
requestform.js
ads.themoneytizer.com/s/ 		115 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=6
Requested by
Host: urlz.fr
URL: https://urlz.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
ce740f8eac49a255e5038395e1425e00b38d836234911959bc1a74a532a02d7f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-77-nzt
AcO1rgVw673/iokAAA
x-accel-expires
@1653971475
date
Mon, 30 May 2022 14:18:05 GMT
content-encoding
br
server
CDN77-Turbo
x-77-nzt-ray
3RPiczFoShM
x-77-cache
HIT
content-type
text/html; charset=UTF-8
cache-control
max-age=86400
x-cache
HIT
x-age
35210
x-77-pop
frankfurtDE
gen.js
ads.themoneytizer.com/s/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/gen.js?type=6
Requested by
Host: urlz.fr
URL: https://urlz.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
7d2b3e8a1d6b172ea7936a53c5a937dcb7bc22b5bd5be45c048c4af9fca56d66

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-77-nzt
AcO1rgWLAbv/cY8AAA
x-accel-expires
@1653969964
date
Mon, 30 May 2022 14:18:05 GMT
content-encoding
br
server
CDN77-Turbo
x-77-nzt-ray
YBgtptjA20M
x-77-cache
HIT
content-type
text/html; charset=UTF-8
cache-control
max-age=86400
x-cache
HIT
x-age
36721
x-77-pop
frankfurtDE
requestform.js
ads.themoneytizer.com/s/ 		121 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Requested by
Host: urlz.fr
URL: https://urlz.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
819637a3a0b340f1967c15ce6bea1cf2d162f5c17fb07f75acab2f2710c0498a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-77-nzt
AcO1rgUmnez/iokAAA
x-accel-expires
@1653971475
date
Mon, 30 May 2022 14:18:05 GMT
content-encoding
br
server
CDN77-Turbo
x-77-nzt-ray
efscd2jJTEg
x-77-cache
HIT
content-type
text/html; charset=UTF-8
cache-control
max-age=86400
x-cache
HIT
x-age
35210
x-77-pop
frankfurtDE
gen.js
ads.themoneytizer.com/s/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/gen.js?type=28
Requested by
Host: urlz.fr
URL: https://urlz.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
7d2b3e8a1d6b172ea7936a53c5a937dcb7bc22b5bd5be45c048c4af9fca56d66

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-77-nzt
AcO1rgU7eDz/b48AAA
x-accel-expires
@1653969966
date
Mon, 30 May 2022 14:18:05 GMT
content-encoding
br
server
CDN77-Turbo
x-77-nzt-ray
jfPfAezHfoc
x-77-cache
HIT
content-type
text/html; charset=UTF-8
cache-control
max-age=86400
x-cache
HIT
x-age
36719
x-77-pop
frankfurtDE
requestform.js
ads.themoneytizer.com/s/ 		121 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1
Requested by
Host: urlz.fr
URL: https://urlz.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
8dd20c3b099dd680b31530a1b14319c12bf9b623a9a05843a4a722180f3c3a92

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-77-nzt
AcO1rgXtrQD/iokAAA
x-accel-expires
@1653971475
date
Mon, 30 May 2022 14:18:05 GMT
content-encoding
br
server
CDN77-Turbo
x-77-nzt-ray
rJkAs6Rpm2o
x-77-cache
HIT
content-type
text/html; charset=UTF-8
cache-control
max-age=86400
x-cache
HIT
x-age
35210
x-77-pop
frankfurtDE
gen.js
ads.themoneytizer.com/s/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/gen.js?type=1
Requested by
Host: urlz.fr
URL: https://urlz.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
7d2b3e8a1d6b172ea7936a53c5a937dcb7bc22b5bd5be45c048c4af9fca56d66

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-77-nzt
AcO1rgWaEF3/cY8AAA
x-accel-expires
@1653969964
date
Mon, 30 May 2022 14:18:05 GMT
content-encoding
br
server
CDN77-Turbo
x-77-nzt-ray
z1ET6GSKeCY
x-77-cache
HIT
content-type
text/html; charset=UTF-8
cache-control
max-age=86400
x-cache
HIT
x-age
36721
x-77-pop
frankfurtDE
index.php
adaccess.fr/a/init/
Redirect Chain
  • https://ad.adxcore.com/a/init/?site=23152
  • https://adaccess.fr/a/init/index.php?site=23152
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adaccess.fr/a/init/index.php?site=23152
Requested by
Host: urlz.fr
URL: https://urlz.fr/insJ
Protocol
H2
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b85693e8bdd91b320486a2e515448f45d8a474281cf40eb59ae87ad6521e4be

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

cf-ray
713818da7dd4331f-CDG
date
Mon, 30 May 2022 14:18:05 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 30 May 2022 14:00:10 GMT
server
cloudflare
age
1075
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G%2BaaWSnXg3aqtRjF6E2JJQ%2BuowOFDb88RFvkQq2mBHa%2FBmLWpBjiPf8l7gK5Iv5HQKFtTsJn%2B%2FyYR%2B9WyQck8CMcDwhDRog%2BtDxDedzAjxSzIeeJSITcRFvWXRyZwbpdmzmXnWCXoawOkg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-type
application/json
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date
Mon, 30 May 2022 14:18:05 GMT
cf-cache-status
BYPASS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
location
https://adaccess.fr/a/init/index.php?site=23152
cf-ray
713818d85a6d4043-CDG
css
fonts.googleapis.com/ Frame A10F 		1 KB
954 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Quicksand&display=swap
Requested by
Host: xurl.es
URL: https://xurl.es/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
dfdeaa98d3bc6190bb0ab53369db8e64b1e467824e95062ca5f6cbdcce88dc68
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://xurl.es/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 30 May 2022 13:34:35 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 30 May 2022 14:18:06 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 30 May 2022 14:18:06 GMT
estilos_new.css
xurl.es/css/ Frame A10F 		3 KB
1008 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xurl.es/css/estilos_new.css?20201004
Requested by
Host: xurl.es
URL: https://xurl.es/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
82.223.3.178 , Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
2f1203fbb212151117c369f929efe26af29a3bda4b4f286d207da7d4eb74833d
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://xurl.es/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 30 May 2022 14:18:06 GMT
content-encoding
br
last-modified
Thu, 25 Feb 2021 22:25:55 GMT
server
nginx
x-powered-by
PleskLin
etag
W/"603823f3-d4c"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
text/css
ajax2.js
xurl.es/js/ Frame A10F 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xurl.es/js/ajax2.js
Requested by
Host: xurl.es
URL: https://xurl.es/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
82.223.3.178 , Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
f7bb63c973d338f040a400d5272bf397ae8b1cf52d2a9d79a6870281cc27cd98
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://xurl.es/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 30 May 2022 14:18:06 GMT
content-encoding
br
last-modified
Thu, 25 Feb 2021 22:25:59 GMT
server
nginx
x-powered-by
PleskLin
etag
W/"603823f7-2298"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
application/javascript
xurl.png
xurl.es/images/ Frame A10F 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xurl.es/images/xurl.png
Requested by
Host: xurl.es
URL: https://xurl.es/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
82.223.3.178 , Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
aa5cce745f29df17c235f1341d0c9302da0c56d79bf056561a914129a89cbffc
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://xurl.es/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 30 May 2022 14:18:06 GMT
last-modified
Thu, 25 Feb 2021 22:25:57 GMT
server
nginx
x-powered-by
PleskLin
etag
"603823f5-14f0"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
image/png
accept-ranges
bytes
content-length
5360
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame A10F 		160 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: xurl.es
URL: https://xurl.es/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8446eabdbeb932d5da0bace5027802b79fee20225a039d507a91d26dffdc6708
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://xurl.es/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 30 May 2022 14:18:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56280
x-xss-protection
0
server
cafe
etag
6777063722253427777
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 30 May 2022 14:18:06 GMT
btn_donateCC_LG.gif
www.paypalobjects.com/es_ES/ES/i/btn/ Frame A10F 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/es_ES/ES/i/btn/btn_donateCC_LG.gif
Requested by
Host: xurl.es
URL: https://xurl.es/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (paa/6F7B) /
Resource Hash
fe852bf7623fc99b8645c8ce5d3b5867c1857c0311d0a54fba409d4f684148d1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://xurl.es/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 30 May 2022 14:18:06 GMT
x-content-type-options
nosniff
last-modified
Fri, 16 Aug 2019 04:57:35 GMT
server
ECAcc (paa/6F7B)
etag
"5d5637bf-c6a"
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
content-type
image/gif
paypal-debug-id
8bdad215db9c
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
dc
ccg11-origin-www-1.paypal.com
content-length
3178
expires
Mon, 30 May 2022 15:18:06 GMT
pixel.gif
www.paypalobjects.com/es_ES/i/scr/ Frame A10F 		43 B
335 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/es_ES/i/scr/pixel.gif
Requested by
Host: xurl.es
URL: https://xurl.es/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (paa/6F71) /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://xurl.es/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 30 May 2022 14:18:06 GMT
x-content-type-options
nosniff
last-modified
Fri, 16 Aug 2019 04:57:35 GMT
server
ECAcc (paa/6F71)
etag
"5d5637bf-2b"
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
content-type
image/gif
paypal-debug-id
f683b04d7680f
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
dc
ccg11-origin-www-1.paypal.com
content-length
43
expires
Mon, 30 May 2022 15:18:06 GMT
all.js
connect.facebook.net/es_ES/ Frame A10F 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/es_ES/all.js
Requested by
Host: xurl.es
URL: https://xurl.es/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7ce09db858fea54f183d985da0f5b9339072de6dddeeae932dfac38c9e8777a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://xurl.es/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
FemuwFIYc0u2nXjHsvohcA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1686
x-fb-rlafr
0
x-fb-debug
HlokzrbxRBZZRVUZXOf3MUWs8RjO2uGBnT8t1XMQwAnz+et51jqTjma2fgYdhta2zNvWSbjtd7kfV2cKPJwDSg==
x-fb-trip-id
686109401
x-fb-content-md5
e1b22717ea83fc296efe4b09c59461bd
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 30 May 2022 14:18:06 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"0f90bd140386cded64a940ce134c73c6"
timing-allow-origin
*
expires
Mon, 30 May 2022 14:37:24 GMT
w3c-xhtml.png
xurl.es/images/ Frame A10F 		521 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xurl.es/images/w3c-xhtml.png
Requested by
Host: xurl.es
URL: https://xurl.es/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
82.223.3.178 , Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
88193f110768212d8a6526b7566b24f207bfb3eddd45df7fc2581b9d4ac4eff5
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://xurl.es/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 30 May 2022 14:18:06 GMT
etag
"209-5bc30a2b53ef2"
last-modified
Thu, 25 Feb 2021 22:25:57 GMT
server
nginx
x-powered-by
PleskLin
strict-transport-security
max-age=15768000; includeSubDomains
content-type
image/png
x-accel-version
0.01
accept-ranges
bytes
content-length
521
w3c-css.png
xurl.es/images/ Frame A10F 		524 B
738 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xurl.es/images/w3c-css.png
Requested by
Host: xurl.es
URL: https://xurl.es/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
82.223.3.178 , Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
e77e235669fece8e6008a8f5d31ce9e44fd390032778ff6727b73938425a6941
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://xurl.es/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 30 May 2022 14:18:06 GMT
etag
"20c-5bc30a2b4a2b1"
last-modified
Thu, 25 Feb 2021 22:25:57 GMT
server
nginx
x-powered-by
PleskLin
strict-transport-security
max-age=15768000; includeSubDomains
content-type
image/png
x-accel-version
0.01
accept-ranges
bytes
content-length
524
logo-freebsd.png
xurl.es/images/ Frame A10F 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xurl.es/images/logo-freebsd.png
Requested by
Host: xurl.es
URL: https://xurl.es/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
82.223.3.178 , Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
1aaaa76604e8cce1fc24df8b27d6124fc780575f15aeb5a05089277ba25cccec
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://xurl.es/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 30 May 2022 14:18:06 GMT
last-modified
Thu, 25 Feb 2021 22:25:57 GMT
server
nginx
x-powered-by
PleskLin
etag
"603823f5-725"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
image/png
accept-ranges
bytes
content-length
1829
logo-apache.png
xurl.es/images/ Frame A10F 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xurl.es/images/logo-apache.png
Requested by
Host: xurl.es
URL: https://xurl.es/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
82.223.3.178 , Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
99bc13458990137777412f543d96fa3e68c7e276e8bbb4c9173bd495481f49e4
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://xurl.es/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 30 May 2022 14:18:06 GMT
last-modified
Thu, 25 Feb 2021 22:25:57 GMT
server
nginx
x-powered-by
PleskLin
etag
"603823f5-645"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
image/png
accept-ranges
bytes
content-length
1605
logo-php.png
xurl.es/images/ Frame A10F 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xurl.es/images/logo-php.png
Requested by
Host: xurl.es
URL: https://xurl.es/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
82.223.3.178 , Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
5c5fc0560c5d4acaea1cadae07be72f5ad5919a471e794a8a512b7f2cc9811e6
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://xurl.es/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 30 May 2022 14:18:06 GMT
last-modified
Thu, 25 Feb 2021 22:25:57 GMT
server
nginx
x-powered-by
PleskLin
etag
"603823f5-665"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
image/png
accept-ranges
bytes
content-length
1637
logo-mysql.png
xurl.es/images/ Frame A10F 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xurl.es/images/logo-mysql.png
Requested by
Host: xurl.es
URL: https://xurl.es/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
82.223.3.178 , Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
f138232191786a1c6d362de031b33fac03d9a97be15539e752de4c41e167af00
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://xurl.es/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 30 May 2022 14:18:06 GMT
last-modified
Thu, 25 Feb 2021 22:25:57 GMT
server
nginx
x-powered-by
PleskLin
etag
"603823f5-538"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
image/png
accept-ranges
bytes
content-length
1336
all.js
connect.facebook.net/es_ES/ Frame A10F 		291 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/es_ES/all.js?hash=d45acd5bf0804ed32f55e61470cc9b71
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/es_ES/all.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
45f904eb0f8eeccbdd7dd6e771d9794c5a9a38c7d023f8c7dbb85a52f66b0681
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://xurl.es/
Origin
https://xurl.es
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
ZM11q2+0FrtIu1r0ho0hPQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Tue, 30 May 2023 13:02:33 GMT
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
84228
x-fb-rlafr
0
x-fb-debug
sdVcYJ3iM3pgg+2RbHgdtlhdCG3XVz7iUMicra8Cpx2UcwZLP/9ZpiCT9Fn6jf4IvnPivlEOw5VAREjCzAvOAA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
8e99739ef2a00fa402254f430182dd29
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 30 May 2022 14:18:06 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"3a74dbbfe30670124a161646d12243c3"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
ga.js
ssl.google-analytics.com/ Frame A10F 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: xurl.es
URL: https://xurl.es/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://xurl.es/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
5232
date
Mon, 30 May 2022 12:50:54 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Mon, 30 May 2022 14:50:54 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205240101/ Frame A10F 		314 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205240101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4793209335833860&plah=xurl.es
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
506ec5f328527d3c402c63b10a9f6b784cc1ee361e0d84e1425fc33529eeccd4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://xurl.es/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 30 May 2022 14:18:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
114512
x-xss-protection
0
server
cafe
etag
8261602536838868513
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 30 May 2022 14:18:06 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220525/r20190131/ Frame 95EB 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220525/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
db3985c4d5ae08ac22f3958d29da53f4edcd150439f74c668074c65ea0981da6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://xurl.es/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

