urlscan.io logo urlscan.io
SecurityTrails logo

u337081g4k.ha002.t.justns.ru Open in urlscan Pro
2a00:b700::6:b  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://s.id/3tkzF
Effective URL: http://u337081g4k.ha002.t.justns.ru/orix
Submission: On February 25 via manual from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 4 countries across 18 domains to perform 27 HTTP transactions. The main IP is 2a00:b700::6:b, located in Russian Federation and belongs to ASBAXET, RU. The main domain is u337081g4k.ha002.t.justns.ru.
This is the only time u337081g4k.ha002.t.justns.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 203.119.112.228 56088 (PANDI-ID ...)
1 77.222.62.67 44112 (SWEB-AS)
1 1 2606:4700:31:... 13335 (CLOUDFLAR...)
1 2606:4700:31:... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a00:b700::6:b 51659 (ASBAXET)
5 151.139.241.23 12989 (HWNG)
1 54.230.202.133 16509 (AMAZON-02)
1 52.85.182.63 16509 (AMAZON-02)
1 2a02:2638::1c 44788 (ASN-CRITE...)
2 147.135.143.44 16276 (OVH)
27 11
1    203.119.112.228 (Indonesia)

ASN56088 (PANDI-ID PANDI - Pengelola Nama Domain Internet Indonesia, ID)
PTR: s.id.112.119.203.in-addr.arpa
s.id
1    77.222.62.67 (Russian Federation)

ASN44112 (SWEB-AS, RU)
PTR: vh262.sweb.ru
berrnardbr.temp.swtest.ru
1    2606:4700:31::681f:ab2 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
urlz.fr
1    2606:4700:31::681f:bb2 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
urlz.fr
1    2606:4700::6813:c697 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
ajax.cloudflare.com
3    2a00:b700::6:b (Russian Federation)

ASN51659 (ASBAXET, RU)
u337081g4k.ha002.t.justns.ru
5    151.139.241.23 (Dallas, United States)

ASN12989 (HWNG, NL)
ads.themoneytizer.com
1    54.230.202.133 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-230-202-133.fra50.r.cloudfront.net
p.cpx.to
1    52.85.182.63 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-85-182-63.fra50.r.cloudfront.net
d2zur9cc2gf1tx.cloudfront.net
1    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    147.135.143.44 (Waltham, United States)

ASN16276 (OVH, FR)
tag.leadplace.fr
Domain Requested by
5 ads.themoneytizer.com ajax.cloudflare.com
ads.themoneytizer.com
3 u337081g4k.ha002.t.justns.ru urlz.fr
s.id
2 tag.leadplace.fr ads.themoneytizer.com
tag.leadplace.fr
2 urlz.fr 1 redirects
1 gum.criteo.com ads.themoneytizer.com
1 d2zur9cc2gf1tx.cloudfront.net ads.themoneytizer.com
1 p.cpx.to ads.themoneytizer.com
1 ajax.cloudflare.com urlz.fr
1 berrnardbr.temp.swtest.ru s.id
1 s.id
0 s.cpx.to Failed p.cpx.to
0 ajax.googleapis.com Failed d2zur9cc2gf1tx.cloudfront.net
0 www.noowho.com Failed
0 player.pepsia.com Failed s.id
0 edge.quantserve.com Failed ads.themoneytizer.com
0 id5-sync.com Failed
0 ww1097.smartadserver.com Failed ads.themoneytizer.com
0 tag.contextweb.com Failed ads.themoneytizer.com
0 g.tmyzer.com Failed ads.themoneytizer.com
0 analytics.s.id Failed s.id
27 20

This site contains no links.

