u351381inj.ha002.t.justns.ru Open in urlscan Pro
185.22.155.190 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://s.id/431CH
Effective URL:
http://u351381inj.ha002.t.justns.ru/fr/
Submission: On March 25 via automatic, source openphish (March 25th 2019, 3:32:38 pm UTC)

Summary HTTP 43 Redirects Behaviour Indicators

Summary

This website contacted 19 IPs in 8 countries across 29 domains to perform 43 HTTP transactions. The main IP is 185.22.155.190, located in Russian Federation and belongs to ASBAXET, RU. The main domain is u351381inj.ha002.t.justns.ru.

This is the only time u351381inj.ha002.t.justns.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	203.119.112.228 203.119.112.228	56088 (PANDI-ID ...) (PANDI-ID PANDI - Pengelola Nama Domain Internet Indonesia)
1	77.222.62.180 77.222.62.180	44112 (SWEB-AS) (SWEB-AS)
1 1	2606:4700:31:... 2606:4700:31::681f:ab2	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2606:4700:31:... 2606:4700:31::681f:bb2	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2606:4700::68... 2606:4700::6813:c397	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
3	185.22.155.190 185.22.155.190	51659 (ASBAXET) (ASBAXET)
5	151.139.241.23 151.139.241.23	12989 (HWNG) (HWNG)
1	145.239.193.145 145.239.193.145	16276 (OVH) (OVH)
1	74.214.194.131 74.214.194.131	59940 (PULSEPOIN...) (PULSEPOINT-EU)
1	13.35.253.113 13.35.253.113	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	13.35.254.94 13.35.254.94	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 1	185.86.137.32 185.86.137.32	201081 (SMARTADSE...) (SMARTADSERVER)
1	68.232.35.16 68.232.35.16	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
1	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	147.135.143.43 147.135.143.43	16276 (OVH) (OVH)
1	91.228.74.150 91.228.74.150	27281 (QUANTCAST) (QUANTCAST - Quantcast Corporation)
1	54.72.138.19 54.72.138.19	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	5.179.192.20 5.179.192.20	34235 (ASPSERVEU...) (ASPSERVEUR-AS)
1	52.30.151.17 52.30.151.17	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a00:1450:400... 2a00:1450:4001:818::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
43	19

1 203.119.112.228 (Indonesia)

ASN56088 (PANDI-ID PANDI - Pengelola Nama Domain Internet Indonesia, ID)
PTR: s.id.112.119.203.in-addr.arpa

s.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 77.222.62.180 (Russian Federation)

ASN44112 (SWEB-AS, RU)
PTR: vh273.sweb.ru

kouakoujea.temp.swtest.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:31::681f:ab2 (United States) 1 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

urlz.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:31::681f:bb2 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

urlz.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:c397 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.22.155.190 (Russian Federation)

ASN51659 (ASBAXET, RU)
PTR: ha202.justhost.ru

u351381inj.ha002.t.justns.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.139.241.23 (Dallas, United States)

ASN12989 (HWNG, NL)

ads.themoneytizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 145.239.193.145 (United Kingdom)

ASN16276 (OVH, FR)

g.tmyzer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.214.194.131 (Amsterdam, Netherlands)

ASN59940 (PULSEPOINT-EU, NL)

tag.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.253.113 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-35-253-113.fra6.r.cloudfront.net

p.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.254.94 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-35-254-94.fra6.r.cloudfront.net

d2zur9cc2gf1tx.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.137.32 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

ww1097.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 68.232.35.16 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

ced-ns.sascdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 147.135.143.43 (Waltham, United States)

ASN16276 (OVH, FR)

tag.leadplace.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.228.74.150 (United Kingdom)

ASN27281 (QUANTCAST - Quantcast Corporation, US)

edge.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.72.138.19 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-72-138-19.eu-west-1.compute.amazonaws.com

tmzr.pubstack.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.179.192.20 (France)

ASN34235 (ASPSERVEUR-AS, FR)
PTR: 5-179-192-20.dynamixhost.net

player.pepsia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.30.151.17 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-30-151-17.eu-west-1.compute.amazonaws.com

s.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:818::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	themoneytizer.com ads.themoneytizer.com	141 KB
3	justns.ru u351381inj.ha002.t.justns.ru	878 B
2	leadplace.fr tag.leadplace.fr	3 KB
2	cpx.to p.cpx.to s.cpx.to	3 KB
2	urlz.fr 1 redirects urlz.fr	2 KB
1	googleapis.com ajax.googleapis.com	30 KB
1	pepsia.com player.pepsia.com	37 KB
1	pubstack.io tmzr.pubstack.io cdn-prod.pubstack.io Failed	752 B
1	quantserve.com edge.quantserve.com	6 KB
1	criteo.com gum.criteo.com	305 B
1	sascdn.com ced-ns.sascdn.com	8 KB
1	smartadserver.com 1 redirects ww1097.smartadserver.com	522 B
1	cloudfront.net d2zur9cc2gf1tx.cloudfront.net	25 KB
1	contextweb.com tag.contextweb.com	11 KB
1	tmyzer.com g.tmyzer.com	200 B
1	cloudflare.com ajax.cloudflare.com	4 KB
1	swtest.ru kouakoujea.temp.swtest.ru	336 B
1	s.id s.id analytics.s.id Failed	2 KB
0	adleadevent.com Failed adtrack.adleadevent.com Failed
0	doubleclick.net Failed cm.g.doubleclick.net Failed
0	pubmatic.com Failed image2.pubmatic.com Failed
0	avocet.io Failed ads.avocet.io Failed
0	turn.com Failed d.turn.com Failed
0	quantcount.com Failed rules.quantcount.com Failed
0	rubiconproject.com Failed fastlane.rubiconproject.com Failed
0	360yield.com Failed ad.360yield.com Failed
0	stickyadstv.com Failed ads.stickyadstv.com Failed
0	adnxs.com Failed secure.adnxs.com Failed ib.adnxs.com Failed
0	noowho.com Failed www.noowho.com Failed
43	29

