a0293561.xsph.ru Open in urlscan Pro
141.8.194.42 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://misskouass.temp.swtest.ru/
Effective URL:
http://a0293561.xsph.ru/brd/
Submission: On April 11 via manual (April 11th 2019, 9:14:18 am UTC) from FR

Summary HTTP 38 Redirects Behaviour Indicators

Summary

This website contacted 17 IPs in 7 countries across 23 domains to perform 38 HTTP transactions. The main IP is 141.8.194.42, located in Moscow, Russian Federation and belongs to SPRINTHOST, RU. The main domain is a0293561.xsph.ru.

This is the only time a0293561.xsph.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	77.222.62.180 77.222.62.180	44112 (SWEB-AS) (SWEB-AS)
1 1	2606:4700:31:... 2606:4700:31::681f:ab2	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2606:4700:31:... 2606:4700:31::681f:bb2	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2606:4700::68... 2606:4700::6813:c397	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
6	141.8.194.42 141.8.194.42	35278 (SPRINTHOST) (SPRINTHOST)
5	151.139.241.23 151.139.241.23	12989 (HWNG) (HWNG)
1	145.239.193.145 145.239.193.145	16276 (OVH) (OVH)
1	74.214.194.132 74.214.194.132	59940 (PULSEPOIN...) (PULSEPOINT-EU)
1	143.204.101.97 143.204.101.97	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	143.204.98.73 143.204.98.73	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 1	185.86.137.42 185.86.137.42	201081 (SMARTADSE...) (SMARTADSERVER)
1	2a02:26f0:6c0... 2a02:26f0:6c00:185::c01	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	147.135.143.43 147.135.143.43	16276 (OVH) (OVH)
1	91.228.74.227 91.228.74.227	27281 (QUANTCAST) (QUANTCAST - Quantcast Corporation)
1	54.76.210.198 54.76.210.198	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	5.179.192.20 5.179.192.20	34235 (ASPSERVEU...) (ASPSERVEUR-AS)
1	2a00:1450:400... 2a00:1450:4001:81a::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
38	17

1 77.222.62.180 (Russian Federation)

ASN44112 (SWEB-AS, RU)
PTR: vh273.sweb.ru

misskouass.temp.swtest.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:31::681f:ab2 (United States) 1 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

urlz.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:31::681f:bb2 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

urlz.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:c397 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 141.8.194.42 (Moscow, Russian Federation)

ASN35278 (SPRINTHOST, RU)
PTR: nidavellir.from.sh

a0293561.xsph.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.139.241.23 (Dallas, United States)

ASN12989 (HWNG, NL)

ads.themoneytizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 145.239.193.145 (United Kingdom)

ASN16276 (OVH, FR)

g.tmyzer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.214.194.132 (Amsterdam, Netherlands)

ASN59940 (PULSEPOINT-EU, NL)

tag.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.101.97 (Wilmington, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-101-97.fra50.r.cloudfront.net

p.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.73 (Wilmington, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-98-73.fra50.r.cloudfront.net

d2zur9cc2gf1tx.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.137.42 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

ww1097.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:185::c01 (European Union)

ASN20940 (AKAMAI-ASN1, US)

ced-ns.sascdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 147.135.143.43 (Waltham, United States)

ASN16276 (OVH, FR)

tag.leadplace.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.228.74.227 (United Kingdom)

ASN27281 (QUANTCAST - Quantcast Corporation, US)

edge.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.76.210.198 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-76-210-198.eu-west-1.compute.amazonaws.com

tmzr.pubstack.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.179.192.20 (France)

ASN34235 (ASPSERVEUR-AS, FR)
PTR: 5-179-192-20.dynamixhost.net

player.pepsia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	xsph.ru a0293561.xsph.ru	765 KB
5	themoneytizer.com ads.themoneytizer.com	131 KB
2	leadplace.fr tag.leadplace.fr	3 KB
2	urlz.fr 1 redirects urlz.fr	2 KB
1	googleapis.com ajax.googleapis.com	30 KB
1	pepsia.com player.pepsia.com	37 KB
1	pubstack.io tmzr.pubstack.io cdn-prod.pubstack.io Failed	753 B
1	quantserve.com edge.quantserve.com	6 KB
1	criteo.com gum.criteo.com	305 B
1	sascdn.com ced-ns.sascdn.com	8 KB
1	smartadserver.com 1 redirects ww1097.smartadserver.com	522 B
1	cloudfront.net d2zur9cc2gf1tx.cloudfront.net	25 KB
1	cpx.to p.cpx.to s.cpx.to Failed	2 KB
1	contextweb.com tag.contextweb.com	11 KB
1	tmyzer.com g.tmyzer.com	200 B
1	cloudflare.com ajax.cloudflare.com	4 KB
1	swtest.ru misskouass.temp.swtest.ru	337 B
0	adleadevent.com Failed adtrack.adleadevent.com Failed
0	quantcount.com Failed rules.quantcount.com Failed
0	stickyadstv.com Failed ads.stickyadstv.com Failed
0	rubiconproject.com Failed fastlane.rubiconproject.com Failed
0	adnxs.com Failed secure.adnxs.com Failed ib.adnxs.com Failed
0	noowho.com Failed www.noowho.com Failed
38	23

