urlscan.io logo urlscan.io
SecurityTrails logo

u427902d1c.ha003.t.justns.ru Open in urlscan Pro
2a00:b700::2f  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://urlz.fr/aIYN
Effective URL: http://u427902d1c.ha003.t.justns.ru/bred2019/
Submission: On October 17 via manual from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 24 IPs in 9 countries across 28 domains to perform 42 HTTP transactions. The main IP is 2a00:b700::2f, located in Russian Federation and belongs to ASBAXET, RU. The main domain is u427902d1c.ha003.t.justns.ru.
This is the only time u427902d1c.ha003.t.justns.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 2606:4700:31:... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 9 2a00:b700::2f 51659 (ASBAXET)
6 151.139.241.23 33438 (HIGHWINDS2)
1 145.239.193.145 16276 (OVH)
1 74.214.194.131 59940 (PULSEPOIN...)
1 13.224.196.26 16509 (AMAZON-02)
1 1 185.86.137.17 201081 (SMARTADSE...)
1 68.232.35.16 15133 (EDGECAST)
1 2a02:2638::1c 44788 (ASN-CRITE...)
2 145.239.192.166 16276 (OVH)
1 91.228.74.228 27281 (QUANTCAST)
1 13.224.197.120 16509 (AMAZON-02)
1 94.23.196.203 16276 (OVH)
4 34.249.138.153 16509 (AMAZON-02)
1 2 2600:9000:200... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 69.173.144.143 26667 (RUBICONPR...)
1 2 18.195.103.23 16509 (AMAZON-02)
2 37.252.172.250 29990 (ASN-APPNEXUS)
1 54.247.83.136 16509 (AMAZON-02)
1 91.228.74.252 27281 (QUANTCAST)
2 2 185.64.189.110 62713 (AS-PUBMATIC)
1 1 37.252.173.22 29990 (ASN-APPNEXUS)
1 104.16.91.60 13335 (CLOUDFLAR...)
2 2 172.217.22.2 15169 (GOOGLE)
1 18.185.45.212 16509 (AMAZON-02)
42 24
2    2606:4700:31::681f:ab2 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
urlz.fr
1    2606:4700::6813:c597 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
ajax.cloudflare.com
9    2a00:b700::2f (Russian Federation)

ASN51659 (ASBAXET, RU)
u441992d1d.ha003.t.justns.ru
u427902d1c.ha003.t.justns.ru
6    151.139.241.23 (Dallas, United States)

ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US)
ads.themoneytizer.com
1    145.239.193.145 (France)

ASN16276 (OVH, FR)
g.tmyzer.com
1    74.214.194.131 (Amsterdam, Netherlands)

ASN59940 (PULSEPOINT-EU, NL)
tag.contextweb.com
1    13.224.196.26 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-224-196-26.fra2.r.cloudfront.net
p.cpx.to
1    185.86.137.17 (France)

ASN201081 (SMARTADSERVER, FR)
ww1097.smartadserver.com
1    68.232.35.16 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
ced-ns.sascdn.com
1    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    145.239.192.166 (France)

ASN16276 (OVH, FR)
tag.leadplace.fr
1    91.228.74.228 (United Kingdom)

ASN27281 (QUANTCAST - Quantcast Corporation, US)
edge.quantserve.com
1    13.224.197.120 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-224-197-120.fra2.r.cloudfront.net
d2zur9cc2gf1tx.cloudfront.net
1    94.23.196.203 (France)

ASN16276 (OVH, FR)
PTR: serveur8.wilsoftech.com
www.noowho.com
4    34.249.138.153 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-249-138-153.eu-west-1.compute.amazonaws.com
s.cpx.to
2    2600:9000:200c:2600:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
rules.quantcount.com
1    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
ajax.googleapis.com
1    69.173.144.143 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)
fastlane.rubiconproject.com
2    18.195.103.23 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-195-103-23.eu-central-1.compute.amazonaws.com
ice.360yield.com
2    37.252.172.250 (Ascension Island)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
1    54.247.83.136 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-247-83-136.eu-west-1.compute.amazonaws.com
adtrack.adleadevent.com
1    91.228.74.252 (United Kingdom)

ASN27281 (QUANTCAST - Quantcast Corporation, US)
pixel.quantserve.com
2    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC - PubMatic, Inc., US)
image2.pubmatic.com
1    37.252.173.22 (Ascension Island)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
1    104.16.91.60 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
dmp.truoptik.com
2    172.217.22.2 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s14-in-f2.1e100.net
cm.g.doubleclick.net
1    18.185.45.212 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-185-45-212.eu-central-1.compute.amazonaws.com
pool.grid-data.bidswitch.net
Domain Requested by
6 ads.themoneytizer.com ajax.cloudflare.com
ads.themoneytizer.com
6 u427902d1c.ha003.t.justns.ru urlz.fr
u427902d1c.ha003.t.justns.ru
4 s.cpx.to p.cpx.to
3 u441992d1d.ha003.t.justns.ru 3 redirects
2 cm.g.doubleclick.net 2 redirects
2 image2.pubmatic.com 2 redirects
2 ib.adnxs.com ads.themoneytizer.com
2 ice.360yield.com 1 redirects
2 rules.quantcount.com 1 redirects
2 tag.leadplace.fr ads.themoneytizer.com
tag.leadplace.fr
2 urlz.fr 1 redirects
1 pool.grid-data.bidswitch.net
1 dmp.truoptik.com
1 secure.adnxs.com 1 redirects
1 pixel.quantserve.com
1 adtrack.adleadevent.com ajax.googleapis.com
1 fastlane.rubiconproject.com ads.themoneytizer.com
1 ajax.googleapis.com d2zur9cc2gf1tx.cloudfront.net
1 www.noowho.com
1 d2zur9cc2gf1tx.cloudfront.net ads.themoneytizer.com
1 edge.quantserve.com ads.themoneytizer.com
1 gum.criteo.com ads.themoneytizer.com
1 ced-ns.sascdn.com
1 ww1097.smartadserver.com 1 redirects
1 p.cpx.to ads.themoneytizer.com
1 tag.contextweb.com ads.themoneytizer.com
1 g.tmyzer.com ads.themoneytizer.com
1 ajax.cloudflare.com urlz.fr
0 ads.avocet.io Failed
0 ads.stickyadstv.com Failed ads.themoneytizer.com
0 id5-sync.com Failed
0 player.pepsia.com Failed urlz.fr
42 32

This site contains no links.