	Domain	Requested by
5	ads.themoneytizer.com	ajax.cloudflare.com ads.themoneytizer.com
3	u351381inj.ha002.t.justns.ru	urlz.fr s.id
2	tag.leadplace.fr	ads.themoneytizer.com tag.leadplace.fr
2	urlz.fr	1 redirects
1	ajax.googleapis.com	d2zur9cc2gf1tx.cloudfront.net
1	s.cpx.to	p.cpx.to
1	player.pepsia.com	s.id player.pepsia.com
1	tmzr.pubstack.io	ads.themoneytizer.com
1	edge.quantserve.com	ads.themoneytizer.com
1	gum.criteo.com	ads.themoneytizer.com
1	ced-ns.sascdn.com
1	ww1097.smartadserver.com	1 redirects
1	d2zur9cc2gf1tx.cloudfront.net	ads.themoneytizer.com
1	p.cpx.to	ads.themoneytizer.com
1	tag.contextweb.com	ads.themoneytizer.com
1	g.tmyzer.com	ads.themoneytizer.com
1	ajax.cloudflare.com	urlz.fr
1	kouakoujea.temp.swtest.ru	s.id
1	s.id
0	adtrack.adleadevent.com Failed	ajax.googleapis.com
0	cm.g.doubleclick.net Failed
0	image2.pubmatic.com Failed
0	ads.avocet.io Failed
0	d.turn.com Failed
0	cdn-prod.pubstack.io Failed	tmzr.pubstack.io
0	rules.quantcount.com Failed
0	fastlane.rubiconproject.com Failed	ads.themoneytizer.com
0	ad.360yield.com Failed	ads.themoneytizer.com
0	ads.stickyadstv.com Failed	ads.themoneytizer.com
0	ib.adnxs.com Failed	ads.themoneytizer.com
0	secure.adnxs.com Failed
0	www.noowho.com Failed
0	analytics.s.id Failed	s.id
43	33

This site contains no links.

Subject Issuer	Validity	Valid
*.s.id COMODO RSA Domain Validation Secure Server CA	`2018-12-03` - `2020-12-02`	2 years	crt.sh
ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-03-02` - `2019-09-08`	6 months	crt.sh
*.themoneytizer.com Sectigo RSA Domain Validation Secure Server CA	`2019-02-15` - `2021-02-14`	2 years	crt.sh
*.pubstack.io Amazon	`2019-01-03` - `2020-02-03`	a year	crt.sh
s.cpx.to COMODO RSA Domain Validation Secure Server CA	`2015-02-10` - `2020-02-09`	5 years	crt.sh

This page contains 4 frames:

Primary Page: http://u351381inj.ha002.t.justns.ru/fr/
Frame ID: 62DA981F529784D897EFF5F45F7CCF03
Requests: 40 HTTP requests in this frame

Frame: http://u351381inj.ha002.t.justns.ru/fr/
Frame ID: 8EA93E886A2FA73939AF01BDA6B22ECC
Requests: 1 HTTP requests in this frame

Frame: http://u351381inj.ha002.t.justns.ru/fr/
Frame ID: 407D7589A57C467CB5773A891A448268
Requests: 1 HTTP requests in this frame

Frame: http://tag.leadplace.fr/wckr.php?nogdpr&id=MTIZ
Frame ID: 8DAC1EF9292A2A420F5D5B213B7DC572
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://s.id/431CH Page URL
http://kouakoujea.temp.swtest.ru/ Page URL
https://urlz.fr/9gVd HTTP 301
http://urlz.fr/9gVd Page URL
http://u351381inj.ha002.t.justns.ru/fr/ Page URL

Detected technologies

Ubuntu (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Ubuntu/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

43
Requests

16 %
HTTPS

25 %
IPv6

29
Domains

33
Subdomains

19
IPs

8
Countries

275 kB
Transfer

615 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://s.id/431CH Page URL
http://kouakoujea.temp.swtest.ru/ Page URL
https://urlz.fr/9gVd HTTP 301
http://urlz.fr/9gVd Page URL
http://u351381inj.ha002.t.justns.ru/fr/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://urlz.fr/9gVd HTTP 301
http://urlz.fr/9gVd

Request Chain 14

http://ww1097.smartadserver.com/config.js?nwid=1097 HTTP 302
http://ced-ns.sascdn.com/diff/js/smart.js

Request Chain 23

https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent= HTTP 302
https://id5-sync.com/c/12/0/9/1.gif HTTP 302
https://secure.adnxs.com/getuid?https://id5-sync.com/c/12/2/8/2.gif?puid=$UID HTTP 302
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fid5-sync.com%2Fc%2F12%2F2%2F8%2F2.gif%3Fpuid%3D%24UID

Request Chain 32

http://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js HTTP 301
https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js

Request Chain 38

https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=6a822c31-ade1-4882-a625-da8b45d9bad6 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm=&dsp=dbm&fid=6a822c31-ade1-4882-a625-da8b45d9bad6&google_tc=