	Domain	Requested by
6	a0293561.xsph.ru	urlz.fr misskouass.temp.swtest.ru a0293561.xsph.ru
5	ads.themoneytizer.com	ajax.cloudflare.com ads.themoneytizer.com
2	tag.leadplace.fr	ads.themoneytizer.com tag.leadplace.fr
2	urlz.fr	1 redirects
1	ajax.googleapis.com	d2zur9cc2gf1tx.cloudfront.net
1	player.pepsia.com	misskouass.temp.swtest.ru player.pepsia.com
1	tmzr.pubstack.io	ads.themoneytizer.com
1	edge.quantserve.com	ads.themoneytizer.com
1	gum.criteo.com	ads.themoneytizer.com
1	ced-ns.sascdn.com
1	ww1097.smartadserver.com	1 redirects
1	d2zur9cc2gf1tx.cloudfront.net	ads.themoneytizer.com
1	p.cpx.to	ads.themoneytizer.com
1	tag.contextweb.com	ads.themoneytizer.com
1	g.tmyzer.com	ads.themoneytizer.com
1	ajax.cloudflare.com	urlz.fr
1	misskouass.temp.swtest.ru
0	cdn-prod.pubstack.io Failed	tmzr.pubstack.io
0	adtrack.adleadevent.com Failed	ajax.googleapis.com
0	rules.quantcount.com Failed	edge.quantserve.com
0	ib.adnxs.com Failed	ads.themoneytizer.com
0	ads.stickyadstv.com Failed	ads.themoneytizer.com
0	fastlane.rubiconproject.com Failed	ads.themoneytizer.com
0	s.cpx.to Failed	p.cpx.to
0	secure.adnxs.com Failed
0	www.noowho.com Failed
38	26

This site contains no links.

Subject Issuer	Validity	Valid
ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-03-02` - `2019-09-08`	6 months	crt.sh
*.themoneytizer.com Sectigo RSA Domain Validation Secure Server CA	`2019-02-15` - `2021-02-14`	2 years	crt.sh
*.pubstack.io Amazon	`2019-01-03` - `2020-02-03`	a year	crt.sh

This page contains 4 frames:

Primary Page: http://a0293561.xsph.ru/brd/
Frame ID: C4899CFF1C349D6718118252FC1C4260
Requests: 35 HTTP requests in this frame

Frame: http://a0293561.xsph.ru/brd/
Frame ID: 4641DA235C9962B99D670DE4CE1394F2
Requests: 1 HTTP requests in this frame

Frame: http://a0293561.xsph.ru/brd/
Frame ID: 22F30FCD2A9736CEC5B38EC9E8C49B65
Requests: 1 HTTP requests in this frame

Frame: http://tag.leadplace.fr/wckr.php?nogdpr&id=MTIZ
Frame ID: BE9F2E6EE6467F69EB9E18B6DC9C009E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://misskouass.temp.swtest.ru/ Page URL
https://urlz.fr/9rT8 HTTP 301
http://urlz.fr/9rT8 Page URL
http://a0293561.xsph.ru/brd/ Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

38
Requests

13 %
HTTPS

33 %
IPv6

23
Domains

26
Subdomains

17
IPs

7
Countries

1025 kB
Transfer

1413 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://misskouass.temp.swtest.ru/ Page URL
https://urlz.fr/9rT8 HTTP 301
http://urlz.fr/9rT8 Page URL
http://a0293561.xsph.ru/brd/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://urlz.fr/9rT8 HTTP 301
http://urlz.fr/9rT8

Request Chain 12

http://ww1097.smartadserver.com/config.js?nwid=1097 HTTP 302
http://ced-ns.sascdn.com/diff/js/smart.js

Request Chain 21

https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent= HTTP 302
https://id5-sync.com/c/12/0/9/1.gif HTTP 302
https://secure.adnxs.com/getuid?https://id5-sync.com/c/12/2/8/2.gif?puid=$UID

38 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
misskouass.temp.swtest.ru/ 64 B
337 B 189ms
66ms Document
text/html 77.222.62.180
SWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://misskouass.temp.swtest.ru/
Protocol: HTTP/1.1
Server: 77.222.62.180 , Russian Federation, ASN44112 (SWEB-AS, RU),
Reverse DNS: vh273.sweb.ru
Software: nginx/1.15.8 /
Resource Hash: d6cd112fff7a28e1b3c2d540718a92e991fecfe4d9e80880d980ba4bf3ab266b

Request headers

Host: misskouass.temp.swtest.ru
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Server: nginx/1.15.8
Date: Thu, 11 Apr 2019 09:14:03 GMT
Content-Type: text/html
Content-Length: 64
Connection: keep-alive
Keep-Alive: timeout=10
Last-Modified: Thu, 11 Apr 2019 03:58:33 GMT
ETag: "18a19b2-40-586393327f86d"
Accept-Ranges: bytes

