urlz.fr Open in urlscan Pro
2606:4700:3038::681f:bb2 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://urlz.fr/bmjC
Submission Tags: phishing malicious Search All
Submission: On December 19 via api (December 19th 2019, 9:27:16 am UTC) from US

Summary HTTP 82 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 43 IPs in 10 countries across 44 domains to perform 82 HTTP transactions. The main IP is 2606:4700:3038::681f:bb2, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is urlz.fr.
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on August 21st 2019. Valid for: 6 months.

This is the only time urlz.fr was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: PayPal (Financial)

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:303... 2606:4700:3038::681f:bb2	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2606:4700::68... 2606:4700::6811:4004	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	2a02:4780:dea... 2a02:4780:dead:63e2::1	204915 (AWEX) (AWEX)
7	151.139.241.23 151.139.241.23	33438 (HIGHWINDS2) (HIGHWINDS2 - Highwinds Network Group)
1	145.239.193.145 145.239.193.145	16276 (OVH) (OVH)
2	51.89.9.251 51.89.9.251	16276 (OVH) (OVH)
1	74.214.194.131 74.214.194.131	59940 (PULSEPOIN...) (PULSEPOINT-EU)
1	143.204.101.25 143.204.101.25	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 2	185.86.137.114 185.86.137.114	201081 (SMARTADSE...) (SMARTADSERVER)
1	68.232.35.16 68.232.35.16	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
1	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	145.239.193.51 145.239.193.51	16276 (OVH) (OVH)
1	91.228.74.152 91.228.74.152	27281 (QUANTCAST) (QUANTCAST - Quantcast Corporation)
1	143.204.98.13 143.204.98.13	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
3	5.179.192.20 5.179.192.20	34235 (ASPSERVEU...) (ASPSERVEUR-AS)
1	94.23.196.203 94.23.196.203	16276 (OVH) (OVH)
1	2600:9000:209... 2600:9000:2099:2400:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	2606:4700:30:... 2606:4700:30::681c:102a	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1 6	52.57.38.160 52.57.38.160	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2.18.234.233 2.18.234.233	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	69.173.144.140 69.173.144.140	26667 (RUBICONPR...) (RUBICONPROJECT - The Rubicon Project)
3 4	37.252.173.27 37.252.173.27	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
1	178.250.2.152 178.250.2.152	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	91.228.74.184 91.228.74.184	27281 (QUANTCAST) (QUANTCAST - Quantcast Corporation)
6	54.154.104.74 54.154.104.74	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a00:1450:400... 2a00:1450:4001:819::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1	54.247.175.102 54.247.175.102	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2600:9000:20c... 2600:9000:20c3:8200:c:a9b7:ddc0:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2 2	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC - PubMatic)
1 1	37.252.173.22 37.252.173.22	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
1 1	104.16.91.60 104.16.91.60	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
4 4	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	18.185.45.212 18.185.45.212	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	54.38.64.100 54.38.64.100	16276 (OVH) (OVH)
1	2a01:4a0:1338... 2a01:4a0:1338:28::c38a:ff0a	201011 (NETZBETRI...) (NETZBETRIEB-GMBH)
5	151.101.14.2 151.101.14.2	54113 (FASTLY) (FASTLY - Fastly)
1 3	23.5.97.37 23.5.97.37	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
6 14	151.101.114.2 151.101.114.2	54113 (FASTLY) (FASTLY - Fastly)
2 2	3.125.138.242 3.125.138.242	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT - The Rubicon Project)
1 1	40.113.136.100 40.113.136.100	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
1 1	185.29.132.23 185.29.132.23	30419 (MEDIAMATH...) (MEDIAMATH-INC - MediaMath Inc)
6	151.101.114.49 151.101.114.49	54113 (FASTLY) (FASTLY - Fastly)
1 1	151.101.112.166 151.101.112.166	54113 (FASTLY) (FASTLY - Fastly)
2 2	185.184.8.30 185.184.8.30	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1 1	52.215.180.197 52.215.180.197	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 1	35.164.76.159 35.164.76.159	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	192.132.33.46 192.132.33.46	18568 (BIDTELLECT) (BIDTELLECT - Bidtellect Inc.)
1	141.226.224.32 141.226.224.32	200478 (TABOOLA-AS) (TABOOLA-AS)
2 2	35.157.221.204 35.157.221.204	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 1	37.18.16.16 37.18.16.16	205675 (HYBRID-AS) (HYBRID-AS)
1	178.250.0.130 178.250.0.130	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	54.36.123.231 54.36.123.231	16276 (OVH) (OVH)
1	23.37.55.184 23.37.55.184	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	151.101.113.108 151.101.113.108	54113 (FASTLY) (FASTLY - Fastly)
1	18.196.246.102 18.196.246.102	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 1	37.157.4.39 37.157.4.39	198622 (ADFORM) (ADFORM)
1	3.120.46.225 3.120.46.225	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
82	43

1 2606:4700:3038::681f:bb2 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

urlz.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:4004 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:4780:dead:63e2::1 (United States)

ASN204915 (AWEX, US)

vire1000.000webhostapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 151.139.241.23 (Dallas, United States)

ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US)

ads.themoneytizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 145.239.193.145 (France)

ASN16276 (OVH, FR)

g.themoneytizer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.89.9.251 (Germany)

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.214.194.131 (Amsterdam, Netherlands)

ASN59940 (PULSEPOINT-EU, NL)

tag.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.101.25 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-101-25.fra50.r.cloudfront.net

p.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.137.114 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

ww1097.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 68.232.35.16 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

ced-ns.sascdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 145.239.193.51 (France)

ASN16276 (OVH, FR)

tag.leadplace.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.228.74.152 (United Kingdom)

ASN27281 (QUANTCAST - Quantcast Corporation, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.13 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-98-13.fra50.r.cloudfront.net

d2zur9cc2gf1tx.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 5.179.192.20 (Paris, France)

ASN34235 (ASPSERVEUR-AS, FR)
PTR: 5-179-192-20.dynamixhost.net

player.pepsia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.23.196.203 (France)

ASN16276 (OVH, FR)
PTR: serveur8.wilsoftech.com

www.noowho.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2099:2400:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:30::681c:102a (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.57.38.160 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-57-38-160.eu-central-1.compute.amazonaws.com

ice.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.233 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-234-233.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.173.27 (Ascension Island) 3 redirects

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.152 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.228.74.184 (United Kingdom)

ASN27281 (QUANTCAST - Quantcast Corporation, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.154.104.74 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-154-104-74.eu-west-1.compute.amazonaws.com

s.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.247.175.102 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-247-175-102.eu-west-1.compute.amazonaws.com

adtrack.adleadevent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20c3:8200:c:a9b7:ddc0:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

c.sharethis.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.110 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC - PubMatic, Inc., US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.173.22 (Ascension Island) 1 redirects

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.91.60 (United States) 1 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

dmp.truoptik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.16.130 (United States) 4 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s46-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.185.45.212 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-185-45-212.eu-central-1.compute.amazonaws.com

pool.grid-data.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.38.64.100 (France)

ASN16276 (OVH, FR)

c.tmyzer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a01:4a0:1338:28::c38a:ff0a (Germany)

ASN201011 (NETZBETRIEB-GMBH, DE)

csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.14.2 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.5.97.37 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a23-5-97-37.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 151.101.114.2 (Frankfurt am Main, Germany) 6 redirects

ASN54113 (FASTLY - Fastly, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.125.138.242 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-3-125-138-242.eu-central-1.compute.amazonaws.com

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 40.113.136.100 (Amsterdam, Netherlands) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

px.powerlinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.23 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC - MediaMath Inc, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.114.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)

match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.112.166 (Frankfurt am Main, Germany) 1 redirects

ASN54113 (FASTLY - Fastly, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.30 (Poland) 2 redirects

ASN204995 (RTB-HOUSE-AMS, NL)
PTR: ip-185-184-8-30.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ams.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.215.180.197 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-215-180-197.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.164.76.159 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-164-76-159.us-west-2.compute.amazonaws.com

www.storygize.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.132.33.46 (United States)

ASN18568 (BIDTELLECT - Bidtellect Inc., US)
PTR: 46.bidtellect.com

bttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.157.221.204 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-157-221-204.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.18.16.16 (Moscow, Russian Federation) 1 redirects

ASN205675 (HYBRID-AS, RU)

dm.hybrid.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.130 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.36.123.231 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: s03.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.37.55.184 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a23-37-55-184.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.113.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.196.246.102 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-196-246-102.eu-central-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.4.39 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.120.46.225 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-3-120-46-225.eu-central-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	taboola.com 6 redirects cdn.taboola.com trc.taboola.com match.taboola.com cds.taboola.com	284 KB
8	360yield.com 1 redirects ice.360yield.com ad.360yield.com match.360yield.com	5 KB
7	cpx.to p.cpx.to s.cpx.to	8 KB
7	themoneytizer.com ads.themoneytizer.com	185 KB
6	adnxs.com 4 redirects ib.adnxs.com secure.adnxs.com acdn.adnxs.com	4 KB
4	doubleclick.net 4 redirects cm.g.doubleclick.net	621 B
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
3	bidswitch.net 3 redirects pool.grid-data.bidswitch.net x.bidswitch.net	888 B
3	rubiconproject.com 1 redirects fastlane.rubiconproject.com pixel.rubiconproject.com eus.rubiconproject.com	2 KB
3	pepsia.com player.pepsia.com	40 KB
3	smartadserver.com 1 redirects ww1097.smartadserver.com csync.smartadserver.com	3 KB
2	creativecdn.com 2 redirects creativecdn.com ams.creativecdn.com	748 B
2	mfadsrvr.com 2 redirects rtb.mfadsrvr.com	1 KB
2	pubmatic.com 2 redirects image2.pubmatic.com	1 KB
2	4dex.io script.4dex.io	18 KB
2	id5-sync.com id5-sync.com Failed	2 KB
2	quantserve.com secure.quantserve.com pixel.quantserve.com	6 KB
2	leadplace.fr tag.leadplace.fr	3 KB
2	criteo.com gum.criteo.com bidder.criteo.com	490 B
2	contextweb.com 1 redirects tag.contextweb.com bh.contextweb.com	12 KB
2	onetag-sys.com onetag-sys.com	509 B
2	000webhostapp.com vire1000.000webhostapp.com
1	adform.net 1 redirects track.adform.net	222 B
1	criteo.net static.criteo.net	14 KB
1	hybrid.ai 1 redirects dm.hybrid.ai	406 B
1	bttrack.com bttrack.com	380 B
1	storygize.net 1 redirects www.storygize.net	450 B
1	adsrvr.org 1 redirects match.adsrvr.org	474 B
1	mathtag.com 1 redirects sync.mathtag.com	472 B
1	powerlinks.com 1 redirects px.powerlinks.com	402 B
1	tmyzer.com c.tmyzer.com	200 B
1	truoptik.com 1 redirects dmp.truoptik.com	720 B
1	consensu.org c.sharethis.mgr.consensu.org	404 B
1	adleadevent.com adtrack.adleadevent.com	518 B
1	googleapis.com ajax.googleapis.com	30 KB
1	stickyadstv.com ads.stickyadstv.com	570 B
1	quantcount.com rules.quantcount.com	962 B
1	noowho.com www.noowho.com	2 KB
1	cloudfront.net d2zur9cc2gf1tx.cloudfront.net	26 KB
1	sascdn.com ced-ns.sascdn.com	8 KB
1	themoneytizer.net g.themoneytizer.net	200 B
1	cloudflare.com ajax.cloudflare.com	4 KB
1	urlz.fr urlz.fr	1 KB
0	eyeviewads.com Failed pixeltrack.eyeviewads.com Failed
82	44

	Domain	Requested by
14	trc.taboola.com	6 redirects cdn.taboola.com urlz.fr
7	ads.themoneytizer.com	ajax.cloudflare.com ads.themoneytizer.com
6	match.taboola.com
6	s.cpx.to	p.cpx.to
6	ice.360yield.com	1 redirects
5	cdn.taboola.com	urlz.fr cdn.taboola.com
4	cm.g.doubleclick.net	4 redirects
4	ib.adnxs.com	3 redirects ads.themoneytizer.com
3	sb.scorecardresearch.com	1 redirects cdn.taboola.com urlz.fr
3	player.pepsia.com	urlz.fr player.pepsia.com
2	x.bidswitch.net	2 redirects
2	rtb.mfadsrvr.com	2 redirects
2	image2.pubmatic.com	2 redirects
2	script.4dex.io	ads.themoneytizer.com script.4dex.io
2	id5-sync.com	ads.themoneytizer.com
2	tag.leadplace.fr	ads.themoneytizer.com tag.leadplace.fr
2	ww1097.smartadserver.com	1 redirects ced-ns.sascdn.com
2	onetag-sys.com	ads.themoneytizer.com
2	vire1000.000webhostapp.com	urlz.fr
1	match.360yield.com
1	track.adform.net	1 redirects
1	ad.360yield.com
1	acdn.adnxs.com	ads.themoneytizer.com
1	eus.rubiconproject.com	ads.themoneytizer.com
1	static.criteo.net	ads.themoneytizer.com
1	dm.hybrid.ai	1 redirects
1	cds.taboola.com	urlz.fr
1	bttrack.com	urlz.fr
1	www.storygize.net	1 redirects
1	match.adsrvr.org	1 redirects
1	ams.creativecdn.com	1 redirects
1	creativecdn.com	1 redirects
1	bh.contextweb.com	1 redirects
1	sync.mathtag.com	1 redirects
1	px.powerlinks.com	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	csync.smartadserver.com	ww1097.smartadserver.com
1	c.tmyzer.com	ads.themoneytizer.com
1	pool.grid-data.bidswitch.net	1 redirects
1	dmp.truoptik.com	1 redirects
1	secure.adnxs.com	1 redirects
1	c.sharethis.mgr.consensu.org	player.pepsia.com
1	adtrack.adleadevent.com	ajax.googleapis.com
1	ajax.googleapis.com	d2zur9cc2gf1tx.cloudfront.net
1	pixel.quantserve.com
1	bidder.criteo.com	ads.themoneytizer.com
1	fastlane.rubiconproject.com	ads.themoneytizer.com
1	ads.stickyadstv.com	ads.themoneytizer.com
1	rules.quantcount.com	secure.quantserve.com
1	www.noowho.com
1	d2zur9cc2gf1tx.cloudfront.net	ads.themoneytizer.com
1	secure.quantserve.com	ads.themoneytizer.com
1	gum.criteo.com	ads.themoneytizer.com
1	ced-ns.sascdn.com
1	p.cpx.to	ads.themoneytizer.com
1	tag.contextweb.com	ads.themoneytizer.com
1	g.themoneytizer.net	ads.themoneytizer.com
1	ajax.cloudflare.com	urlz.fr
1	urlz.fr
0	pixeltrack.eyeviewads.com Failed
82	60

This site contains links to these domains. Also see Links.