age
64442
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4402
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 29 May 2022 20:24:04 GMT
etag
1327746537699501093
expires
Sun, 12 Jun 2022 20:24:04 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
www.facebook.com/login/ Frame 672C
Redirect Chain
  • https://www.facebook.com/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfe2980d81c353%26domain%3Dxurl.es%26is_canvas%3D...
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Flike_box.php%3Fapp_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Flike_box.php%3Fapp_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Dfe2980d81c353%2526domain%253Dxurl.es%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fxurl.es%25252Ff39b4df407513e8%2526relation%253Dparent.parent%26connections%3D16%26container_width%3D0%26header%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fpages%252FXURLes-Haz-tus-url-mas-cortas%252F135298596525315%26locale%3Des_ES%26sdk%3Djoey%26stream%3Dfalse%26width%3D300
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/es_ES/all.js?hash=d45acd5bf0804ed32f55e61470cc9b71
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
about:blank
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 30 May 2022 14:18:06 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
priority
u=3,i
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
ocMY7mZMfoUtWMOdv8PU4nRqGdtxWfZN2qUgrEvK9EljJAxxsunsRKN/SWSuXCn+M6SSvVAtN5JZjy3mc7XFKg==
x-fb-rlafr
0
x-frame-options
DENY
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
date
Mon, 30 May 2022 14:18:06 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
location
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Flike_box.php%3Fapp_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Dfe2980d81c353%2526domain%253Dxurl.es%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fxurl.es%25252Ff39b4df407513e8%2526relation%253Dparent.parent%26connections%3D16%26container_width%3D0%26header%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fpages%252FXURLes-Haz-tus-url-mas-cortas%252F135298596525315%26locale%3Des_ES%26sdk%3Djoey%26stream%3Dfalse%26width%3D300
pragma
no-cache
strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
x-fb-debug
+1Y0eQoxNyQPDZQK9E0UL+uTY/uINFeEnWMhuLnZulraP5cVTAYZYtRkigHQoK4ebCeA0J2XYmu7Sltqs+4E6g==
x-fb-rlafr
0
x-xss-protection
0
integrator.js
adservice.google.fr/adsid/ Frame A10F 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.fr/adsid/integrator.js?domain=xurl.es
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205240101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4793209335833860&plah=xurl.es
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://xurl.es/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 30 May 2022 14:18:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame A10F 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=xurl.es
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205240101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4793209335833860&plah=xurl.es
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://xurl.es/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 30 May 2022 14:18:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 1DE0 		603 B
67 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4793209335833860&output=html&h=90&slotname=4639160287&adk=271488381&adf=3173046732&pi=t.ma~as.4639160287&w=970&psa=0&format=970x90&url=https%3A%2F%2Furlz.fr%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653920286401&bpp=15&bdt=438&idt=216&shv=r20220525&mjsv=m202205240101&ptt=9&saldr=aa&correlator=2445716505298&frm=24&ife=1&pv=2&ga_vid=626363721.1653920287&ga_sid=1653920287&ga_hid=1438464439&ga_fc=0&ga_wpids=UA-266266-17&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=575131221&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44760475&oid=2&pvsid=2715657578282979&pem=98&tmod=1570211041&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.xe5ikcioak6q&fsb=1&dtd=249
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205240101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4793209335833860&plah=xurl.es
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://xurl.es/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 30 May 2022 14:18:06 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 89DC 		603 B
67 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4793209335833860&output=html&h=250&slotname=7732227484&adk=2257642287&adf=3458493280&pi=t.ma~as.7732227484&w=300&psa=0&format=300x250&url=https%3A%2F%2Furlz.fr%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653920286417&bpp=1&bdt=454&idt=237&shv=r20220525&mjsv=m202205240101&ptt=9&saldr=aa&prev_fmts=970x90&correlator=2445716505298&frm=24&ife=1&pv=1&ga_vid=626363721.1653920287&ga_sid=1653920287&ga_hid=1438464439&ga_fc=0&ga_wpids=UA-266266-17&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=575131221&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44760475&oid=2&pvsid=2715657578282979&pem=98&tmod=1570211041&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=d%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.3mjmc8jjegw1&fsb=1&dtd=258
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205240101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4793209335833860&plah=xurl.es
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://xurl.es/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 30 May 2022 14:18:06 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 6339 		603 B
67 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4793209335833860&output=html&h=90&slotname=4639160287&adk=271488381&adf=3493768500&pi=t.ma~as.4639160287&w=970&psa=0&format=970x90&url=https%3A%2F%2Furlz.fr%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653920286418&bpp=1&bdt=455&idt=261&shv=r20220525&mjsv=m202205240101&ptt=9&saldr=aa&prev_fmts=970x90%2C300x250&correlator=2445716505298&frm=24&ife=1&pv=1&ga_vid=626363721.1653920287&ga_sid=1653920287&ga_hid=1438464439&ga_fc=0&ga_wpids=UA-266266-17&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=575131221&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44760475&oid=2&pvsid=2715657578282979&pem=98&tmod=1570211041&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=3.wgnj5hkfxe80&fsb=1&dtd=280
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205240101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4793209335833860&plah=xurl.es
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://xurl.es/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 30 May 2022 14:18:06 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame A10F 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220525&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205240101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4793209335833860&plah=xurl.es
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dbc0e5a7a7220d945bcdf9e474de0c9e66b40aa91401aa890c10a050e23fcdf6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://xurl.es/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 30 May 2022 14:18:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10607
x-xss-protection
0
choice.js
quantcast.mgr.consensu.org/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js
Requested by
Host: urlz.fr
URL: https://urlz.fr/insJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2038:2200:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8f24dc76070927cc3d13b4f52f8ecb898fce1875c32563e7a3fae2450ef6babc

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 30 May 2022 14:17:25 GMT
content-encoding
gzip
last-modified
Mon, 13 Sep 2021 14:18:10 GMT
server
AmazonS3
age
43
etag
W/"a7fa5501113779849b63118ade529910"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 1be9b204bafba40c329df0fd4961700e.cloudfront.net (CloudFront)
cache-control
max-age=900
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
HEL50-C2
x-amz-cf-id
kC_4vrNqDp7yKii1ITNjCriWxaWQjgVXZ45ryHwvJ4FPMsRw-t63mg==
advstlib.min.js
ad.adxcore.com/static/js/components/advstlib/ 		664 KB
203 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.adxcore.com/static/js/components/advstlib/advstlib.min.js?c001847fa2
Requested by
Host: ad.adxcore.com
URL: https://ad.adxcore.com/a/init/?site=23152
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:30e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ba8911a45f4c451ab24f449781fddd28c9d2577e2bd5a808beb9733375afc4d

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 30 May 2022 14:18:07 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 19 May 2022 16:49:17 GMT
server
cloudflare
age
1082
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000, private
cf-ray
713818e298934043-CDG
expires
Wed, 29 Jun 2022 14:00:05 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		160 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: ad.adxcore.com
URL: https://ad.adxcore.com/a/init/?site=23152
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4bbb728e5565d78463cf1ba54da1a67dd30bfd58f254dac7fe92b9c955925df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 30 May 2022 14:18:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56232
x-xss-protection
0
server
cafe
etag
13041138910216772349
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 30 May 2022 14:18:07 GMT
moneybile.js
ads.themoneytizer.com/ 		38 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/moneybile.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
4006e0481f9cfffd3a579c3dcbdad1b6953e844c1e3c76a8d9f86844c98d87a3

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-77-nzt
AcO1rgUbsL//c48AAA
pragma
public
date
Mon, 30 May 2022 14:18:07 GMT
content-encoding
br
etag
W/"604b9fc7-981e"
last-modified
Fri, 12 Mar 2021 17:07:19 GMT
server
CDN77-Turbo
x-77-nzt-ray
L1TzqvUgNLc
x-77-cache
HIT
content-type
application/javascript
x-cache
HIT
x-age
36723
x-77-pop
frankfurtDE
x-accel-expires
@1654920364
/
c.tmyzer.com/c/ 		0
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.tmyzer.com/c/?s=15056&f=1&fi=99
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Mon, 30 May 2022 14:18:07 GMT
Server
nginx
X-IPLB-Request-ID
5CDED410:804A_36264064:01BB_6294D21F_1FBAA3EA:7984
X-IPLB-Instance
24858
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
geo
rbx
smart.js
ced.sascdn.com/tag/1097/ 		93 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ced.sascdn.com/tag/1097/smart.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
92.123.225.57 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-225-57.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1a31c3e964c1966b1108fd3f199e4ce2c1a364022d85b20e3154345fb824cdfe