GET
H/1.1

200
OK

9rT8 Show response
urlz.fr/
Redirect Chain

https://urlz.fr/9rT8
http://urlz.fr/9rT8

3 KB
1 KB

76ms
70ms

Document
text/html

2606:4700:31::681f:bb2
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://urlz.fr/9rT8
Protocol: HTTP/1.1
Server: 2606:4700:31::681f:bb2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae03c5f658c157a6ccfe58b44732f59ed53a407f2a66eef8f430de126785ba26

Request headers

Host: urlz.fr
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://misskouass.temp.swtest.ru/
Accept-Encoding: gzip, deflate
Cookie: __cfduid=dfbb1fc9f7a9019fc80813c903463071c1554974043
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://misskouass.temp.swtest.ru/

Response headers

Date: Thu, 11 Apr 2019 09:14:03 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: cloudflare
CF-RAY: 4c5bd91c8ff0c2d3-FRA
Content-Encoding: gzip

Redirect headers

status: 301
date: Thu, 11 Apr 2019 09:14:03 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=dfbb1fc9f7a9019fc80813c903463071c1554974043; expires=Fri, 10-Apr-20 09:14:03 GMT; path=/; domain=.urlz.fr; HttpOnly
location: http://urlz.fr/9rT8
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 4c5bd91c09899738-FRA

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/a2bd7673/cloudflare-static/ 12 KB
4 KB 8ms
7ms Script
application/javascript 2606:4700::6813:c397
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/a2bd7673/cloudflare-static/rocket-loader.min.js

Requested by

Host: urlz.fr
URL: http://urlz.fr/9rT8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:c397 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

09cb7c36c13be7810320607e581c11cd14b5b53eefe52a528b944a43f5a91cda

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://urlz.fr/9rT8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 11 Apr 2019 09:14:03 GMT
content-encoding: gzip
last-modified: Wed, 10 Apr 2019 14:52:46 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5cae033e-2ef5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=172800, public
strict-transport-security: max-age=15780000; includeSubDomains
cf-ray: 4c5bd91d0e9bc305-FRA
expires: Sat, 13 Apr 2019 09:14:03 GMT

GET
H/1.1 200
OK /
a0293561.xsph.ru/brd/ Frame 4641 0
0 499ms
55ms Document
text/html 141.8.194.42
SPRINTHOST

General

Check archive.org

Show headers Download Go to

Full URL: http://a0293561.xsph.ru/brd/
Requested by: Host: urlz.fr
URL: http://urlz.fr/9rT8
Protocol: HTTP/1.1
Server: 141.8.194.42 Moscow, Russian Federation, ASN35278 (SPRINTHOST, RU),
Reverse DNS: nidavellir.from.sh
Software: openresty /
Resource Hash

Request headers

Host: a0293561.xsph.ru
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://urlz.fr/9rT8
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://urlz.fr/9rT8

Response headers

Server: openresty
Date: Thu, 11 Apr 2019 09:14:04 GMT
Content-Type: text/html
Content-Length: 769
Connection: keep-alive
Last-Modified: Wed, 10 Apr 2019 22:30:13 GMT
ETag: "301-586349cf51b72"
Accept-Ranges: bytes

GET
H/1.1 200
OK requestform.js Show response
ads.themoneytizer.com/s/ 46 KB
10 KB 28ms
8ms Script
text/html 151.139.241.23
HWNG

General

Check archive.org

Show headers Download Go to

Full URL: http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/a2bd7673/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Server: 151.139.241.23 Dallas, United States, ASN12989 (HWNG, NL),
Reverse DNS
Software: NetDNA-cache/2.2 / PHP/5.4.45
Resource Hash: 4e6cd97e46ca7baa5d1b80c2de3e2009e9cd33e06f0fb070195f48971d983a1b

Request headers

Referer: http://urlz.fr/9rT8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 11 Apr 2019 09:14:03 GMT
Content-Encoding: gzip
Server: NetDNA-cache/2.2
X-Powered-By: PHP/5.4.45
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/html; charset=UTF-8
Cache-control: max-age=86400
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes
Expires: Fri, 12 Apr 2019 09:14:03 GMT

GET
H/1.1 200
OK gen.js Show response
ads.themoneytizer.com/s/ 8 KB
3 KB 26ms
6ms Script
text/html 151.139.241.23
HWNG

General

Check archive.org

Show headers Download Go to

Full URL: http://ads.themoneytizer.com/s/gen.js?type=28
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/a2bd7673/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Server: 151.139.241.23 Dallas, United States, ASN12989 (HWNG, NL),
Reverse DNS
Software: NetDNA-cache/2.2 / PHP/5.4.45
Resource Hash: 74ae5dc766f53462002c71356190b3b1c68b664cc15ce8c4a9a2b4be6d321850

Request headers

Referer: http://urlz.fr/9rT8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 11 Apr 2019 09:13:37 GMT
Content-Encoding: gzip
Server: NetDNA-cache/2.2
X-Powered-By: PHP/5.4.45
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/html; charset=UTF-8
Cache-control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2774
Expires: Fri, 12 Apr 2019 09:13:37 GMT