Subject Issuer Validity Valid
ssl412106.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-08-10 -
2020-02-16		 6 months crt.sh
*.themoneytizer.com
Sectigo RSA Domain Validation Secure Server CA		 2019-02-15 -
2021-02-14		 2 years crt.sh
www.noowho.com
Gandi Standard SSL CA 2		 2017-02-07 -
2020-02-07		 3 years crt.sh
s.cpx.to
COMODO RSA Domain Validation Secure Server CA		 2015-02-10 -
2020-02-09		 5 years crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2018-10-16 -
2019-10-21		 a year crt.sh
*.360yield.com
Amazon		 2019-09-24 -
2020-10-24		 a year crt.sh
adtrack.adleadevent.com
Amazon		 2019-06-30 -
2020-07-30		 a year crt.sh
*.truoptik.com
Go Daddy Secure Certificate Authority - G2		 2018-11-13 -
2020-11-13		 2 years crt.sh
pool.grid-data.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2019-03-13 -
2020-03-12		 a year crt.sh

This page contains 4 frames:

Primary Page: http://u427902d1c.ha003.t.justns.ru/bred2019/
Frame ID: BD6CAA525BE8F7DE94B55D2B67FC4847
Requests: 39 HTTP requests in this frame

Frame: http://u427902d1c.ha003.t.justns.ru/bred2019/
Frame ID: 930E983B5429DB0C349CCE02746DC6C1
Requests: 1 HTTP requests in this frame

Frame: http://u427902d1c.ha003.t.justns.ru/bred2019/
Frame ID: 75B2DCA1AEDF3D922B9DB9E249A0F886
Requests: 1 HTTP requests in this frame

Frame: http://tag.leadplace.fr/wckr.php?nogdpr&id=MTIZ
Frame ID: C0DC0F152C1ED981307EC2CB4EA8F91F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://urlz.fr/aIYN HTTP 301
    http://urlz.fr/aIYN Page URL
  2. http://u441992d1d.ha003.t.justns.ru/redirecte.php/ HTTP 302
    http://u427902d1c.ha003.t.justns.ru/bred2019/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

42
Requests

36 %
HTTPS

22 %
IPv6

28
Domains

32
Subdomains

24
IPs

9
Countries

672 kB
Transfer

1060 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://urlz.fr/aIYN HTTP 301
    http://urlz.fr/aIYN Page URL
  2. http://u441992d1d.ha003.t.justns.ru/redirecte.php/ HTTP 302
    http://u427902d1c.ha003.t.justns.ru/bred2019/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://urlz.fr/aIYN HTTP 301
  • http://urlz.fr/aIYN
Request Chain 2
  • http://u441992d1d.ha003.t.justns.ru/redirecte.php/ HTTP 302
  • http://u427902d1c.ha003.t.justns.ru/bred2019/
Request Chain 10
  • http://ww1097.smartadserver.com/config.js?nwid=1097 HTTP 302
  • http://ced-ns.sascdn.com/diff/js/smart.js
Request Chain 17
  • http://u441992d1d.ha003.t.justns.ru/redirecte.php/ HTTP 302
  • http://u427902d1c.ha003.t.justns.ru/bred2019/
Request Chain 19
  • https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/12/0/9/1.gif?gdpr=1&gdpr_consent= HTTP 302
  • https://secure.adnxs.com/getuid?https://id5-sync.com/c/12/2/8/2.gif?puid=$UID&gdpr=1&gdpr_consent= HTTP 302
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fid5-sync.com%2Fc%2F12%2F2%2F8%2F2.gif%3Fpuid%3D%24UID%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/12/2/8/2.gif?puid=7446708380401768253&gdpr=1&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F10%2F7%2F3.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F10%2F7%2F3.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/12/10/7/3.gif?puid=170626308605224179&gdpr=1&gdpr_consent=
Request Chain 21
  • http://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js HTTP 301
  • https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Request Chain 24
  • https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%22141798c2533ba52%22%2C%22version%22%3A%225.2.0-JS-6.2.0%22%2C%22referrer%22%3A%22http%3A%2F%2Furlz.fr%2FaIYN%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22499c32cedaf0d6%22%2C%22pid%22%3A%221121191%22%2C%22tid%22%3A%220da1d096-5b85-4be0-b8c5-2482f78f3b40%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%5D%7D%7D%5D%7D%7D HTTP 302
  • https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%22141798c2533ba52%22%2C%22version%22%3A%225.2.0-JS-6.2.0%22%2C%22referrer%22%3A%22http%3A%2F%2Furlz.fr%2FaIYN%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22499c32cedaf0d6%22%2C%22pid%22%3A%221121191%22%2C%22tid%22%3A%220da1d096-5b85-4be0-b8c5-2482f78f3b40%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%5D%7D%7D%5D%7D%7D
Request Chain 32
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Dfae3a5fb-f435-425e-b57d-02f53b5bbcb0 HTTP 302
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Dfae3a5fb-f435-425e-b57d-02f53b5bbcb0 HTTP 302
  • https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=53EACCD5-5C87-4881-A010-9D2953C8DA23&fid=fae3a5fb-f435-425e-b57d-02f53b5bbcb0
Request Chain 34
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D11528%26ref%3D%26hn_ver%3D10%26fid%3Dfae3a5fb-f435-425e-b57d-02f53b5bbcb0 HTTP 302
  • https://s.cpx.to/an_fire?app_nexus_uid=7446708380401768253&pid=11528&ref=&hn_ver=10&fid=fae3a5fb-f435-425e-b57d-02f53b5bbcb0
Request Chain 36
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=fae3a5fb-f435-425e-b57d-02f53b5bbcb0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm=&dsp=dbm&fid=fae3a5fb-f435-425e-b57d-02f53b5bbcb0&google_tc= HTTP 302
  • https://s.cpx.to/ca.png?dsp=dbm&fid=fae3a5fb-f435-425e-b57d-02f53b5bbcb0&google_gid=CAESEMYu7RfsOaiaIkKHPbyw-CI&google_cver=1