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Mon, 30 May 2022 14:18:07 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=900
Connection
keep-alive
Content-Length
30827
Expires
Mon, 30 May 2022 14:33:07 GMT
sync
gum.criteo.com/ 		49 B
373 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 30 May 2022 14:18:06 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
1923
strict-transport-security
max-age=31536000; preload;
content-length
165
expires
60
mapper.js
spl.zeotap.com/ 		61 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/mapper.js?env=mWeb&eventType=pageview&zdid=1258
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52d507688e76dfbe48fce79beb89be7f30101e95e9e06c121c461e30517ab36f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

cf-ray
713818e2fdc34075-CDG
date
Mon, 30 May 2022 14:18:07 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
https://urlz.fr
access-control-allow-credentials
true
content-encoding
br
access-control-allow-headers
*
libJsLP.js
tag.leadplace.fr/ 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.leadplace.fr/libJsLP.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.192.166 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
80fccb00db57a177d26368cda09f8a540cf1aa641b8b6837047e86d3bd8d6333

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Mon, 30 May 2022 14:18:18 GMT
Last-Modified
Thu, 14 Oct 2021 07:27:53 GMT
Server
nginx/1.14.2
X-IPLB-Request-ID
5CDED410:E682_91EFC0A6:01BB_6294D21F_19E3D0D0:232FC
ETag
"6167dbf9-15ab"
X-IPLB-Instance
30196
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
5547
/
onetag-sys.com/usync/ Frame CA55 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1653920287102
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://urlz.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
quant.js
secure.quantserve.com/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 30 May 2022 14:18:07 GMT
content-encoding
gzip
etag
"u2JtyZzqnTXwzBUswy2r+w=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Mon, 06 Jun 2022 14:18:07 GMT
px.js
p.cpx.to/p/12773/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.cpx.to/p/12773/px.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.75.9 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-75-9.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
434b61608da840cf0a3604af7679f88694a85e8c22982124fe3aa9b7c440c17c

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Mon, 30 May 2022 14:18:07 GMT
Cache-Control
max-age=2419200, public
Connection
keep-alive
Content-Length
1769
Content-Type
application/javascript; charset=UTF-8
notifyme.js
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/ 		25 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.137.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-137-10.ams50.r.cloudfront.net
Software
Apache /
Resource Hash
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Mon, 30 May 2022 05:06:21 GMT
Via
1.1 36782ce80608b4ebb0112f2f4fdd01be.cloudfront.net (CloudFront)
Last-Modified
Mon, 18 Feb 2019 16:54:28 GMT
Server
Apache
Age
33106
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
X-Amz-Cf-Pop
AMS50-C1
Accept-Ranges
bytes
Content-Length
25704
X-Amz-Cf-Id
HvJuSOTCo04xL5DwZphblT1GHbYtaxTkQMcUGxFDnsn0kQJ6OZhjWg==
186329-261067657875242.js
js-sec.indexww.com/ht/p/ 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7e176e51c1dff07522d527754e78745b4fe73db4b875ab85be5ec57e2e35346c

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Mon, 30 May 2022 14:18:07 GMT
Content-Encoding
gzip
Last-Modified
Mon, 30 May 2022 13:45:30 GMT
Server
Apache
ETag
"902d54-930b-5e03ade985bcf"
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=1726
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
12788
Expires
Mon, 30 May 2022 14:46:53 GMT
prebid.js
ads.themoneytizer.com/moneybid6_24/build/dist/ 		632 KB
158 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/moneybid6_24/build/dist/prebid.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
fc02197f27ff0b964fd4e334851eb9f967caf103d40c94de3783ad936d84ded3

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-77-nzt
AcO1rgXDXFn/dI8AAA
pragma
public
date
Mon, 30 May 2022 14:18:07 GMT
content-encoding
br
etag
W/"62851d9b-9e09a"
last-modified
Wed, 18 May 2022 16:23:55 GMT
server
CDN77-Turbo
x-77-nzt-ray
1h4t/Hnx1Pg
x-77-cache
HIT
content-type
application/javascript
x-cache
HIT
x-age
36724
x-77-pop
frankfurtDE
x-accel-expires
@1654920363
/
c.tmyzer.com/c/ 		0
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.tmyzer.com/c/?s=15056&f=28&fi=99
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 30 May 2022 14:17:36 GMT
Server
nginx
X-IPLB-Request-ID
5CDED410:8056_36264064:01BB_6294D21F_1FC087DD:EC99
X-IPLB-Instance
20687
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
/
c.tmyzer.com/c/ 		0
272 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.tmyzer.com/c/?s=15056&f=6&fi=99
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=6
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 30 May 2022 14:18:07 GMT
Server
nginx
X-IPLB-Request-ID
5CDED410:804E_36264064:01BB_6294D21F_1FBD6040:229E2
X-IPLB-Instance
41595
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
lib_fs_close.js
ads.themoneytizer.com/ 		339 B
445 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/lib_fs_close.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
2330fb9a498ec10491202314b4a6a0d3ec42afbb763f13f733c4d6b20dc73771

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-77-nzt
AcO1rgXzTNT/co8AAA
pragma
public
date
Mon, 30 May 2022 14:18:07 GMT
content-encoding
br
etag
W/"62164d00-153"
last-modified
Wed, 23 Feb 2022 15:04:32 GMT
server
CDN77-Turbo
x-77-nzt-ray
OXpIhfalEHk
x-77-cache
HIT
content-type
application/javascript
x-cache
HIT
x-age
36722
x-77-pop
frankfurtDE
x-accel-expires
@1654920365
/
xurl.es/ Frame 508A
Redirect Chain
  • https://xurl.es/vozxz
  • https://xurl.es/
11 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xurl.es/
Requested by
Host: urlz.fr
URL: https://urlz.fr/insJ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
82.223.3.178 , Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx / PHP/7.4.29 PleskLin
Resource Hash
669020881155e9402d450fca0eded4efef18adfcc245516c229b1293b6f0a3c1
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

Referer
https://urlz.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

content-encoding
gzip
content-length
3578
content-type
text/html; charset=UTF-8
date
Mon, 30 May 2022 14:18:07 GMT
server
nginx
strict-transport-security
max-age=15768000; includeSubDomains
vary
Accept-Encoding
x-powered-by
PHP/7.4.29 PleskLin

Redirect headers

content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 30 May 2022 14:18:07 GMT
location
https://xurl.es
server
nginx
strict-transport-security
max-age=15768000; includeSubDomains
x-powered-by
PHP/7.4.29 PleskLin
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-162669458-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
2601
date
Mon, 30 May 2022 13:34:46 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 30 May 2022 15:34:46 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205240101/ 		314 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205240101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7358337023487108&plah=urlz.fr
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ac96557350a3e8143ab59669638b0965d32da804ffe053357348148225eef701
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 30 May 2022 14:18:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
114512
x-xss-protection
0
server
cafe
etag
7141552003371576446
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 30 May 2022 14:18:07 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame A10F 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205240101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4793209335833860&plah=xurl.es
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://xurl.es/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 30 May 2022 14:18:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 30 May 2022 14:18:07 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		135 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: ad.adxcore.com
URL: https://ad.adxcore.com/static/js/components/advstlib/advstlib.min.js?c001847fa2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
Server /
Resource Hash
1909b2a83fd41494d94862c4323944d9d0aa1f1e653f252ea5a73fc5944308b0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 30 May 2022 14:11:18 GMT
content-encoding
gzip
age
408
x-cache
Hit from cloudfront
timing-allow-origin
*
server
Server
x-amz-rid
1BSCYHZ6NRWAB0FWN3N1
etag
4abd427e43cd6822329a2c05539e321f
vary
Accept-Encoding
x-amz-version-id
STlSjRvyyTgJyl_raxUeHIFBn6F5DqB3
via
1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
RNi38wRAciE1LI3B3ly1v56l-Jk1okOptug9obkgkaZlCLby9EfemQ==
/
l.adxcore.com/log/site/ 		35 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l.adxcore.com/log/site/?siteid=23152&a=pap&device=DESK&cb=0.6428064309495041&ref=https%3A%2F%2Furlz.fr%2FinsJ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.39.39.173 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 30 May 2022 14:18:07 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding,User-Agent
content-type
image/gif
cache-control
max-age=2592000, private
content-length
51
expires
Wed, 29 Jun 2022 14:18:07 GMT
css
fonts.googleapis.com/ Frame 508A 		1 KB
452 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Quicksand&display=swap
Requested by
Host: xurl.es
URL: https://xurl.es/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
dfdeaa98d3bc6190bb0ab53369db8e64b1e467824e95062ca5f6cbdcce88dc68
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://xurl.es/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 30 May 2022 13:25:45 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 30 May 2022 14:18:07 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 30 May 2022 14:18:07 GMT
estilos_new.css
xurl.es/css/ Frame 508A 		3 KB
1008 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xurl.es/css/estilos_new.css?20201004
Requested by
Host: xurl.es
URL: https://xurl.es/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
82.223.3.178 , Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
2f1203fbb212151117c369f929efe26af29a3bda4b4f286d207da7d4eb74833d
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://xurl.es/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 30 May 2022 14:18:07 GMT
content-encoding
br
last-modified
Thu, 25 Feb 2021 22:25:55 GMT
server
nginx
x-powered-by
PleskLin
etag
W/"603823f3-d4c"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
text/css
ajax2.js
xurl.es/js/ Frame 508A 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xurl.es/js/ajax2.js
Requested by
Host: xurl.es
URL: https://xurl.es/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
82.223.3.178 , Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
f7bb63c973d338f040a400d5272bf397ae8b1cf52d2a9d79a6870281cc27cd98
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://xurl.es/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 30 May 2022 14:18:07 GMT
content-encoding
br
last-modified
Thu, 25 Feb 2021 22:25:59 GMT
server
nginx
x-powered-by
PleskLin
etag
W/"603823f7-2298"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
application/javascript
xurl.png
xurl.es/images/ Frame 508A 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xurl.es/images/xurl.png
Requested by
Host: xurl.es
URL: https://xurl.es/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
82.223.3.178 , Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
aa5cce745f29df17c235f1341d0c9302da0c56d79bf056561a914129a89cbffc
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://xurl.es/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 30 May 2022 14:18:07 GMT
last-modified
Thu, 25 Feb 2021 22:25:57 GMT
server
nginx
x-powered-by
PleskLin
etag
"603823f5-14f0"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
image/png
accept-ranges
bytes
content-length
5360
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 508A 		160 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: xurl.es
URL: https://xurl.es/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47a9968ea08bce02876b1b0bb395e51bf158e340240efb2e256b91242a7e9916
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://xurl.es/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 30 May 2022 14:18:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56289
x-xss-protection
0
server
cafe
etag
15921796080425138544
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 30 May 2022 14:18:07 GMT
btn_donateCC_LG.gif
www.paypalobjects.com/es_ES/ES/i/btn/ Frame 508A 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/es_ES/ES/i/btn/btn_donateCC_LG.gif
Requested by
Host: xurl.es
URL: https://xurl.es/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (paa/6F7B) /
Resource Hash
fe852bf7623fc99b8645c8ce5d3b5867c1857c0311d0a54fba409d4f684148d1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://xurl.es/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 30 May 2022 14:18:07 GMT
x-content-type-options
nosniff
last-modified
Fri, 16 Aug 2019 04:57:35 GMT
server
ECAcc (paa/6F7B)
etag
"5d5637bf-c6a"
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
content-type
image/gif
paypal-debug-id
8bdad215db9c
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
dc
ccg11-origin-www-1.paypal.com
content-length
3178
expires
Mon, 30 May 2022 15:18:07 GMT
pixel.gif
www.paypalobjects.com/es_ES/i/scr/ Frame 508A 		43 B
93 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/es_ES/i/scr/pixel.gif
Requested by
Host: xurl.es
URL: https://xurl.es/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (paa/6F71) /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://xurl.es/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 30 May 2022 14:18:07 GMT
x-content-type-options
nosniff
last-modified
Fri, 16 Aug 2019 04:57:35 GMT
server
ECAcc (paa/6F71)
etag
"5d5637bf-2b"
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
content-type
image/gif
paypal-debug-id
f683b04d7680f
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
dc
ccg11-origin-www-1.paypal.com
content-length
43
expires
Mon, 30 May 2022 15:18:07 GMT
all.js
connect.facebook.net/es_ES/ Frame 508A 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/es_ES/all.js
Requested by
Host: xurl.es
URL: https://xurl.es/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7ce09db858fea54f183d985da0f5b9339072de6dddeeae932dfac38c9e8777a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://xurl.es/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
FemuwFIYc0u2nXjHsvohcA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1686
x-fb-rlafr
0
x-fb-debug
HlokzrbxRBZZRVUZXOf3MUWs8RjO2uGBnT8t1XMQwAnz+et51jqTjma2fgYdhta2zNvWSbjtd7kfV2cKPJwDSg==
x-fb-content-md5
e1b22717ea83fc296efe4b09c59461bd
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 30 May 2022 14:18:07 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"0f90bd140386cded64a940ce134c73c6"
timing-allow-origin
*
priority
u=1
expires
Mon, 30 May 2022 14:37:24 GMT
w3c-xhtml.png
xurl.es/images/ Frame 508A 		521 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xurl.es/images/w3c-xhtml.png
Requested by
Host: xurl.es
URL: https://xurl.es/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
82.223.3.178 , Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
88193f110768212d8a6526b7566b24f207bfb3eddd45df7fc2581b9d4ac4eff5
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://xurl.es/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 30 May 2022 14:18:07 GMT
etag
"209-5bc30a2b53ef2"
last-modified
Thu, 25 Feb 2021 22:25:57 GMT
server
nginx
x-powered-by
PleskLin
strict-transport-security
max-age=15768000; includeSubDomains
content-type
image/png
x-accel-version
0.01
accept-ranges
bytes
content-length
521
w3c-css.png
xurl.es/images/ Frame 508A 		524 B
738 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xurl.es/images/w3c-css.png
Requested by
Host: xurl.es
URL: https://xurl.es/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
82.223.3.178 , Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
e77e235669fece8e6008a8f5d31ce9e44fd390032778ff6727b73938425a6941
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://xurl.es/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 30 May 2022 14:18:07 GMT
etag
"20c-5bc30a2b4a2b1"
last-modified
Thu, 25 Feb 2021 22:25:57 GMT
server
nginx
x-powered-by
PleskLin
strict-transport-security
max-age=15768000; includeSubDomains
content-type
image/png
x-accel-version
0.01
accept-ranges
bytes
content-length
524
logo-freebsd.png
xurl.es/images/ Frame 508A 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xurl.es/images/logo-freebsd.png
Requested by
Host: xurl.es
URL: https://xurl.es/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
82.223.3.178 , Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
1aaaa76604e8cce1fc24df8b27d6124fc780575f15aeb5a05089277ba25cccec
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://xurl.es/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 30 May 2022 14:18:07 GMT
last-modified
Thu, 25 Feb 2021 22:25:57 GMT
server
nginx
x-powered-by
PleskLin
etag
"603823f5-725"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
image/png
accept-ranges
bytes
content-length
1829
logo-apache.png
xurl.es/images/ Frame 508A 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xurl.es/images/logo-apache.png
Requested by
Host: xurl.es
URL: https://xurl.es/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
82.223.3.178 , Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
99bc13458990137777412f543d96fa3e68c7e276e8bbb4c9173bd495481f49e4
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://xurl.es/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 30 May 2022 14:18:07 GMT
last-modified
Thu, 25 Feb 2021 22:25:57 GMT
server
nginx
x-powered-by
PleskLin
etag
"603823f5-645"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
image/png
accept-ranges
bytes
content-length
1605
logo-php.png
xurl.es/images/ Frame 508A 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xurl.es/images/logo-php.png
Requested by
Host: xurl.es
URL: https://xurl.es/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
82.223.3.178 , Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
5c5fc0560c5d4acaea1cadae07be72f5ad5919a471e794a8a512b7f2cc9811e6
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://xurl.es/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 30 May 2022 14:18:07 GMT
last-modified
Thu, 25 Feb 2021 22:25:57 GMT
server
nginx
x-powered-by
PleskLin
etag
"603823f5-665"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
image/png
accept-ranges
bytes
content-length
1637
logo-mysql.png
xurl.es/images/ Frame 508A 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xurl.es/images/logo-mysql.png
Requested by
Host: xurl.es
URL: https://xurl.es/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
82.223.3.178 , Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
f138232191786a1c6d362de031b33fac03d9a97be15539e752de4c41e167af00
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://xurl.es/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 30 May 2022 14:18:07 GMT
last-modified
Thu, 25 Feb 2021 22:25:57 GMT
server
nginx
x-powered-by
PleskLin
etag
"603823f5-538"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
image/png
accept-ranges
bytes
content-length
1336
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.0.0/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Requested by
Host: d2zur9cc2gf1tx.cloudfront.net
URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 24 May 2022 12:14:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
525823
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30186
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 24 May 2023 12:14:24 GMT
identity
api.rlcdn.com/api/ 		44 B
355 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://urlz.fr/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Mon, 30 May 2022 14:18:07 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods
GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://urlz.fr
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44
rid
match.adsrvr.org/track/ 		63 B
385 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=186329
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
2bd9e5d2f96477133fa8ab9fd25dbc668511774016c95a0afb12eb0d124dcaba