Subject Issuer Validity Valid
*.s.id
COMODO RSA Domain Validation Secure Server CA		 2018-12-03 -
2020-12-02		 2 years crt.sh
ssl412106.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2018-09-22 -
2019-03-31		 6 months crt.sh
*.themoneytizer.com
Sectigo RSA Domain Validation Secure Server CA		 2019-02-15 -
2021-02-14		 2 years crt.sh

This page contains 4 frames:

Primary Page: http://u337081g4k.ha002.t.justns.ru/orix
Frame ID: 4B16236AAE8D7B1E645BC079F3D194A8
Requests: 24 HTTP requests in this frame

Frame: http://u337081g4k.ha002.t.justns.ru/orix
Frame ID: CBC67A41E466234AD53B077EDA071ABA
Requests: 1 HTTP requests in this frame

Frame: http://u337081g4k.ha002.t.justns.ru/orix
Frame ID: 67681ACE35D28C490487E7BC0C43E068
Requests: 1 HTTP requests in this frame

Frame: http://tag.leadplace.fr/wckr.php?nogdpr&id=MTIZ
Frame ID: C4CD8C715A348C014CF4E5E949DDADFA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://s.id/3tkzF Page URL
  2. http://berrnardbr.temp.swtest.ru/ Page URL
  3. https://urlz.fr/8Z6B HTTP 301
    http://urlz.fr/8Z6B Page URL
  4. http://u337081g4k.ha002.t.justns.ru/orix Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /Ubuntu/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

27
Requests

19 %
HTTPS

45 %
IPv6

18
Domains

20
Subdomains

11
IPs

4
Countries

156 kB
Transfer

414 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://s.id/3tkzF Page URL
  2. http://berrnardbr.temp.swtest.ru/ Page URL
  3. https://urlz.fr/8Z6B HTTP 301
    http://urlz.fr/8Z6B Page URL
  4. http://u337081g4k.ha002.t.justns.ru/orix Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://urlz.fr/8Z6B HTTP 301
  • http://urlz.fr/8Z6B
Request Chain 17
  • http://id5-sync.com/i/12/9.gif HTTP 302
  • http://id5-sync.com/c/12/0/9/1.gif

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set 3tkzF
s.id/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.id/3tkzF
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.119.112.228 , Indonesia, ASN56088 (PANDI-ID PANDI - Pengelola Nama Domain Internet Indonesia, ID),
Reverse DNS
s.id.112.119.203.in-addr.arpa
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
dda4ac0483c5574c67cd2326f761dd1f44fa9d56fc83cb63ed23a6134364055e

Request headers

Host
s.id
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Server
nginx/1.10.3 (Ubuntu)
Date
Mon, 25 Feb 2019 07:12:58 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Cache-Control
private, must-revalidate
pragma
no-cache
expires
-1
Set-Cookie
XSRF-TOKEN=eyJpdiI6IndLajEyNDBaM2hvS1g3SVBVXC84bWVBPT0iLCJ2YWx1ZSI6ImxmQjNMWlRPNEo0RFZielBiSHMzTm9zU0wxU1MzTlQ3MHV1QmlMRzV6Tjh6Y21rM3FBR1Y3SjJDWlk4SUVpU3pDQTcrWHBvbVVIbFJQVU56ZGRQNTR3PT0iLCJtYWMiOiJlOGFjNjRjMTdkNzExNjJiZDNhNmQyMTg3ZWM4MTVkZjY4NmY0YThiZDRlYTY5MDQ2ZGMzZGE2OTA5YTAzNDdkIn0%3D; expires=Mon, 25-Feb-2019 09:12:57 GMT; Max-Age=7200; path=/ major_tom=eyJpdiI6IjQ2K3hjTzRQUVg3OGtzU3RjbVwvc0xnPT0iLCJ2YWx1ZSI6IkhsTEVXUUVkU1lcL2FHU2lXdElWXC9tZ01namllclMzMUY0T1dyODJSUHZDcFdVcXNRdVlwWGJXRmUxSVwvbVZ6Zm1aRjhLM0FkWXdyR3lJb1hnRksxNm5nPT0iLCJtYWMiOiI3ZjJjZWUwNjcxOTUxOTE5YWFjMmVmNGQ0ZGE2YjkzNzkwM2NkMmY3NmU5NWRlMzcyYTBiZmFhMTdjNzc0MjU3In0%3D; expires=Mon, 25-Feb-2019 09:12:57 GMT; Max-Age=7200; path=/; httponly
Content-Encoding
gzip
piwik.js
analytics.s.id/ 		0
0
/
berrnardbr.temp.swtest.ru/ 		64 B
336 B 		Document
General
Check archive.org
Download Go to
Full URL
http://berrnardbr.temp.swtest.ru/
Requested by
Host: s.id
URL: https://s.id/3tkzF
Protocol
HTTP/1.1
Server
77.222.62.67 , Russian Federation, ASN44112 (SWEB-AS, RU),
Reverse DNS
vh262.sweb.ru
Software
nginx/1.15.2 /
Resource Hash
0f9e64df9d20c5acb5557da34dd636a07d9a9dfd0d67e0910caedb1d8162e13d