42 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
aIYN
urlz.fr/
Redirect Chain
  • https://urlz.fr/aIYN
  • http://urlz.fr/aIYN
3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://urlz.fr/aIYN
Protocol
HTTP/1.1
Server
2606:4700:31::681f:ab2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1033d1ad1fe5671d25c2188b97ebc77123b928f867149564395fe64d9995ec2c

Request headers

Host
urlz.fr
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Cookie
__cfduid=de745af7afa0ea089aa40202e21c13f041571296542
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1

Response headers

Date
Thu, 17 Oct 2019 07:15:43 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
CF-Cache-Status
DYNAMIC
Server
cloudflare
CF-RAY
52707ba17f3d59b8-VIE
Content-Encoding
gzip

Redirect headers

status
301
date
Thu, 17 Oct 2019 07:15:42 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=de745af7afa0ea089aa40202e21c13f041571296542; expires=Fri, 16-Oct-20 07:15:42 GMT; path=/; domain=.urlz.fr; HttpOnly
location
http://urlz.fr/aIYN
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
52707ba0bdcecbb0-VIE
rocket-loader.min.js
ajax.cloudflare.com/cdn-cgi/scripts/95c75768/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.cloudflare.com/cdn-cgi/scripts/95c75768/cloudflare-static/rocket-loader.min.js
Requested by
Host: urlz.fr
URL: http://urlz.fr/aIYN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:c597 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ebb1042972496d60bb6555b9622f7e23201bbfe5d25b33d1096f1b61d659045
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://urlz.fr/aIYN
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 17 Oct 2019 07:15:43 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Mon, 07 Oct 2019 15:28:25 GMT
server
cloudflare
etag
W/"5d9b5999-2fb5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
application/javascript
status
200
cache-control
max-age=172800, public
strict-transport-security
max-age=15780000; includeSubDomains
cf-ray
52707ba20d4e59be-VIE
expires
Sat, 19 Oct 2019 07:15:43 GMT
/
u427902d1c.ha003.t.justns.ru/bred2019/ Frame 930E
Redirect Chain
  • http://u441992d1d.ha003.t.justns.ru/redirecte.php/
  • http://u427902d1c.ha003.t.justns.ru/bred2019/
0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://u427902d1c.ha003.t.justns.ru/bred2019/
Requested by
Host: urlz.fr
URL: http://urlz.fr/aIYN
Protocol
HTTP/1.1
Server
2a00:b700::2f , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash

Request headers

Host
u427902d1c.ha003.t.justns.ru
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://urlz.fr/aIYN
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://urlz.fr/aIYN

Response headers

Connection
close
Content-Type
text/html
Last-Modified
Tue, 08 Oct 2019 23:40:36 GMT
Etag
"3bc-5d9d1e74-9f8dd7a51096f6a6;gz"
Accept-Ranges
bytes
Content-Encoding
gzip
Vary
Accept-Encoding,User-Agent
Content-Length
531
Date
Thu, 17 Oct 2019 07:15:43 GMT
Server
LiteSpeed

Redirect headers

Connection
close
Location
http://u427902d1c.ha003.t.justns.ru/bred2019/
Content-Type
text/html; charset=UTF-8
Content-Length
0
Date
Thu, 17 Oct 2019 07:15:43 GMT
Server
LiteSpeed
Cache-Control
no-cache, no-store, must-revalidate, max-age=0
Vary
User-Agent
requestform.js
ads.themoneytizer.com/s/ 		34 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/95c75768/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
NetDNA-cache/2.2 / PHP/5.4.45
Resource Hash
97ccf98d36732087a17df7b208e96ae7564c630a0e354efa68a5c527e0dd8372

Request headers

Referer
http://urlz.fr/aIYN
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 17 Oct 2019 07:15:43 GMT
Content-Encoding
gzip
Server
NetDNA-cache/2.2
X-Powered-By
PHP/5.4.45
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
text/html; charset=UTF-8
Cache-control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8213
Expires
Fri, 18 Oct 2019 07:15:43 GMT
gen.js
ads.themoneytizer.com/s/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ads.themoneytizer.com/s/gen.js?type=28
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/95c75768/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
NetDNA-cache/2.2 / PHP/5.4.45
Resource Hash
2c0b1cf6965cedd6fdc86718ff298f16a50ad29397c68cb6b4de5c0954f98728

Request headers

Referer
http://urlz.fr/aIYN
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 17 Oct 2019 07:14:50 GMT
Content-Encoding
gzip
Server
NetDNA-cache/2.2
X-Powered-By
PHP/5.4.45
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
text/html; charset=UTF-8
Cache-control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2655
Expires
Fri, 18 Oct 2019 07:14:50 GMT
/
g.tmyzer.com/g/ 		26 B
200 B 		Script
General
Check archive.org
Download Go to
Full URL
http://g.tmyzer.com/g/
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol
HTTP/1.1
Server
145.239.193.145 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
8c8543047af01eee8aec752d049f35aff3abc468628af82f9585117411786d8c

Request headers

Referer
http://urlz.fr/aIYN
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 17 Oct 2019 07:15:43 GMT
Server
nginx
X-IPLB-Instance
29821
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
moneyvisibility.js
ads.themoneytizer.com/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/moneyvisibility.js
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
7665c874bc98e44bd494def2883069f2f4c14cdef48d52d517cbbfce75440f37

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://urlz.fr/aIYN
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 17 Oct 2019 07:15:43 GMT
content-encoding
gzip
last-modified
Wed, 27 Feb 2019 16:57:07 GMT
server
nginx
etag
"779a-308e-582e3105a6be4"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
status
200
cache-control
max-age=86400
accept-ranges
bytes
content-length
3931
expires
Fri, 18 Oct 2019 07:14:58 GMT
moneybile.js
ads.themoneytizer.com/ 		37 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/moneybile.js
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
94666aec361fee9a9294bb32a5bc11867e479d41c199dd6ec8053122ae105a4b