Request headers

Referer
https://urlz.fr/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Mon, 30 May 2022 14:18:07 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://urlz.fr
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Wed, 29 Jun 2022 14:18:07 GMT
rules-p-6Fv0cGNfc_bw8.js
rules.quantcount.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:c200:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 30 May 2022 13:26:04 GMT
content-encoding
gzip
age
3123
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
last-modified
Mon, 19 Mar 2018 22:28:36 GMT
server
AmazonS3
etag
W/"9a93052877e57b42aeefaab6e7ec5f90"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 6b4954a8411e7b2a232537f8000c5c9c.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
676dhpYGOhi6hqgh5fbUoZbnGUlkOVMInA18QVQu7i-hTwEvhSMZdg==
/
spl.zeotap.com/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?env=mWeb&eventType=pageview&zdid=1258
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/mapper.js?env=mWeb&eventType=pageview&zdid=1258
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c00a75845d802820206c0bfd097a7f84c8a69411eb78cf900fe3488c1c853c6

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

cf-ray
713818e46a004075-CDG
date
Mon, 30 May 2022 14:18:07 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
text/html
access-control-allow-origin
https://urlz.fr
access-control-allow-credentials
true
content-encoding
br
access-control-allow-headers
*
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1009976967&t=pageview&_s=1&dl=https%3A%2F%2Furlz.fr%2FinsJ&ul=en-us&de=UTF-8&dt=Inloggen%20-%20Mijn%20ICS%20%7C%20International%20Card%20Services&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1620825673&gjid=2139587653&cid=231354890.1653920287&tid=UA-162669458-1&_gid=1920220775.1653920287&_r=1&gtm=2ou5p1&z=1265420183
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://urlz.fr/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 30 May 2022 14:18:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://urlz.fr
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
cmp2.js
quantcast.mgr.consensu.org/tcfv2/ 		177 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.themoneytizer.com
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2038:2200:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
28ca39f2ce8df2f544e8a665b97e6e9327185850a8373a99b9a06d12c5becce2

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 30 May 2022 14:18:07 GMT
content-encoding
br
age
35
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-max-age
86400
access-control-allow-origin
*
last-modified
Tue, 24 May 2022 17:38:43 GMT
server
AmazonS3
etag
W/"d1cd21eabed7b3f0b671004cf14ae9c1"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
via
1.1 1be9b204bafba40c329df0fd4961700e.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-meta-qc-ineu
True
x-amz-cf-pop
HEL50-C2
x-amz-cf-id
X5CG-CDcBaRL9sKEj1e4C3VNhxq2ckVT7LgHAF47sfI15aH2GvJPvg==
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4F41 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://xurl.es/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
age
2393
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 30 May 2022 13:38:14 GMT
expires
Tue, 30 May 2023 13:38:14 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame A82A 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d100c5e0076eaa42e052ffc49247677b7420ae78a626de562fec56332d1c3d7d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-htJ5VWcYXzN0Hjc-oNr_pg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://xurl.es/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-htJ5VWcYXzN0Hjc-oNr_pg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 30 May 2022 14:18:07 GMT
expires
Mon, 30 May 2022 14:18:07 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
mw
mwzeom.zeotap.com/
Redirect Chain
  • https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=pageview&id_mid_4=c78aac05-4186-41db-46e0-add6ee674075&reqId=dc01a82d-e7c4-46a7-7684-c6f75ec6...
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fadnxs_uid%3D%24UID%26zpartnerid%3D2%26env%3DmWeb%26eventType%3Dpageview%26id_mid_4%3Dc78aac05-4186-41db-46e0-add6ee674...
  • https://mwzeom.zeotap.com/mw?adnxs_uid=6982627035980458637&zpartnerid=2&env=mWeb&eventType=pageview&id_mid_4=c78aac05-4186-41db-46e0-add6ee674075&reqId=dc01a82d-e7c4-46a7-7684-c6f75ec67eec&zdid=1258
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?adnxs_uid=6982627035980458637&zpartnerid=2&env=mWeb&eventType=pageview&id_mid_4=c78aac05-4186-41db-46e0-add6ee674075&reqId=dc01a82d-e7c4-46a7-7684-c6f75ec67eec&zdid=1258
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 30 May 2022 14:18:07 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://urlz.fr
access-control-allow-credentials
true
cf-ray
713818e61e9b4075-CDG
access-control-allow-headers
*
content-length
95

Redirect headers

Pragma
no-cache
Date
Mon, 30 May 2022 14:18:07 GMT
X-Proxy-Origin
92.222.212.16; 92.222.212.16; 725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
33cdf59e-794c-48f7-8b4f-0f6fb00cea7f
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://mwzeom.zeotap.com/mw?adnxs_uid=6982627035980458637&zpartnerid=2&env=mWeb&eventType=pageview&id_mid_4=c78aac05-4186-41db-46e0-add6ee674075&reqId=dc01a82d-e7c4-46a7-7684-c6f75ec67eec&zdid=1258
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
mw
mwzeom.zeotap.com/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=c78aac05-4186-41db-46e0-add6ee674075&reqId=dc01a82d-e7c4-46a7-7684-c6f75ec67eec&...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEP5Q76Jj0liAGnVlCrJVvrM&google_cver=1&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=c78aac05-4186-41db-46e0-add6ee674075&reqId=dc01a82d-e7c4-46a7-768...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEP5Q76Jj0liAGnVlCrJVvrM&google_cver=1&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=c78aac05-4186-41db-46e0-add6ee674075&reqId=dc01a82d-e7c4-46a7-7684-c6f75ec67eec&zdid=1258
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 30 May 2022 14:18:07 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://urlz.fr
access-control-allow-credentials
true
cf-ray
713818e61e9c4075-CDG
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 30 May 2022 14:18:07 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEP5Q76Jj0liAGnVlCrJVvrM&google_cver=1&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=c78aac05-4186-41db-46e0-add6ee674075&reqId=dc01a82d-e7c4-46a7-7684-c6f75ec67eec&zdid=1258
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
446
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generic
match.adsrvr.org/track/cmf/ 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dpageview%26id_mid_4%3Dc78aac05-4186-41db-46e0-add6ee674075%26reqId%3Ddc01a82d-e7c4-46a7-7684-c6f75ec67eec%26zdid%3D1258&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 May 2022 14:18:07 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
mw
mwzeom.zeotap.com/
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=c78aac05-4186-41db-46e0-add6ee674075&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=c78aac05-4186-41db-46e0-add6ee674075&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
  • https://mwzeom.zeotap.com/mw?cid=59609289078674729314332637854476515593&zpartnerid=314&env=mWeb&eventType=pageview&id_mid_4=c78aac05-4186-41db-46e0-add6ee674075&reqId=dc01a82d-e7c4-46a7-7684-c6f75e...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=59609289078674729314332637854476515593&zpartnerid=314&env=mWeb&eventType=pageview&id_mid_4=c78aac05-4186-41db-46e0-add6ee674075&reqId=dc01a82d-e7c4-46a7-7684-c6f75ec67eec&zdid=1258
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 30 May 2022 14:18:07 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://urlz.fr
access-control-allow-credentials
true
cf-ray
713818e68fdf4075-CDG
access-control-allow-headers
*
content-length
95