Request headers

Host
berrnardbr.temp.swtest.ru
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Server
nginx/1.15.2
Date
Mon, 25 Feb 2019 07:12:58 GMT
Content-Type
text/html
Content-Length
64
Connection
keep-alive
Keep-Alive
timeout=10
Last-Modified
Fri, 22 Feb 2019 07:31:13 GMT
ETag
"8e29d9-40-58276935377c2"
Accept-Ranges
bytes
8Z6B
urlz.fr/
Redirect Chain
  • https://urlz.fr/8Z6B
  • http://urlz.fr/8Z6B
3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://urlz.fr/8Z6B
Protocol
HTTP/1.1
Server
2606:4700:31::681f:bb2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c76c275083ee4bb35915fc4df47b34427a206dad22dfb0f17822fce763588bfe

Request headers

Host
urlz.fr
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://berrnardbr.temp.swtest.ru/
Accept-Encoding
gzip, deflate
Cookie
__cfduid=dc863ad80d587f5ac428bed251808f8901551078778
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://berrnardbr.temp.swtest.ru/

Response headers

Date
Mon, 25 Feb 2019 07:12:58 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Server
cloudflare
CF-RAY
4ae85ddd4a72c2bf-FRA
Content-Encoding
gzip

Redirect headers

status
301
date
Mon, 25 Feb 2019 07:12:58 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=dc863ad80d587f5ac428bed251808f8901551078778; expires=Tue, 25-Feb-20 07:12:58 GMT; path=/; domain=.urlz.fr; HttpOnly
location
http://urlz.fr/8Z6B
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4ae85ddccc7797f2-FRA
rocket-loader.min.js
ajax.cloudflare.com/cdn-cgi/scripts/cb7744ae/cloudflare-static/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.cloudflare.com/cdn-cgi/scripts/cb7744ae/cloudflare-static/rocket-loader.min.js
Requested by
Host: urlz.fr
URL: http://urlz.fr/8Z6B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:c697 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3349f7ebfafd1cf105f9f4a41a1be792db6dfc5d754de2fbce192a2185486b73
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://urlz.fr/8Z6B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 25 Feb 2019 07:12:58 GMT
content-encoding
gzip
last-modified
Mon, 18 Feb 2019 17:46:56 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5c6aef90-2d8b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=172800, public
strict-transport-security
max-age=15780000; includeSubDomains
cf-ray
4ae85dddac08bebc-FRA
expires
Wed, 27 Feb 2019 07:12:58 GMT
orix
u337081g4k.ha002.t.justns.ru/ Frame CBC6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://u337081g4k.ha002.t.justns.ru/orix
Requested by
Host: urlz.fr
URL: http://urlz.fr/8Z6B
Protocol
HTTP/1.1
Server
2a00:b700::6:b , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash

Request headers

Host
u337081g4k.ha002.t.justns.ru
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://urlz.fr/8Z6B
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://urlz.fr/8Z6B