Domain
www.noowho.com

Subject Issuer	Validity	Valid
sni21163.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-08-21` - `2020-02-27`	6 months	crt.sh
ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-12-05` - `2020-06-12`	6 months	crt.sh
*.000webhostapp.com RapidSSL RSA CA 2018	`2019-06-11` - `2021-07-10`	2 years	crt.sh
*.themoneytizer.com Sectigo RSA Domain Validation Secure Server CA	`2019-02-15` - `2021-02-14`	2 years	crt.sh
g.themoneytizer.net Let's Encrypt Authority X3	`2019-10-11` - `2020-01-09`	3 months	crt.sh
onetag-sys.com Let's Encrypt Authority X3	`2019-12-02` - `2020-03-01`	3 months	crt.sh
*.contextweb.com DigiCert SHA2 Secure Server CA	`2018-07-07` - `2020-06-03`	2 years	crt.sh
p.cpx.to COMODO RSA Domain Validation Secure Server CA	`2015-02-10` - `2020-02-09`	5 years	crt.sh
*.sascdn.com DigiCert SHA2 Secure Server CA	`2017-10-25` - `2020-05-12`	3 years	crt.sh
*.criteo.com DigiCert ECC Secure Server CA	`2019-12-05` - `2021-04-08`	a year	crt.sh
*.leadplace.fr Gandi Standard SSL CA 2	`2018-09-06` - `2020-09-12`	2 years	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2019-10-04` - `2020-10-07`	a year	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2019-07-17` - `2020-07-05`	a year	crt.sh
player.pepsia.com Let's Encrypt Authority X3	`2019-09-28` - `2019-12-27`	3 months	crt.sh
www.noowho.com Gandi Standard SSL CA 2	`2017-02-07` - `2020-02-07`	3 years	crt.sh
sni50822.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-09-03` - `2020-03-11`	6 months	crt.sh
*.360yield.com Amazon	`2019-09-24` - `2020-10-24`	a year	crt.sh
ads.stickyadstv.com DigiCert SHA2 Secure Server CA	`2019-08-28` - `2020-11-26`	a year	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-01-10` - `2021-01-14`	2 years	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
s.cpx.to COMODO RSA Domain Validation Secure Server CA	`2015-02-10` - `2020-02-09`	5 years	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2019-11-13` - `2020-02-05`	3 months	crt.sh
adtrack.adleadevent.com Amazon	`2019-06-30` - `2020-07-30`	a year	crt.sh
*.sharethis.mgr.consensu.org Go Daddy Secure Certificate Authority - G2	`2018-05-21` - `2020-05-21`	2 years	crt.sh
*.smartadserver.com Thawte RSA CA 2018	`2018-09-07` - `2020-02-17`	a year	crt.sh
c.tmyzer.com Let's Encrypt Authority X3	`2019-12-13` - `2020-03-12`	3 months	crt.sh
f2.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-07-30` - `2020-07-25`	a year	crt.sh
*.scorecardresearch.com Sectigo RSA Organization Validation Secure Server CA	`2019-12-16` - `2020-12-25`	a year	crt.sh
g2.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-11-21` - `2020-11-12`	a year	crt.sh
*.bttrack.com Sectigo RSA Domain Validation Secure Server CA	`2019-03-19` - `2021-04-13`	2 years	crt.sh
*.taboola.com DigiCert ECC Secure Server CA	`2019-09-03` - `2020-09-10`	a year	crt.sh
*.criteo.net DigiCert ECC Secure Server CA	`2019-12-03` - `2021-04-06`	a year	crt.sh
*.id5-sync.com Go Daddy Secure Certificate Authority - G2	`2017-04-02` - `2020-04-02`	3 years	crt.sh
cdn.adnxs.com GlobalSign CloudSSL CA - SHA256 - G3	`2019-05-16` - `2020-05-16`	a year	crt.sh

This page contains 11 frames:

Primary Page: https://urlz.fr/bmjC
Frame ID: C9E4D7B912D0E4260B9D076C20B9F424
Requests: 52 HTTP requests in this frame

Frame: https://vire1000.000webhostapp.com/accueil.htm
Frame ID: C4924C719495CEC0FAEF610943557FD5
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1576747617420
Frame ID: 39F35B74DA99DC927EE810E3D914F1A5
Requests: 1 HTTP requests in this frame

Frame: https://vire1000.000webhostapp.com/accueil.htm
Frame ID: 4BA85FF461EF69C28E7FF3B11F625785
Requests: 1 HTTP requests in this frame

Frame: https://tag.leadplace.fr/wckr.php?nogdpr&id=MTIZ
Frame ID: E706ED44B6342083C5F71FD10E5EA762
Requests: 1 HTTP requests in this frame

Frame: https://csync.smartadserver.com/rtb/csync/CookieSync.html?nwid=1097&dcid=3&gdpr=1&gdprc=
Frame ID: 3F4755316A0CA69B3E394A835A1CE184
Requests: 1 HTTP requests in this frame

Frame: https://cdn.taboola.com/shared/tbframe.js
Frame ID: D4C64A2E6FB7C6688D5EC44900632FD7
Requests: 1 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/themonetizer-network/loader.js
Frame ID: 2CBDD79BF85C339185647CAE77C3AABA
Requests: 8 HTTP requests in this frame

Frame: https://trc.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=bb578aca-1753-4d4a-9068-6ed209a0f6ad
Frame ID: EF295155F716CB316033A61072EF655D
Requests: 14 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 3DC5E0C400FF986C58291D55A2CE2767
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 0399BA0485189C3BF405CE2927846DD1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /\/prebid\.js/i

Quantcast (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /\.quantserve\.com\/quant\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

82
Requests

98 %
HTTPS

16 %
IPv6

44
Domains

60
Subdomains

43
IPs

10
Countries

653 kB
Transfer

1989 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.noowho.com/Show-23690713.html

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

https://ww1097.smartadserver.com/config.js?nwid=1097 HTTP 302
https://ced-ns.sascdn.com/diff/js/smart.js

Request Chain 19

https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent= HTTP 302
https://id5-sync.com/c/12/0/9/1.gif?gdpr=1&gdpr_consent= HTTP 302
https://secure.adnxs.com/getuid?https://id5-sync.com/c/12/2/8/2.gif?puid=$UID&gdpr=1&gdpr_consent= HTTP 302
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fid5-sync.com%2Fc%2F12%2F2%2F8%2F2.gif%3Fpuid%3D%24UID%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/12/2/8/2.gif?puid=3450276408942664895&gdpr=1&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/12/19/7/3.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/12/19/7/3.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/12/19/7/3.gif?puid=5d327e474e07074a097bc1c05da7bd22&gdpr=1&gdpr_consent= HTTP 302
https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F6%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F6%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/12/101/6/4.gif?puid=57142424-ceda-444e-9376-a4aa71f0d0c6&gdpr=1&gdpr_consent= HTTP 302
https://rtb-csync.smartadserver.com/redir/?partnerid=111&partneruserid=ID5-ZHMO-XEJZCFbhOxj39V4f4SaoWeayqUgIpZD72hxew&redirurl=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F102%2F5%2F5.gif%3Fpuid%3DSMART_USER_ID%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/12/102/5/5.gif?puid=7312065771548888317&gdpr=1&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F4%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F4%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/12/108/4/6.gif?puid=b4f44f31-2241-11ea-ae7f-921b311b084a&gdpr=1&gdpr_consent= HTTP 302
https://uipglob.semasio.net/id5/1/get?_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F112%2F3%2F7.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://uipglob.semasio.net/id5/1/get2?_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F112%2F3%2F7.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/12/112/3/7.gif?puid=F7B73778544CCCDD&gdpr=1&gdpr_consent= HTTP 302
https://sync.sharethis.com/id5?uid=ID5-ZHMO-XEJZCFbhOxj39V4f4SaoWeayqUgIpZD72hxew&rurl=https%3A%2F%2Fid5-sync.com%2Fa%2F12%2F121%2F2%2F8%2Fgif%2F0%2F0%2F HTTP 302
https://id5-sync.com/a/12/121/2/8/gif/0/0/ZGYAAF37QmUAAAASHjqmAw==

Request Chain 23

https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2216a5b3e2904df69%22%2C%22version%22%3A%225.2.0-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Furlz.fr%2FbmjC%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2240491803559bef%22%2C%22pid%22%3A%221121191%22%2C%22tid%22%3A%22a8f6cd72-ee36-4b5e-8689-75eaa8de1197%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%5D%7D%7D%5D%7D%7D HTTP 302
https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2216a5b3e2904df69%22%2C%22version%22%3A%225.2.0-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Furlz.fr%2FbmjC%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2240491803559bef%22%2C%22pid%22%3A%221121191%22%2C%22tid%22%3A%22a8f6cd72-ee36-4b5e-8689-75eaa8de1197%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%5D%7D%7D%5D%7D%7D

Request Chain 39

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D2ab2664b-2421-4253-897f-88170471ddd3 HTTP 302
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D2ab2664b-2421-4253-897f-88170471ddd3 HTTP 302
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=0569D1A8-C70D-45AC-B50F-9B3B46E19381&fid=2ab2664b-2421-4253-897f-88170471ddd3

Request Chain 40

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D11528%26ref%3D%26hn_ver%3D10%26fid%3D2ab2664b-2421-4253-897f-88170471ddd3 HTTP 302
https://s.cpx.to/an_fire?app_nexus_uid=3450276408942664895&pid=11528&ref=&hn_ver=10&fid=2ab2664b-2421-4253-897f-88170471ddd3

Request Chain 41

https://dmp.truoptik.com/0362536315099b06/sync.gif?cbk=https%3A%2F%2Fs.cpx.to%2Fsync&dsp=TRUOPTIK&fid=2ab2664b-2421-4253-897f-88170471ddd3&fck=79db80f16d70bea9&cbp=dsp_uid HTTP 302
https://s.cpx.to/sync?dsp_uid=beb153f59a1c7df7bbe173c419eb7470&fid=2ab2664b-2421-4253-897f-88170471ddd3&dsp=TRUOPTIK&fck=79db80f16d70bea9

Request Chain 42

https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=2ab2664b-2421-4253-897f-88170471ddd3 HTTP 302
https://s.cpx.to/ca.png?dsp=dbm&fid=2ab2664b-2421-4253-897f-88170471ddd3&google_gid=CAESEF65RYX_FLFtoYOAdZIx1_k&google_cver=1

Request Chain 43

https://pool.grid-data.bidswitch.net/sync?pid=42 HTTP 302
https://s.cpx.to/sync?dsp_uid=6185aff0-c84d-4067-b38d-8ff6dff8c66d&dsp=BIDSWITCH

Request Chain 53

https://sb.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1576747619174&ns_c=UTF-8&ns_if=1&cv=3.1e&c8=&c7=https%3A%2F%2Furlz.fr%2FbmjC&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1576747619174&ns_c=UTF-8&ns_if=1&cv=3.1e&c8=&c7=https%3A%2F%2Furlz.fr%2FbmjC&c9=

Request Chain 55

https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola HTTP 302
https://trc.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=bb578aca-1753-4d4a-9068-6ed209a0f6ad

Request Chain 56

https://pixel.rubiconproject.com/exchange/sync.php?p=16698 HTTP 302
https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=K4CITK8A-25-F644

Request Chain 57

https://px.powerlinks.com/user/identify?sourceId=d4a7a706-ab0f-11e8-a038-127202fb7690&rurl=https%3A%2F%2Ftrc.taboola.com%2Fsg%2Fpowerlinksdsp-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%24%7BUSER%7D HTTP 302
https://trc.taboola.com/sg/powerlinksdsp-network/1/rtb-h/?taboola_hm=FOrEQroPMmgGkHG6IZXV6ukJeN5ABU7BepJt5JvCiOQ%3D

Request Chain 58

https://sync.mathtag.com/sync/img?mt_exid=92&redir=https://trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=[MM_UUID] HTTP 302
https://trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=f5ee5dfb-3c91-4100-a55a-545e35c1e2a6 HTTP 302
https://match.taboola.com/sg/mediamath-ssp-network/1/rtb-h?taboola_hm=f5ee5dfb-3c91-4100-a55a-545e35c1e2a6&tbid=78130291-cb23-4fa8-841a-2af8491bd606-tuct4f4c7e3&query=taboola_hm%3Df5ee5dfb-3c91-4100-a55a-545e35c1e2a6

Request Chain 59

https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Ftrc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%% HTTP 302
https://trc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=WTa37zl0kZZa&ev=1&pid=562107

Request Chain 60

https://creativecdn.com/cm-notify?pi=taboola HTTP 302
https://ams.creativecdn.com/cm-notify?pi=taboola&tc=1 HTTP 302
https://trc.taboola.com/sg/rtbhouse-network/1/rtb-h/?taboola_hm=aFGjEghyUk3BPpqSD5Ht&pi=taboola&tc=1