Redirect headers

DCS
dcs-prod-irl1-1-v033-0fbdf29f8.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
FHYblcPsREQ=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://mwzeom.zeotap.com/mw?cid=59609289078674729314332637854476515593&zpartnerid=314&env=mWeb&eventType=pageview&id_mid_4=c78aac05-4186-41db-46e0-add6ee674075&reqId=dc01a82d-e7c4-46a7-7684-c6f75ec67eec&zdid=1258
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
44742096
netc.sfr.fr/rpset/sfr-fr/
Redirect Chain
  • https://elr.sfr.fr/rpset/sfr-fr/44742096?zeotapid=c78aac05-4186-41db-46e0-add6ee674075
  • https://netc.sfr.fr/rpset/sfr-fr/44742096?zeotapid=c78aac05-4186-41db-46e0-add6ee674075
163 B
711 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://netc.sfr.fr/rpset/sfr-fr/44742096?zeotapid=c78aac05-4186-41db-46e0-add6ee674075
Protocol
HTTP/1.1
Server
109.232.196.59 , France, ASN50234 (EULERIAN-AS, FR),
Reverse DNS
sfr.eulerian.net
Software
EWS /
Resource Hash
6c46829208b5004ded357c146a2dd4c56641ca4a8f93c782081dee56c9a332f1
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Date
Mon, 30 May 2022 14:18:07 GMT
X-Content-Type-Options
nosniff
Server
EWS
Strict-Transport-Security
max-age=604800
Content-Type
image/png
Cache-Control
max-age=0, private
Connection
Close
Accept-Ranges
none
X-Robots-Tag
noindex
Content-Length
163
X-XSS-Protection
0

Redirect headers

Pragma
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Date
Mon, 30 May 2022 14:18:07 GMT
X-Content-Type-Options
nosniff
Server
EWS
Strict-Transport-Security
max-age=604800
Location
https://netc.sfr.fr/rpset/sfr-fr/44742096?zeotapid=c78aac05-4186-41db-46e0-add6ee674075
Cache-Control
max-age=0, private
Connection
Close
Accept-Ranges
none
X-Robots-Tag
noindex
Content-Length
0
X-XSS-Protection
0
mw
mwzeom.zeotap.com/
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=FRA&env=mWeb&eventType=pageview&id_mid_4=c78aac05-4186-41db-46e0-add6ee674075&reqId=dc01a82d-e7c4-46a7-7684-c6f75ec67eec&zdid=1258
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=FRA&zdid=1258&cid=vopkNd%2FXwqK9NOsdRe9Wdr7re%2BWZZNHd%2BS41iYitP1U%3D
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=FRA&zdid=1258&cid=vopkNd%2FXwqK9NOsdRe9Wdr7re%2BWZZNHd%2BS41iYitP1U%3D
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 30 May 2022 14:18:07 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://urlz.fr
access-control-allow-credentials
true
cf-ray
713818e5ddf04075-CDG
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 30 May 2022 14:18:07 GMT
server
AAWebServer
location
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=FRA&zdid=1258&cid=vopkNd%2FXwqK9NOsdRe9Wdr7re%2BWZZNHd%2BS41iYitP1U%3D
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires
0
mw
mwzeom.zeotap.com/
Redirect Chain
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dpageview%26id_mid_4%3Dc7...
  • https://mwzeom.zeotap.com/mw?cid=64ad6294-d21f-4700-bf40-891301e24f2e&env=mWeb&zpartnerid=979&env=mWeb&eventType=pageview&id_mid_4=c78aac05-4186-41db-46e0-add6ee674075&reqId=dc01a82d-e7c4-46a7-7684...
95 B
164 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=64ad6294-d21f-4700-bf40-891301e24f2e&env=mWeb&zpartnerid=979&env=mWeb&eventType=pageview&id_mid_4=c78aac05-4186-41db-46e0-add6ee674075&reqId=dc01a82d-e7c4-46a7-7684-c6f75ec67eec&zdid=1258
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 30 May 2022 14:18:07 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://urlz.fr
access-control-allow-credentials
true
cf-ray
713818e5ddee4075-CDG
access-control-allow-headers
*
content-length
95

Redirect headers

Date
Mon, 30 May 2022 14:18:07 GMT
Server
MT3 4419 e1034d5 master cdg-pixel-x32 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://mwzeom.zeotap.com/mw?cid=64ad6294-d21f-4700-bf40-891301e24f2e&env=mWeb&zpartnerid=979&env=mWeb&eventType=pageview&id_mid_4=c78aac05-4186-41db-46e0-add6ee674075&reqId=dc01a82d-e7c4-46a7-7684-c6f75ec67eec&zdid=1258
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
0
Expires
Mon, 30 May 2022 14:18:06 GMT
mw
mwzeom.zeotap.com/
Redirect Chain
  • https://obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dpageview%26id_mid_4%3Dc78aac05-4186-41db-46e0-add6e...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=pageview&id_mid_4=c78aac05-4186-41db-46e0-add6ee674075&reqId=dc01a82d-e7c4-46a7-7684-c6f75ec67eec&zdid=1258
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=pageview&id_mid_4=c78aac05-4186-41db-46e0-add6ee674075&reqId=dc01a82d-e7c4-46a7-7684-c6f75ec67eec&zdid=1258
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 30 May 2022 14:18:07 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://urlz.fr
access-control-allow-credentials
true
cf-ray
713818e61e984075-CDG
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=pageview&id_mid_4=c78aac05-4186-41db-46e0-add6ee674075&reqId=dc01a82d-e7c4-46a7-7684-c6f75ec67eec&zdid=1258
date
Mon, 30 May 2022 14:18:07 GMT
cross-origin-resource-policy
cross-origin
content-length
0
pro_five_0c.gif
xurl.es/images/ Frame 508A 		58 B
271 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xurl.es/images/pro_five_0c.gif
Requested by
Host: xurl.es
URL: https://xurl.es/css/estilos_new.css?20201004
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
82.223.3.178 , Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
7529f421b38083855086bd50c4373e5ade8a3afed02fda87cab44c4cb324eadd
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://xurl.es/css/estilos_new.css?20201004
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 30 May 2022 14:18:07 GMT
etag
"3a-5bc30a2af2467"
last-modified
Thu, 25 Feb 2021 22:25:57 GMT
server
nginx
x-powered-by
PleskLin
strict-transport-security
max-age=15768000; includeSubDomains
content-type
image/gif
x-accel-version
0.01
accept-ranges
bytes
content-length
58
pro_five_2a.gif
xurl.es/images/ Frame 508A 		559 B
773 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xurl.es/images/pro_five_2a.gif
Requested by
Host: xurl.es
URL: https://xurl.es/css/estilos_new.css?20201004
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
82.223.3.178 , Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
f072eaaf91a5ea9eb15baf3e94ccf8ae36e44c6152e0aba2f1103b3a6b7a60bc
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://xurl.es/css/estilos_new.css?20201004
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 30 May 2022 14:18:07 GMT
etag
"22f-5bc30a2b108ca"
last-modified
Thu, 25 Feb 2021 22:25:57 GMT
server
nginx
x-powered-by
PleskLin
strict-transport-security
max-age=15768000; includeSubDomains
content-type
image/gif
x-accel-version
0.01
accept-ranges
bytes
content-length
559
pro_five_2b.gif
xurl.es/images/ Frame 508A 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xurl.es/images/pro_five_2b.gif
Requested by
Host: xurl.es
URL: https://xurl.es/css/estilos_new.css?20201004
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
82.223.3.178 , Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
529ae4f38c76e38b64a96590b61528af7e519acacf5b9726bc1151bfc7677b43
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://xurl.es/css/estilos_new.css?20201004
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 30 May 2022 14:18:07 GMT
last-modified
Thu, 25 Feb 2021 22:25:57 GMT
server
nginx
x-powered-by
PleskLin
etag
"603823f5-5e7"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
image/gif
accept-ranges
bytes
content-length
1511
pro_five_0a.gif
xurl.es/images/ Frame 508A 		553 B
768 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xurl.es/images/pro_five_0a.gif
Requested by
Host: xurl.es
URL: https://xurl.es/css/estilos_new.css?20201004
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
82.223.3.178 , Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
d6eea55f702d79866f785453b1e53fa20cfd7efb1885886779ce8cc3f0685979
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://xurl.es/css/estilos_new.css?20201004
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 30 May 2022 14:18:07 GMT
etag
"229-5bc30a2ae49a5"
last-modified
Thu, 25 Feb 2021 22:25:57 GMT
server
nginx
x-powered-by
PleskLin
strict-transport-security
max-age=15768000; includeSubDomains
content-type
image/gif
x-accel-version
0.01
accept-ranges
bytes
content-length
553
pro_five_0b.gif
xurl.es/images/ Frame 508A 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xurl.es/images/pro_five_0b.gif
Requested by
Host: xurl.es
URL: https://xurl.es/css/estilos_new.css?20201004
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
82.223.3.178 , Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
0712a327424e57302c3e5634b02583f54153e0744da7879b6eaca1b80d36749c
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://xurl.es/css/estilos_new.css?20201004
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 30 May 2022 14:18:07 GMT
last-modified
Thu, 25 Feb 2021 22:25:57 GMT
server
nginx
x-powered-by
PleskLin
etag
"603823f5-607"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
image/gif
accept-ranges
bytes
content-length
1543
6xK-dSZaM9iE8KbpRA_LJ3z8mH9BOJvgkP8o58a-wg.woff2
fonts.gstatic.com/s/quicksand/v29/ Frame 508A 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/quicksand/v29/6xK-dSZaM9iE8KbpRA_LJ3z8mH9BOJvgkP8o58a-wg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Quicksand&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a9ba56b953be15a2ea2a7d1972dfa8f67d9b0f96925b4cc0d0516611cafaef5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://xurl.es
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 25 May 2022 19:38:14 GMT
x-content-type-options
nosniff
age
412793
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13892
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:27:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 25 May 2023 19:38:14 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 30 May 2022 06:01:46 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
age
29782
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Thu, 28 Apr 2022 01:41:20 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
aaJeHz3g2a7aWr9hYquBq.aDaObnNoK3
via
1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA50-C1
content-type
application/javascript
x-amz-cf-id
jdsoRCHz1uEY1JsLMz8XDlaJim0aR4E2HjPE5yE4NFWTT4frQfworg==
all.js
connect.facebook.net/es_ES/ Frame 508A 		291 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/es_ES/all.js?hash=d45acd5bf0804ed32f55e61470cc9b71
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/es_ES/all.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
45f904eb0f8eeccbdd7dd6e771d9794c5a9a38c7d023f8c7dbb85a52f66b0681
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://xurl.es/
Origin
https://xurl.es
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
ZM11q2+0FrtIu1r0ho0hPQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Tue, 30 May 2023 13:02:33 GMT
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
84228
x-fb-rlafr
0
x-fb-debug
sdVcYJ3iM3pgg+2RbHgdtlhdCG3XVz7iUMicra8Cpx2UcwZLP/9ZpiCT9Fn6jf4IvnPivlEOw5VAREjCzAvOAA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
8e99739ef2a00fa402254f430182dd29
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 30 May 2022 14:18:07 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"3a74dbbfe30670124a161646d12243c3"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
ga.js
ssl.google-analytics.com/ Frame 508A 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: xurl.es
URL: https://xurl.es/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://xurl.es/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
5233
date
Mon, 30 May 2022 12:50:54 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Mon, 30 May 2022 14:50:54 GMT
headerstats
as-sec.casalemedia.com/ 		0
422 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/headerstats?s=415712&u=https%3A%2F%2Furlz.fr%2FinsJ&v=3
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://urlz.fr/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Mon, 30 May 2022 14:18:07 GMT
X-AK-INITIAL-GEO
CC:[FR], RC:[IDF], CN:[EU], CIP:[92.222.212.16], XFF:[]
Server
Apache
Access-Control-Allow-Origin
https://urlz.fr
X-CS-CLIENT-GEO
28
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-AK-CLIENT-GEO
28
Expires
Mon, 30 May 2022 14:18:07 GMT
notifyme.php
adtrack.adleadevent.com/ 		0
518 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.137.175.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-46-137-175-60.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://urlz.fr/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 30 May 2022 14:18:07 GMT
Content-Encoding
gzip
Last-Modified
Mon, 30 May 2022 14:18:07 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
https://urlz.fr
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
Expires
Sat, 26 Jul 1997 05:00:00 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205250101/ Frame 508A 		314 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205250101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4793209335833860&plah=xurl.es&bust=31067782
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
beb023483061e0ea1cfd19b6275d61c80be86fedf77b30d84c60e2807668fc09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://xurl.es/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 30 May 2022 14:18:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
114527
x-xss-protection
0
server
cafe
etag
11890898947003175573
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 30 May 2022 14:18:07 GMT
cmp-list.json
test.quantcast.mgr.consensu.org/GVL-v2/ 		9 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://test.quantcast.mgr.consensu.org/GVL-v2/cmp-list.json
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.themoneytizer.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:5800:3:a4cd:8380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6797e5bc424d587014449f9825e0e68f8bfb7d163bdd86903fc462560dec3b57