43 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Cookie set 431CH Show response
s.id/ 2 KB
2 KB 674ms
262ms Document
text/html 203.119.112.228
Pengelola Nama Do...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.id/431CH
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.119.112.228 , Indonesia, ASN56088 (PANDI-ID PANDI - Pengelola Nama Domain Internet Indonesia, ID),
Reverse DNS: s.id.112.119.203.in-addr.arpa
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 3f7b683347fcd6555c00ca125efefbdb56753437ec6a93ac6c0fccd27f09ab4e

Request headers

Host: s.id
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Server: nginx/1.10.3 (Ubuntu)
Date: Mon, 25 Mar 2019 15:32:23 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: private, must-revalidate
pragma: no-cache
expires: -1
Set-Cookie: XSRF-TOKEN=eyJpdiI6IklWR3pINnM1cFZmNStnWGdjQVJJbVE9PSIsInZhbHVlIjoidUwyYmRpM2thczFJTFwvbFhGTXE0ajdEdzhZcnU4cHVVUEtaaTlxK3JieHlGM1hHZjNNMTRYY3NDWmQyd0lZTU9LQk15eE9kbTNuWFBoZ3RCb2x1Y2J3PT0iLCJtYWMiOiJhOGU0OGRhMTU1N2ZhMDYxOTJhYTFlOWMzNmMzZjNhY2I1NzA0YjA5MjEwYmNjOGZmOGI5Yzc5ZDhkNGIzZDI2In0%3D; expires=Mon, 25-Mar-2019 17:32:23 GMT; Max-Age=7200; path=/ major_tom=eyJpdiI6IndhZGY3REJCaWJ6QVRRQ1JlR0V5MVE9PSIsInZhbHVlIjoiR2FBVkRkVUplR1VHRENUV1pLZk1ZOWZGYVBCdUFYU2I3R2dLS1BxZ21QOU55NTBJTFFuOXhxZUo5eDM1dlJvbzNzcWU3TFwvRkZlSVVheUp3cFZ0MkRBPT0iLCJtYWMiOiJmZDY1Nzk1ZjgzN2RiOTg1Y2I1ODE4MWVhMDk3MzhkNmVkMzZkMGQxYmViZDJkNTY3NGU0ZjE3NWJmNDgzMWI1In0%3D; expires=Mon, 25-Mar-2019 17:32:23 GMT; Max-Age=7200; path=/; httponly
Content-Encoding: gzip

GET piwik.js
analytics.s.id/ 0
0

GET
H/1.1 200
OK / Show response
kouakoujea.temp.swtest.ru/ 64 B
336 B 192ms
61ms Document
text/html 77.222.62.180
SWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://kouakoujea.temp.swtest.ru/
Requested by: Host: s.id
URL: https://s.id/431CH
Protocol: HTTP/1.1
Server: 77.222.62.180 , Russian Federation, ASN44112 (SWEB-AS, RU),
Reverse DNS: vh273.sweb.ru
Software: nginx/1.15.8 /
Resource Hash: e8d25b1fffed1c2374260c0025a3cda46553a4aadabb2132666e91a0f93b619f

Request headers

Host: kouakoujea.temp.swtest.ru
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Server: nginx/1.15.8
Date: Mon, 25 Mar 2019 15:32:23 GMT
Content-Type: text/html
Content-Length: 64
Connection: keep-alive
Keep-Alive: timeout=10
Last-Modified: Mon, 25 Mar 2019 06:49:39 GMT
ETag: "5608fb-40-584e59bca549f"
Accept-Ranges: bytes

GET
H/1.1

200
OK

9gVd Show response
urlz.fr/
Redirect Chain

https://urlz.fr/9gVd
http://urlz.fr/9gVd

3 KB
1 KB

44ms
37ms

Document
text/html

2606:4700:31::681f:bb2
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://urlz.fr/9gVd
Protocol: HTTP/1.1
Server: 2606:4700:31::681f:bb2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20a11a37a7d6b922294856d12af9ff6b3e16c004859be59e299bbc4cfeb9cfeb

Request headers

Host: urlz.fr
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://kouakoujea.temp.swtest.ru/
Accept-Encoding: gzip, deflate
Cookie: __cfduid=dcfbb184d0e9f69a4b97518765323af201553527943
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://kouakoujea.temp.swtest.ru/

Response headers

Date: Mon, 25 Mar 2019 15:32:23 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: cloudflare
CF-RAY: 4bd1eff0a9ebc2bf-FRA
Content-Encoding: gzip

Redirect headers

status: 301
date: Mon, 25 Mar 2019 15:32:23 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=dcfbb184d0e9f69a4b97518765323af201553527943; expires=Tue, 24-Mar-20 15:32:23 GMT; path=/; domain=.urlz.fr; HttpOnly
location: http://urlz.fr/9gVd
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 4bd1eff02a53979e-FRA

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/a2bd7673/cloudflare-static/ 12 KB
4 KB 11ms
8ms Script
application/javascript 2606:4700::6813:c397
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/a2bd7673/cloudflare-static/rocket-loader.min.js

Requested by

Host: urlz.fr
URL: http://urlz.fr/9gVd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:c397 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

09cb7c36c13be7810320607e581c11cd14b5b53eefe52a528b944a43f5a91cda

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://urlz.fr/9gVd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 25 Mar 2019 15:32:23 GMT
content-encoding: gzip
last-modified: Tue, 19 Mar 2019 11:30:49 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5c90d2e9-2ef5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=172800, public
strict-transport-security: max-age=15780000; includeSubDomains
cf-ray: 4bd1eff118b9c305-FRA
expires: Wed, 27 Mar 2019 15:32:23 GMT