Request Chain 61

https://ib.adnxs.com/getuidnb?https://trc.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID HTTP 302
https://trc.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=3450276408942664895 HTTP 302
https://match.taboola.com/sg/appnexus-network/1/rtb-h?taboola_hm=3450276408942664895&tbid=78130291-cb23-4fa8-841a-2af8491bd606-tuct4f4c7e3&query=taboola_hm%3D3450276408942664895

Request Chain 62

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEMYMDzxjynSkCj7XG-SCQV8&google_cver=1 HTTP 302
https://match.taboola.com/sg/google-network/1/rtb-h?taboola_hm=CAESEMYMDzxjynSkCj7XG-SCQV8&tbid=78130291-cb23-4fa8-841a-2af8491bd606-tuct4f4c7e3&query=taboola_hm%3DCAESEMYMDzxjynSkCj7XG-SCQV8%26google_cver%3D1

Request Chain 63

https://ib.adnxs.com/getuidnb?https://trc.taboola.com/sg/nca-appnexus-network/1/rtb-h/?taboola_hm=$UID HTTP 302
https://trc.taboola.com/sg/nca-appnexus-network/1/rtb-h/?taboola_hm=3450276408942664895

Request Chain 64

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=5b27a767-456a-47fc-9ba8-ed3d8978a905 HTTP 302
https://match.taboola.com/sg/thetradedesk-network/1/rtb-h?taboola_hm=5b27a767-456a-47fc-9ba8-ed3d8978a905&tbid=78130291-cb23-4fa8-841a-2af8491bd606-tuct4f4c7e3&query=taboola_hm%3D5b27a767-456a-47fc-9ba8-ed3d8978a905

Request Chain 65

https://www.storygize.net/ccm/4b560cdd-91f9-422b-adb7-e9dff26bc3ad?u=78130291-cb23-4fa8-841a-2af8491bd606-tuct4f4c7e3 HTTP 302
https://trc.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=0fad9a3c-a5fe-4ba4-83e3-ce8c5f769174 HTTP 302
https://match.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=0fad9a3c-a5fe-4ba4-83e3-ce8c5f769174&tbid=78130291-cb23-4fa8-841a-2af8491bd606-tuct4f4c7e3&query=taboola_hm%3D0fad9a3c-a5fe-4ba4-83e3-ce8c5f769174

Request Chain 68

https://x.bidswitch.net/sync?ssp=taboola HTTP 302
https://dm.hybrid.ai/bidswitch-match?ssp=taboola HTTP 302
https://x.bidswitch.net/sync?dsp_id=258&user_id=6853cebc141aa317904f&expires=30&ssp=taboola HTTP 302
https://trc.taboola.com/sg/bidswitch-network/1/rtb-h/?taboola_hm=6185aff0-c84d-4067-b38d-8ff6dff8c66d HTTP 302
https://match.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=6185aff0-c84d-4067-b38d-8ff6dff8c66d&tbid=78130291-cb23-4fa8-841a-2af8491bd606-tuct4f4c7e3&query=taboola_hm%3D6185aff0-c84d-4067-b38d-8ff6dff8c66d

Request Chain 75

https://id5-sync.com/match?publisher_user_id=570e23c2-8a67-457b-a671-763497a28b32&publisher_dsp_id=79&publisher_call_type=redirect&gdpr=1&gdpr_consent=BOo5R8OOrzZvPCLAAAENCz-AAAAtDAAA&publisher_redirecturl=https://ice.360yield.com/match HTTP 302
https://ice.360yield.com/match?publisher_dsp_id=79&external_user_id=ID5-ZHMO-XEJZCFbhOxj39V4f4SaoWeayqUgIpZD72hxew&dsp_callback=0&gdpr=1&gdpr_consent=BOo5R8OOrzZvPCLAAAENCz-AAAAtDAAA

Request Chain 76

https://cm.g.doubleclick.net/pixel?google_nid=improvedigital&google_cm&google_sc&gdpr=1&gdpr_consent=BOo5R8OOrzZvPCLAAAENCz-AAAAtDAAA HTTP 302
https://ad.360yield.com/match?publisher_dsp_id=55&gdpr=1&gdpr_consent=BOo5R8OOrzZvPCLAAAENCz-AAAAtDAAA&external_user_id=CAESEEf8jEHno92tHX7GnlH6_Lk&google_cver=1

Request Chain 77

https://ib.adnxs.com/getuid?https://ice.360yield.com/match?external_user_id=$UID&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOo5R8OOrzZvPCLAAAENCz-AAAAtDAAA HTTP 302
https://ice.360yield.com/match?external_user_id=3450276408942664895&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOo5R8OOrzZvPCLAAAENCz-AAAAtDAAA

Request Chain 78

https://ads.stickyadstv.com/auto-user-sync HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEC-WA6FVP-drkPYVhc_ndOo&google_cver=1 HTTP 302
https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/wGbQAlJJ?redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&_test=XftCZQAAAEaNggxi HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=XftCZQAAAEaNggxi&_test=XftCZQAAAEaNggxi HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1 HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=5b27a767-456a-47fc-9ba8-ed3d8978a905 HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209%26userId%3D$UID HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=3450276408942664895 HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=44&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=f5ee5dfb-3c91-4100-a55a-545e35c1e2a6 HTTP 302
https://ad.turn.com/r/cs?pid=34 HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=147&userId=7290506518743712842 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/stickyads/668b6cf46df653fb9a1a99fd73a2833 HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-vQU9.il1lwSOrmKPcRzvE6ehgHY3QCUEiYZH8p1D HTTP 302
https://match.prod.bidr.io/cookie-sync/stv HTTP 303
https://match.prod.bidr.io/cookie-sync/stv?_bee_ppp=1 HTTP 303
https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AAHJEU679oUAADJGw6vzpw HTTP 302
https://track.eyeviewads.com/sync/fwel HTTP 302
https://pixeltrack.eyeviewads.com/check?r=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D625%26userId%3Db560f9627286a4d19076476bc531dce9&vndr=fwel

Request Chain 79

https://track.adform.net/serving/cookie/match/?party=5&publisher_user_id=570e23c2-8a67-457b-a671-763497a28b32&publisher_dsp_id=42&publisher_call_type=redirect&gdpr=1&gdpr_consent=BOo5R8OOrzZvPCLAAAENCz-AAAAtDAAA&publisher_redirecturl=https://ice.360yield.com/match HTTP 302
https://ice.360yield.com/match?publisher_dsp_id=42&Expiration=1577957220&external_user_id=6391564343219681339

Request Chain 80

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=Vw4jwopnRXumcXY0l6KLMg&google_cm&publisher_dsp_id=340 HTTP 302
https://match.360yield.com/match?publisher_dsp_id=340&google_gid=CAESEPvxz2yLISo7VPFNOgaTrSw&google_cver=1

82 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request bmjC Show response
urlz.fr/ 3 KB
1 KB 298ms
264ms Document
text/html 2606:4700:3038::681f:bb2
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://urlz.fr/bmjC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::681f:bb2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e8b90ee00b26fcd89592ade2c21d394a5b765d8ad167e81423b61916c73767e

Request headers

:method: GET
:authority: urlz.fr
:scheme: https
:path: /bmjC
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-user: ?1
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: none
sec-fetch-mode: navigate
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-User: ?1

Response headers

status: 200
date: Thu, 19 Dec 2019 09:26:56 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d06e62bf6297b711a02d25df76753d0cc1576747616; expires=Sat, 18-Jan-20 09:26:56 GMT; path=/; domain=.urlz.fr; HttpOnly; SameSite=Lax
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 54785678ea9159ca-VIE
content-encoding: br

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/ 12 KB
4 KB 14ms
13ms Script
application/javascript 2606:4700::6811:4004
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Requested by

Host: urlz.fr
URL: https://urlz.fr/bmjC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4004 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://urlz.fr/bmjC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Dec 2019 09:26:56 GMT
content-encoding: gzip
last-modified: Mon, 16 Dec 2019 12:31:43 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5df7792f-3016"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=172800, public
strict-transport-security: max-age=15780000; includeSubDomains
cf-ray: 5478567a9935cbac-VIE
alt-svc: h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
expires: Sat, 21 Dec 2019 09:26:56 GMT

GET
H2 200 accueil.htm
vire1000.000webhostapp.com/ Frame C492 0
0 335ms
104ms Document
text/html 2a02:4780:dead:63e2::1
AWEX

General

Check archive.org

Show headers Download Go to

Full URL

https://vire1000.000webhostapp.com/accueil.htm

Requested by

Host: urlz.fr
URL: https://urlz.fr/bmjC

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:4780:dead:63e2::1 , United States, ASN204915 (AWEX, US),

Reverse DNS

Software

awex /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: vire1000.000webhostapp.com
:scheme: https
:path: /accueil.htm
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://urlz.fr/bmjC
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://urlz.fr/bmjC

Response headers

status: 200
date: Thu, 19 Dec 2019 09:26:56 GMT
content-type: text/html; charset=UTF-8
server: awex
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-request-id: e56da6f9f3a59b8d48af99bb588cf817
content-encoding: gzip

GET
H2 200 requestform.js Show response
ads.themoneytizer.com/s/ 38 KB
9 KB 68ms
26ms Script
text/html 151.139.241.23
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx / PHP/5.4.45
Resource Hash: b31cb47ec6601c1481d0a99b27714e6d44f3bff36be72f99883e5d55099ea47d

Request headers

Referer: https://urlz.fr/bmjC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Dec 2019 09:26:56 GMT
content-encoding: gzip
server: nginx
x-powered-by: PHP/5.4.45
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
status: 200
cache-control: max-age=86400
accept-ranges: bytes
expires: Fri, 20 Dec 2019 09:26:56 GMT

GET
H2 200 gen.js Show response
ads.themoneytizer.com/s/ 8 KB
3 KB 59ms
17ms Script
text/html 151.139.241.23
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/gen.js?type=28
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx / PHP/5.4.45
Resource Hash: aa976605d1e09bed284b5d85b80fe5a598292f3f22ec79e380a7b318578e90ea

Request headers

Referer: https://urlz.fr/bmjC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Dec 2019 09:26:56 GMT
content-encoding: gzip
server: nginx
x-powered-by: PHP/5.4.45
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 2746
expires: Fri, 20 Dec 2019 09:26:47 GMT

GET
H/1.1 200
OK / Show response
g.themoneytizer.net/g/ 26 B
200 B 169ms
33ms Script
text/html 145.239.193.145
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://g.themoneytizer.net/g/
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=28
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 145.239.193.145 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 278393caf9e3b1246267fb79e95027449f041bbf8e8774a4cf46d72cc09b7405

Request headers

Referer: https://urlz.fr/bmjC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 19 Dec 2019 09:26:57 GMT
Server: nginx
X-IPLB-Instance: 29820
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 moneyvisibility.js Show response
ads.themoneytizer.com/ 12 KB
4 KB 18ms
16ms Script
text/javascript 151.139.241.23
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneyvisibility.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=28
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: 7665c874bc98e44bd494def2883069f2f4c14cdef48d52d517cbbfce75440f37

Request headers

Referer: https://urlz.fr/bmjC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Dec 2019 09:26:57 GMT
content-encoding: gzip
last-modified: Wed, 27 Feb 2019 16:57:07 GMT
server: nginx
etag: "779a-308e-582e3105a6be4"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 3931
expires: Fri, 20 Dec 2019 09:26:15 GMT

GET
H2 200 moneybile.js Show response
ads.themoneytizer.com/ 37 KB
16 KB 22ms
20ms Script
text/javascript 151.139.241.23
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneybile.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=28
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: 94666aec361fee9a9294bb32a5bc11867e479d41c199dd6ec8053122ae105a4b

Request headers

Referer: https://urlz.fr/bmjC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Dec 2019 09:26:57 GMT
content-encoding: gzip
last-modified: Wed, 27 Feb 2019 16:57:00 GMT
server: nginx
etag: "7ff1-9390-582e30fefbc74"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 15733
expires: Fri, 20 Dec 2019 09:26:55 GMT

GET
H2 200 /
onetag-sys.com/usync/ Frame 39F3 0
0 76ms
25ms Document
text/html 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1576747617420
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=28
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.89.9.251 , Germany, ASN16276 (OVH, FR),
Reverse DNS: ip251.ip-51-89-9.eu
Software: /
Resource Hash

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?pubId=2a897e3f18e6769&cb=1576747617420
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://urlz.fr/bmjC
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://urlz.fr/bmjC

Response headers

status: 200
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
set-cookie: OTP=-J2JhYTrA4Pdd_YEsUzpg-3MBX8OoXYAtTHJOwJHnfU; path=/; expires=Sat, 18 Dec 2021 09:26:57; domain=onetag-sys.com; SameSite=None;
content-type: text/html
expires: Sun, 01-Jan-2034 12:34:56 GMT
cache-control: max-age=2628000,public
content-encoding: gzip

GET
H2 200 getjs.static.js Show response
tag.contextweb.com/ 32 KB
11 KB 62ms
20ms Script
application/x-javascript 74.214.194.131
PULSEPOINT-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.contextweb.com/getjs.static.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=28
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 74.214.194.131 Amsterdam, Netherlands, ASN59940 (PULSEPOINT-EU, NL),
Reverse DNS
Software: envoy /
Resource Hash: bf0e17523e8f57ccb02223b6e5adea462a5479afc4e79d9cbf80ca7f6186dc69

Request headers

Referer: https://urlz.fr/bmjC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Dec 2019 09:26:57 GMT
content-encoding: gzip
server: envoy
etag: d13c8ae45565efb782b52cb7f6a3b3828e3d77a7
p3p: policyref="/TagPublish/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
status: 200
cache-control: max-age=432000, public
x-envoy-upstream-service-time: 2
content-type: application/x-javascript
content-length: 11296