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://urlz.fr/aIYN
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 17 Oct 2019 07:15:43 GMT
content-encoding
gzip
last-modified
Wed, 27 Feb 2019 16:57:00 GMT
server
nginx
etag
"7ff1-9390-582e30fefbc74"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
status
200
cache-control
max-age=86400
accept-ranges
bytes
content-length
15733
expires
Fri, 18 Oct 2019 07:14:48 GMT
getjs.static.js
tag.contextweb.com/ 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://tag.contextweb.com/getjs.static.js
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol
HTTP/1.1
Server
74.214.194.131 Amsterdam, Netherlands, ASN59940 (PULSEPOINT-EU, NL),
Reverse DNS
Software
envoy /
Resource Hash
bf0e17523e8f57ccb02223b6e5adea462a5479afc4e79d9cbf80ca7f6186dc69

Request headers

Referer
http://urlz.fr/aIYN
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 17 Oct 2019 07:15:43 GMT
content-encoding
gzip
server
envoy
etag
d13c8ae45565efb782b52cb7f6a3b3828e3d77a7
p3p
policyref="/TagPublish/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
max-age=432000, public
x-envoy-upstream-service-time
2
content-type
application/x-javascript
content-length
11296
px.js
p.cpx.to/p/11528/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://p.cpx.to/p/11528/px.js?r=1d005
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol
HTTP/1.1
Server
13.224.196.26 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-224-196-26.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
759d88dd7c8fa0d1e31323bd2ebf3f238156fdcbd1ed108215f69fece482d0c2

Request headers

Referer
http://urlz.fr/aIYN
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 15 Oct 2019 18:45:06 GMT
Content-Encoding
UTF-8
Connection
keep-alive
Last-Modified
Wed, 10 Oct 2018 10:49:46 GMT
Server
AmazonS3
Age
131438
ETag
"f30057c89bf67afeaf18ceba624fa4b7"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 7a3193ebce69450274ae629ce856b09d.cloudfront.net (CloudFront)
Cache-Control
max-age=2419200
X-Amz-Cf-Pop
FRA2-C1
Accept-Ranges
bytes
Content-Length
1498
X-Amz-Cf-Id
0KtJYHck2O_ee1bFjaG0Sxdt0uzgwZNqex_6ujO7EA2HC_JqrJPkVg==
smart.js
ced-ns.sascdn.com/diff/js/
Redirect Chain
  • http://ww1097.smartadserver.com/config.js?nwid=1097
  • http://ced-ns.sascdn.com/diff/js/smart.js
24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ced-ns.sascdn.com/diff/js/smart.js
Protocol
HTTP/1.1
Server
68.232.35.16 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/40E6) /
Resource Hash
e74d4b9c447f963778d2309bf36b2c9acd06d8c7096f9a98b28643cae53f426b

Request headers

Referer
http://urlz.fr/aIYN
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 17 Oct 2019 07:15:44 GMT
Content-Encoding
gzip
Last-Modified
Thu, 05 Sep 2019 12:08:33 GMT
Server
ECS (fcn/40E6)
Cache-Control
max-age=86400
Etag
"1fc11a0f5e30485338c4562812f21662:1567685313"
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
application/x-javascript
X-N
S
Accept-Ranges
bytes
Content-Length
8004

Redirect headers

Location
http://ced-ns.sascdn.com/diff/js/smart.js
Date
Thu, 17 Oct 2019 07:15:43 GMT
Cache-Control
private
Content-Length
158
Content-Type
text/html; charset=utf-8
sync
gum.criteo.com/ 		49 B
386 B 		Script
General
Check archive.org
Download Go to
Full URL
http://gum.criteo.com/sync?c=147&r=2&j=criteoCallback
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol
HTTP/1.1
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0

Request headers

Referer
http://urlz.fr/aIYN
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 17 Oct 2019 07:15:43 GMT
content-encoding
gzip
expires
60
cache-control
private, max-age=3600
content-length
165
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
libJsLP.js
tag.leadplace.fr/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://tag.leadplace.fr/libJsLP.js
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol
HTTP/1.1
Server
145.239.192.166 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
90e6f92e956b0b2b6e655f63d36cd44cef727f54c2b2a175ab5144de14ba2a31

Request headers

Referer
http://urlz.fr/aIYN
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 17 Oct 2019 07:15:43 GMT
Last-Modified
Wed, 28 Nov 2018 09:16:40 GMT
Server
nginx/1.14.2
ETag
"5bfe5cf8-a72"
X-IPLB-Instance
30196
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
2674
quant.js
edge.quantserve.com/ 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://edge.quantserve.com/quant.js
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol
HTTP/1.1
Server
91.228.74.228 , United Kingdom, ASN27281 (QUANTCAST - Quantcast Corporation, US),
Reverse DNS
Software
QS /
Resource Hash
404a9b0ffbcc813e8ddbb8d8510a24a69c09079282f8083ee94f4adc5d627176

Request headers

Referer
http://urlz.fr/aIYN
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 17 Oct 2019 07:15:43 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17-Oct-2019 07:15:43 GMT
Server
QS
ETag
M0-e2b9884a
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=604800
Connection
keep-alive
Content-Length
5456
Expires
Thu, 24 Oct 2019 07:15:43 GMT
notifyme.js
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/ 		25 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol
HTTP/1.1
Server
13.224.197.120 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-224-197-120.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213

Request headers

Referer
http://urlz.fr/aIYN
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 17 Oct 2019 05:34:44 GMT
Via
1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
Last-Modified
Mon, 18 Feb 2019 16:54:28 GMT
Server
Apache
Age
89588
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
X-Amz-Cf-Pop
FRA2-C1
Accept-Ranges
bytes
Content-Length
25704
X-Amz-Cf-Id
c74j7rwp8xerw4FUfjCbifVbmZfPHS03idXqu6W0nWDsT--wS_zmIg==
prebid.js
ads.themoneytizer.com/moneybid2_31/build/dist/ 		333 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/moneybid2_31/build/dist/prebid.js
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
1aa092da3c4c7cfa17ea0a1a695f3c98e49e5ad40fb8054f7f2c0508b640bf50