GET
H/1.1 200
OK /
g.tmyzer.com/g/ 26 B
200 B 102ms
68ms Script
text/html 145.239.193.145
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://g.tmyzer.com/g/
Requested by: Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol: HTTP/1.1
Server: 145.239.193.145 , United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: http://urlz.fr/9rT8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 11 Apr 2019 09:14:04 GMT
Server: nginx
X-IPLB-Instance: 15015
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 moneyvisibility.js Show response
ads.themoneytizer.com/ 12 KB
4 KB 38ms
6ms Script
text/javascript 151.139.241.23
HWNG

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneyvisibility.js
Requested by: Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN12989 (HWNG, NL),
Reverse DNS
Software: nginx /
Resource Hash: 7665c874bc98e44bd494def2883069f2f4c14cdef48d52d517cbbfce75440f37

Request headers

Referer: http://urlz.fr/9rT8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 11 Apr 2019 09:14:04 GMT
content-encoding: gzip
last-modified: Wed, 27 Feb 2019 16:57:07 GMT
server: nginx
etag: "779a-308e-582e3105a6be4"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 3931
expires: Fri, 12 Apr 2019 09:13:08 GMT

GET
H2 200 moneybile.js Show response
ads.themoneytizer.com/ 37 KB
16 KB 55ms
23ms Script
text/javascript 151.139.241.23
HWNG

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneybile.js
Requested by: Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN12989 (HWNG, NL),
Reverse DNS
Software: nginx /
Resource Hash: 94666aec361fee9a9294bb32a5bc11867e479d41c199dd6ec8053122ae105a4b

Request headers

Referer: http://urlz.fr/9rT8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 11 Apr 2019 09:14:04 GMT
content-encoding: gzip
last-modified: Wed, 27 Feb 2019 16:57:00 GMT
server: nginx
etag: "7ff1-9390-582e30fefbc74"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 15733
expires: Fri, 12 Apr 2019 09:13:06 GMT

GET
H/1.1 200
OK getjs.static.js Show response
tag.contextweb.com/ 32 KB
11 KB 72ms
28ms Script
application/x-javascript 74.214.194.132
PULSEPOINT-EU

General

Check archive.org

Show headers Download Go to

Full URL: http://tag.contextweb.com/getjs.static.js
Requested by: Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol: HTTP/1.1
Server: 74.214.194.132 Amsterdam, Netherlands, ASN59940 (PULSEPOINT-EU, NL),
Reverse DNS
Software: envoy /
Resource Hash: bf0e17523e8f57ccb02223b6e5adea462a5479afc4e79d9cbf80ca7f6186dc69

Request headers

Referer: http://urlz.fr/9rT8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 11 Apr 2019 09:14:04 GMT
content-encoding: gzip
server: envoy
etag: d13c8ae45565efb782b52cb7f6a3b3828e3d77a7
p3p: policyref="/TagPublish/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: max-age=432000, public
x-envoy-upstream-service-time: 2
content-type: application/x-javascript
content-length: 11296

GET
H/1.1 200
OK px.js Show response
p.cpx.to/p/11528/ 1 KB
2 KB 47ms
11ms Script
application/javascript 143.204.101.97
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://p.cpx.to/p/11528/px.js?r=1d5aa
Requested by: Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol: HTTP/1.1
Server: 143.204.101.97 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-101-97.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 759d88dd7c8fa0d1e31323bd2ebf3f238156fdcbd1ed108215f69fece482d0c2

Request headers

Referer: http://urlz.fr/9rT8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 23 Feb 2019 08:12:18 GMT
Content-Encoding: UTF-8
Last-Modified: Wed, 10 Oct 2018 10:49:46 GMT
Server: AmazonS3
Age: 1637383
ETag: "f30057c89bf67afeaf18ceba624fa4b7"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront)
Cache-Control: max-age=2419200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1498
X-Amz-Cf-Id: NS03sBV0Foxplf1sTTohBuNB9QG7mhWf-7K8Nx6zgTCEyoyjPwav-g==

GET
H/1.1 200
OK notifyme.js Show response
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/ 25 KB
25 KB 39ms
8ms Script
text/javascript 143.204.98.73
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Requested by: Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol: HTTP/1.1
Server: 143.204.98.73 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-98-73.fra50.r.cloudfront.net
Software: Apache /
Resource Hash: b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213

Request headers

Referer: http://urlz.fr/9rT8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 11 Apr 2019 03:33:48 GMT
Via: 1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
Last-Modified: Mon, 18 Feb 2019 16:54:28 GMT
Server: Apache
Age: 58672
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 25704
X-Amz-Cf-Id: gATT5JrNlzJiG_lne9VeSGFmjPwoZBsI1BxaMqnquqLbyEzxRRLqJw==

GET
H/1.1

200
OK

smart.js
ced-ns.sascdn.com/diff/js/
Redirect Chain

http://ww1097.smartadserver.com/config.js?nwid=1097
http://ced-ns.sascdn.com/diff/js/smart.js