GET
H/1.1 200
OK px.js Show response
p.cpx.to/p/11528/ 1 KB
2 KB 130ms
43ms Script
application/javascript 143.204.101.25
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://p.cpx.to/p/11528/px.js?r=1d7c1
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=28
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.25 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-101-25.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 759d88dd7c8fa0d1e31323bd2ebf3f238156fdcbd1ed108215f69fece482d0c2

Request headers

Referer: https://urlz.fr/bmjC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 19 Dec 2019 05:27:33 GMT
Content-Encoding: UTF-8
Last-Modified: Wed, 10 Oct 2018 10:49:46 GMT
Server: AmazonS3
Age: 14365
ETag: "f30057c89bf67afeaf18ceba624fa4b7"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aab.cloudfront.net (CloudFront)
Cache-Control: max-age=2419200
X-Amz-Cf-Pop: FRA50-C1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1498
X-Amz-Cf-Id: YXyAFdkG8xIGPlsrU71B4f6IKB3dCE-IN_cm9uW7YiJECYir6Xhtlg==

GET
H2

200

smart.js Show response
ced-ns.sascdn.com/diff/js/
Redirect Chain

https://ww1097.smartadserver.com/config.js?nwid=1097
https://ced-ns.sascdn.com/diff/js/smart.js

24 KB
8 KB

136ms
28ms

Script
application/x-javascript

68.232.35.16
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://ced-ns.sascdn.com/diff/js/smart.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.232.35.16 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (lcy/1D59) /
Resource Hash: e74d4b9c447f963778d2309bf36b2c9acd06d8c7096f9a98b28643cae53f426b

Request headers

Referer: https://urlz.fr/bmjC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Dec 2019 09:26:57 GMT
content-encoding: gzip
last-modified: Thu, 05 Sep 2019 12:08:33 GMT
server: ECS (lcy/1D59)
x-n: S
etag: "1fc11a0f5e30485338c4562812f21662:1567685313"
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 8004

Redirect headers

Location: https://ced-ns.sascdn.com/diff/js/smart.js
Date: Thu, 19 Dec 2019 09:26:57 GMT
Cache-Control: private
Content-Length: 159
Content-Type: text/html; charset=utf-8

GET
H2 200 sync Show response
gum.criteo.com/ 49 B
353 B 14ms
12ms Script
text/javascript 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=28
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0

Request headers

Referer: https://urlz.fr/bmjC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Dec 2019 09:26:56 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
status: 200
cache-control: private, max-age=3600
content-length: 165
expires: 60

GET
H/1.1 200
OK libJsLP.js Show response
tag.leadplace.fr/ 3 KB
3 KB 95ms
21ms Script
application/javascript 145.239.193.51
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.leadplace.fr/libJsLP.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=28
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 145.239.193.51 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 90e6f92e956b0b2b6e655f63d36cd44cef727f54c2b2a175ab5144de14ba2a31

Request headers

Referer: https://urlz.fr/bmjC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 19 Dec 2019 09:26:57 GMT
Last-Modified: Wed, 28 Nov 2018 09:16:40 GMT
Server: nginx/1.14.2
ETag: "5bfe5cf8-a72"
X-IPLB-Instance: 29922
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 2674

GET
H/1.1 200
OK quant.js Show response
secure.quantserve.com/ 13 KB
6 KB 29ms
29ms Script
application/x-javascript 91.228.74.152
Quantcast Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.228.74.152 , United Kingdom, ASN27281 (QUANTCAST - Quantcast Corporation, US),
Reverse DNS
Software: QS /
Resource Hash: e8d7c60749c1d62942a8e0a6f901800bd14ff3094251373626cd99a8875c6391

Request headers

Referer: https://urlz.fr/bmjC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 19 Dec 2019 09:26:57 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19-Dec-2019 09:26:57 GMT
Server: QS
ETag: M0-56c8c653
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=604800
Connection: keep-alive
Content-Length: 5651
Expires: Thu, 26 Dec 2019 09:26:57 GMT

GET
H/1.1 200
OK notifyme.js Show response
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/ 25 KB
26 KB 128ms
36ms Script
text/javascript 143.204.98.13
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.98.13 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-98-13.fra50.r.cloudfront.net
Software: Apache /
Resource Hash: b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213

Request headers

Referer: https://urlz.fr/bmjC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 18 Dec 2019 19:44:47 GMT
Via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aab.cloudfront.net (CloudFront)
Last-Modified: Mon, 18 Feb 2019 16:54:28 GMT
Server: Apache
Age: 49330
X-Cache: Hit from cloudfront
Content-Type: text/javascript
X-Amz-Cf-Pop: FRA50-C1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 25704
X-Amz-Cf-Id: 8xUJMlRaiJXQm7Ff4Oq364XRj453d-2P2FePyohuWYiQPwP5y4ClFw==

GET
H2 200 prebid.js Show response
ads.themoneytizer.com/moneybid2_31/build/dist/ 409 KB
130 KB 20ms
20ms Script
text/javascript 151.139.241.23
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneybid2_31/build/dist/prebid.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: fb2a3d0b14f0c8aa9de08c9222de19b498eacf44818f79ecb07450d2b48a42fa

Request headers

Referer: https://urlz.fr/bmjC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Dec 2019 09:26:57 GMT
content-encoding: gzip
last-modified: Mon, 09 Dec 2019 16:56:32 GMT
server: nginx
etag: "57fa-663d5-599484716ad2a"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 132349
expires: Fri, 20 Dec 2019 09:25:57 GMT

GET
H/1.1 200
OK sdk.js Show response
player.pepsia.com/ 39 KB
39 KB 225ms
68ms Script
application/javascript 5.179.192.20
ASPSERVEUR-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.pepsia.com/sdk.js?d=16f1d7b4c91
Requested by: Host: urlz.fr
URL: https://urlz.fr/bmjC
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.179.192.20 Paris, France, ASN34235 (ASPSERVEUR-AS, FR),
Reverse DNS: 5-179-192-20.dynamixhost.net
Software: nginx /
Resource Hash: 6a5f1e5815aa909321e34e522feca7634854a7e66cfcf20555b41db35234f2a9

Request headers

Referer: https://urlz.fr/bmjC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 19 Dec 2019 09:26:57 GMT
Last-Modified: Wed, 04 Dec 2019 19:07:48 GMT
Server: nginx
Accept-Ranges: bytes
ETag: "5de80404-9c13"
Content-Length: 39955
Content-Type: application/javascript

GET
H2 200 accueil.htm
vire1000.000webhostapp.com/ Frame 4BA8 0
0 122ms
122ms Document
text/html 2a02:4780:dead:63e2::1
AWEX

General

Check archive.org

Show headers Download Go to

Full URL

https://vire1000.000webhostapp.com/accueil.htm

Requested by

Host: urlz.fr
URL: https://urlz.fr/bmjC

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:4780:dead:63e2::1 , United States, ASN204915 (AWEX, US),

Reverse DNS

Software

awex /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: vire1000.000webhostapp.com
:scheme: https
:path: /accueil.htm
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://urlz.fr/bmjC
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://urlz.fr/bmjC

Response headers

status: 200
date: Thu, 19 Dec 2019 09:26:57 GMT
content-type: text/html; charset=UTF-8
server: awex
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-request-id: 89dfc2df1a9f6ccff553b7713502e74f
content-encoding: gzip

GET
H/1.1 200
OK image.php
www.noowho.com/ 1 KB
2 KB 207ms
94ms Image
image/gif 94.23.196.203
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.noowho.com/image.php?site=23690713&ref=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.23.196.203 , France, ASN16276 (OVH, FR),
Reverse DNS: serveur8.wilsoftech.com
Software: Apache/2.4.7 (Ubuntu) / PHP/5.5.9-1ubuntu4.22
Resource Hash: e316625ead39ef6865b9d0a78c787d17ec04226f69519678f6b6272799176886

Request headers

Referer: https://urlz.fr/bmjC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 19 Dec 2019 09:37:34 GMT
Cache-Control: no-store, no-cache, must-revalidate
Server: Apache/2.4.7 (Ubuntu)
Connection: close
X-Powered-By: PHP/5.5.9-1ubuntu4.22
Content-Length: 1464
Content-Type: image/gif

GET

ZGYAAF37QmUAAAASHjqmAw==
id5-sync.com/a/12/121/2/8/gif/0/0/
Redirect Chain

https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent=
https://id5-sync.com/c/12/0/9/1.gif?gdpr=1&gdpr_consent=
https://secure.adnxs.com/getuid?https://id5-sync.com/c/12/2/8/2.gif?puid=$UID&gdpr=1&gdpr_consent=
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fid5-sync.com%2Fc%2F12%2F2%2F8%2F2.gif%3Fpuid%3D%24UID%26gdpr%3D1%26gdpr_consent%3D
https://id5-sync.com/c/12/2/8/2.gif?puid=3450276408942664895&gdpr=1&gdpr_consent=
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/12/19/7/3.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/12/19/7/3.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
https://id5-sync.com/c/12/19/7/3.gif?puid=5d327e474e07074a097bc1c05da7bd22&gdpr=1&gdpr_consent=
https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F6%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F6%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
https://id5-sync.com/c/12/101/6/4.gif?puid=57142424-ceda-444e-9376-a4aa71f0d0c6&gdpr=1&gdpr_consent=
https://rtb-csync.smartadserver.com/redir/?partnerid=111&partneruserid=ID5-ZHMO-XEJZCFbhOxj39V4f4SaoWeayqUgIpZD72hxew&redirurl=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F102%2F5%2F5.gif%3Fpuid%3DSMART_U...
https://id5-sync.com/c/12/102/5/5.gif?puid=7312065771548888317&gdpr=1&gdpr_consent=
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F4%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F4%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D
https://id5-sync.com/c/12/108/4/6.gif?puid=b4f44f31-2241-11ea-ae7f-921b311b084a&gdpr=1&gdpr_consent=
https://uipglob.semasio.net/id5/1/get?_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F112%2F3%2F7.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D1%26gdpr_consent%3D
https://uipglob.semasio.net/id5/1/get2?_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F112%2F3%2F7.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D1%26gdpr_consent%3D
https://id5-sync.com/c/12/112/3/7.gif?puid=F7B73778544CCCDD&gdpr=1&gdpr_consent=
https://sync.sharethis.com/id5?uid=ID5-ZHMO-XEJZCFbhOxj39V4f4SaoWeayqUgIpZD72hxew&rurl=https%3A%2F%2Fid5-sync.com%2Fa%2F12%2F121%2F2%2F8%2Fgif%2F0%2F0%2F
https://id5-sync.com/a/12/121/2/8/gif/0/0/ZGYAAF37QmUAAAASHjqmAw==

0
0

GET
H2 200 rules-p-6Fv0cGNfc_bw8.js Show response
rules.quantcount.com/ 1 KB
962 B 13ms
12ms Script
application/x-javascript 2600:9000:2099:2400:6:44e3:f8c0:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2099:2400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681

Request headers

Referer: https://urlz.fr/bmjC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Dec 2019 08:32:31 GMT
content-encoding: gzip
last-modified: Mon, 19 Mar 2018 22:28:36 GMT
server: AmazonS3
age: 3308
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=3600
x-amz-cf-pop: MUC51
x-amz-cf-id: gC7htemVD6WGSDtRzabTss5cb5mghsQk7ITw-86OphQNxgiggPlXGA==
via: 1.1 5ff5eb6edcbc169906f2124a1927ecc9.cloudfront.net (CloudFront)

GET
H2 200 localstore.js Show response
script.4dex.io/ 409 B
699 B 75ms
17ms Script
application/javascript 2606:4700:30::681c:102a
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_31/build/dist/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681c:102a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86aaaf7d30279a13050276ee51c2e1983c77ff3f650dc000828cbbfe20d6f0ae

Request headers

Referer: https://urlz.fr/bmjC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Dec 2019 09:26:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 12 Dec 2019 15:35:31 GMT
server: cloudflare
age: 1083
etag: W/"4b47be3773e54c93b4788a00c3d0324b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=1800
cf-ray: 54785681dff6cba4-VIE
x-amz-request-id: 133714E428133159
x-amz-id-2: 5UexHS5/6lsg+v3JF9SZgJdbQ3esogFi4gHRRMKby5YKNAozmfAdmIzGYTakG4iYxXxvgr9oz8o=

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
509 B 37ms
37ms XHR
application/json 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-sys.com/prebid-request
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_31/build/dist/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.89.9.251 , Germany, ASN16276 (OVH, FR),
Reverse DNS: ip251.ip-51-89-9.eu
Software: /
Resource Hash: 663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Request headers

Referer: https://urlz.fr/bmjC
Origin: https://urlz.fr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

content-encoding: gzip
status: 200
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://urlz.fr
cache-control: no-cache, no-transform
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: Content-Type

GET
H2

302

hb Show response
ice.360yield.com/ul_cb/
Redirect Chain

https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2216a5b3e2904df69%22%2C%22version%22%3A%225.2.0-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Furlz.fr%2F...
https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2216a5b3e2904df69%22%2C%22version%22%3A%225.2.0-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Furlz...