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://urlz.fr/aIYN
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 17 Oct 2019 07:15:43 GMT
content-encoding
gzip
last-modified
Tue, 17 Sep 2019 15:51:10 GMT
server
nginx
etag
"32334-53511-592c1b0771144"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
status
200
cache-control
max-age=86400
accept-ranges
bytes
content-length
107532
expires
Fri, 18 Oct 2019 07:14:55 GMT
sdk.js
player.pepsia.com/ 		0
0
/
u427902d1c.ha003.t.justns.ru/bred2019/ Frame 75B2
Redirect Chain
  • http://u441992d1d.ha003.t.justns.ru/redirecte.php/
  • http://u427902d1c.ha003.t.justns.ru/bred2019/
0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://u427902d1c.ha003.t.justns.ru/bred2019/
Requested by
Host: urlz.fr
URL: http://urlz.fr/aIYN
Protocol
HTTP/1.1
Server
2a00:b700::2f , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash

Request headers

Host
u427902d1c.ha003.t.justns.ru
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://urlz.fr/aIYN
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://urlz.fr/aIYN

Response headers

Connection
close
Content-Type
text/html
Last-Modified
Tue, 08 Oct 2019 23:40:36 GMT
Etag
"3bc-5d9d1e74-9f8dd7a51096f6a6;gz"
Accept-Ranges
bytes
Content-Encoding
gzip
Vary
Accept-Encoding,User-Agent
Content-Length
531
Date
Thu, 17 Oct 2019 07:15:44 GMT
Server
LiteSpeed

Redirect headers

Connection
close
Location
http://u427902d1c.ha003.t.justns.ru/bred2019/
Content-Type
text/html; charset=UTF-8
Content-Length
0
Date
Thu, 17 Oct 2019 07:15:44 GMT
Server
LiteSpeed
Cache-Control
no-cache, no-store, must-revalidate, max-age=0
Vary
User-Agent
image.php
www.noowho.com/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.noowho.com/image.php?site=23690713&ref=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.23.196.203 , France, ASN16276 (OVH, FR),
Reverse DNS
serveur8.wilsoftech.com
Software
Apache/2.4.7 (Ubuntu) / PHP/5.5.9-1ubuntu4.22
Resource Hash

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://urlz.fr/aIYN
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 17 Oct 2019 07:24:52 GMT
Cache-Control
no-store, no-cache, must-revalidate
Server
Apache/2.4.7 (Ubuntu)
Connection
close
X-Powered-By
PHP/5.5.9-1ubuntu4.22
Content-Length
1451
Content-Type
image/gif
3.gif
id5-sync.com/c/12/10/7/
Redirect Chain
  • https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent=
  • https://id5-sync.com/c/12/0/9/1.gif?gdpr=1&gdpr_consent=
  • https://secure.adnxs.com/getuid?https://id5-sync.com/c/12/2/8/2.gif?puid=$UID&gdpr=1&gdpr_consent=
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fid5-sync.com%2Fc%2F12%2F2%2F8%2F2.gif%3Fpuid%3D%24UID%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/12/2/8/2.gif?puid=7446708380401768253&gdpr=1&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F10%2F7%2F3.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F10%2F7%2F3.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/12/10/7/3.gif?puid=170626308605224179&gdpr=1&gdpr_consent=
0
0
fire.js
s.cpx.to/ 		942 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.cpx.to/fire.js?pid=11528&ref=&hn_ver=10&fid=fae3a5fb-f435-425e-b57d-02f53b5bbcb0
Requested by
Host: p.cpx.to
URL: http://p.cpx.to/p/11528/px.js?r=1d005
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.138.153 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-249-138-153.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://urlz.fr/aIYN
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Thu, 17 Oct 2019 07:15:44 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/javascript; charset=UTF-8
Content-Length
942
Expires
Wed, 18 Sep 2019 12:32:30 GMT
rules-p-6Fv0cGNfc_bw8.js
rules.quantcount.com/
Redirect Chain
  • http://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
  • https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
1 KB
964 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200c:2600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681

Request headers

Referer
http://urlz.fr/aIYN
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 17 Oct 2019 07:00:47 GMT
content-encoding
gzip
last-modified
Mon, 19 Mar 2018 22:28:36 GMT
server
AmazonS3
age
933
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
status
200
cache-control
max-age=3600
x-amz-cf-pop
FRA2
x-amz-cf-id
ZMfHnCOIbsKf9i4qqcWb1Ira69swkMMJ3nKnyE6HKjfgnWj6pmcZHg==
via
1.1 60a935292c9892b0b7f9e56f65af863a.cloudfront.net (CloudFront)

Redirect headers

Date
Thu, 17 Oct 2019 07:15:43 GMT
Via
1.1 bd785324d865b594e6f1838b58cb0dae.cloudfront.net (CloudFront)
Server
CloudFront
X-Amz-Cf-Pop
FRA2
X-Cache
Redirect from cloudfront
Content-Type
text/html
Location
https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Connection
keep-alive
Content-Length
183
X-Amz-Cf-Id
_5jjm-2phHXaWbBa4fsuOh7rSHjQ0PiNaMzBKM_kkCSPFFgd3QC4NQ==
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.0.0/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Requested by
Host: d2zur9cc2gf1tx.cloudfront.net
URL: http://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://urlz.fr/aIYN
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 11 Oct 2019 09:52:41 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 20 Dec 2016 18:17:03 GMT
Server
sffe
Age
508982
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
30186
X-XSS-Protection
0
Expires
Sat, 10 Oct 2020 09:52:41 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11740&site_id=39544&zone_id=1078310&size_id=2&p_pos=atf&rf=https%3A%2F%2Furlz.fr&kw=15056&tg_i.siteid=15056&tk_flint=pbjs_lite_v2.31.0&x_source.tid=0da1d096-5b85-4be0-b8c5-2482f78f3b40&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=0&slots=1&rand=0.3428174357669722
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_31/build/dist/prebid.js
Protocol
HTTP/1.1
Server
69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash

Request headers

Referer
http://urlz.fr/aIYN
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 17 Oct 2019 07:15:44 GMT
Content-Encoding
gzip
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
http://urlz.fr
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=281
Content-Length
1438
Expires
Wed, 17 Sep 1975 21:32:10 GMT
hb
ice.360yield.com/ul_cb/
Redirect Chain
  • https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%22141798c2533ba52%22%2C%22version%22%3A%225.2.0-JS-6.2.0%22%2C%22referrer%22%3A%22http%3A%2F%2Furlz.fr%2Fa...
  • https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%22141798c2533ba52%22%2C%22version%22%3A%225.2.0-JS-6.2.0%22%2C%22referrer%22%3A%22http%3A%2F%2Furlz....
3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%22141798c2533ba52%22%2C%22version%22%3A%225.2.0-JS-6.2.0%22%2C%22referrer%22%3A%22http%3A%2F%2Furlz.fr%2FaIYN%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22499c32cedaf0d6%22%2C%22pid%22%3A%221121191%22%2C%22tid%22%3A%220da1d096-5b85-4be0-b8c5-2482f78f3b40%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%5D%7D%7D%5D%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.103.23 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-195-103-23.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
http://urlz.fr/aIYN
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 17 Oct 2019 07:15:44 GMT
content-encoding
gzip
status
200
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
http://urlz.fr
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
1637

Redirect headers

date
Thu, 17 Oct 2019 07:15:44 GMT
status
302
location
https://ice.360yield.com:443/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%22141798c2533ba52%22%2C%22version%22%3A%225.2.0-JS-6.2.0%22%2C%22referrer%22%3A%22http%3A%2F%2Furlz.fr%2FaIYN%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22499c32cedaf0d6%22%2C%22pid%22%3A%221121191%22%2C%22tid%22%3A%220da1d096-5b85-4be0-b8c5-2482f78f3b40%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%5D%7D%7D%5D%7D%7D
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
http://urlz.fr
access-control-allow-credentials
true
content-type
text/plain
content-length
0
prebid
ib.adnxs.com/ut/v3/ 		143 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_31/build/dist/prebid.js
Protocol
HTTP/1.1
Server
37.252.172.250 , Ascension Island, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
e77c8143439e97e5749d44c1973a0e51d44c11196dd2536abdfb099eddcf9d7b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://urlz.fr/aIYN
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 17 Oct 2019 07:15:46 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 538.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.37:80
AN-X-Request-Uuid
cca845b5-a984-48e8-bade-a397f42e1a58
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
http://urlz.fr
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
143
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		253 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_31/build/dist/prebid.js
Protocol
HTTP/1.1
Server
37.252.172.250 , Ascension Island, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://urlz.fr/aIYN
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 17 Oct 2019 07:15:46 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 538.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.233:80
AN-X-Request-Uuid
9ad4cd7a-cf42-4ac7-8238-82fcfba15548
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
http://urlz.fr
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
253
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
moneybid.js
ads.themoneytizer.com/bidder1/ 		631 B
666 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=15056&adid=28&formatid=30012&size=desktop&country=DE
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_31/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx / PHP/5.4.45
Resource Hash
87d0504a593794695c2f77db0efde1f65e73a7086abf260f07f491482517cd07

Request headers

Sec-Fetch-Mode
cors
Referer
http://urlz.fr/aIYN
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 17 Oct 2019 07:15:44 GMT
content-encoding
gzip
server
nginx
status
200
x-powered-by
PHP/5.4.45
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
435
expires
Fri, 18 Oct 2019 07:15:44 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ 		0
0
notifyme.php
adtrack.adleadevent.com/ 		0
517 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
Requested by
Host: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.247.83.136 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-247-83-136.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
http://urlz.fr/aIYN
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Pragma
no-cache
Date
Thu, 17 Oct 2019 07:15:44 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 Oct 2019 07:15:44 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
http://urlz.fr
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
Expires
Sat, 26 Jul 1997 05:00:00 GMT
wckr.php
tag.leadplace.fr/ Frame C0DC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://tag.leadplace.fr/wckr.php?nogdpr&id=MTIZ
Requested by
Host: tag.leadplace.fr
URL: http://tag.leadplace.fr/libJsLP.js
Protocol
HTTP/1.1
Server
145.239.192.166 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash

Request headers

Host
tag.leadplace.fr
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://urlz.fr/aIYN
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://urlz.fr/aIYN

Response headers

Server
nginx/1.14.2
Date
Thu, 17 Oct 2019 07:15:44 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
X-IPLB-Instance
30196
pixel;r=686434952;labels=Categories.hobbiesandinterests;rf=0;a=p-6Fv0cGNfc_bw8;url=http%3A%2F%2Furlz.fr%2FaIYN;fpan=1;fpa=P0-1918477222-1571296544053;ns=0;ce=1;qjs=1;qv=4c19192-20180628134937;cm=;r...
pixel.quantserve.com/ 		35 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://pixel.quantserve.com/pixel;r=686434952;labels=Categories.hobbiesandinterests;rf=0;a=p-6Fv0cGNfc_bw8;url=http%3A%2F%2Furlz.fr%2FaIYN;fpan=1;fpa=P0-1918477222-1571296544053;ns=0;ce=1;qjs=1;qv=4c19192-20180628134937;cm=;ref=;je=0;sr=1600x1200x24;enc=n;dst=1;et=1571296544053;tzo=-120;ogl=
Protocol
HTTP/1.1
Server
91.228.74.252 , United Kingdom, ASN27281 (QUANTCAST - Quantcast Corporation, US),
Reverse DNS
Software
QS /
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Request headers

Referer
http://urlz.fr/aIYN
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 17 Oct 2019 07:15:44 GMT
Server
QS
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
Cache-Control
private, no-cache, no-store, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
Fri, 04 Aug 1978 12:00:00 GMT
Primary Request /
u427902d1c.ha003.t.justns.ru/bred2019/
Redirect Chain
  • http://u441992d1d.ha003.t.justns.ru/redirecte.php/
  • http://u427902d1c.ha003.t.justns.ru/bred2019/
956 B
839 B 		Document
General
Check archive.org
Download Go to
Full URL
http://u427902d1c.ha003.t.justns.ru/bred2019/
Requested by
Host: urlz.fr
URL: http://urlz.fr/aIYN
Protocol
HTTP/1.1
Server
2a00:b700::2f , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
8ed7bcffa161029bf58a72ef4abd7c4f01aea22450e51406b35f5773e019a1f8

Request headers

Host
u427902d1c.ha003.t.justns.ru
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://urlz.fr/aIYN
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://urlz.fr/aIYN