Request headers

Accept
application/json, text/plain, */*
Referer
https://urlz.fr/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 30 May 2022 03:00:40 GMT
content-encoding
br
age
40648
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-max-age
86400
access-control-allow-origin
*
last-modified
Thu, 19 May 2022 19:52:29 GMT
server
AmazonS3
etag
W/"50900028e353b5405beb46af660d5881"
vary
Accept-Encoding
access-control-allow-methods
GET
x-amz-version-id
IX6ESpJaeLGXuWQu6Zw9OjFVEOp9d7q.
via
1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
cache-control
max-age=172800
x-amz-cf-pop
FRA50-C1
content-type
application/json
x-amz-cf-id
CFSThWCUiDdTMBjH5gfipN5YQRaYIqX7K7unaMB7lfv2vPkQCn7iNg==
/
www.facebook.com/login/ Frame 530B
Redirect Chain
  • https://www.facebook.com/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1e0517dac12a4c%26domain%3Dxurl.es%26is_canvas%...
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Flike_box.php%3Fapp_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Flike_box.php%3Fapp_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df1e0517dac12a4c%2526domain%253Dxurl.es%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fxurl.es%25252Ffafcc16589ce8c%2526relation%253Dparent.parent%26connections%3D16%26container_width%3D0%26header%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fpages%252FXURLes-Haz-tus-url-mas-cortas%252F135298596525315%26locale%3Des_ES%26sdk%3Djoey%26stream%3Dfalse%26width%3D300
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/es_ES/all.js?hash=d45acd5bf0804ed32f55e61470cc9b71
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
about:blank
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 30 May 2022 14:18:08 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
priority
u=3,i
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
Db5eQZDETsTmx1YKWYrkITlL/ycM41XmhKniFLuO7C41jen+ck+7GUJlQlEt+5U/UKLDESSuLdkaI9IwWw/DKQ==
x-fb-rlafr
0
x-frame-options
DENY
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
date
Mon, 30 May 2022 14:18:07 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
location
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Flike_box.php%3Fapp_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df1e0517dac12a4c%2526domain%253Dxurl.es%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fxurl.es%25252Ffafcc16589ce8c%2526relation%253Dparent.parent%26connections%3D16%26container_width%3D0%26header%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fpages%252FXURLes-Haz-tus-url-mas-cortas%252F135298596525315%26locale%3Des_ES%26sdk%3Djoey%26stream%3Dfalse%26width%3D300
pragma
no-cache
priority
u=3,i
strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
x-fb-debug
jfrdEKhMmaSpV1A+8l5tV3hABICmzpiVSk6WNzw3fi5x2neVFD+k6lCEteZLT5Cbzy8uVOJ0zg9jN5U1LXBACw==
x-fb-rlafr
0
x-xss-protection
0
b_DSvT5BjDf3L7mXasT585du80JYgOthzDrRF7aJqH4.js
pagead2.googlesyndication.com/bg/ Frame 4F41 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/b_DSvT5BjDf3L7mXasT585du80JYgOthzDrRF7aJqH4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6ff0d2bd3e418c37f72fb9976ac4f9f3976ef3425880eb61cc3ad117b689a87e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 30 May 2022 10:09:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
14937
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13882
x-xss-protection
0
last-modified
Tue, 24 May 2022 10:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 30 May 2023 10:09:10 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame A82A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220525&jk=2715657578282979&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers
cmp2ui-en.js
quantcast.mgr.consensu.org/tcfv2/41/ 		229 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/tcfv2/41/cmp2ui-en.js
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.themoneytizer.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2038:2200:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7694dd13e2fb81ec4254703d8d32a4e3ea22f0639a3a2a532216014c59716e8a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 28 May 2022 16:04:14 GMT
content-encoding
br
age
166434
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
last-modified
Tue, 24 May 2022 17:38:16 GMT
server
AmazonS3
etag
W/"3f5a266152898bbbe8a9a8099806846c"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
via
1.1 1be9b204bafba40c329df0fd4961700e.cloudfront.net (CloudFront)
cache-control
max-age=172800
x-amz-cf-pop
HEL50-C2
x-amz-cf-id
vny56X8ayfRA0jDxym72OB9zHgFfGkCZmw2fzyw05wRvMB36CLUUIw==
fire.js
s.cpx.to/ 		839 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.cpx.to/fire.js?pid=12773&ref=&url=https%3A%2F%2Furlz.fr%2FinsJ&hn_ver=40&fid=f0bd4810-78fe-4540-ba04-6973fdfb9e8d
Requested by
Host: p.cpx.to
URL: https://p.cpx.to/p/12773/px.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.184.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-184-31.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
9c0db386a530e1c122e6b038ed63e3bd02397e12c25b5a2db61e423537fbfec3
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Mon, 30 May 2022 14:18:07 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/javascript; charset=UTF-8
Content-Length
839
Expires
Wed, 25 May 2022 10:23:07 UTC
vendor-list-trimmed-v1.json
quantcast.mgr.consensu.org/GVL-v2/ 		300 KB
39 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/GVL-v2/vendor-list-trimmed-v1.json
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.themoneytizer.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2038:2200:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e6b113a0b5645e14bdb6d95037fb0efcc3091c0069069f0941553a96fd4c1b2a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 30 May 2022 03:00:39 GMT
content-encoding
gzip
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age
40649
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Mon, 30 May 2022 03:00:32 GMT
server
AmazonS3
etag
W/"ba5fe59243cc992fa9a7d4d0a3ebec4f"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
via
1.1 f74ebd28d1b7fe154fb59d89abda909a.cloudfront.net (CloudFront)
cache-control
max-age=172800
access-control-allow-credentials
true
x-amz-cf-pop
HEL50-C2
x-amz-cf-id
sRu4inQt4nGT5t9DmKa-oJ8ZcxV4Qq21lF0YdNwBF67kx_wBkMgcQw==
9.gif
id5-sync.com/i/12/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/12/9.gif?gdpr=true&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 30 May 2022 14:18:07 GMT
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
image/gif;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
google-atp-list.json
quantcast.mgr.consensu.org/tcfv2/ 		153 KB
36 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/tcfv2/google-atp-list.json
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.themoneytizer.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2038:2200:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1fd0f40aca4dc75d39a51e9b554986541cd2f514b0c4df7198fc8ac61bfada1a

Request headers

Accept
application/json, text/plain, */*
Referer
https://urlz.fr/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 30 May 2022 03:00:30 GMT
content-encoding
br
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age
40658
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Mon, 30 May 2022 03:00:26 GMT
server
AmazonS3
etag
W/"e357936593cc8ed65091e13f59db4400"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
via
1.1 f74ebd28d1b7fe154fb59d89abda909a.cloudfront.net (CloudFront)
cache-control
max-age=172800
access-control-allow-credentials
true
x-amz-cf-pop
HEL50-C2
x-amz-cf-id
BY69PVQekl68vJYqqURSO7Jx9lvnD7_GO3ThpcKIfruvuIAP_0KNWg==
/
ad.missena.io/ 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.missena.io/?t=PA-44335945
Requested by
Host: ad.adxcore.com
URL: https://ad.adxcore.com/static/js/components/advstlib/advstlib.min.js?c001847fa2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.246.7.169 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-246-7-169.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7fb5c42ce298efb56943f96612c957bcf5f66c4a370217776edf513907f9a549

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 30 May 2022 14:18:07 GMT
Last-Modified
Mon, 30 May 2022 14:18:07 GMT
Vary
Origin
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
7711
Expires
Wed, 11 Nov 1998 11:11:11 GMT
latest.json
currency.prebid.org/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://currency.prebid.org/latest.json
Requested by
Host: ad.adxcore.com
URL: https://ad.adxcore.com/static/js/components/advstlib/advstlib.min.js?c001847fa2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:5c00:19:2cf2:a900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7f7d6d98d3b0b9eb345c7667ea10f60a99b92c38251f32c0c89c9a2874378b44

Request headers

Referer
https://urlz.fr/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 29 May 2022 15:01:00 GMT
via
1.1 009e5e3e32afcd1d135a7234c9da5520.cloudfront.net (CloudFront)
vary
Origin
age
83828
x-cache
Hit from cloudfront
content-length
1635
last-modified
Sun, 29 May 2022 15:00:54 GMT
server
AmazonS3
etag
"8c93aadd6ecb79914e80d9ae1f4e5a73"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
*
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
ULOp-CvTfMqdplrBw3dY9VVFyvLd0oXFZsh__bZKxW-RWb1sioq5VA==
expires
Mon, 30 May 2022 15:00:51 GMT
/
l.adxcore.com/log/site/ 		35 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l.adxcore.com/log/site/?siteid=23152&a=start&testId=0&country=AA&device=DESK&cb=0.7254933023908476&ref=https%3A%2F%2Furlz.fr%2FinsJ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.39.39.173 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 30 May 2022 14:18:07 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding,User-Agent
content-type
image/gif
cache-control
max-age=2592000
content-length
51
expires
Wed, 29 Jun 2022 14:18:07 GMT
/
l.adxcore.com/log/zone/ 		43 B
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l.adxcore.com/log/zone/?zoneid=238072&siteid=23152&extzone=&impid=227f617f462bcc3233576208ba9b8eb1fa54872e&ts=1653920287.879&ref=https%3A%2F%2Furlz.fr%2FinsJ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.39.39.173 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 30 May 2022 14:18:07 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding,User-Agent
content-type
image/gif
cache-control
no-cache, max-age=2592000
content-length
57
expires
Wed, 29 Jun 2022 14:18:07 GMT
generate_204
tpc.googlesyndication.com/ Frame 4F41 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?Qpc3gw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 30 May 2022 14:18:07 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
/
audit-tcfv2.quantcast.mgr.consensu.org/ 		2 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://audit-tcfv2.quantcast.mgr.consensu.org/?log=%7B%22accountId%22%3A%226Fv0cGNfc_bw8%22%2C%22domain%22%3A%22urlz.fr%22%2C%22publisher%22%3A%22themoneytizer.com%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.41%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22HbxGb%2B34XCkQ4dJL2MD7TA%22%2C%22clientTimestamp%22%3A1653920287921%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-dya5lgiew4vlopevhxv%22%7D
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/41/cmp2ui-en.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.192.153.157 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-192-153-157.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept
application/json, text/plain, */*
Referer
https://urlz.fr/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 30 May 2022 14:18:08 GMT
content-length
2
content-type
text/plain; charset=utf-8
sync
s.cpx.to/
Redirect Chain
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Df0bd4810-78fe-4540-ba04-6973fdfb9e8d
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Df0bd4810-78fe-4540-ba04-6973fdfb9e8d
  • https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=7D5CCF89-F1BE-4903-AC37-92AF6023B765&fid=f0bd4810-78fe-4540-ba04-6973fdfb9e8d
95 B
881 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=7D5CCF89-F1BE-4903-AC37-92AF6023B765&fid=f0bd4810-78fe-4540-ba04-6973fdfb9e8d
Protocol
HTTP/1.1
Server
52.19.184.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-184-31.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Mon, 30 May 2022 14:18:08 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Content-Length
95
Expires
Mon, 30 May 2022 14:18:08 UTC