0
-1 B

126ms
27ms

XHR
text/plain

52.57.38.160
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2216a5b3e2904df69%22%2C%22version%22%3A%225.2.0-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Furlz.fr%2FbmjC%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2240491803559bef%22%2C%22pid%22%3A%221121191%22%2C%22tid%22%3A%22a8f6cd72-ee36-4b5e-8689-75eaa8de1197%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%5D%7D%7D%5D%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.38.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-57-38-160.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://urlz.fr/bmjC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Dec 2019 09:26:57 GMT
access-control-allow-origin: https://urlz.fr
location: https://ice.360yield.com:443/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2216a5b3e2904df69%22%2C%22version%22%3A%225.2.0-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Furlz.fr%2FbmjC%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2240491803559bef%22%2C%22pid%22%3A%221121191%22%2C%22tid%22%3A%22a8f6cd72-ee36-4b5e-8689-75eaa8de1197%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%5D%7D%7D%5D%7D%7D
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
status: 302
access-control-allow-credentials: true
content-type: text/plain
content-length: 0

Redirect headers

date: Thu, 19 Dec 2019 09:26:57 GMT
status: 302
location: https://ice.360yield.com:443/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2216a5b3e2904df69%22%2C%22version%22%3A%225.2.0-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Furlz.fr%2FbmjC%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2240491803559bef%22%2C%22pid%22%3A%221121191%22%2C%22tid%22%3A%22a8f6cd72-ee36-4b5e-8689-75eaa8de1197%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%5D%7D%7D%5D%7D%7D
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: https://urlz.fr
access-control-allow-credentials: true
content-type: text/plain
content-length: 0

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ 67 B
570 B 153ms
107ms XHR
application/xml 2.18.234.233
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=5224337&componentId=mustang&timestamp=1576747617567&pKey=-1198990503&_fw_gdpr_consent=undefined&loc=https%3A%2F%2Furlz.fr%2FbmjC&playerSize=640x480&
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_31/build/dist/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer: https://urlz.fr/bmjC
Origin: https://urlz.fr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 19 Dec 2019 09:26:57 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://urlz.fr
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1576747617572059-81
Expires: Thu, 19 Dec 2019 09:26:57 GMT

GET
H2 200 moneybid.js Show response
ads.themoneytizer.com/bidder1/ 631 B
661 B 86ms
42ms XHR
text/html 151.139.241.23
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=15056&adid=28&formatid=30012&size=desktop
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_31/build/dist/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx / PHP/5.4.45
Resource Hash: 87d0504a593794695c2f77db0efde1f65e73a7086abf260f07f491482517cd07

Request headers

Referer: https://urlz.fr/bmjC
Origin: https://urlz.fr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 19 Dec 2019 09:26:57 GMT
content-encoding: gzip
server: nginx
status: 200
x-powered-by: PHP/5.4.45
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
expires: Fri, 20 Dec 2019 09:26:57 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 255 B
2 KB 237ms
116ms XHR
application/json 69.173.144.140
The Rubicon Project

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11740&site_id=39544&zone_id=1078310&size_id=2&p_pos=atf&rf=https%3A%2F%2Furlz.fr&kw=15056&tg_i.siteid=15056&tk_flint=pbjs_lite_v2.31.0&x_source.tid=a8f6cd72-ee36-4b5e-8689-75eaa8de1197&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.5247003812704294
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_31/build/dist/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: 29837b99b9447721f66db7ae51ed589b4c6cd9bb7175a240d5f066a00ec82f2b

Request headers

Referer: https://urlz.fr/bmjC
Origin: https://urlz.fr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 19 Dec 2019 09:26:57 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://urlz.fr
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=5, max=475
Content-Length: 255
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
702 B 87ms
42ms XHR
application/json 37.252.173.27
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_31/build/dist/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 , Ascension Island, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://urlz.fr/bmjC
Origin: https://urlz.fr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 19 Dec 2019 09:26:59 GMT
X-Proxy-Origin: 109.236.94.15; 109.236.94.15; 539.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.11:80
AN-X-Request-Uuid: 30ef5fac-68c1-47f9-a103-95bb4451b504
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://urlz.fr
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
137 B 84ms
42ms XHR
text/plain 178.250.2.152
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=20&wv=2.31.0&cb=34103347459
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_31/build/dist/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.152 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://urlz.fr/bmjC
Origin: https://urlz.fr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Thu, 19 Dec 2019 09:26:56 GMT
access-control-allow-credentials: true
server: Finatra
access-control-allow-origin: https://urlz.fr
timing-allow-origin: *
vary: Origin

GET
H/1.1 200
OK pixel;r=1129159767;labels=Categories.hobbiesandinterests;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Furlz.fr%2FbmjC;fpan=1;fpa=P0-1304487498-1576747617587;ns=0;ce=1;qjs=1;qv=0e9a7da-20191205140709;cm=...
pixel.quantserve.com/ 35 B
494 B 27ms
25ms Image
image/gif 91.228.74.184
Quantcast Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.quantserve.com/pixel;r=1129159767;labels=Categories.hobbiesandinterests;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Furlz.fr%2FbmjC;fpan=1;fpa=P0-1304487498-1576747617587;ns=0;ce=1;qjs=1;qv=0e9a7da-20191205140709;cm=;ref=;je=0;sr=1600x1200x24;enc=n;dst=1;et=1576747617587;tzo=-60;ogl=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.228.74.184 , United Kingdom, ASN27281 (QUANTCAST - Quantcast Corporation, US),
Reverse DNS
Software: QS /
Resource Hash: a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Request headers

Referer: https://urlz.fr/bmjC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Dec 2019 09:26:57 GMT
Server: QS
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
Cache-Control: private, no-cache, no-store, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1 200
OK wckr.php
tag.leadplace.fr/ Frame E706 0
0 58ms
57ms Document
text/html 145.239.193.51
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.leadplace.fr/wckr.php?nogdpr&id=MTIZ
Requested by: Host: tag.leadplace.fr
URL: https://tag.leadplace.fr/libJsLP.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 145.239.193.51 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash

Request headers

Host: tag.leadplace.fr
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Referer: https://urlz.fr/bmjC
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://urlz.fr/bmjC

Response headers

Server: nginx/1.14.2
Date: Thu, 19 Dec 2019 09:26:57 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
X-IPLB-Instance: 29922

GET
H/1.1 200
OK fire.js Show response
s.cpx.to/ 772 B
1 KB 135ms
32ms Script
application/javascript 54.154.104.74
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://s.cpx.to/fire.js?pid=11528&ref=&hn_ver=10&fid=2ab2664b-2421-4253-897f-88170471ddd3

Requested by

Host: p.cpx.to
URL: https://p.cpx.to/p/11528/px.js?r=1d7c1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.154.104.74 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-54-154-104-74.eu-west-1.compute.amazonaws.com

Software

Resource Hash

4d4c90496d45e148fa70ed0f0b1bc93df2d6d5b4d51b9bddf523f31c6d5d9415

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://urlz.fr/bmjC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Thu, 19 Dec 2019 09:26:57 GMT
X-Frame-Options: sameorigin
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Type: application/javascript; charset=UTF-8
Content-Length: 772
Expires: Tue, 26 Nov 2019 13:52:04 GMT

GET
H2 200 adagio.js Show response
script.4dex.io/ 57 KB
17 KB 195ms
125ms Fetch
application/javascript 2606:4700:30::681c:102a
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681c:102a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf3c61be0c658b2d2124e77d4d3640ddd96bb9cd4a380724e1d75948bdd1772f

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://urlz.fr/bmjC
Origin: https://urlz.fr

Response headers

date: Thu, 19 Dec 2019 09:26:57 GMT
content-encoding: br
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: REVALIDATED
x-amz-request-id: E9CC9121B2B0FB9A
status: 200
x-amz-id-2: 8UGgOsTOp4zJXptHLiuQFg9NyebjcyDTpZ8d685sJ0aQT2NY1yzFxWJ/tZ1+TN24oHKnTGSwHjM=
last-modified: Thu, 12 Dec 2019 15:35:29 GMT
server: cloudflare
etag: W/"e85f0fec19f376d5e00a302defa1aac6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
cf-ray: 547856827e4fcbcc-VIE

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.0.0/ 84 KB
30 KB 46ms
41ms Script
text/javascript 2a00:1450:4001:819::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js

Requested by

Host: d2zur9cc2gf1tx.cloudfront.net
URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://urlz.fr/bmjC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 21 Nov 2019 15:06:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2398823
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 30186
x-xss-protection: 0
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 Nov 2020 15:06:34 GMT

GET
H/1.1 200
OK notifyme.php Show response
adtrack.adleadevent.com/ 0
518 B 141ms
40ms XHR
application/x-javascript 54.247.175.102
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.247.175.102 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-247-175-102.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://urlz.fr/bmjC
Origin: https://urlz.fr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Dec 2019 09:26:57 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Dec 2019 09:26:57 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: https://urlz.fr
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 get_consent Show response
c.sharethis.mgr.consensu.org/ 13 B
404 B 89ms
62ms XHR
application/json 2600:9000:20c3:8200:c:a9b7:ddc0:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://c.sharethis.mgr.consensu.org/get_consent
Requested by: Host: player.pepsia.com
URL: https://player.pepsia.com/sdk.js?d=16f1d7b4c91
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20c3:8200:c:a9b7:ddc0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: /
Resource Hash: 38bc0f256821a9c0a02a1c0cedf8ff70c211e637ef77ac199de2fe0cf36ba9ec

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://urlz.fr/bmjC
Origin: https://urlz.fr

Response headers

date: Thu, 19 Dec 2019 09:26:57 GMT
via: 1.1 72818776d4abe4e5a732c084dae83f1b.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-C1
status: 200
etag: W/"d-+DingHfG0CPg0LypXw8zXfS4tGg"
vary: Origin,Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://urlz.fr
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-length: 13
x-amz-cf-id: YmoAcznAgCk7CjY7TD_6mxsgnp84b95UJilRV1AoZfHcOgvqy__Snw==

GET
H/1.1 200
OK indexv2.php Show response
player.pepsia.com/V2/ 170 B
413 B 42ms
42ms XHR
text/html 5.179.192.20
ASPSERVEUR-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.pepsia.com/V2/indexv2.php?token=00I4&controls=1&autoplay=1&logo=true&volume=1&api=1&id=0&origin=https://urlz.fr&gdpr=1&d=16f1d7b4d92
Requested by: Host: player.pepsia.com
URL: https://player.pepsia.com/sdk.js?d=16f1d7b4c91
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.179.192.20 Paris, France, ASN34235 (ASPSERVEUR-AS, FR),
Reverse DNS: 5-179-192-20.dynamixhost.net
Software: nginx /
Resource Hash: 89085930fdff263d643c4fa37f489efadd7d9f8361661113d67eb61aa7d6311a

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://urlz.fr/bmjC
Origin: https://urlz.fr

Response headers

Access-Control-Allow-Origin: https://urlz.fr
Date: Thu, 19 Dec 2019 09:26:57 GMT
Content-Encoding: gzip
Access-Control-Allow-Credentials: true
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK algov2.php Show response
player.pepsia.com/V2/ 1003 B
746 B 92ms
49ms XHR
text/html 5.179.192.20
ASPSERVEUR-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.pepsia.com/V2/algov2.php?token=00I4&num=9&origin=https://urlz.fr&d=16f1d7b4d93
Requested by: Host: player.pepsia.com
URL: https://player.pepsia.com/sdk.js?d=16f1d7b4c91
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.179.192.20 Paris, France, ASN34235 (ASPSERVEUR-AS, FR),
Reverse DNS: 5-179-192-20.dynamixhost.net
Software: nginx /
Resource Hash: 8c80baf7d10a38bef375399471a6ba2258084e3ade72ad610059793ff56c76cb

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://urlz.fr/bmjC
Origin: https://urlz.fr

Response headers

Access-Control-Allow-Origin: https://urlz.fr
Date: Thu, 19 Dec 2019 09:26:57 GMT
Content-Encoding: gzip
Access-Control-Allow-Credentials: true
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 hb Show response
ice.360yield.com/ul_cb/ 3 KB
2 KB 34ms
34ms XHR
application/json 52.57.38.160
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2216a5b3e2904df69%22%2C%22version%22%3A%225.2.0-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Furlz.fr%2FbmjC%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2240491803559bef%22%2C%22pid%22%3A%221121191%22%2C%22tid%22%3A%22a8f6cd72-ee36-4b5e-8689-75eaa8de1197%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%5D%7D%7D%5D%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.38.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-57-38-160.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 2c8add23a684bb83281fdbd16d9c950c68ebbfb4923cd3a1b3934037b739993f

Request headers

Referer: https://urlz.fr/bmjC
Origin: https://urlz.fr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 19 Dec 2019 09:26:57 GMT
content-encoding: gzip
status: 200
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: https://urlz.fr
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 1746

GET
H/1.1

200
OK

sync
s.cpx.to/
Redirect Chain

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D2ab2664b-2421-4253-897f-88170471ddd3
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D2ab2664b-2421-4253-897f-88170471ddd3
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=0569D1A8-C70D-45AC-B50F-9B3B46E19381&fid=2ab2664b-2421-4253-897f-88170471ddd3

95 B
881 B

33ms
32ms

Image
image/png

54.154.104.74
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=0569D1A8-C70D-45AC-B50F-9B3B46E19381&fid=2ab2664b-2421-4253-897f-88170471ddd3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.154.104.74 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-54-154-104-74.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://urlz.fr/bmjC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Thu, 19 Dec 2019 09:26:58 GMT
X-Frame-Options: sameorigin
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Type: image/png
Content-Length: 95
Expires: Thu, 19 Dec 2019 09:26:58 GMT

Redirect headers

Location: https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=0569D1A8-C70D-45AC-B50F-9B3B46E19381&fid=2ab2664b-2421-4253-897f-88170471ddd3
Date: Thu, 19 Dec 2019 09:26:57 GMT
X-Cnection: close
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Content-Length: 448
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1

200
OK

an_fire
s.cpx.to/
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D11528%26ref%3D%26hn_ver%3D10%26fid%3D2ab2664b-2421-4253-897f-88170471ddd3
https://s.cpx.to/an_fire?app_nexus_uid=3450276408942664895&pid=11528&ref=&hn_ver=10&fid=2ab2664b-2421-4253-897f-88170471ddd3