24 KB
8 KB

63ms
12ms

Script
application/x-javascript

2a02:26f0:6c00:185::c01
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://ced-ns.sascdn.com/diff/js/smart.js
Protocol: HTTP/1.1
Server: 2a02:26f0:6c00:185::c01 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Referer: http://urlz.fr/9rT8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 11 Apr 2019 09:14:04 GMT
Content-Encoding: gzip
Last-Modified: Tue, 09 Apr 2019 08:47:45 GMT
Server: Apache
ETag: "4df6e3c29f778c224c173191cc303dea:1554799665"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7887

Redirect headers

Location: http://ced-ns.sascdn.com/diff/js/smart.js
Date: Thu, 11 Apr 2019 09:14:04 GMT
Cache-Control: public, no-cache="Set-Cookie", max-age=3600
Content-Type: text/html; charset=utf-8
ETag: "7E21FF1EC57DCCB57F70A642CDCCB89B"
Content-Length: 158
Expires: Thu, 11 Apr 2019 10:14:04 GMT

GET
H/1.1 200
OK sync Show response
gum.criteo.com/ 49 B
305 B 38ms
13ms Script
text/javascript 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: http://gum.criteo.com/sync?c=147&r=2&j=criteoCallback
Requested by: Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol: HTTP/1.1
Server: 2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0

Request headers

Referer: http://urlz.fr/9rT8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 11 Apr 2019 09:14:04 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=3600
Content-Length: 49
Expires: 60

GET
H/1.1 200
OK libJsLP.js Show response
tag.leadplace.fr/ 3 KB
3 KB 72ms
25ms Script
application/javascript 147.135.143.43
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://tag.leadplace.fr/libJsLP.js
Requested by: Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol: HTTP/1.1
Server: 147.135.143.43 Waltham, United States, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 90e6f92e956b0b2b6e655f63d36cd44cef727f54c2b2a175ab5144de14ba2a31

Request headers

Referer: http://urlz.fr/9rT8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 11 Apr 2019 09:14:04 GMT
Last-Modified: Wed, 28 Nov 2018 09:16:40 GMT
Server: nginx/1.14.2
ETag: "5bfe5cf8-a72"
X-IPLB-Instance: 13163
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 2674

GET
H/1.1 200
OK quant.js
edge.quantserve.com/ 12 KB
6 KB 145ms
11ms Script
application/x-javascript 91.228.74.227
Quantcast Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: http://edge.quantserve.com/quant.js
Requested by: Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol: HTTP/1.1
Server: 91.228.74.227 , United Kingdom, ASN27281 (QUANTCAST - Quantcast Corporation, US),
Reverse DNS
Software: QS /
Resource Hash

Request headers

Referer: http://urlz.fr/9rT8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 11 Apr 2019 09:14:04 GMT
Content-Encoding: gzip
Last-Modified: Thu, 11-Apr-2019 09:14:04 GMT
Server: QS
ETag: M0-e2b9884a
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=604800
Connection: keep-alive
Content-Length: 5456
Expires: Thu, 18 Apr 2019 09:14:04 GMT

GET
H2 200 d086759d-86af-4b34-852b-bb5d4c87aa38
tmzr.pubstack.io/v1/tag/ 1 KB
753 B 123ms
37ms Script
application/javascript 54.76.210.198
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://tmzr.pubstack.io/v1/tag/d086759d-86af-4b34-852b-bb5d4c87aa38
Requested by: Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.210.198 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-76-210-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: http://urlz.fr/9rT8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
date: Thu, 11 Apr 2019 09:14:04 GMT
cache-control: max-age=120
content-encoding: gzip
content-length: 641
content-type: application/javascript

GET
H2 200 prebid.js Show response
ads.themoneytizer.com/moneybid2_8/build/dist/ 313 KB
98 KB 33ms
32ms Script
text/javascript 151.139.241.23
HWNG

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneybid2_8/build/dist/prebid.js
Requested by: Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN12989 (HWNG, NL),
Reverse DNS
Software: nginx /
Resource Hash: 4517b29502604622a04fd46aebbc18d0f6af69446b5042fcc6ed8ff629fba50a

Request headers

Referer: http://urlz.fr/9rT8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 11 Apr 2019 09:14:04 GMT
content-encoding: gzip
last-modified: Wed, 10 Apr 2019 21:38:20 GMT
server: nginx
etag: "2f805-4e337-58633e3670dd1"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 100448
expires: Fri, 12 Apr 2019 09:13:07 GMT

GET
H/1.1 200
OK sdk.js
player.pepsia.com/ 37 KB
37 KB 86ms
31ms Script
application/javascript 5.179.192.20
ASPSERVEUR-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://player.pepsia.com/sdk.js?d=16a0bacf1cf
Requested by: Host: misskouass.temp.swtest.ru
URL: http://misskouass.temp.swtest.ru/
Protocol: HTTP/1.1
Server: 5.179.192.20 , France, ASN34235 (ASPSERVEUR-AS, FR),
Reverse DNS: 5-179-192-20.dynamixhost.net
Software: nginx /
Resource Hash