Response headers

Connection
close
Content-Type
text/html
Last-Modified
Tue, 08 Oct 2019 23:40:36 GMT
Etag
"3bc-5d9d1e74-9f8dd7a51096f6a6;gz"
Accept-Ranges
bytes
Content-Encoding
gzip
Vary
Accept-Encoding,User-Agent
Content-Length
531
Date
Thu, 17 Oct 2019 07:15:44 GMT
Server
LiteSpeed

Redirect headers

Connection
close
Location
http://u427902d1c.ha003.t.justns.ru/bred2019/
Content-Type
text/html; charset=UTF-8
Content-Length
0
Date
Thu, 17 Oct 2019 07:15:44 GMT
Server
LiteSpeed
Cache-Control
no-cache, no-store, must-revalidate, max-age=0
Vary
User-Agent
sync
s.cpx.to/
Redirect Chain
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Dfae3a5fb-f435-425e-b57d-02f53b5bbcb0
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Dfae3a5fb-f435-425e-b57d-02f53b5bbcb0
  • https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=53EACCD5-5C87-4881-A010-9D2953C8DA23&fid=fae3a5fb-f435-425e-b57d-02f53b5bbcb0
95 B
881 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=53EACCD5-5C87-4881-A010-9D2953C8DA23&fid=fae3a5fb-f435-425e-b57d-02f53b5bbcb0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.138.153 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-249-138-153.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
http://urlz.fr/aIYN
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Thu, 17 Oct 2019 07:15:44 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Content-Length
95
Expires
Thu, 17 Oct 2019 07:15:44 GMT

Redirect headers

Location
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=53EACCD5-5C87-4881-A010-9D2953C8DA23&fid=fae3a5fb-f435-425e-b57d-02f53b5bbcb0
Date
Thu, 17 Oct 2019 07:15:44 GMT
X-Cnection
close
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Content-Length
448
Content-Type
text/html; charset=iso-8859-1
getuid
ads.avocet.io/ 		0
0
an_fire
s.cpx.to/
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D11528%26ref%3D%26hn_ver%3D10%26fid%3Dfae3a5fb-f435-425e-b57d-02f53b5bbcb0
  • https://s.cpx.to/an_fire?app_nexus_uid=7446708380401768253&pid=11528&ref=&hn_ver=10&fid=fae3a5fb-f435-425e-b57d-02f53b5bbcb0
95 B
865 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/an_fire?app_nexus_uid=7446708380401768253&pid=11528&ref=&hn_ver=10&fid=fae3a5fb-f435-425e-b57d-02f53b5bbcb0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.138.153 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-249-138-153.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
http://urlz.fr/aIYN
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Thu, 17 Oct 2019 07:15:44 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Content-Length
95
Expires
Thu, 17 Oct 2019 07:15:44 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 17 Oct 2019 07:15:46 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 536.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.230:80
AN-X-Request-Uuid
e5a140d8-fb61-4df1-9538-42674d379a2a
Server
nginx/1.13.4
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://s.cpx.to/an_fire?app_nexus_uid=7446708380401768253&pid=11528&ref=&hn_ver=10&fid=fae3a5fb-f435-425e-b57d-02f53b5bbcb0
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync.gif
dmp.truoptik.com/0362536315099b06/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.truoptik.com/0362536315099b06/sync.gif?cbk=https%3A%2F%2Fs.cpx.to%2Fsync&dsp=TRUOPTIK&fid=fae3a5fb-f435-425e-b57d-02f53b5bbcb0&fck=640a636d58d52f41&cbp=dsp_uid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.91.60 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
/
Resource Hash

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://urlz.fr/aIYN
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
ca.png
s.cpx.to/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=fae3a5fb-f435-425e-b57d-02f53b5bbcb0
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm=&dsp=dbm&fid=fae3a5fb-f435-425e-b57d-02f53b5bbcb0&google_tc=
  • https://s.cpx.to/ca.png?dsp=dbm&fid=fae3a5fb-f435-425e-b57d-02f53b5bbcb0&google_gid=CAESEMYu7RfsOaiaIkKHPbyw-CI&google_cver=1
95 B
804 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/ca.png?dsp=dbm&fid=fae3a5fb-f435-425e-b57d-02f53b5bbcb0&google_gid=CAESEMYu7RfsOaiaIkKHPbyw-CI&google_cver=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.138.153 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-249-138-153.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
http://urlz.fr/aIYN
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Thu, 17 Oct 2019 07:15:44 GMT
X-Frame-Options
sameorigin
Content-Type
image/png
Cache-Control
no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
95

Redirect headers

pragma
no-cache
date
Thu, 17 Oct 2019 07:15:44 GMT
server
HTTP server (unknown)
status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://s.cpx.to/ca.png?dsp=dbm&fid=fae3a5fb-f435-425e-b57d-02f53b5bbcb0&google_gid=CAESEMYu7RfsOaiaIkKHPbyw-CI&google_cver=1
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
334
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
pool.grid-data.bidswitch.net/ 		43 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pool.grid-data.bidswitch.net/sync?pid=42
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.45.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-185-45-212.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://urlz.fr/aIYN
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 17 Oct 2019 07:15:44 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Content-Length
43
Content-Type
image/gif
styles.css
u427902d1c.ha003.t.justns.ru/bred2019/ 		2 KB
965 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://u427902d1c.ha003.t.justns.ru/bred2019/styles.css
Requested by
Host: u427902d1c.ha003.t.justns.ru
URL: http://u427902d1c.ha003.t.justns.ru/bred2019/
Protocol
HTTP/1.1
Server
2a00:b700::2f , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
7ed7b17d773842a667146593a29bd95a203565f6c5b645398ac2877a3bb3ff62

Request headers

Referer
http://u427902d1c.ha003.t.justns.ru/bred2019/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 17 Oct 2019 07:15:44 GMT
Content-Encoding
gzip
Last-Modified
Tue, 08 Oct 2019 23:40:38 GMT
Server
LiteSpeed
Etag
"62e-5d9d1e76-ce5d5a2e341ae09a;gz"
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
574
Expires
Thu, 24 Oct 2019 07:15:44 GMT
Calque0.png
u427902d1c.ha003.t.justns.ru/bred2019/images/ 		426 KB
426 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://u427902d1c.ha003.t.justns.ru/bred2019/images/Calque0.png
Requested by
Host: u427902d1c.ha003.t.justns.ru
URL: http://u427902d1c.ha003.t.justns.ru/bred2019/
Protocol
HTTP/1.1
Server
2a00:b700::2f , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
93845d4e180b8df2a87835edd2a2f79c8bbebb8c59551fae3a410141ab5ff80a