95 B
865 B

32ms
31ms

Image
image/png

54.154.104.74
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/an_fire?app_nexus_uid=3450276408942664895&pid=11528&ref=&hn_ver=10&fid=2ab2664b-2421-4253-897f-88170471ddd3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.154.104.74 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-54-154-104-74.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://urlz.fr/bmjC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Thu, 19 Dec 2019 09:26:57 GMT
X-Frame-Options: sameorigin
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Type: image/png
Content-Length: 95
Expires: Thu, 19 Dec 2019 09:26:57 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 19 Dec 2019 09:26:59 GMT
AN-X-Request-Uuid: d8047c85-53d2-4ca0-9ec7-f13235b513e7
Content-Type: text/html; charset=utf-8
Server: nginx/1.13.4
Location: https://s.cpx.to/an_fire?app_nexus_uid=3450276408942664895&pid=11528&ref=&hn_ver=10&fid=2ab2664b-2421-4253-897f-88170471ddd3
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 109.236.94.15; 109.236.94.15; 536.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.109:80
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

sync
s.cpx.to/
Redirect Chain

https://dmp.truoptik.com/0362536315099b06/sync.gif?cbk=https%3A%2F%2Fs.cpx.to%2Fsync&dsp=TRUOPTIK&fid=2ab2664b-2421-4253-897f-88170471ddd3&fck=79db80f16d70bea9&cbp=dsp_uid
https://s.cpx.to/sync?dsp_uid=beb153f59a1c7df7bbe173c419eb7470&fid=2ab2664b-2421-4253-897f-88170471ddd3&dsp=TRUOPTIK&fck=79db80f16d70bea9

95 B
877 B

35ms
32ms

Image
image/png

54.154.104.74
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/sync?dsp_uid=beb153f59a1c7df7bbe173c419eb7470&fid=2ab2664b-2421-4253-897f-88170471ddd3&dsp=TRUOPTIK&fck=79db80f16d70bea9

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.154.104.74 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-54-154-104-74.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://urlz.fr/bmjC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Thu, 19 Dec 2019 09:26:57 GMT
X-Frame-Options: sameorigin
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Type: image/png
Content-Length: 95
Expires: Thu, 19 Dec 2019 09:26:57 GMT

Redirect headers

date: Thu, 19 Dec 2019 09:26:57 GMT
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 302
to-dmp-balancer: balancer1-dmp-nyc1-do.truoptik.com
content-length: 154
pragma: no-cache
to-dmp-sync: sync5-dmp-nyc1-do.truoptik.com
server: cloudflare
user-agent: Tru Optik DMP 1.3.1
location: https://s.cpx.to/sync?dsp_uid=beb153f59a1c7df7bbe173c419eb7470&fid=2ab2664b-2421-4253-897f-88170471ddd3&dsp=TRUOPTIK&fck=79db80f16d70bea9
content-type: text/html
access-control-allow-origin: *
cache-control: no-store
cf-ray: 547856832b0ec791-AMS
expires: 0

GET
H/1.1

200
OK

ca.png
s.cpx.to/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=2ab2664b-2421-4253-897f-88170471ddd3
https://s.cpx.to/ca.png?dsp=dbm&fid=2ab2664b-2421-4253-897f-88170471ddd3&google_gid=CAESEF65RYX_FLFtoYOAdZIx1_k&google_cver=1

95 B
804 B

56ms
32ms

Image
image/png

54.154.104.74
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/ca.png?dsp=dbm&fid=2ab2664b-2421-4253-897f-88170471ddd3&google_gid=CAESEF65RYX_FLFtoYOAdZIx1_k&google_cver=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.154.104.74 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-54-154-104-74.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://urlz.fr/bmjC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: sameorigin
Date: Thu, 19 Dec 2019 09:26:57 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Cache-Control: no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 95

Redirect headers

pragma: no-cache
date: Thu, 19 Dec 2019 09:26:57 GMT
server: HTTP server (unknown)
location: https://s.cpx.to/ca.png?dsp=dbm&fid=2ab2664b-2421-4253-897f-88170471ddd3&google_gid=CAESEF65RYX_FLFtoYOAdZIx1_k&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 334
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

sync
s.cpx.to/
Redirect Chain

https://pool.grid-data.bidswitch.net/sync?pid=42
https://s.cpx.to/sync?dsp_uid=6185aff0-c84d-4067-b38d-8ff6dff8c66d&dsp=BIDSWITCH

95 B
882 B

32ms
32ms

Image
image/png

54.154.104.74
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/sync?dsp_uid=6185aff0-c84d-4067-b38d-8ff6dff8c66d&dsp=BIDSWITCH

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.154.104.74 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-54-154-104-74.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://urlz.fr/bmjC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Thu, 19 Dec 2019 09:26:57 GMT
X-Frame-Options: sameorigin
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Type: image/png
Content-Length: 95
Expires: Thu, 19 Dec 2019 09:26:57 GMT

Redirect headers

Location: https://s.cpx.to/sync?dsp_uid=6185aff0-c84d-4067-b38d-8ff6dff8c66d&dsp=BIDSWITCH
Date: Thu, 19 Dec 2019 09:26:57 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 200
OK ac Show response
ww1097.smartadserver.com/ 1 KB
2 KB 33ms
33ms Script
application/javascript 185.86.137.114
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://ww1097.smartadserver.com/ac?nwid=1097&siteid=205724&pgid=890545&fmtid=30012&async=1&visit=m&tmstp=2644101102&tag=sas_30012&sh=1200&sw=1600&pgDomain=https%3A%2F%2Furlz.fr%2FbmjC&hb_bid=moneytizer&hb_cpm=0.01&hb_ccy=USD&hb_dealid=0&noadcbk=sas.noad
Requested by: Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/js/smart.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: c1a5750e0d0b4099d453a46597ad550d27819168674b543caba756d24a40fa22

Request headers

Referer: https://urlz.fr/bmjC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Dec 2019 09:26:57 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-SMRT-D: 3%3b17%3b76
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Cache-Control: no-cache, no-store
Content-Type: application/javascript; charset=utf-8
Content-Length: 704
Expires: -1

GET
H/1.1 200
OK / Show response
c.tmyzer.com/c/ 0
200 B 131ms
28ms XHR
text/html 54.38.64.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tmyzer.com/c/?s=15056&f=28&fi=0
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://urlz.fr/bmjC
Origin: https://urlz.fr

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 19 Dec 2019 09:26:57 GMT
Server: nginx
X-IPLB-Instance: 24856
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 bundle.js Show response
ads.themoneytizer.com/cs2/dist/ 97 KB
23 KB 17ms
17ms Script
text/javascript 151.139.241.23
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/cs2/dist/bundle.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: d406f42a088a14459471e30acb1a1c3f856b1f76331473847663a63ba2921250

Request headers

Referer: https://urlz.fr/bmjC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Dec 2019 09:26:57 GMT
content-encoding: gzip
last-modified: Tue, 17 Sep 2019 21:28:09 GMT
server: nginx
etag: "3247a-183db-592c6659901e6"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 23456
expires: Fri, 20 Dec 2019 09:26:29 GMT

GET
H/1.1 200
OK CookieSync.html
csync.smartadserver.com/rtb/csync/ Frame 3F47 0
0 28ms
4ms Document
text/html 2a01:4a0:1338:28::c38a:ff0a
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smartadserver.com/rtb/csync/CookieSync.html?nwid=1097&dcid=3&gdpr=1&gdprc=
Requested by: Host: ww1097.smartadserver.com
URL: https://ww1097.smartadserver.com/ac?nwid=1097&siteid=205724&pgid=890545&fmtid=30012&async=1&visit=m&tmstp=2644101102&tag=sas_30012&sh=1200&sw=1600&pgDomain=https%3A%2F%2Furlz.fr%2FbmjC&hb_bid=moneytizer&hb_cpm=0.01&hb_ccy=USD&hb_dealid=0&noadcbk=sas.noad
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff0a , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: /
Resource Hash

Request headers

Host: csync.smartadserver.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Referer: https://urlz.fr/bmjC
Accept-Encoding: gzip, deflate, br
Cookie: TestIfCookieP=ok; csync=123:${TOKEN}; vs=205724=3662486; pid=7312065771548888317; pdomid=17; sasd2=q=%24qc%3D1314630405%3B%24ql%3DHigh%3B%24qpc%3D2671%3B%24qt%3D212_1212_5832t%3B%24dma%3D0&c=1&l=2058182904&lo=1319420291&lt=637123480178157201&o=1; sasd=%24qc%3D1314630405%3B%24ql%3DHigh%3B%24qpc%3D2671%3B%24qt%3D212_1212_5832t%3B%24dma%3D0; dyncdn=1; csfq=1; lcsrd=2019-12-19T09:46:57.8157201Z; rpools=123
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://urlz.fr/bmjC

Response headers

Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Tue, 03 Dec 2019 16:07:42 GMT
Accept-Ranges: bytes
ETag: "212dfcbf3a9d51:0"
Vary: Accept-Encoding
Content-Length: 319
Cache-Control: max-age=3600
Date: Thu, 19 Dec 2019 09:26:57 GMT
Connection: keep-alive

GET
H2 200 tbframe.js Show response
cdn.taboola.com/shared/ Frame D4C6 14 KB
4 KB 1088ms
22ms Script
application/x-javascript 151.101.14.2
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/shared/tbframe.js
Requested by: Host: urlz.fr
URL: https://urlz.fr/bmjC
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d01d7e89b4d641722a6ee3361a74140f0271768fa9c0fb75168cc1f3dc90ad09

Request headers

Referer: https://urlz.fr/bmjC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: 0pDr76RrkFiLTlb_BYFV8nfS5Xv_eohq
content-encoding: gzip
age: 18431
x-cache: HIT
status: 200
date: Thu, 19 Dec 2019 09:26:58 GMT
x-amz-replication-status: COMPLETED
content-length: 3897
x-amz-id-2: 74zbE6T48GkUHa9db8GRKwBsGK+Uxqz6v4uA0TCeyETdpvdGYuxBbmPdVExkfZpqS4AOweC7/dY=
x-served-by: cache-fra19128-FRA
last-modified: Thu, 14 Apr 2016 14:04:36 GMT
server: AmazonS3
x-timer: S1576747619.990761,VS0,VE0
etag: "0c6cdb6c2f89bf98124c3679a3412fb6"
vary: Accept-Encoding
x-amz-request-id: 594074B13CFB3805
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/x-javascript
abp: 23
x-cache-hits: 2114

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/themonetizer-network/ Frame 2CBD 571 KB
145 KB 23ms
22ms Script
application/javascript 151.101.14.2
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/themonetizer-network/loader.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/shared/tbframe.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca01a0000dcd1bc8dd85f6d2d67c4c953b794db2a065b4413915f6b0ae85a5ea

Request headers

Referer: https://urlz.fr/bmjC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: TlBkRSzMlyIedcVPJerLZfg5j.knBLtK
content-encoding: gzip
age: 89
x-cache: HIT
status: 200
date: Thu, 19 Dec 2019 09:26:59 GMT
content-length: 148487
x-amz-id-2: jLYFw9rRUDQ8TmjVa9/+Am/uPk6ZVU/Y2D9xNMreznkisUXuWlt9rYuT4lX+NRFw
x-served-by: cache-fra19128-FRA
last-modified: Wed, 18 Dec 2019 18:17:56 GMT
server: AmazonS3
x-timer: S1576747619.037884,VS0,VE0
etag: "29ccd9e17dcc99b4710223a01f429d31"
vary: Accept-Encoding
x-amz-request-id: 8A5E452C8A0DEA2C
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 31
x-cache-hits: 10

GET
H2 200 impl.20191218-19-RELEASE.js Show response
cdn.taboola.com/libtrc/ Frame 2CBD 427 KB
121 KB 23ms
23ms Script
application/javascript 151.101.14.2
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20191218-19-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/themonetizer-network/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e88ba96d27e97fb2360128e58ff93137c15535e82d1009aabbd441c06622cbe5

Request headers

Referer: https://urlz.fr/bmjC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: 4ilcqbQNq3g98LX3frGza28CYYLTNksm
content-encoding: gzip
age: 107
x-cache: HIT
status: 200
date: Thu, 19 Dec 2019 09:26:59 GMT
x-amz-replication-status: COMPLETED
content-length: 123303
x-amz-id-2: DQ7OGpsQFR60hOme/Sg+qzLO++HUbWG7epQQ9ot+L+vcvjJNboKVvRl+B9U5T0MMXqYiZZibQfc=
x-served-by: cache-fra19128-FRA
last-modified: Wed, 18 Dec 2019 17:54:31 GMT
server: AmazonS3
x-timer: S1576747619.116201,VS0,VE0
etag: "bf5383b2d6644b36fbfa1e80108e18a2"
vary: Accept-Encoding
x-amz-request-id: 148DAB06E3A2C282
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 23
x-cache-hits: 583

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ Frame 2CBD 1 KB
1 KB 68ms
23ms Script
application/x-javascript 23.5.97.37
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/themonetizer-network/loader.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.5.97.37 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-5-97-37.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 76c393f564f53c19e795307e622edc8657a603f7a816c2646385697286d11313

Request headers

Referer: https://urlz.fr/bmjC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 19 Dec 2019 09:26:59 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 902
Expires: Fri, 20 Dec 2019 09:26:59 GMT

GET
H2 200 json Show response
trc.taboola.com/themonetizer-urlz/trc/3/ Frame 2CBD 5 KB
3 KB 175ms
174ms Script
application/javascript 151.101.114.2
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/themonetizer-urlz/trc/3/json?tim=10%3A26%3A59.162&lti=deflated&data=%7B%22id%22%3A344%2C%22ii%22%3A%22%2Fbmjc%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22vi%22%3A1576747619159%2C%22cv%22%3A%2220191218-19-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Furlz.fr%2FbmjC%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22cmps%22%3A3%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A0%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A150%2C%22dw%22%3A1%2C%22dh%22%3A150%2C%22nsid%22%3A%22themonetizer-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A2%2C%22uim%22%3A%22thumbnails-a%3Apub%3Dthemonetizer-network%3Aabp%3D0%22%2C%22uip%22%3A%22205724-MEGABANNER%20BAS%22%2C%22orig_uip%22%3A%22205724-MEGABANNER%20BAS%22%2C%22cd%22%3A8%2C%22mw%22%3A0%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20191218-19-RELEASE.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx /
Resource Hash: 599bd73588c5ef3d731c652596594ebfab19280f4443d7a92276a68b9ad6cdc0