GET
H/1.1 404
Not Found /
u351381inj.ha002.t.justns.ru/fr/ Frame 8EA9 0
0 527ms
68ms Document
text/html 185.22.155.190
ASBAXET

General

Check archive.org

Show headers Download Go to

Full URL: http://u351381inj.ha002.t.justns.ru/fr/
Requested by: Host: urlz.fr
URL: http://urlz.fr/9gVd
Protocol: HTTP/1.1
Server: 185.22.155.190 , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS: ha202.justhost.ru
Software: LiteSpeed /
Resource Hash

Request headers

Host: u351381inj.ha002.t.justns.ru
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://urlz.fr/9gVd
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://urlz.fr/9gVd

Response headers

Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Pragma: no-cache
Content-Type: text/html
Content-Length: 618
Date: Mon, 25 Mar 2019 15:32:24 GMT
Server: LiteSpeed
Vary: User-Agent
Connection: Keep-Alive

GET
H/1.1 200
OK requestform.js Show response
ads.themoneytizer.com/s/ 46 KB
10 KB 45ms
19ms Script
text/html 151.139.241.23
HWNG

General

Check archive.org

Show headers Download Go to

Full URL: http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/a2bd7673/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Server: 151.139.241.23 Dallas, United States, ASN12989 (HWNG, NL),
Reverse DNS
Software: NetDNA-cache/2.2 / PHP/5.4.45
Resource Hash: e4b14ec71605916b96ef669b89d7693272e4bb0f4adb2e6dc35ffd5a21ea6624

Request headers

Referer: http://urlz.fr/9gVd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 25 Mar 2019 15:32:23 GMT
Content-Encoding: gzip
Server: NetDNA-cache/2.2
X-Powered-By: PHP/5.4.45
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/html; charset=UTF-8
Cache-control: max-age=86400
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes
Expires: Tue, 26 Mar 2019 15:32:23 GMT

GET
H/1.1 200
OK gen.js Show response
ads.themoneytizer.com/s/ 8 KB
3 KB 45ms
17ms Script
text/html 151.139.241.23
HWNG

General

Check archive.org

Show headers Download Go to

Full URL: http://ads.themoneytizer.com/s/gen.js?type=28
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/a2bd7673/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Server: 151.139.241.23 Dallas, United States, ASN12989 (HWNG, NL),
Reverse DNS
Software: NetDNA-cache/2.2 / PHP/5.4.45
Resource Hash: 74ae5dc766f53462002c71356190b3b1c68b664cc15ce8c4a9a2b4be6d321850

Request headers

Referer: http://urlz.fr/9gVd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 25 Mar 2019 15:32:04 GMT
Content-Encoding: gzip
Server: NetDNA-cache/2.2
X-Powered-By: PHP/5.4.45
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/html; charset=UTF-8
Cache-control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2774
Expires: Tue, 26 Mar 2019 15:32:04 GMT

GET
H/1.1 200
OK / Show response
g.tmyzer.com/g/ 26 B
200 B 74ms
34ms Script
text/html 145.239.193.145
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://g.tmyzer.com/g/
Requested by: Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol: HTTP/1.1
Server: 145.239.193.145 , United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 8c8543047af01eee8aec752d049f35aff3abc468628af82f9585117411786d8c

Request headers

Referer: http://urlz.fr/9gVd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 25 Mar 2019 15:32:24 GMT
Server: nginx
X-IPLB-Instance: 15014
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 moneyvisibility.js Show response
ads.themoneytizer.com/ 12 KB
4 KB 60ms
10ms Script
text/javascript 151.139.241.23
HWNG

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneyvisibility.js
Requested by: Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN12989 (HWNG, NL),
Reverse DNS
Software: nginx /
Resource Hash: 7665c874bc98e44bd494def2883069f2f4c14cdef48d52d517cbbfce75440f37

Request headers

Referer: http://urlz.fr/9gVd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 25 Mar 2019 15:32:24 GMT
content-encoding: gzip
last-modified: Wed, 27 Feb 2019 16:57:07 GMT
server: nginx
etag: "779a-308e-582e3105a6be4"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 3931
expires: Tue, 26 Mar 2019 15:31:54 GMT

GET
H2 200 moneybile.js Show response
ads.themoneytizer.com/ 37 KB
37 KB 70ms
21ms Script
text/javascript 151.139.241.23
HWNG

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneybile.js
Requested by: Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN12989 (HWNG, NL),
Reverse DNS
Software: nginx /
Resource Hash: 94666aec361fee9a9294bb32a5bc11867e479d41c199dd6ec8053122ae105a4b

Request headers

Referer: http://urlz.fr/9gVd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 25 Mar 2019 15:32:24 GMT
last-modified: Wed, 27 Feb 2019 16:57:00 GMT
server: nginx
etag: "7ff1-9390-582e30fefbc74"
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 37776
expires: Tue, 26 Mar 2019 15:31:32 GMT

GET
H/1.1 200
OK getjs.static.js Show response
tag.contextweb.com/ 32 KB
11 KB 82ms
26ms Script
application/x-javascript 74.214.194.131
PULSEPOINT-EU

General

Check archive.org

Show headers Download Go to

Full URL: http://tag.contextweb.com/getjs.static.js
Requested by: Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol: HTTP/1.1
Server: 74.214.194.131 Amsterdam, Netherlands, ASN59940 (PULSEPOINT-EU, NL),
Reverse DNS
Software: envoy /
Resource Hash: bf0e17523e8f57ccb02223b6e5adea462a5479afc4e79d9cbf80ca7f6186dc69