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Pragma
no-cache
Content-Type
text/html
Content-Length
618
Date
Mon, 25 Feb 2019 07:12:58 GMT
Server
LiteSpeed
Vary
User-Agent
Connection
Keep-Alive
requestform.js
ads.themoneytizer.com/s/ 		43 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/cb7744ae/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Server
151.139.241.23 Dallas, United States, ASN12989 (HWNG, NL),
Reverse DNS
Software
NetDNA-cache/2.2 / PHP/5.4.45
Resource Hash
8f435bfc1cac9de93a539a250d2d5fc423e4b6b2791d91de331113bad0e98e20

Request headers

Referer
http://urlz.fr/8Z6B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 25 Feb 2019 07:12:58 GMT
Content-Encoding
gzip
Server
NetDNA-cache/2.2
X-Powered-By
PHP/5.4.45
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
text/html; charset=UTF-8
Cache-control
max-age=86400
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
Expires
Tue, 26 Feb 2019 07:12:58 GMT
gen.js
ads.themoneytizer.com/s/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ads.themoneytizer.com/s/gen.js?type=28
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/cb7744ae/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Server
151.139.241.23 Dallas, United States, ASN12989 (HWNG, NL),
Reverse DNS
Software
NetDNA-cache/2.2 / PHP/5.4.45
Resource Hash
dd76fdd2142192064e0af855f1b21bdad5ed9e807f053e813827e601404a83cb

Request headers

Referer
http://urlz.fr/8Z6B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 25 Feb 2019 07:12:49 GMT
Content-Encoding
gzip
Server
NetDNA-cache/2.2
X-Powered-By
PHP/5.4.45
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
text/html; charset=UTF-8
Cache-control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2186
Expires
Tue, 26 Feb 2019 07:12:49 GMT
/
g.tmyzer.com/g/ 		0
0
moneyvisibility.js
ads.themoneytizer.com/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/moneyvisibility.js
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN12989 (HWNG, NL),
Reverse DNS
Software
nginx /
Resource Hash
7665c874bc98e44bd494def2883069f2f4c14cdef48d52d517cbbfce75440f37

Request headers

Referer
http://urlz.fr/8Z6B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 25 Feb 2019 07:12:58 GMT
content-encoding
gzip
last-modified
Tue, 03 Oct 2017 20:38:26 GMT
server
nginx
etag
"779a-308e-55aaa791f67cd"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
status
200
cache-control
max-age=86400
accept-ranges
bytes
content-length
3931
expires
Tue, 26 Feb 2019 07:12:37 GMT
moneybile.js
ads.themoneytizer.com/ 		37 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/moneybile.js
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN12989 (HWNG, NL),
Reverse DNS
Software
nginx /
Resource Hash
94666aec361fee9a9294bb32a5bc11867e479d41c199dd6ec8053122ae105a4b

Request headers

Referer
http://urlz.fr/8Z6B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 25 Feb 2019 07:12:58 GMT
content-encoding
gzip
last-modified
Tue, 26 Dec 2017 18:31:28 GMT
server
nginx
etag
"7ff1-9390-561427db3104d"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
status
200
cache-control
max-age=86400
accept-ranges
bytes
content-length
15733
expires
Tue, 26 Feb 2019 07:12:37 GMT
getjs.static.js
tag.contextweb.com/ 		0
0
px.js
p.cpx.to/p/11528/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://p.cpx.to/p/11528/px.js?r=16967
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol
HTTP/1.1
Server
54.230.202.133 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-230-202-133.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
http://urlz.fr/8Z6B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 02 Oct 2018 16:01:53 GMT
Content-Encoding
UTF-8
Last-Modified
Wed, 26 Sep 2018 10:53:05 GMT
Server
AmazonS3
ETag
"f30057c89bf67afeaf18ceba624fa4b7"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 4446e317b7b7532307c7755d43835bff.cloudfront.net (CloudFront)
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1498
X-Amz-Cf-Id
w3mPTfU7HhXoU2GcCFUZqnzMx9qiJOlHb0L08MN8PfeMoOnNFx17Bg==
notifyme.js
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/ 		25 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol
HTTP/1.1
Server
52.85.182.63 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-85-182-63.fra50.r.cloudfront.net
Software
Apache /
Resource Hash
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213