Redirect headers

location
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=7D5CCF89-F1BE-4903-AC37-92AF6023B765&fid=f0bd4810-78fe-4540-ba04-6973fdfb9e8d
date
Mon, 30 May 2022 14:18:08 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
an_fire
s.cpx.to/
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12773%26ref%3D%26url%3Dhttps%253A%252F%252Furlz.fr%252FinsJ%26hn_ver%3D40%26fid%3Df0bd4810-78fe-454...
  • https://s.cpx.to/an_fire?app_nexus_uid=6982627035980458637&pid=12773&ref=&url=https%3A%2F%2Furlz.fr%2FinsJ&hn_ver=40&fid=f0bd4810-78fe-4540-ba04-6973fdfb9e8d
95 B
865 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/an_fire?app_nexus_uid=6982627035980458637&pid=12773&ref=&url=https%3A%2F%2Furlz.fr%2FinsJ&hn_ver=40&fid=f0bd4810-78fe-4540-ba04-6973fdfb9e8d
Protocol
HTTP/1.1
Server
52.19.184.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-184-31.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Mon, 30 May 2022 14:18:08 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Content-Length
95
Expires
Mon, 30 May 2022 14:18:08 UTC

Redirect headers

Pragma
no-cache
Date
Mon, 30 May 2022 14:18:08 GMT
X-Proxy-Origin
92.222.212.16; 92.222.212.16; 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
623a28ae-241a-4195-95cd-8e5c058d8ac0
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://s.cpx.to/an_fire?app_nexus_uid=6982627035980458637&pid=12773&ref=&url=https%3A%2F%2Furlz.fr%2FinsJ&hn_ver=40&fid=f0bd4810-78fe-4540-ba04-6973fdfb9e8d
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
getuid
sync.smartadserver.com/
Redirect Chain
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3Df0bd4810-78fe-4540-ba04-6973fdfb9e8d&gdpr=0
  • https://sync.smartadserver.com/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=f0bd4810-78fe-4540-ba04-6973fdfb9e8d&gdpr=0&cklb=1
0
316 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.smartadserver.com/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=f0bd4810-78fe-4540-ba04-6973fdfb9e8d&gdpr=0&cklb=1
Protocol
HTTP/1.1
Server
185.86.139.106 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 May 2022 14:18:07 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://sync.smartadserver.com:443/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=f0bd4810-78fe-4540-ba04-6973fdfb9e8d&gdpr=0&cklb=1
pragma
no-cache
date
Mon, 30 May 2022 14:18:07 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
ca.png
s.cpx.to/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=f0bd4810-78fe-4540-ba04-6973fdfb9e8d
  • https://s.cpx.to/ca.png?dsp=dbm&fid=f0bd4810-78fe-4540-ba04-6973fdfb9e8d&google_gid=CAESEEnwk217Khcgc3Y5OqfNalg&google_cver=1
95 B
804 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/ca.png?dsp=dbm&fid=f0bd4810-78fe-4540-ba04-6973fdfb9e8d&google_gid=CAESEEnwk217Khcgc3Y5OqfNalg&google_cver=1
Protocol
HTTP/1.1
Server
52.19.184.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-184-31.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Mon, 30 May 2022 14:18:08 GMT
X-Frame-Options
sameorigin
Content-Type
image/png
Cache-Control
no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
95

Redirect headers

pragma
no-cache
date
Mon, 30 May 2022 14:18:08 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://s.cpx.to/ca.png?dsp=dbm&fid=f0bd4810-78fe-4540-ba04-6973fdfb9e8d&google_gid=CAESEEnwk217Khcgc3Y5OqfNalg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
334
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generic
match.adsrvr.org/track/cmf/ 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=0fkciot&ttd_tpi=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 May 2022 14:18:08 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sodar
pagead2.googlesyndication.com/pagead/ Frame A10F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220525&jk=2715657578282979&bg=!9_Sl9LDNAAao8wy8iPM7ACkAdvg8WpDgdZx-3HCjsUIf80N6C9T1pB4aRVTLPQOWqmq9kLfxw6SDxwIAAADhUgAAAANoAQcKAKAfyqp3AFw6ZyiM_tWhbj9LaBZ1p7UT5oqmWOfDrTCBotNI5mprcjhPa66sSn_5LOBDeFvgn-eWjw_xr6opYfxMAxt5HrKv5dCmTTc7Rge8cNxRerAsmmkRBkVewqyMU3Fbo2YP3AZniD1d2XbezLaU_KzBKOhyVi4Ch2PuSKgdi1cGqeIsESpFBLdLed_wSFKtaCO1nroMffpnA3o2oHXcmQKoL11qAZrble-9e1WJyOMIqRg9SdswHvREV2w9a18BGx_-Ttj-M9bsHFqXfa5lP_O-tp3gljqpceernSxHkzDYyQnFAh_CsPRaEa23QVLYFIA6rQtj1JDz_33M3t_WdD0f2NyAPFOx9WPIIqaisLQhCX4tT5SOg7Lf2mfWWLY3TmGfyweIq8DmLJnTcDZBWrlCrplgam2IxeZ9EbRde_oTiV8yNyqBYaGB92dk5bh9UxLYpPd0ygK4Tb0Xc27Xi-3s1neqFyQ3T9ju4yy75yUzoREmbRMZLMxPnxNVcP1rhj3wnYTZfP9_JUKf37zo22kcSanLR574Tno2FAJBicQMjuTtnk9oujyarPygKVTFqLi3v4GY5avURP-VU0pNLnFISNHX-_0FmT6X8MYXC5e8ZyHeLCQX_FzfIm2GkmiETYA49xEPrplNSurPobOT5MuYS4uuwEvRJ_TgHfbXvBZj8JOHKTT-Ufa0UxaYummfXrlZaszULZdbmiwt1SE4vtdJO82RfGw1EQtsg_ARNgVpaIIioQU1AbHnF9pIGxGgNnPBuJwFaguNvgEKrs8ehFjfkWo2s_COD9j2sWycyZK2Q8IxkQQseMMp9qh5UZQNt0efgg2eIRtGlMvUPCq9-6ykFtNwNNnz3lPa9sIeNMspwyPsqvPZsSuFz0mUKouvP7fG3mnLr-Z0eTxNnjSuQzZTUJ7EoOL3nfaQvuzhjKTWfAyK8eZbdc_uy3QaLxPhcsMuXy1iasVUeXu_d_6MzbDSazXLqOAb9mxFC2vQM-e_7jUuYWs9dotXR9z_o3gkxURYeGtyrb2wW43FWBYv5zrfxvw8FJEVBFxRdVnNG-jDWlS81vh4LMZH15kI90TUIaJ4mHF9NmKy7nSa0LU1F63ISBQGBV9K6MM
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://xurl.es/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

199 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation object| __cfQR function| __tcfapi function| __uspapi object| adxcore function| confiantWrap number| themoneytizer_async object| eucountries object| sas function| whenFormatFctDefined function| whenDefined object| http string| url number| random_cent number| enable_sco function| criteoCallback object| generic object| criteo_gum object| smart_csync object| zeotap object| node object| pwidget_config object| iframe object| tagsObject string| website number| random undefined| pubstack object| headelement object| notifyme object| ix_lib object| tmzr object| d object| pbs number| random_sw object| format_size object| format_size_ix object| format_w_adform object| format_h_adform object| format_size_rubicon object| format_criteo object| format_pulsepoint object| between_w object| between_h object| counter_refresh object| smart_prebid2 function| refreshVisibility26322 string| crtg_content object| mydiv object| creatediv undefined| paragraphs undefined| counter undefined| temp undefined| myP undefined| myPNumber undefined| coeffFilterBegin undefined| coeffFilterEnd undefined| filterBegin undefined| filterEnd undefined| limitPargraphs undefined| filteringParagraphs undefined| number undefined| divs undefined| coeffFilterBeginDiv undefined| filterBeginDiv function| isEmpty function| loadScriptTemelio function| GetRichAudienceZone function| GetAdmixerZone function| GetGothamadsZone function| GetmnameAdform function| GetwAdform function| GethAdform function| GetsizeIndex function| Getsize function| GetsizeRubicon function| GetPulseSize function| Timeout function| refreshSlot function| refreshSlotFooter undefined| convertHtmlToText string| pubstack_ab object| _qevents boolean| moneycaching object| params number| nugg function| Adcall_26322 function| refreshVisibility30012 function| Adcall_30012 function| refreshVisibility26328 object| sc function| Adcall_26328 string| page boolean| timepast function| gtag object| dataLayer boolean| __cfRLUnblockHandlers object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| MobileDetect object| md object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map string| google_user_agent_client_hint function| inViewAdthink function| storeAdthink object| Hashes object| apstag object| googletag object| pbjsAdthink object| skinOverlay function| advstLib function| pbjsAdthinkChunk object| _pbjsGlobals object| ADAGIO object| advstLibGlobal function| seedtag_inimage_adthink_passback function| advstCurrentScriptIE11 object| invibes function| advst_mtag object| tmzrChunk object| placementBids string| nobidVersion object| nobid undefined| Adcall_48311 object| pubstack_publica number| bidder_geo object| _clrm object| libJsLeadPlace boolean| sas_usePostStandard boolean| sas_useID5Module object| ID5 function| SasIabApi number| intervalCounterNumberCMP V2 number| intervalCounterNumberCCPA object| sas_ads boolean| sas_ajax object| sas_manager object| sas_unrenderedFormats undefined| sas_callAd undefined| sas_callAds function| sas_render function| SmartAdServerAjaxOneCall function| SmartAdServer_iframe function| SmartAdServer function| SmartAdServerAjax function| sas_gcf function| sas_appendToContainer function| sascc function| sasmobile function| sas_addCleanListener function| sas_cleanAds function| sas_cleanAd number| sas_renderMode object| headertag function| quantserve function| __qc object| ezt object| _qoptions function| qtrack function| mapperjs object| gaplugins object| gaGlobal object| gaData function| google_sa_impl object| googleToken object| googleIMState boolean| apstagLOADED undefined| $ undefined| jQuery object| regeneratorRuntime function| __tcfapiui object| M object| __MISSENA__

31 Cookies

Domain/Path Name / Value
ad.adxcore.com/ Name: DYNAMIC
Value: D11
.facebook.com/ Name: sb
Value: HtKUYi9E0AwW3KMBnAvKGmOY
l.adxcore.com/ Name: LOG
Value: LOG2
.urlz.fr/ Name: _ga
Value: GA1.2.231354890.1653920287
.urlz.fr/ Name: _gid
Value: GA1.2.1920220775.1653920287
.urlz.fr/ Name: _gat_gtag_UA_162669458_1
Value: 1
.zeotap.com/ Name: zc
Value: c78aac05-4186-41db-46e0-add6ee674075
.zeotap.com/ Name: zsc
Value: %EC%C0%90d%1A%8C%FF%FF%D8%C8Ov%81%FEk%C8%FC%AB%EB%BAWX%9A%B1%DE%05-Z%D60%FB%99%7D%AC%04%D7%FF%D9-%81%E2l%A0%9C%01O%91%C9%7C%D0%E2%1C%F8wR%3CMH%0F%F1y%15%EE%2C%D2%E3%C5m%1F%A4%98%B1~%BFB%B3%29c%0Ay%24%08Z%85%E0%A9%9F%CE%C3%AA%1CE%DCw%98%DAR%E1%21%85%D5%5BA%E0%19%DF%22F%D5
.adnxs.com/ Name: uuid2
Value: 6982627035980458637
.mathtag.com/ Name: uuid
Value: 64ad6294-d21f-4700-bf40-891301e24f2e
.agkn.com/ Name: ab
Value: 0001%3AeGI%2FA0Ck9MNsj4kAGW2NPvf%2FydqO6qDT
.doubleclick.net/ Name: IDE
Value: AHWqTUnyAFEtpffG75ejLoD9bJRRd7JtZUMbKEvtzrTM0CwgQ3q_B6qhMRvctzt2Z0g
.demdex.net/ Name: demdex
Value: 59609289078674729314332637854476515593
.dpm.demdex.net/ Name: dpm
Value: 59609289078674729314332637854476515593
.sfr.fr/ Name: etuix
Value: qhWQWYXdalPPew1P_npYrZJNdgZMihcLS1OLAm2jxUovOE.n8IQh6w--
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: callback
Value:
.cpx.to/ Name: cpSess
Value: 33bae3ce3774e36f
.facebook.com/ Name: fr
Value: 04gnoaRmSghvr2VMR..BilNIe.EZ.AAA.0.0.BilNIf.AWW8Ihe7HDc
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: pbw
Value: %24b%3d16100%3b%24o%3d11100
.cpx.to/ Name: dsp_app_nexus
Value: 6982627035980458637#1653920288116
.smartadserver.com/ Name: pid
Value: 8147734131147102854
.cpx.to/ Name: dsp_dbm
Value: CAESEEnwk217Khcgc3Y5OqfNalg#1653920288144
.pubmatic.com/ Name: KTPCACOOKIE
Value: true
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 7D5CCF89-F1BE-4903-AC37-92AF6023B765
.cpx.to/ Name: dsp_pubmatic
Value: 7D5CCF89-F1BE-4903-AC37-92AF6023B765#1653920288492