Request headers

Referer: http://urlz.fr/9gVd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 25 Mar 2019 15:32:24 GMT
content-encoding: gzip
server: envoy
etag: d13c8ae45565efb782b52cb7f6a3b3828e3d77a7
p3p: policyref="/TagPublish/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: max-age=432000, public
x-envoy-upstream-service-time: 7
content-type: application/x-javascript
content-length: 11296

GET
H/1.1 200
OK px.js Show response
p.cpx.to/p/11528/ 1 KB
2 KB 53ms
10ms Script
application/javascript 13.35.253.113
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://p.cpx.to/p/11528/px.js?r=19971
Requested by: Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol: HTTP/1.1
Server: 13.35.253.113 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-35-253-113.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 759d88dd7c8fa0d1e31323bd2ebf3f238156fdcbd1ed108215f69fece482d0c2

Request headers

Referer: http://urlz.fr/9gVd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 25 Mar 2019 10:12:16 GMT
Content-Encoding: UTF-8
Last-Modified: Wed, 10 Oct 2018 10:49:46 GMT
Server: AmazonS3
Age: 19209
ETag: "f30057c89bf67afeaf18ceba624fa4b7"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
Cache-Control: max-age=2419200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1498
X-Amz-Cf-Id: bSGwH2lCZWsgjUa9cidGmtdQj5gNupjnbjOI7c2MUjqAveJeeGUi5Q==

GET
H/1.1 200
OK notifyme.js Show response
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/ 25 KB
25 KB 57ms
10ms Script
text/javascript 13.35.254.94
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Requested by: Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol: HTTP/1.1
Server: 13.35.254.94 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-35-254-94.fra6.r.cloudfront.net
Software: Apache /
Resource Hash: b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213

Request headers

Referer: http://urlz.fr/9gVd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 25 Mar 2019 07:49:16 GMT
Via: 1.1 f038e7175be9761825b2eefc2b0a832e.cloudfront.net (CloudFront)
Last-Modified: Mon, 18 Feb 2019 16:54:28 GMT
Server: Apache
Age: 81401
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 25704
X-Amz-Cf-Id: I8frhdVX9o8MaYBH-SwwC4ErH6-VtBlMEZRg9iOz5lCtw3DNafSzwA==

GET
H/1.1

200
OK

smart.js
ced-ns.sascdn.com/diff/js/
Redirect Chain

http://ww1097.smartadserver.com/config.js?nwid=1097
http://ced-ns.sascdn.com/diff/js/smart.js

23 KB
8 KB

99ms
14ms

Script
application/x-javascript

68.232.35.16
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: http://ced-ns.sascdn.com/diff/js/smart.js
Protocol: HTTP/1.1
Server: 68.232.35.16 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40E6) /
Resource Hash

Request headers

Referer: http://urlz.fr/9gVd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 25 Mar 2019 15:32:24 GMT
Content-Encoding: gzip
Last-Modified: Mon, 11 Feb 2019 13:12:51 GMT
Server: ECS (fcn/40E6)
X-N: S
Etag: "18d57cd29660668e0675302a0f212fc1:1549890771"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: application/x-javascript
Cache-Control: max-age=86400
Accept-Ranges: bytes
Content-Length: 7698

Redirect headers

Location: http://ced-ns.sascdn.com/diff/js/smart.js
Date: Mon, 25 Mar 2019 15:32:23 GMT
Cache-Control: public, no-cache="Set-Cookie", max-age=3600
Content-Type: text/html; charset=utf-8
ETag: "3184BE231B39A627465528FEFB74EF58"
Content-Length: 158
Expires: Mon, 25 Mar 2019 16:32:24 GMT

GET
H/1.1 200
OK sync Show response
gum.criteo.com/ 49 B
305 B 80ms
28ms Script
text/javascript 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: http://gum.criteo.com/sync?c=147&r=2&j=criteoCallback
Requested by: Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol: HTTP/1.1
Server: 2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0

Request headers

Referer: http://urlz.fr/9gVd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 25 Mar 2019 15:32:23 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=3600
Content-Length: 49
Expires: 60

GET
H/1.1 200
OK libJsLP.js Show response
tag.leadplace.fr/ 3 KB
3 KB 73ms
21ms Script
application/javascript 147.135.143.43
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://tag.leadplace.fr/libJsLP.js
Requested by: Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol: HTTP/1.1
Server: 147.135.143.43 Waltham, United States, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 90e6f92e956b0b2b6e655f63d36cd44cef727f54c2b2a175ab5144de14ba2a31

Request headers

Referer: http://urlz.fr/9gVd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 25 Mar 2019 15:32:24 GMT
Last-Modified: Wed, 28 Nov 2018 09:16:40 GMT
Server: nginx/1.14.2
ETag: "5bfe5cf8-a72"
X-IPLB-Instance: 13157
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 2674

GET
H/1.1 200
OK quant.js
edge.quantserve.com/ 12 KB
6 KB 160ms
33ms Script
application/x-javascript 91.228.74.150
Quantcast Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: http://edge.quantserve.com/quant.js
Requested by: Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol: HTTP/1.1
Server: 91.228.74.150 , United Kingdom, ASN27281 (QUANTCAST - Quantcast Corporation, US),
Reverse DNS
Software: QS /
Resource Hash

Request headers

Referer: http://urlz.fr/9gVd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 25 Mar 2019 15:32:24 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25-Mar-2019 15:32:24 GMT
Server: QS
ETag: M0-e2b9884a
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=604800
Connection: keep-alive
Content-Length: 5456
Expires: Mon, 01 Apr 2019 15:32:24 GMT