Request headers

Referer: https://urlz.fr/bmjC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms: 149
date: Thu, 19 Dec 2019 09:26:59 GMT
content-encoding: gzip
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
via: 1.1 varnish
x-served-by: cache-hhn4034-HHN
server: nginx
x-timer: S1576747619.169670,VS0,VE149
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/ Frame 2CBD
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1576747619174&ns_c=UTF-8&ns_if=1&cv=3.1e&c8=&c7=https%3A%2F%2Furlz.fr%2FbmjC&c9=
https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1576747619174&ns_c=UTF-8&ns_if=1&cv=3.1e&c8=&c7=https%3A%2F%2Furlz.fr%2FbmjC&c9=

0
248 B

24ms
24ms

Image
text/plain

23.5.97.37
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1576747619174&ns_c=UTF-8&ns_if=1&cv=3.1e&c8=&c7=https%3A%2F%2Furlz.fr%2FbmjC&c9=
Requested by: Host: urlz.fr
URL: https://urlz.fr/bmjC
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.5.97.37 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-5-97-37.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://urlz.fr/bmjC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Dec 2019 09:26:59 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1576747619174&ns_c=UTF-8&ns_if=1&cv=3.1e&c8=&c7=https%3A%2F%2Furlz.fr%2FbmjC&c9=
Pragma: no-cache
Date: Thu, 19 Dec 2019 09:26:59 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 userx.20191218-19-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ Frame 2CBD 22 KB
8 KB 23ms
22ms Script
application/javascript 151.101.14.2
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20191218-19-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/themonetizer-network/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7345daa22195b1d14202b27ccd3b8e1dd7ec3bca28087c358ac2ebfb2aff59ac

Request headers

Referer: https://urlz.fr/bmjC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: IK_aa_omiXDlzOS_KPEMBaVQY4A7ZVzC
content-encoding: gzip
age: 38
x-cache: HIT
status: 200
date: Thu, 19 Dec 2019 09:26:59 GMT
x-amz-replication-status: COMPLETED
content-length: 7712
x-amz-id-2: /j8v5zerUvDL51xu80NyExnA492NWVUOTE23+HAKplAHLQLbdmYgKiYccdaoegWDwEVYPgCFjUY=
x-served-by: cache-fra19128-FRA
last-modified: Wed, 18 Dec 2019 17:54:40 GMT
server: AmazonS3
x-timer: S1576747619.369389,VS0,VE0
etag: "7652bf17fd6f1fec63e99660f8d30040"
vary: Accept-Encoding
x-amz-request-id: 54B7EED5B32A8939
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 55
x-cache-hits: 87

GET
H2

204

rtb-h
trc.taboola.com/sg/mediaforcebidder-network/1/ Frame EF29
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=taboola
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola
https://trc.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=bb578aca-1753-4d4a-9068-6ed209a0f6ad

0
50 B

33ms
32ms

Image
text/plain

151.101.114.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=bb578aca-1753-4d4a-9068-6ed209a0f6ad
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms: 8
date: Thu, 19 Dec 2019 09:27:00 GMT
via: 1.1 varnish
server: nginx
x-timer: S1576747621.550721,VS0,VE8
x-served-by: cache-hhn4034-HHN
x-cache: MISS
status: 204
accept-ranges: bytes
x-cache-hits: 0

Redirect headers

Location: //trc.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=bb578aca-1753-4d4a-9068-6ed209a0f6ad
Date: Thu, 19 Dec 2019 09:27:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

204

/
trc.taboola.com/sg/rubicon-network-display/1/rtb-h/ Frame EF29
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=16698
https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=K4CITK8A-25-F644

0
55 B

34ms
34ms

Image
text/plain

151.101.114.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=K4CITK8A-25-F644
Requested by: Host: urlz.fr
URL: https://urlz.fr/bmjC
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms: 10
date: Thu, 19 Dec 2019 09:26:59 GMT
via: 1.1 varnish
server: nginx
x-timer: S1576747619.397699,VS0,VE10
x-served-by: cache-hhn4034-HHN
x-cache: MISS
status: 204
accept-ranges: bytes
x-cache-hits: 0

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://trc.taboola.com/sg/rubicon-network-display/1/rtb-h/?taboola_hm=K4CITK8A-25-F644
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
Expires: 0

GET
H2

200

/
trc.taboola.com/sg/powerlinksdsp-network/1/rtb-h/ Frame EF29
Redirect Chain

https://px.powerlinks.com/user/identify?sourceId=d4a7a706-ab0f-11e8-a038-127202fb7690&rurl=https%3A%2F%2Ftrc.taboola.com%2Fsg%2Fpowerlinksdsp-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%24%7BUSER%7D
https://trc.taboola.com/sg/powerlinksdsp-network/1/rtb-h/?taboola_hm=FOrEQroPMmgGkHG6IZXV6ukJeN5ABU7BepJt5JvCiOQ%3D

45 B
96 B

34ms
33ms

Image
image/gif

151.101.114.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/powerlinksdsp-network/1/rtb-h/?taboola_hm=FOrEQroPMmgGkHG6IZXV6ukJeN5ABU7BepJt5JvCiOQ%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx /
Resource Hash: dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Thu, 19 Dec 2019 09:27:00 GMT
via: 1.1 varnish
server: nginx
x-timer: S1576747620.435447,VS0,VE9
x-served-by: cache-hhn4034-HHN
x-cache: MISS
status: 200
accept-ranges: bytes
x-cache-hits: 0

Redirect headers

Location: https://trc.taboola.com/sg/powerlinksdsp-network/1/rtb-h/?taboola_hm=FOrEQroPMmgGkHG6IZXV6ukJeN5ABU7BepJt5JvCiOQ%3D
Date: Thu, 19 Dec 2019 09:27:00 GMT
Server: nginx
Connection: close
Etag: "FOrEQroPMmgGkHG6IZXV6ukJeN5ABU7BepJt5JvCiOQ="
Content-Length: 0

GET
H2

200

rtb-h
match.taboola.com/sg/mediamath-ssp-network/1/ Frame EF29
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=92&redir=https://trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=[MM_UUID]
https://trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=f5ee5dfb-3c91-4100-a55a-545e35c1e2a6
https://match.taboola.com/sg/mediamath-ssp-network/1/rtb-h?taboola_hm=f5ee5dfb-3c91-4100-a55a-545e35c1e2a6&tbid=78130291-cb23-4fa8-841a-2af8491bd606-tuct4f4c7e3&query=taboola_hm%3Df5ee5dfb-3c91-410...

0
52 B

41ms
31ms

Image
text/plain

151.101.114.49
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.taboola.com/sg/mediamath-ssp-network/1/rtb-h?taboola_hm=f5ee5dfb-3c91-4100-a55a-545e35c1e2a6&tbid=78130291-cb23-4fa8-841a-2af8491bd606-tuct4f4c7e3&query=taboola_hm%3Df5ee5dfb-3c91-4100-a55a-545e35c1e2a6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Dec 2019 09:26:59 GMT
via: 1.1 varnish
server: nginx
x-timer: S1576747619.481088,VS0,VE9
x-served-by: cache-hhn4056-HHN
x-cache: MISS
status: 200
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

Redirect headers

x-vcl-time-ms: 8
date: Thu, 19 Dec 2019 09:26:59 GMT
via: 1.1 varnish
server: nginx
x-timer: S1576747619.433387,VS0,VE8
location: https://match.taboola.com/sg/mediamath-ssp-network/1/rtb-h?taboola_hm=f5ee5dfb-3c91-4100-a55a-545e35c1e2a6&tbid=78130291-cb23-4fa8-841a-2af8491bd606-tuct4f4c7e3&query=taboola_hm%3Df5ee5dfb-3c91-4100-a55a-545e35c1e2a6
x-cache: MISS
status: 302
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-hhn4034-HHN

GET
H2

204

/
trc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/ Frame EF29
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Ftrc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%
https://trc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=WTa37zl0kZZa&ev=1&pid=562107

0
50 B

35ms
35ms

Image
text/plain

151.101.114.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=WTa37zl0kZZa&ev=1&pid=562107
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Thu, 19 Dec 2019 09:27:00 GMT
via: 1.1 varnish
server: nginx
x-timer: S1576747620.459017,VS0,VE9
x-served-by: cache-hhn4034-HHN
x-cache: MISS
status: 204
accept-ranges: bytes
x-cache-hits: 0

Redirect headers

Date: Thu, 19 Dec 2019 09:27:00 GMT
Via: 1.1 varnish
X-Cache: MISS
P3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
Connection: keep-alive
Content-Length: 0
X-Served-By: cache-hhn4042-HHN
Server: Jetty(9.4.7.v20170914)
Vary: Accept-Encoding
Content-Language: en
Location: https://trc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=WTa37zl0kZZa&ev=1&pid=562107
Expires: -1
Cache-Control: private, max-age=0, no-cache, no-store
Accept-Ranges: bytes
Content-Type: text/plain; charset=utf-8
Cw-Server: bh-deployment-797d54649f-8lvws
X-Cache-Hits: 0

GET
H2

204

/
trc.taboola.com/sg/rtbhouse-network/1/rtb-h/ Frame EF29
Redirect Chain

https://creativecdn.com/cm-notify?pi=taboola
https://ams.creativecdn.com/cm-notify?pi=taboola&tc=1
https://trc.taboola.com/sg/rtbhouse-network/1/rtb-h/?taboola_hm=aFGjEghyUk3BPpqSD5Ht&pi=taboola&tc=1

0
51 B

34ms
34ms

Image
text/plain

151.101.114.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/rtbhouse-network/1/rtb-h/?taboola_hm=aFGjEghyUk3BPpqSD5Ht&pi=taboola&tc=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms: 10
date: Thu, 19 Dec 2019 09:27:00 GMT
via: 1.1 varnish
server: nginx
x-timer: S1576747620.445918,VS0,VE10
x-served-by: cache-hhn4034-HHN
x-cache: MISS
status: 204
accept-ranges: bytes
x-cache-hits: 0

Redirect headers

status: 302
pragma: no-cache
date: Thu, 19 Dec 2019 09:27:00 GMT, Thu, 19 Dec 2019 09:27:00 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
location: https://trc.taboola.com/sg/rtbhouse-network/1/rtb-h/?taboola_hm=aFGjEghyUk3BPpqSD5Ht&pi=taboola&tc=1
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

rtb-h
match.taboola.com/sg/appnexus-network/1/ Frame EF29
Redirect Chain

https://ib.adnxs.com/getuidnb?https://trc.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID
https://trc.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=3450276408942664895
https://match.taboola.com/sg/appnexus-network/1/rtb-h?taboola_hm=3450276408942664895&tbid=78130291-cb23-4fa8-841a-2af8491bd606-tuct4f4c7e3&query=taboola_hm%3D3450276408942664895

0
147 B

78ms
30ms

Image
text/plain

151.101.114.49
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.taboola.com/sg/appnexus-network/1/rtb-h?taboola_hm=3450276408942664895&tbid=78130291-cb23-4fa8-841a-2af8491bd606-tuct4f4c7e3&query=taboola_hm%3D3450276408942664895
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Dec 2019 09:26:59 GMT
via: 1.1 varnish
server: nginx
x-timer: S1576747619.480246,VS0,VE8
x-served-by: cache-hhn4056-HHN
x-cache: MISS
status: 200
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

Redirect headers

x-vcl-time-ms: 8
date: Thu, 19 Dec 2019 09:26:59 GMT
via: 1.1 varnish
server: nginx
x-timer: S1576747619.395466,VS0,VE8
location: https://match.taboola.com/sg/appnexus-network/1/rtb-h?taboola_hm=3450276408942664895&tbid=78130291-cb23-4fa8-841a-2af8491bd606-tuct4f4c7e3&query=taboola_hm%3D3450276408942664895
x-cache: MISS
status: 302
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-hhn4034-HHN

GET
H2

200

rtb-h
match.taboola.com/sg/google-network/1/ Frame EF29
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEMYMDzxjynSkCj7XG-SCQV8&google_cver=1
https://match.taboola.com/sg/google-network/1/rtb-h?taboola_hm=CAESEMYMDzxjynSkCj7XG-SCQV8&tbid=78130291-cb23-4fa8-841a-2af8491bd606-tuct4f4c7e3&query=taboola_hm%3DCAESEMYMDzxjynSkCj7XG-SCQV8%26goo...