6 Console Messages

Source Level URL
Text
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4793209335833860&output=html&h=90&slotname=4639160287&adk=271488381&adf=3173046732&pi=t.ma~as.4639160287&w=970&psa=0&format=970x90&url=https%3A%2F%2Furlz.fr%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653920286401&bpp=15&bdt=438&idt=216&shv=r20220525&mjsv=m202205240101&ptt=9&saldr=aa&correlator=2445716505298&frm=24&ife=1&pv=2&ga_vid=626363721.1653920287&ga_sid=1653920287&ga_hid=1438464439&ga_fc=0&ga_wpids=UA-266266-17&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=575131221&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44760475&oid=2&pvsid=2715657578282979&pem=98&tmod=1570211041&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.xe5ikcioak6q&fsb=1&dtd=249
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4793209335833860&output=html&h=90&slotname=4639160287&adk=271488381&adf=3493768500&pi=t.ma~as.4639160287&w=970&psa=0&format=970x90&url=https%3A%2F%2Furlz.fr%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653920286418&bpp=1&bdt=455&idt=261&shv=r20220525&mjsv=m202205240101&ptt=9&saldr=aa&prev_fmts=970x90%2C300x250&correlator=2445716505298&frm=24&ife=1&pv=1&ga_vid=626363721.1653920287&ga_sid=1653920287&ga_hid=1438464439&ga_fc=0&ga_wpids=UA-266266-17&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=575131221&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44760475&oid=2&pvsid=2715657578282979&pem=98&tmod=1570211041&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=3.wgnj5hkfxe80&fsb=1&dtd=280
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4793209335833860&output=html&h=250&slotname=7732227484&adk=2257642287&adf=3458493280&pi=t.ma~as.7732227484&w=300&psa=0&format=300x250&url=https%3A%2F%2Furlz.fr%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653920286417&bpp=1&bdt=454&idt=237&shv=r20220525&mjsv=m202205240101&ptt=9&saldr=aa&prev_fmts=970x90&correlator=2445716505298&frm=24&ife=1&pv=1&ga_vid=626363721.1653920287&ga_sid=1653920287&ga_hid=1438464439&ga_fc=0&ga_wpids=UA-266266-17&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=575131221&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44760475&oid=2&pvsid=2715657578282979&pem=98&tmod=1570211041&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=d%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.3mjmc8jjegw1&fsb=1&dtd=258
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Message:
Failed to load resource: the server responded with a status of 451 ()
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.agkn.com
ad.adxcore.com
ad.missena.io
adaccess.fr
ads.themoneytizer.com
adservice.google.com
adservice.google.fr
adtrack.adleadevent.com
ajax.googleapis.com
api.rlcdn.com
as-sec.casalemedia.com
audit-tcfv2.quantcast.mgr.consensu.org
c.amazon-adsystem.com
c.tmyzer.com
ced.sascdn.com
cm.g.doubleclick.net
connect.facebook.net
currency.prebid.org
d2zur9cc2gf1tx.cloudfront.net
dpm.demdex.net
elr.sfr.fr
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id5-sync.com
image2.pubmatic.com
js-sec.indexww.com
l.adxcore.com
match.adsrvr.org
mwzeom.zeotap.com
netc.sfr.fr
obgpm76tt0a0sgozk8l.redinuid.imrworldwide.com
onetag-sys.com
p.cpx.to
pagead2.googlesyndication.com
pixel.mathtag.com
quantcast.mgr.consensu.org
rules.quantcount.com
s.cpx.to
secure.adnxs.com
secure.quantserve.com
spl.zeotap.com
ssl.google-analytics.com
sync.smartadserver.com
tag.leadplace.fr
test.quantcast.mgr.consensu.org
tpc.googlesyndication.com
urlz.fr
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.paypalobjects.com
xurl.es
109.232.196.59
141.95.98.65
142.250.185.66
143.204.95.188
145.239.192.166
176.34.72.130
18.156.126.13
18.192.153.157
185.33.221.15
185.33.221.52
185.64.190.80
185.86.139.106
192.229.221.25
2.18.233.201
23.35.236.247
2600:9000:2038:2200:9:46dc:4700:93a1
2600:9000:2156:5800:3:a4cd:8380:93a1
2600:9000:2156:5c00:19:2cf2:a900:93a1
2600:9000:2156:c200:6:44e3:f8c0:93a1
2606:4700:10::6816:30e3
2606:4700:10::ac43:db6
2606:4700:3038::6815:ead7
2620:116:800d:21:b314:a0ef:ab7c:d546
2a00:1450:4001:803::2002
2a00:1450:4001:803::2004
2a00:1450:4001:812::200e
2a00:1450:4001:827::2008
2a00:1450:4001:828::2002
2a00:1450:4001:828::200a
2a00:1450:4001:829::2002
2a00:1450:4001:829::2003
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::200a
2a00:1450:4001:831::2001
2a00:1450:4001:831::2008
2a02:2638::1c
2a02:6ea0:c700::11
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a06:98c1:3120::3
34.120.133.55
46.137.175.60
5.39.39.173
51.89.9.254
52.19.184.31
52.211.75.9
52.222.137.10
52.223.40.198
52.49.145.37
54.246.7.169
54.38.64.100
82.223.3.178
92.123.225.57
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0712a327424e57302c3e5634b02583f54153e0744da7879b6eaca1b80d36749c
0b85693e8bdd91b320486a2e515448f45d8a474281cf40eb59ae87ad6521e4be
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1909b2a83fd41494d94862c4323944d9d0aa1f1e653f252ea5a73fc5944308b0
1a31c3e964c1966b1108fd3f199e4ce2c1a364022d85b20e3154345fb824cdfe
1aaaa76604e8cce1fc24df8b27d6124fc780575f15aeb5a05089277ba25cccec
1fd0f40aca4dc75d39a51e9b554986541cd2f514b0c4df7198fc8ac61bfada1a
2330fb9a498ec10491202314b4a6a0d3ec42afbb763f13f733c4d6b20dc73771
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
28ca39f2ce8df2f544e8a665b97e6e9327185850a8373a99b9a06d12c5becce2
2bd9e5d2f96477133fa8ab9fd25dbc668511774016c95a0afb12eb0d124dcaba
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f1203fbb212151117c369f929efe26af29a3bda4b4f286d207da7d4eb74833d
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
4006e0481f9cfffd3a579c3dcbdad1b6953e844c1e3c76a8d9f86844c98d87a3
434b61608da840cf0a3604af7679f88694a85e8c22982124fe3aa9b7c440c17c
44176f0e78c1841a5b4b077e2e5e4f845dc5159c688c063036984049e1f90fe5
45f904eb0f8eeccbdd7dd6e771d9794c5a9a38c7d023f8c7dbb85a52f66b0681
46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681
47a9968ea08bce02876b1b0bb395e51bf158e340240efb2e256b91242a7e9916
4a9ba56b953be15a2ea2a7d1972dfa8f67d9b0f96925b4cc0d0516611cafaef5
506ec5f328527d3c402c63b10a9f6b784cc1ee361e0d84e1425fc33529eeccd4
529ae4f38c76e38b64a96590b61528af7e519acacf5b9726bc1151bfc7677b43
52d507688e76dfbe48fce79beb89be7f30101e95e9e06c121c461e30517ab36f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
5c00a75845d802820206c0bfd097a7f84c8a69411eb78cf900fe3488c1c853c6
5c5fc0560c5d4acaea1cadae07be72f5ad5919a471e794a8a512b7f2cc9811e6
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
669020881155e9402d450fca0eded4efef18adfcc245516c229b1293b6f0a3c1
6797e5bc424d587014449f9825e0e68f8bfb7d163bdd86903fc462560dec3b57
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c46829208b5004ded357c146a2dd4c56641ca4a8f93c782081dee56c9a332f1
6ff0d2bd3e418c37f72fb9976ac4f9f3976ef3425880eb61cc3ad117b689a87e
7529f421b38083855086bd50c4373e5ade8a3afed02fda87cab44c4cb324eadd
7694dd13e2fb81ec4254703d8d32a4e3ea22f0639a3a2a532216014c59716e8a
7ce09db858fea54f183d985da0f5b9339072de6dddeeae932dfac38c9e8777a7
7d2b3e8a1d6b172ea7936a53c5a937dcb7bc22b5bd5be45c048c4af9fca56d66
7e176e51c1dff07522d527754e78745b4fe73db4b875ab85be5ec57e2e35346c
7f7d6d98d3b0b9eb345c7667ea10f60a99b92c38251f32c0c89c9a2874378b44
7fb5c42ce298efb56943f96612c957bcf5f66c4a370217776edf513907f9a549
80fccb00db57a177d26368cda09f8a540cf1aa641b8b6837047e86d3bd8d6333
819637a3a0b340f1967c15ce6bea1cf2d162f5c17fb07f75acab2f2710c0498a
8446eabdbeb932d5da0bace5027802b79fee20225a039d507a91d26dffdc6708
88193f110768212d8a6526b7566b24f207bfb3eddd45df7fc2581b9d4ac4eff5
8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dd20c3b099dd680b31530a1b14319c12bf9b623a9a05843a4a722180f3c3a92
8f24dc76070927cc3d13b4f52f8ecb898fce1875c32563e7a3fae2450ef6babc
93c2c8ebc94c695e8c381a1ec604612a9cadf7a4ba92632f57d727b2ee18f4a6
99bc13458990137777412f543d96fa3e68c7e276e8bbb4c9173bd495481f49e4
9ba8911a45f4c451ab24f449781fddd28c9d2577e2bd5a808beb9733375afc4d
9c0db386a530e1c122e6b038ed63e3bd02397e12c25b5a2db61e423537fbfec3
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
aa5cce745f29df17c235f1341d0c9302da0c56d79bf056561a914129a89cbffc
ac96557350a3e8143ab59669638b0965d32da804ffe053357348148225eef701
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213
beb023483061e0ea1cfd19b6275d61c80be86fedf77b30d84c60e2807668fc09
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
c4bbb728e5565d78463cf1ba54da1a67dd30bfd58f254dac7fe92b9c955925df
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
ce740f8eac49a255e5038395e1425e00b38d836234911959bc1a74a532a02d7f
d100c5e0076eaa42e052ffc49247677b7420ae78a626de562fec56332d1c3d7d
d6eea55f702d79866f785453b1e53fa20cfd7efb1885886779ce8cc3f0685979
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
db3985c4d5ae08ac22f3958d29da53f4edcd150439f74c668074c65ea0981da6
dbc0e5a7a7220d945bcdf9e474de0c9e66b40aa91401aa890c10a050e23fcdf6
dfdeaa98d3bc6190bb0ab53369db8e64b1e467824e95062ca5f6cbdcce88dc68
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6b113a0b5645e14bdb6d95037fb0efcc3091c0069069f0941553a96fd4c1b2a
e77e235669fece8e6008a8f5d31ce9e44fd390032778ff6727b73938425a6941
f072eaaf91a5ea9eb15baf3e94ccf8ae36e44c6152e0aba2f1103b3a6b7a60bc
f138232191786a1c6d362de031b33fac03d9a97be15539e752de4c41e167af00
f7bb63c973d338f040a400d5272bf397ae8b1cf52d2a9d79a6870281cc27cd98
fc02197f27ff0b964fd4e334851eb9f967caf103d40c94de3783ad936d84ded3
fe852bf7623fc99b8645c8ce5d3b5867c1857c0311d0a54fba409d4f684148d1