Request headers

Referer: http://urlz.fr/9rT8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 11 Apr 2019 09:14:04 GMT
Last-Modified: Thu, 04 Apr 2019 15:48:04 GMT
Server: nginx
Accept-Ranges: bytes
ETag: "5ca62734-9291"
Content-Length: 37521
Content-Type: application/javascript

GET
H/1.1 200
OK /
a0293561.xsph.ru/brd/ Frame 22F3 0
0 61ms
61ms Document
text/html 141.8.194.42
SPRINTHOST

General

Check archive.org

Show headers Download Go to

Full URL: http://a0293561.xsph.ru/brd/
Requested by: Host: misskouass.temp.swtest.ru
URL: http://misskouass.temp.swtest.ru/
Protocol: HTTP/1.1
Server: 141.8.194.42 Moscow, Russian Federation, ASN35278 (SPRINTHOST, RU),
Reverse DNS: nidavellir.from.sh
Software: openresty /
Resource Hash

Request headers

Host: a0293561.xsph.ru
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://urlz.fr/9rT8
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://urlz.fr/9rT8

Response headers

Server: openresty
Date: Thu, 11 Apr 2019 09:14:04 GMT
Content-Type: text/html
Content-Length: 769
Connection: keep-alive
Last-Modified: Wed, 10 Apr 2019 22:30:13 GMT
ETag: "301-586349cf51b72"
Accept-Ranges: bytes

GET image.php
www.noowho.com/ 0
0

GET

getuid
secure.adnxs.com/
Redirect Chain

https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent=
https://id5-sync.com/c/12/0/9/1.gif
https://secure.adnxs.com/getuid?https://id5-sync.com/c/12/2/8/2.gif?puid=$UID

0
0

GET fire.js
s.cpx.to/ 0
0

GET
H/1.1 200
OK jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.0.0/ 84 KB
30 KB 17ms
11ms Script
text/javascript 2a00:1450:4001:81a::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js

Requested by

Host: d2zur9cc2gf1tx.cloudfront.net
URL: http://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:81a::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://urlz.fr/9rT8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 08 Mar 2019 21:44:39 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 20 Dec 2016 18:17:03 GMT
Server: sffe
Age: 2892565
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 30186
X-XSS-Protection: 1; mode=block
Expires: Sat, 07 Mar 2020 21:44:39 GMT

GET
H/1.1 200
OK wckr.php
tag.leadplace.fr/ Frame BE9F 0
0 22ms
20ms Document
text/html 147.135.143.43
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://tag.leadplace.fr/wckr.php?nogdpr&id=MTIZ
Requested by: Host: tag.leadplace.fr
URL: http://tag.leadplace.fr/libJsLP.js
Protocol: HTTP/1.1
Server: 147.135.143.43 Waltham, United States, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash

Request headers

Host: tag.leadplace.fr
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://urlz.fr/9rT8
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://urlz.fr/9rT8

Response headers

Server: nginx/1.14.2
Date: Thu, 11 Apr 2019 09:14:04 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
X-IPLB-Instance: 13163

GET fastlane.json
fastlane.rubiconproject.com/a/api/ 0
0

GET swfIndex.php
ads.stickyadstv.com/www/delivery/ 0
0

POST prebid
ib.adnxs.com/ut/v3/ 0
0

GET
H/1.1 200
OK Primary Request / Show response
a0293561.xsph.ru/brd/ 769 B
1009 B 49ms
45ms Document
text/html 141.8.194.42
SPRINTHOST

General

Check archive.org

Show headers Download Go to

Full URL: http://a0293561.xsph.ru/brd/
Requested by: Host: misskouass.temp.swtest.ru
URL: http://misskouass.temp.swtest.ru/
Protocol: HTTP/1.1
Server: 141.8.194.42 Moscow, Russian Federation, ASN35278 (SPRINTHOST, RU),
Reverse DNS: nidavellir.from.sh
Software: openresty /
Resource Hash: 411bd7adfe9c4ecb7b08f5bd7cfbc972dcfe9f442fac43edc52e7f7f58228e3e

Request headers

Host: a0293561.xsph.ru
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://urlz.fr/9rT8
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://urlz.fr/9rT8

Response headers

Server: openresty
Date: Thu, 11 Apr 2019 09:14:04 GMT
Content-Type: text/html
Content-Length: 769
Connection: keep-alive
Last-Modified: Wed, 10 Apr 2019 22:30:13 GMT
ETag: "301-586349cf51b72"
Accept-Ranges: bytes

GET rules-p-6Fv0cGNfc_bw8.js
rules.quantcount.com/ 0
0

GET notifyme.php
adtrack.adleadevent.com/ 0
0

GET monitoring.js
cdn-prod.pubstack.io/ 0
0

GET /
player.pepsia.com/V2/ 0
0

GET algo.php
player.pepsia.com/V2/ 0
0

GET
H/1.1 200
OK styles.css
a0293561.xsph.ru/brd/ 996 B
1 KB 44ms
43ms Stylesheet
text/css 141.8.194.42
SPRINTHOST