Request headers

Referer
http://u427902d1c.ha003.t.justns.ru/bred2019/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 17 Oct 2019 07:15:44 GMT
Last-Modified
Tue, 08 Oct 2019 23:40:01 GMT
Server
LiteSpeed
Etag
"6a601-5d9d1e51-6022a3a4af1f66d8;;;"
Vary
User-Agent
Content-Type
image/png
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
435713
Expires
Thu, 24 Oct 2019 07:15:44 GMT
index_Button1_bkgrnd.png
u427902d1c.ha003.t.justns.ru/bred2019/images/ 		706 B
706 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://u427902d1c.ha003.t.justns.ru/bred2019/images/index_Button1_bkgrnd.png
Requested by
Host: u427902d1c.ha003.t.justns.ru
URL: http://u427902d1c.ha003.t.justns.ru/bred2019/
Protocol
HTTP/1.1
Server
2a00:b700::2f , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
0ad0d1cf2a31430d09a9040f43372c41851d62f4dc94065df03a06518c2c043d

Request headers

Referer
http://u427902d1c.ha003.t.justns.ru/bred2019/styles.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 17 Oct 2019 07:15:44 GMT
Server
LiteSpeed
Vary
User-Agent
Content-Type
text/html
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Connection
Keep-Alive
Content-Length
706

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
player.pepsia.com
URL
http://player.pepsia.com/sdk.js?d=16dd89284d9
Domain
id5-sync.com
URL
https://id5-sync.com/c/12/10/7/3.gif?puid=170626308605224179&gdpr=1&gdpr_consent=
Domain
ads.stickyadstv.com
URL
http://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=5224337&componentId=mustang&timestamp=1571296544035&pKey=-558424714&_fw_gdpr_consent=undefined&loc=http%3A%2F%2Furlz.fr%2FaIYN&playerSize=640x480&
Domain
ads.avocet.io
URL
https://ads.avocet.io/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Davocet%26dsp_uid%3D%7B%7BUUID%7D%7D%26fid%3Dfae3a5fb-f435-425e-b57d-02f53b5bbcb0

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.avocet.io
ads.stickyadstv.com
ads.themoneytizer.com
adtrack.adleadevent.com
ajax.cloudflare.com
ajax.googleapis.com
ced-ns.sascdn.com
cm.g.doubleclick.net
d2zur9cc2gf1tx.cloudfront.net
dmp.truoptik.com
edge.quantserve.com
fastlane.rubiconproject.com
g.tmyzer.com
gum.criteo.com
ib.adnxs.com
ice.360yield.com
id5-sync.com
image2.pubmatic.com
p.cpx.to
pixel.quantserve.com
player.pepsia.com
pool.grid-data.bidswitch.net
rules.quantcount.com
s.cpx.to
secure.adnxs.com
tag.contextweb.com
tag.leadplace.fr
u427902d1c.ha003.t.justns.ru
u441992d1d.ha003.t.justns.ru
urlz.fr
ww1097.smartadserver.com
www.noowho.com
ads.avocet.io
ads.stickyadstv.com
id5-sync.com
player.pepsia.com
104.16.91.60
13.224.196.26
13.224.197.120
145.239.192.166
145.239.193.145
151.139.241.23
172.217.22.2
18.185.45.212
18.195.103.23
185.64.189.110
185.86.137.17
2600:9000:200c:2600:6:44e3:f8c0:93a1
2606:4700:31::681f:ab2
2606:4700::6813:c597
2a00:1450:4001:806::200a
2a00:b700::2f
2a02:2638::1c
34.249.138.153
37.252.172.250
37.252.173.22
54.247.83.136
68.232.35.16
69.173.144.143
74.214.194.131
91.228.74.228
91.228.74.252
94.23.196.203
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
0ad0d1cf2a31430d09a9040f43372c41851d62f4dc94065df03a06518c2c043d
1033d1ad1fe5671d25c2188b97ebc77123b928f867149564395fe64d9995ec2c
1aa092da3c4c7cfa17ea0a1a695f3c98e49e5ad40fb8054f7f2c0508b640bf50
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
2c0b1cf6965cedd6fdc86718ff298f16a50ad29397c68cb6b4de5c0954f98728
404a9b0ffbcc813e8ddbb8d8510a24a69c09079282f8083ee94f4adc5d627176
46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681
759d88dd7c8fa0d1e31323bd2ebf3f238156fdcbd1ed108215f69fece482d0c2
7665c874bc98e44bd494def2883069f2f4c14cdef48d52d517cbbfce75440f37
7ebb1042972496d60bb6555b9622f7e23201bbfe5d25b33d1096f1b61d659045
7ed7b17d773842a667146593a29bd95a203565f6c5b645398ac2877a3bb3ff62
87d0504a593794695c2f77db0efde1f65e73a7086abf260f07f491482517cd07
8c8543047af01eee8aec752d049f35aff3abc468628af82f9585117411786d8c
8ed7bcffa161029bf58a72ef4abd7c4f01aea22450e51406b35f5773e019a1f8
90e6f92e956b0b2b6e655f63d36cd44cef727f54c2b2a175ab5144de14ba2a31
93845d4e180b8df2a87835edd2a2f79c8bbebb8c59551fae3a410141ab5ff80a
94666aec361fee9a9294bb32a5bc11867e479d41c199dd6ec8053122ae105a4b
97ccf98d36732087a17df7b208e96ae7564c630a0e354efa68a5c527e0dd8372
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213
bf0e17523e8f57ccb02223b6e5adea462a5479afc4e79d9cbf80ca7f6186dc69
e74d4b9c447f963778d2309bf36b2c9acd06d8c7096f9a98b28643cae53f426b
e77c8143439e97e5749d44c1973a0e51d44c11196dd2536abdfb099eddcf9d7b