GET
H2 200 d086759d-86af-4b34-852b-bb5d4c87aa38
tmzr.pubstack.io/v1/tag/ 1 KB
752 B 123ms
32ms Script
application/javascript 54.72.138.19
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://tmzr.pubstack.io/v1/tag/d086759d-86af-4b34-852b-bb5d4c87aa38
Requested by: Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.138.19 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-72-138-19.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: http://urlz.fr/9gVd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
date: Mon, 25 Mar 2019 15:32:24 GMT
cache-control: max-age=120
content-encoding: gzip
content-length: 640
content-type: application/javascript

GET
H2 200 prebid.js Show response
ads.themoneytizer.com/moneybid1_39/build/dist/ 275 KB
87 KB 29ms
28ms Script
text/javascript 151.139.241.23
HWNG

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneybid1_39/build/dist/prebid.js
Requested by: Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN12989 (HWNG, NL),
Reverse DNS
Software: nginx /
Resource Hash: 82fcf99ccf31eeffbfe2249c1863edc0a5c6fb1be76eb82f85287e696bef306b

Request headers

Referer: http://urlz.fr/9gVd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 25 Mar 2019 15:32:24 GMT
content-encoding: gzip
last-modified: Thu, 14 Mar 2019 20:06:04 GMT
server: nginx
etag: "25b17-44aec-5841373bd11e2"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 88644
expires: Tue, 26 Mar 2019 15:32:02 GMT

GET
H/1.1 200
OK sdk.js
player.pepsia.com/ 37 KB
37 KB 133ms
49ms Script
application/javascript 5.179.192.20
ASPSERVEUR-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://player.pepsia.com/sdk.js?d=169b57b3502
Requested by: Host: s.id
URL: https://s.id/431CH
Protocol: HTTP/1.1
Server: 5.179.192.20 , France, ASN34235 (ASPSERVEUR-AS, FR),
Reverse DNS: 5-179-192-20.dynamixhost.net
Software: nginx /
Resource Hash

Request headers

Referer: http://urlz.fr/9gVd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 25 Mar 2019 15:32:24 GMT
Last-Modified: Wed, 20 Mar 2019 14:01:05 GMT
Server: nginx
Accept-Ranges: bytes
ETag: "5c9247a1-9477"
Content-Length: 38007
Content-Type: application/javascript

GET
H/1.1 404
Not Found /
u351381inj.ha002.t.justns.ru/fr/ Frame 407D 0
0 79ms
77ms Document
text/html 185.22.155.190
ASBAXET

General

Check archive.org

Show headers Download Go to

Full URL: http://u351381inj.ha002.t.justns.ru/fr/
Requested by: Host: s.id
URL: https://s.id/431CH
Protocol: HTTP/1.1
Server: 185.22.155.190 , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS: ha202.justhost.ru
Software: LiteSpeed /
Resource Hash

Request headers

Host: u351381inj.ha002.t.justns.ru
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://urlz.fr/9gVd
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://urlz.fr/9gVd

Response headers

Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Pragma: no-cache
Content-Type: text/html
Content-Length: 618
Date: Mon, 25 Mar 2019 15:32:24 GMT
Server: LiteSpeed
Vary: User-Agent
Connection: Keep-Alive

GET image.php
www.noowho.com/ 0
0

GET

bounce
secure.adnxs.com/
Redirect Chain

https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent=
https://id5-sync.com/c/12/0/9/1.gif
https://secure.adnxs.com/getuid?https://id5-sync.com/c/12/2/8/2.gif?puid=$UID
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fid5-sync.com%2Fc%2F12%2F2%2F8%2F2.gif%3Fpuid%3D%24UID

0
0

GET
H/1.1 200
OK fire.js
s.cpx.to/ 946 B
1 KB 191ms
30ms Script
text/plain 52.30.151.17
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://s.cpx.to/fire.js?pid=11528&ref=http%3A%2F%2Fkouakoujea.temp.swtest.ru%2F&hn_ver=10&fid=6a822c31-ade1-4882-a625-da8b45d9bad6
Requested by: Host: p.cpx.to
URL: http://p.cpx.to/p/11528/px.js?r=19971
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.151.17 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-30-151-17.eu-west-1.compute.amazonaws.com
Software: akka-http/2.4.17 /
Resource Hash

Request headers

Referer: http://urlz.fr/9gVd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Mar 2019 15:32:24 GMT
Server: akka-http/2.4.17
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Type: text/plain; charset=UTF-8
Content-Length: 946
Expires: Fri, 01 Feb 2019 12:00:31 GMT

GET
H/1.1 200
OK jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.0.0/ 84 KB
30 KB 64ms
5ms Script
text/javascript 2a00:1450:4001:818::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js

Requested by

Host: d2zur9cc2gf1tx.cloudfront.net
URL: http://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:818::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://urlz.fr/9gVd
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 08 Mar 2019 21:44:39 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 20 Dec 2016 18:17:03 GMT
Server: sffe
Age: 1446465
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 30186
X-XSS-Protection: 1; mode=block
Expires: Sat, 07 Mar 2020 21:44:39 GMT

GET
H/1.1 200
OK wckr.php
tag.leadplace.fr/ Frame 8DAC 0
0 56ms
19ms Document
text/html 147.135.143.43
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://tag.leadplace.fr/wckr.php?nogdpr&id=MTIZ
Requested by: Host: tag.leadplace.fr
URL: http://tag.leadplace.fr/libJsLP.js
Protocol: HTTP/1.1
Server: 147.135.143.43 Waltham, United States, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash

Request headers

Host: tag.leadplace.fr
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://urlz.fr/9gVd
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://urlz.fr/9gVd

Response headers

Server: nginx/1.14.2
Date: Mon, 25 Mar 2019 15:32:24 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
X-IPLB-Instance: 13157

POST prebid
ib.adnxs.com/ut/v3/ 0
0

GET swfIndex.php
ads.stickyadstv.com/www/delivery/ 0
0

GET hb
ad.360yield.com/ 0
0

GET fastlane.json
fastlane.rubiconproject.com/a/api/ 0
0

GET
H/1.1 404
Not Found Primary Request / Show response
u351381inj.ha002.t.justns.ru/fr/ 618 B
878 B 75ms
74ms Document
text/html 185.22.155.190
ASBAXET

General

Check archive.org

Show headers Download Go to

Full URL: http://u351381inj.ha002.t.justns.ru/fr/
Requested by: Host: s.id
URL: https://s.id/431CH
Protocol: HTTP/1.1
Server: 185.22.155.190 , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS: ha202.justhost.ru
Software: LiteSpeed /
Resource Hash: 7da7df6b2ae25a2b32a494dacea2c51b02b173dcb020c79f4df47a92fb497274

Request headers

Host: u351381inj.ha002.t.justns.ru
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://urlz.fr/9gVd
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://urlz.fr/9gVd

Response headers

Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Pragma: no-cache
Content-Type: text/html
Content-Length: 618
Date: Mon, 25 Mar 2019 15:32:24 GMT
Server: LiteSpeed
Vary: User-Agent
Connection: Keep-Alive

GET

rules-p-6Fv0cGNfc_bw8.js
rules.quantcount.com/
Redirect Chain

http://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js

0
0

GET monitoring.js
cdn-prod.pubstack.io/ 0
0

GET https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Damobee%26dsp_uid%3D%24%21%7BTURN_UUID%7D%26fid%3D6a822c31-ade1-4882-a625-da8b45d9bad6
d.turn.com/r/dd/id/L21rdC8xMjgwL2NpZC8xNzQ4MDc2NjU4L3QvMg/url/ 0
0

GET getuid
secure.adnxs.com/ 0
0

GET getuid
ads.avocet.io/ 0
0

GET UCookieSetPug
image2.pubmatic.com/AdServer/ 0
0

GET

pixel
cm.g.doubleclick.net/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=6a822c31-ade1-4882-a625-da8b45d9bad6
https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm=&dsp=dbm&fid=6a822c31-ade1-4882-a625-da8b45d9bad6&google_tc=

0
0

GET /
player.pepsia.com/V2/ 0
0

GET algo.php
player.pepsia.com/V2/ 0
0

GET notifyme.php
adtrack.adleadevent.com/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: analytics.s.id
URL: https://analytics.s.id/piwik.js

Domain: www.noowho.com
URL: https://www.noowho.com/image.php?site=23690713&ref=http://kouakoujea.temp.swtest.ru/

Domain: secure.adnxs.com
URL: https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fid5-sync.com%2Fc%2F12%2F2%2F8%2F2.gif%3Fpuid%3D%24UID

Domain: ib.adnxs.com
URL: http://ib.adnxs.com/ut/v3/prebid

Domain: ads.stickyadstv.com
URL: http://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=5224337&componentId=mustang&timestamp=1553527944656&pKey=-1092656738&_fw_gdpr_consent=undefined&loc=http%3A%2F%2Furlz.fr%2F9gVd&playerSize=640x480&

Domain: ad.360yield.com
URL: http://ad.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22id%22%3A%2215cdaffaef62a4a%22%2C%22version%22%3A%225.0.0-JS-5.2.0%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2210c53fcf47817c7%22%2C%22pid%22%3A%221121190%22%2C%22tid%22%3A%22828a48b5-dac4-4c00-bcb3-51929bcbfaf3%22%2C%22banner%22%3A%7B%7D%7D%2C%7B%22id%22%3A%22119e932a5a04033%22%2C%22pid%22%3A%221121191%22%2C%22tid%22%3A%2254fa04cd-3520-4924-96da-a1d96802bf5b%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D

Domain: fastlane.rubiconproject.com
URL: http://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11740&site_id=39544&zone_id=1078226&size_id=2&p_pos=unknown&rf=https%3A%2F%2Furlz.fr&kw=15056&tg_i.siteid=15056&tk_flint=pbjs_lite_v1.39.0&x_source.tid=828a48b5-dac4-4c00-bcb3-51929bcbfaf3&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=0&slots=1&rand=0.979962856866845

Domain: fastlane.rubiconproject.com
URL: http://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11740&site_id=39544&zone_id=1078310&size_id=2&p_pos=unknown&rf=https%3A%2F%2Furlz.fr&kw=15056&tg_i.siteid=15056&tk_flint=pbjs_lite_v1.39.0&x_source.tid=54fa04cd-3520-4924-96da-a1d96802bf5b&p_screen_res=1600x1200&rp_floor=0.37&rp_secure=0&slots=1&rand=0.9544367172034076

Domain: rules.quantcount.com
URL: https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js

Domain: cdn-prod.pubstack.io
URL: https://cdn-prod.pubstack.io/monitoring.js

Domain: d.turn.com
URL: https://d.turn.com/r/dd/id/L21rdC8xMjgwL2NpZC8xNzQ4MDc2NjU4L3QvMg/url/https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Damobee%26dsp_uid%3D%24%21%7BTURN_UUID%7D%26fid%3D6a822c31-ade1-4882-a625-da8b45d9bad6