General

Check archive.org

Show headers Download Go to

Full URL: http://a0293561.xsph.ru/brd/styles.css
Requested by: Host: a0293561.xsph.ru
URL: http://a0293561.xsph.ru/brd/
Protocol: HTTP/1.1
Server: 141.8.194.42 Moscow, Russian Federation, ASN35278 (SPRINTHOST, RU),
Reverse DNS: nidavellir.from.sh
Software: openresty /
Resource Hash: df35c9015fdc9285e144477752e13bc2decba010092492b3f20bbedb69c470e0

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: a0293561.xsph.ru
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://a0293561.xsph.ru/brd/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://a0293561.xsph.ru/brd/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 11 Apr 2019 09:14:04 GMT
Last-Modified: Wed, 10 Apr 2019 22:30:14 GMT
Server: openresty
ETag: "5cae6e76-3e4"
Content-Type: text/css
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 996
Expires: Thu, 18 Apr 2019 09:14:04 GMT

GET
H/1.1 200
OK Calque0.png
a0293561.xsph.ru/brd/images/ 749 KB
749 KB 93ms
49ms Image
image/png 141.8.194.42
SPRINTHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://a0293561.xsph.ru/brd/images/Calque0.png
Requested by: Host: a0293561.xsph.ru
URL: http://a0293561.xsph.ru/brd/
Protocol: HTTP/1.1
Server: 141.8.194.42 Moscow, Russian Federation, ASN35278 (SPRINTHOST, RU),
Reverse DNS: nidavellir.from.sh
Software: openresty /
Resource Hash: 1b58f7de159946bf24f6d575acf2aafd460dd46e7bbbe74f1622c77b6fbe002c

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: a0293561.xsph.ru
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://a0293561.xsph.ru/brd/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://a0293561.xsph.ru/brd/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 11 Apr 2019 09:14:04 GMT
Last-Modified: Wed, 10 Apr 2019 22:29:49 GMT
Server: openresty
ETag: "5cae6e5d-bb254"
Content-Type: image/png
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 766548
Expires: Thu, 18 Apr 2019 09:14:04 GMT

GET
H/1.1 200
OK valider.png
a0293561.xsph.ru/brd/images/ 13 KB
14 KB 137ms
45ms Image
image/png 141.8.194.42
SPRINTHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://a0293561.xsph.ru/brd/images/valider.png
Requested by: Host: a0293561.xsph.ru
URL: http://a0293561.xsph.ru/brd/
Protocol: HTTP/1.1
Server: 141.8.194.42 Moscow, Russian Federation, ASN35278 (SPRINTHOST, RU),
Reverse DNS: nidavellir.from.sh
Software: openresty /
Resource Hash: 516b43bac23ec7ba18b6d1c4f6235c8cfa4140afc9b1c6e2e318ab0ed6b8cd6d

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: a0293561.xsph.ru
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://a0293561.xsph.ru/brd/styles.css
Connection: keep-alive
Cache-Control: no-cache
Referer: http://a0293561.xsph.ru/brd/styles.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 11 Apr 2019 09:14:04 GMT
Last-Modified: Wed, 10 Apr 2019 22:29:56 GMT
Server: openresty
ETag: "5cae6e64-35de"
Content-Type: image/png
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13790
Expires: Thu, 18 Apr 2019 09:14:04 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.noowho.com
URL: https://www.noowho.com/image.php?site=23690713&ref=http://misskouass.temp.swtest.ru/

Domain: secure.adnxs.com
URL: https://secure.adnxs.com/getuid?https://id5-sync.com/c/12/2/8/2.gif?puid=$UID

Domain: s.cpx.to
URL: https://s.cpx.to/fire.js?pid=11528&ref=http%3A%2F%2Fmisskouass.temp.swtest.ru%2F&hn_ver=10&fid=99f357dd-2f16-406f-bd1d-feb500fc1e85

Domain: fastlane.rubiconproject.com
URL: http://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11740&site_id=39544&zone_id=1078226&size_id=2&p_pos=atf&rf=https%3A%2F%2Furlz.fr&kw=15056&tg_i.siteid=15056&tk_flint=pbjs_lite_v2.8.0&x_source.tid=f5ea2e72-3aba-4760-b9b2-fd3b818bd705&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=0&slots=1&rand=0.03521399381327073

Domain: fastlane.rubiconproject.com
URL: http://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11740&site_id=39544&zone_id=1078310&size_id=2&p_pos=atf&rf=https%3A%2F%2Furlz.fr&kw=15056&tg_i.siteid=15056&tk_flint=pbjs_lite_v2.8.0&x_source.tid=b115a293-b0c2-4cdf-81b0-c75b2a79e6a8&p_screen_res=1600x1200&rp_floor=0.37&rp_secure=0&slots=1&rand=0.743439219611377