Request headers

Referer
http://urlz.fr/8Z6B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sun, 24 Feb 2019 16:55:09 GMT
Via
1.1 d6fa2e1de8f392301c10fd5bb7b263c3.cloudfront.net (CloudFront)
Last-Modified
Mon, 18 Feb 2019 16:54:28 GMT
Server
Apache
Age
51472
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25704
X-Amz-Cf-Id
OHnGBcfFSjQxm-NV9FhWxuIOpQdDjAKolaaQV4OPyiDp57c0FfLRRQ==
config.js
ww1097.smartadserver.com/ 		0
0
sync
gum.criteo.com/ 		49 B
305 B 		Script
General
Check archive.org
Download Go to
Full URL
http://gum.criteo.com/sync?c=147&r=2&j=criteoCallback
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol
HTTP/1.1
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Referer
http://urlz.fr/8Z6B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 25 Feb 2019 07:12:57 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=3600
Content-Length
49
Expires
60
libJsLP.js
tag.leadplace.fr/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://tag.leadplace.fr/libJsLP.js
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol
HTTP/1.1
Server
147.135.143.44 Waltham, United States, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash

Request headers

Referer
http://urlz.fr/8Z6B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 25 Feb 2019 07:12:58 GMT
Last-Modified
Wed, 28 Nov 2018 09:16:40 GMT
Server
nginx/1.14.2
ETag
"5bfe5cf8-a72"
X-IPLB-Instance
13162
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
2674
1.gif
id5-sync.com/c/12/0/9/
Redirect Chain
  • http://id5-sync.com/i/12/9.gif
  • http://id5-sync.com/c/12/0/9/1.gif
0
0
quant.js
edge.quantserve.com/ 		0
0
prebid.js
ads.themoneytizer.com/moneybid1_39/build/dist/ 		271 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/moneybid1_39/build/dist/prebid.js
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN12989 (HWNG, NL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
http://urlz.fr/8Z6B
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 25 Feb 2019 07:12:58 GMT
content-encoding
gzip
last-modified
Fri, 22 Feb 2019 20:23:17 GMT
server
nginx
etag
"1b9b6-43a55-582815c7e4cb1"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
status
200
cache-control
max-age=86400
accept-ranges
bytes
content-length
87434
expires
Tue, 26 Feb 2019 07:12:50 GMT
sdk.js
player.pepsia.com/ 		0
0
orix
u337081g4k.ha002.t.justns.ru/ Frame 6768 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://u337081g4k.ha002.t.justns.ru/orix
Requested by
Host: s.id
URL: https://s.id/3tkzF
Protocol
HTTP/1.1
Server
2a00:b700::6:b , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash

Request headers

Host
u337081g4k.ha002.t.justns.ru
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://urlz.fr/8Z6B
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://urlz.fr/8Z6B

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Pragma
no-cache
Content-Type
text/html
Content-Length
618
Date
Mon, 25 Feb 2019 07:12:58 GMT
Server
LiteSpeed
Vary
User-Agent
Connection
Keep-Alive
image.php
www.noowho.com/ 		0
0
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.0.0/ 		0
0
fire.js
s.cpx.to/ 		0
0
Primary Request orix
u337081g4k.ha002.t.justns.ru/ 		618 B
878 B 		Document
General
Check archive.org
Download Go to
Full URL
http://u337081g4k.ha002.t.justns.ru/orix
Requested by
Host: s.id
URL: https://s.id/3tkzF
Protocol
HTTP/1.1
Server
2a00:b700::6:b , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
7da7df6b2ae25a2b32a494dacea2c51b02b173dcb020c79f4df47a92fb497274

Request headers

Host
u337081g4k.ha002.t.justns.ru
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://urlz.fr/8Z6B
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://urlz.fr/8Z6B