Domain: secure.adnxs.com
URL: https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D11528%26ref%3Dhttp%253A%252F%252Fkouakoujea.temp.swtest.ru%252F%26hn_ver%3D10%26fid%3D6a822c31-ade1-4882-a625-da8b45d9bad6

Domain: ads.avocet.io
URL: https://ads.avocet.io/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Davocet%26dsp_uid%3D%7B%7BUUID%7D%7D%26fid%3D6a822c31-ade1-4882-a625-da8b45d9bad6

Domain: image2.pubmatic.com
URL: https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D6a822c31-ade1-4882-a625-da8b45d9bad6

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm=&dsp=dbm&fid=6a822c31-ade1-4882-a625-da8b45d9bad6&google_tc=

Domain: player.pepsia.com
URL: http://player.pepsia.com/V2/?token=00I4&autoplay=1&logo=true&volume=1&api=1&id=0&origin=http://urlz.fr&d=169b57b3621

Domain: player.pepsia.com
URL: http://player.pepsia.com/V2/algo.php?token=00I4&num=9&origin=http://urlz.fr&d=169b57b3625

Domain: adtrack.adleadevent.com
URL: https://adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: http://ads.themoneytizer.com/s/gen.js?type=28(Line 144) Message: [ID5] Exception received while calling TCF CMP
console-api	log	URL: http://ads.themoneytizer.com/s/gen.js?type=28(Line 144) Message: [ID5] Firing ID5 pixel at url:

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.360yield.com
ads.avocet.io
ads.stickyadstv.com
ads.themoneytizer.com
adtrack.adleadevent.com
ajax.cloudflare.com
ajax.googleapis.com
analytics.s.id
cdn-prod.pubstack.io
ced-ns.sascdn.com
cm.g.doubleclick.net
d.turn.com
d2zur9cc2gf1tx.cloudfront.net
edge.quantserve.com
fastlane.rubiconproject.com
g.tmyzer.com
gum.criteo.com
ib.adnxs.com
image2.pubmatic.com
kouakoujea.temp.swtest.ru
p.cpx.to
player.pepsia.com
rules.quantcount.com
s.cpx.to
s.id
secure.adnxs.com
tag.contextweb.com
tag.leadplace.fr
tmzr.pubstack.io
u351381inj.ha002.t.justns.ru
urlz.fr
ww1097.smartadserver.com
www.noowho.com
ad.360yield.com
ads.avocet.io
ads.stickyadstv.com
adtrack.adleadevent.com
analytics.s.id
cdn-prod.pubstack.io
cm.g.doubleclick.net
d.turn.com
fastlane.rubiconproject.com
ib.adnxs.com
image2.pubmatic.com
player.pepsia.com
rules.quantcount.com
secure.adnxs.com
www.noowho.com
13.35.253.113
13.35.254.94
145.239.193.145
147.135.143.43
151.139.241.23
185.22.155.190
185.86.137.32
203.119.112.228
2606:4700:31::681f:ab2
2606:4700:31::681f:bb2
2606:4700::6813:c397
2a00:1450:4001:818::200a
2a02:2638::1c
5.179.192.20
52.30.151.17
54.72.138.19
68.232.35.16
74.214.194.131
77.222.62.180
91.228.74.150
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
09cb7c36c13be7810320607e581c11cd14b5b53eefe52a528b944a43f5a91cda
20a11a37a7d6b922294856d12af9ff6b3e16c004859be59e299bbc4cfeb9cfeb
3f7b683347fcd6555c00ca125efefbdb56753437ec6a93ac6c0fccd27f09ab4e
74ae5dc766f53462002c71356190b3b1c68b664cc15ce8c4a9a2b4be6d321850
759d88dd7c8fa0d1e31323bd2ebf3f238156fdcbd1ed108215f69fece482d0c2
7665c874bc98e44bd494def2883069f2f4c14cdef48d52d517cbbfce75440f37
7da7df6b2ae25a2b32a494dacea2c51b02b173dcb020c79f4df47a92fb497274
82fcf99ccf31eeffbfe2249c1863edc0a5c6fb1be76eb82f85287e696bef306b
8c8543047af01eee8aec752d049f35aff3abc468628af82f9585117411786d8c
90e6f92e956b0b2b6e655f63d36cd44cef727f54c2b2a175ab5144de14ba2a31
94666aec361fee9a9294bb32a5bc11867e479d41c199dd6ec8053122ae105a4b
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213
bf0e17523e8f57ccb02223b6e5adea462a5479afc4e79d9cbf80ca7f6186dc69
e4b14ec71605916b96ef669b89d7693272e4bb0f4adb2e6dc35ffd5a21ea6624
e8d25b1fffed1c2374260c0025a3cda46553a4aadabb2132666e91a0f93b619f

u351381inj.ha002.t.justns.ru Open in urlscan Pro 185.22.155.190 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

43 Requests

16 %HTTPS

25 %IPv6

29 Domains

33 Subdomains

19 IPs

8 Countries

275 kBTransfer

615 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

43 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

0 Cookies

2 Console Messages

Indicators

u351381inj.ha002.t.justns.ru Open in urlscan Pro
185.22.155.190 Public Scan

Screenshot
Live screenshot

Full Image

43
Requests

16 %
HTTPS

25 %
IPv6

29
Domains

33
Subdomains

19
IPs

8
Countries

275 kB
Transfer

615 kB
Size

0
Cookies

43 HTTP transactions
0 data transactions