Domain: ads.stickyadstv.com
URL: http://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=5224337&componentId=mustang&timestamp=1554974044750&pKey=1569858429&_fw_gdpr_consent=undefined&loc=http%3A%2F%2Furlz.fr%2F9rT8&playerSize=640x480&

Domain: ib.adnxs.com
URL: http://ib.adnxs.com/ut/v3/prebid

Domain: rules.quantcount.com
URL: http://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js

Domain: adtrack.adleadevent.com
URL: https://adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7

Domain: cdn-prod.pubstack.io
URL: https://cdn-prod.pubstack.io/monitoring.js

Domain: player.pepsia.com
URL: http://player.pepsia.com/V2/?token=00I4&autoplay=1&logo=true&volume=1&api=1&id=0&origin=http://urlz.fr&d=16a0bacf290

Domain: player.pepsia.com
URL: http://player.pepsia.com/V2/algo.php?token=00I4&num=9&origin=http://urlz.fr&d=16a0bacf291

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: http://ads.themoneytizer.com/s/gen.js?type=28(Line 144) Message: [ID5] Exception received while calling TCF CMP
console-api	log	URL: http://ads.themoneytizer.com/s/gen.js?type=28(Line 144) Message: [ID5] Firing ID5 pixel at url:

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a0293561.xsph.ru
ads.stickyadstv.com
ads.themoneytizer.com
adtrack.adleadevent.com
ajax.cloudflare.com
ajax.googleapis.com
cdn-prod.pubstack.io
ced-ns.sascdn.com
d2zur9cc2gf1tx.cloudfront.net
edge.quantserve.com
fastlane.rubiconproject.com
g.tmyzer.com
gum.criteo.com
ib.adnxs.com
misskouass.temp.swtest.ru
p.cpx.to
player.pepsia.com
rules.quantcount.com
s.cpx.to
secure.adnxs.com
tag.contextweb.com
tag.leadplace.fr
tmzr.pubstack.io
urlz.fr
ww1097.smartadserver.com
www.noowho.com
ads.stickyadstv.com
adtrack.adleadevent.com
cdn-prod.pubstack.io
fastlane.rubiconproject.com
ib.adnxs.com
player.pepsia.com
rules.quantcount.com
s.cpx.to
secure.adnxs.com
www.noowho.com
141.8.194.42
143.204.101.97
143.204.98.73
145.239.193.145
147.135.143.43
151.139.241.23
185.86.137.42
2606:4700:31::681f:ab2
2606:4700:31::681f:bb2
2606:4700::6813:c397
2a00:1450:4001:81a::200a
2a02:2638:1::13
2a02:26f0:6c00:185::c01
5.179.192.20
54.76.210.198
74.214.194.132
77.222.62.180
91.228.74.227
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
09cb7c36c13be7810320607e581c11cd14b5b53eefe52a528b944a43f5a91cda
1b58f7de159946bf24f6d575acf2aafd460dd46e7bbbe74f1622c77b6fbe002c
411bd7adfe9c4ecb7b08f5bd7cfbc972dcfe9f442fac43edc52e7f7f58228e3e
4517b29502604622a04fd46aebbc18d0f6af69446b5042fcc6ed8ff629fba50a
4e6cd97e46ca7baa5d1b80c2de3e2009e9cd33e06f0fb070195f48971d983a1b
516b43bac23ec7ba18b6d1c4f6235c8cfa4140afc9b1c6e2e318ab0ed6b8cd6d
74ae5dc766f53462002c71356190b3b1c68b664cc15ce8c4a9a2b4be6d321850
759d88dd7c8fa0d1e31323bd2ebf3f238156fdcbd1ed108215f69fece482d0c2
7665c874bc98e44bd494def2883069f2f4c14cdef48d52d517cbbfce75440f37
90e6f92e956b0b2b6e655f63d36cd44cef727f54c2b2a175ab5144de14ba2a31
94666aec361fee9a9294bb32a5bc11867e479d41c199dd6ec8053122ae105a4b
ae03c5f658c157a6ccfe58b44732f59ed53a407f2a66eef8f430de126785ba26
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213
bf0e17523e8f57ccb02223b6e5adea462a5479afc4e79d9cbf80ca7f6186dc69
d6cd112fff7a28e1b3c2d540718a92e991fecfe4d9e80880d980ba4bf3ab266b
df35c9015fdc9285e144477752e13bc2decba010092492b3f20bbedb69c470e0

a0293561.xsph.ru Open in urlscan Pro 141.8.194.42 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

38 Requests

13 %HTTPS

33 %IPv6

23 Domains

26 Subdomains

17 IPs

7 Countries

1025 kBTransfer

1413 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

38 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

0 Cookies

a0293561.xsph.ru Open in urlscan Pro
141.8.194.42 Public Scan

Screenshot
Live screenshot

Full Image

38
Requests

13 %
HTTPS

33 %
IPv6

23
Domains

26
Subdomains

17
IPs

7
Countries

1025 kB
Transfer

1413 kB
Size

0
Cookies

38 HTTP transactions
0 data transactions