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Pragma
no-cache
Content-Type
text/html
Content-Length
618
Date
Mon, 25 Feb 2019 07:12:58 GMT
Server
LiteSpeed
Vary
User-Agent
Connection
Keep-Alive
wckr.php
tag.leadplace.fr/ Frame C4CD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://tag.leadplace.fr/wckr.php?nogdpr&id=MTIZ
Requested by
Host: tag.leadplace.fr
URL: http://tag.leadplace.fr/libJsLP.js
Protocol
HTTP/1.1
Server
147.135.143.44 Waltham, United States, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash

Request headers

Host
tag.leadplace.fr
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://urlz.fr/8Z6B
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://urlz.fr/8Z6B

Response headers

Server
nginx/1.14.2
Date
Mon, 25 Feb 2019 07:12:58 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
X-IPLB-Instance
13162

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
analytics.s.id
URL
https://analytics.s.id/piwik.js
Domain
g.tmyzer.com
URL
http://g.tmyzer.com/g/
Domain
tag.contextweb.com
URL
http://tag.contextweb.com/getjs.static.js
Domain
ww1097.smartadserver.com
URL
http://ww1097.smartadserver.com/config.js?nwid=1097
Domain
id5-sync.com
URL
http://id5-sync.com/c/12/0/9/1.gif
Domain
edge.quantserve.com
URL
http://edge.quantserve.com/quant.js
Domain
player.pepsia.com
URL
http://player.pepsia.com/sdk.js?d=169237fe743
Domain
www.noowho.com
URL
https://www.noowho.com/image.php?site=23690713&ref=http://berrnardbr.temp.swtest.ru/
Domain
ajax.googleapis.com
URL
http://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Domain
s.cpx.to
URL
https://s.cpx.to/fire.js?pid=11528&ref=http%3A%2F%2Fberrnardbr.temp.swtest.ru%2F&hn_ver=10&fid=81169b51-2e7c-413d-ba11-10406263c3d3

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.themoneytizer.com
ajax.cloudflare.com
ajax.googleapis.com
analytics.s.id
berrnardbr.temp.swtest.ru
d2zur9cc2gf1tx.cloudfront.net
edge.quantserve.com
g.tmyzer.com
gum.criteo.com
id5-sync.com
p.cpx.to
player.pepsia.com
s.cpx.to
s.id
tag.contextweb.com
tag.leadplace.fr
u337081g4k.ha002.t.justns.ru
urlz.fr
ww1097.smartadserver.com
www.noowho.com
ajax.googleapis.com
analytics.s.id
edge.quantserve.com
g.tmyzer.com
id5-sync.com
player.pepsia.com
s.cpx.to
tag.contextweb.com
ww1097.smartadserver.com
www.noowho.com
147.135.143.44
151.139.241.23
203.119.112.228
2606:4700:31::681f:ab2
2606:4700:31::681f:bb2
2606:4700::6813:c697
2a00:b700::6:b
2a02:2638::1c
52.85.182.63
54.230.202.133
77.222.62.67
0f9e64df9d20c5acb5557da34dd636a07d9a9dfd0d67e0910caedb1d8162e13d
3349f7ebfafd1cf105f9f4a41a1be792db6dfc5d754de2fbce192a2185486b73
7665c874bc98e44bd494def2883069f2f4c14cdef48d52d517cbbfce75440f37
7da7df6b2ae25a2b32a494dacea2c51b02b173dcb020c79f4df47a92fb497274
8f435bfc1cac9de93a539a250d2d5fc423e4b6b2791d91de331113bad0e98e20
94666aec361fee9a9294bb32a5bc11867e479d41c199dd6ec8053122ae105a4b
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213
c76c275083ee4bb35915fc4df47b34427a206dad22dfb0f17822fce763588bfe
dd76fdd2142192064e0af855f1b21bdad5ed9e807f053e813827e601404a83cb
dda4ac0483c5574c67cd2326f761dd1f44fa9d56fc83cb63ed23a6134364055e