0
52 B

76ms
31ms

Image
text/plain

151.101.114.49
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.taboola.com/sg/google-network/1/rtb-h?taboola_hm=CAESEMYMDzxjynSkCj7XG-SCQV8&tbid=78130291-cb23-4fa8-841a-2af8491bd606-tuct4f4c7e3&query=taboola_hm%3DCAESEMYMDzxjynSkCj7XG-SCQV8%26google_cver%3D1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Dec 2019 09:26:59 GMT
via: 1.1 varnish
server: nginx
x-timer: S1576747619.481069,VS0,VE8
x-served-by: cache-hhn4056-HHN
x-cache: MISS
status: 200
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

Redirect headers

x-vcl-time-ms: 8
date: Thu, 19 Dec 2019 09:26:59 GMT
via: 1.1 varnish
server: nginx
x-timer: S1576747619.397810,VS0,VE8
location: https://match.taboola.com/sg/google-network/1/rtb-h?taboola_hm=CAESEMYMDzxjynSkCj7XG-SCQV8&tbid=78130291-cb23-4fa8-841a-2af8491bd606-tuct4f4c7e3&query=taboola_hm%3DCAESEMYMDzxjynSkCj7XG-SCQV8%26google_cver%3D1
x-cache: MISS
status: 302
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-hhn4034-HHN

GET
H2

204

/
trc.taboola.com/sg/nca-appnexus-network/1/rtb-h/ Frame EF29
Redirect Chain

https://ib.adnxs.com/getuidnb?https://trc.taboola.com/sg/nca-appnexus-network/1/rtb-h/?taboola_hm=$UID
https://trc.taboola.com/sg/nca-appnexus-network/1/rtb-h/?taboola_hm=3450276408942664895

0
51 B

48ms
48ms

Image
text/plain

151.101.114.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/nca-appnexus-network/1/rtb-h/?taboola_hm=3450276408942664895
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Thu, 19 Dec 2019 09:26:59 GMT
via: 1.1 varnish
server: nginx
x-timer: S1576747619.433260,VS0,VE9
x-served-by: cache-hhn4034-HHN
x-cache: MISS
status: 204
accept-ranges: bytes
x-cache-hits: 0

Redirect headers

Pragma: no-cache
Date: Thu, 19 Dec 2019 09:27:01 GMT
AN-X-Request-Uuid: 882ab549-81be-48ea-aff1-4471df78fabc
Content-Type: text/html; charset=utf-8
Server: nginx/1.13.4
Location: https://trc.taboola.com/sg/nca-appnexus-network/1/rtb-h/?taboola_hm=3450276408942664895
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 109.236.94.15; 109.236.94.15; 539.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.200:80
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

rtb-h
match.taboola.com/sg/thetradedesk-network/1/ Frame EF29
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=5b27a767-456a-47fc-9ba8-ed3d8978a905
https://match.taboola.com/sg/thetradedesk-network/1/rtb-h?taboola_hm=5b27a767-456a-47fc-9ba8-ed3d8978a905&tbid=78130291-cb23-4fa8-841a-2af8491bd606-tuct4f4c7e3&query=taboola_hm%3D5b27a767-456a-47fc...

0
52 B

40ms
31ms

Image
text/plain

151.101.114.49
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.taboola.com/sg/thetradedesk-network/1/rtb-h?taboola_hm=5b27a767-456a-47fc-9ba8-ed3d8978a905&tbid=78130291-cb23-4fa8-841a-2af8491bd606-tuct4f4c7e3&query=taboola_hm%3D5b27a767-456a-47fc-9ba8-ed3d8978a905
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Dec 2019 09:26:59 GMT
via: 1.1 varnish
server: nginx
x-timer: S1576747619.481081,VS0,VE9
x-served-by: cache-hhn4056-HHN
x-cache: MISS
status: 200
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

Redirect headers

x-vcl-time-ms: 9
date: Thu, 19 Dec 2019 09:26:59 GMT
via: 1.1 varnish
server: nginx
x-timer: S1576747619.432888,VS0,VE9
location: https://match.taboola.com/sg/thetradedesk-network/1/rtb-h?taboola_hm=5b27a767-456a-47fc-9ba8-ed3d8978a905&tbid=78130291-cb23-4fa8-841a-2af8491bd606-tuct4f4c7e3&query=taboola_hm%3D5b27a767-456a-47fc-9ba8-ed3d8978a905
x-cache: MISS
status: 302
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-hhn4034-HHN

GET
H2

200

rtb-h
match.taboola.com/sg/storygize-network/1/ Frame EF29
Redirect Chain

https://www.storygize.net/ccm/4b560cdd-91f9-422b-adb7-e9dff26bc3ad?u=78130291-cb23-4fa8-841a-2af8491bd606-tuct4f4c7e3
https://trc.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=0fad9a3c-a5fe-4ba4-83e3-ce8c5f769174
https://match.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=0fad9a3c-a5fe-4ba4-83e3-ce8c5f769174&tbid=78130291-cb23-4fa8-841a-2af8491bd606-tuct4f4c7e3&query=taboola_hm%3D0fad9a3c-a5fe-4ba4-83...

0
76 B

39ms
39ms

Image
text/plain

151.101.114.49
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=0fad9a3c-a5fe-4ba4-83e3-ce8c5f769174&tbid=78130291-cb23-4fa8-841a-2af8491bd606-tuct4f4c7e3&query=taboola_hm%3D0fad9a3c-a5fe-4ba4-83e3-ce8c5f769174
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Dec 2019 09:27:00 GMT
via: 1.1 varnish
server: nginx
x-timer: S1576747620.256266,VS0,VE8
x-served-by: cache-hhn4056-HHN
x-cache: MISS
status: 200
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

Redirect headers

x-vcl-time-ms: 8
date: Thu, 19 Dec 2019 09:27:00 GMT
via: 1.1 varnish
server: nginx
x-timer: S1576747620.208852,VS0,VE8
location: https://match.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=0fad9a3c-a5fe-4ba4-83e3-ce8c5f769174&tbid=78130291-cb23-4fa8-841a-2af8491bd606-tuct4f4c7e3&query=taboola_hm%3D0fad9a3c-a5fe-4ba4-83e3-ce8c5f769174
x-cache: MISS
status: 302
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-hhn4034-HHN

GET
H/1.1 200
OK cookiesync
bttrack.com/pixel/ Frame EF29 35 B
380 B 1398ms
100ms Image
image/gif 192.132.33.46
Bidtellect Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bttrack.com/pixel/cookiesync?source=14b8c562-d12b-418b-b680-ad517d5839ec
Requested by: Host: urlz.fr
URL: https://urlz.fr/bmjC
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT - Bidtellect Inc., US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-ServerName: Track001-dc3
Pragma: no-cache
Date: Thu, 19 Dec 2019 09:27:00 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control: private,no-cache
Content-Type: image/gif
Content-Length: 35
Expires: -1

GET
H/1.1 204
No Content /
cds.taboola.com/ Frame EF29 0
176 B 1305ms
92ms Image
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cds.taboola.com/?uid=78130291-cb23-4fa8-841a-2af8491bd606-tuct4f4c7e3&_r=4789172
Requested by: Host: urlz.fr
URL: https://urlz.fr/bmjC
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 19 Dec 2019 09:27:00 GMT
cache-control: no-store
x-envoy-upstream-service-time: 0
Server: nginx
Connection: close
Content-Length: 0

GET
H2

200

rtb-h
match.taboola.com/sg/bidswitch-network/1/ Frame EF29
Redirect Chain

https://x.bidswitch.net/sync?ssp=taboola
https://dm.hybrid.ai/bidswitch-match?ssp=taboola
https://x.bidswitch.net/sync?dsp_id=258&user_id=6853cebc141aa317904f&expires=30&ssp=taboola
https://trc.taboola.com/sg/bidswitch-network/1/rtb-h/?taboola_hm=6185aff0-c84d-4067-b38d-8ff6dff8c66d
https://match.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=6185aff0-c84d-4067-b38d-8ff6dff8c66d&tbid=78130291-cb23-4fa8-841a-2af8491bd606-tuct4f4c7e3&query=taboola_hm%3D6185aff0-c84d-4067-b3...

0
53 B

30ms
29ms

Image
text/plain

151.101.114.49
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=6185aff0-c84d-4067-b38d-8ff6dff8c66d&tbid=78130291-cb23-4fa8-841a-2af8491bd606-tuct4f4c7e3&query=taboola_hm%3D6185aff0-c84d-4067-b38d-8ff6dff8c66d
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Dec 2019 09:27:01 GMT
via: 1.1 varnish
server: nginx
x-timer: S1576747622.549733,VS0,VE8
x-served-by: cache-hhn4056-HHN
x-cache: MISS
status: 200
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

Redirect headers

x-vcl-time-ms: 9
date: Thu, 19 Dec 2019 09:27:01 GMT
via: 1.1 varnish
server: nginx
x-timer: S1576747622.511462,VS0,VE9
location: https://match.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=6185aff0-c84d-4067-b38d-8ff6dff8c66d&tbid=78130291-cb23-4fa8-841a-2af8491bd606-tuct4f4c7e3&query=taboola_hm%3D6185aff0-c84d-4067-b38d-8ff6dff8c66d
x-cache: MISS
status: 302
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-hhn4034-HHN

POST
H2 204 available Show response
trc.taboola.com/themonetizer-urlz/log/3/ Frame 2CBD 0
146 B 36ms
35ms XHR
image/gif 151.101.114.2
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/themonetizer-urlz/log/3/available?route=AM%3AAM%3AV&lti=deflated
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20191218-19-RELEASE.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://urlz.fr/bmjC
Origin: https://urlz.fr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 11
date: Thu, 19 Dec 2019 09:26:59 GMT
via: 1.1 varnish
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 204
x-served-by: cache-hhn4034-HHN
pragma: no-cache
server: nginx
x-timer: S1576747619.381664,VS0,VE11
content-type: image/gif
access-control-allow-origin: https://urlz.fr
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame 2CBD 254 B
631 B 22ms
22ms Image
image/png 151.101.14.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: urlz.fr
URL: https://urlz.fr/bmjC
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Referer: https://urlz.fr/bmjC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via: 1.1 varnish
age: 20053
x-cache: HIT
status: 200
date: Thu, 19 Dec 2019 09:26:59 GMT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: Vjnfq2okxpLEG/cBVxSfv3DOOCGN7KTpixt29L7DwUhoZL6eRlgDSODZqhfatrYL58q01gaLKf4=
x-served-by: cache-fra19128-FRA
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1576747619.399685,VS0,VE0
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
x-amz-request-id: F6D91014AAA6CDC4
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: image/png
abp: 55
x-cache-hits: 22721

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 42 KB
14 KB 1131ms
48ms Script
text/javascript 178.250.0.130
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_31/build/dist/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b7f09fcd3b0e1ea0802316344863eb8bfe55c8401f29fbb9a2d0fe2e4595a2d6

Request headers

Referer: https://urlz.fr/bmjC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 19 Dec 2019 09:27:01 GMT
content-encoding: gzip
last-modified: Tue, 05 Nov 2019 14:27:52 GMT
server: nginx
access-control-allow-origin: *
etag: W/"5dc186e8-a744"
content-type: text/javascript
status: 200
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Fri, 20 Dec 2019 09:27:01 GMT

GET
H/1.1 200 12.json Show response
id5-sync.com/g/v1/ 131 B
363 B 82ms
21ms XHR
text/json 54.36.123.231
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://id5-sync.com/g/v1/12.json?gdpr=0&gdpr_consent=
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_31/build/dist/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.36.123.231 , France, ASN16276 (OVH, FR),
Reverse DNS: s03.id5-sync.com
Software: /
Resource Hash: 52b30cb10c6fcec2aeab52cf1e2641bc7839fc050297210c55de16f4aec2f867

Request headers

Referer: https://urlz.fr/bmjC
Origin: https://urlz.fr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://urlz.fr
Date: Thu, 19 Dec 2019 09:27:00 GMT
Access-Control-Allow-Credentials: true
Vary: Origin
Transfer-Encoding: chunked
Content-Type: text/json;charset=utf-8

GET
H/1.1 200
OK usync.html
eus.rubiconproject.com/ Frame 3DC5 0
0 72ms
23ms Document
text/html 23.37.55.184
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_31/build/dist/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.55.184 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-37-55-184.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Referer: https://urlz.fr/bmjC
Accept-Encoding: gzip, deflate, br
Cookie: khaos=K4CITK8A-25-F644; rsid=1|GtqqL1ER+/3VSSvu3YYqfCKxi4lKFKufvD5nIonwVQxwroWXUmjoSMeMNuPlho/RRh2s2jWpYWaqeROXM2CgBwb+s0YWglIGuh8nVZDhR1578z/6X/8LU678VKnfMl//BKSbnBFiUyufkqJkCalWxg==; ses2=; vis2=39544^1; audit=1|hLZGFuTafB2cWEoQ/zbc1V5TcghpTmMvwZqGs0lp+xKnHQUjmS0QH9K475AziwfhgBe6gOVgvwC+NBs5C80Rsg==
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://urlz.fr/bmjC

Response headers

Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Thu, 12 Dec 2019 00:18:57 GMT
Content-Encoding: gzip
Content-Length: 7754
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=53789
Expires: Fri, 20 Dec 2019 00:23:29 GMT
Date: Thu, 19 Dec 2019 09:27:00 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 0399 0
0 69ms
22ms Document
text/html 151.101.113.108
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_31/build/dist/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx/1.9.13 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Referer: https://urlz.fr/bmjC
Accept-Encoding: gzip, deflate, br
Cookie: uuid2=3450276408942664895
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://urlz.fr/bmjC

Response headers

Server: nginx/1.9.13
Content-Type: text/html
Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: W/"573e714d-3e3"
Expires: Sun, 06 Aug 2017 09:41:59 GMT
Cache-Control: max-age=31536000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish 1.1 varnish
Fastly-Debug-Digest: e0a1bb88354655bae6b4f44be1ff58238053e5563770e29e0e433e905ee66055
Content-Length: 506
Accept-Ranges: bytes
Date: Thu, 19 Dec 2019 09:27:00 GMT
Age: 11663105
Connection: keep-alive
X-Served-By: cache-jfk8123-JFK, cache-hhn4065-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 1276778, 5890909
X-Timer: S1576747621.872367,VS0,VE0
Vary: Accept-Encoding

GET
H2

200

match
ice.360yield.com/
Redirect Chain

https://id5-sync.com/match?publisher_user_id=570e23c2-8a67-457b-a671-763497a28b32&publisher_dsp_id=79&publisher_call_type=redirect&gdpr=1&gdpr_consent=BOo5R8OOrzZvPCLAAAENCz-AAAAtDAAA&publisher_red...
https://ice.360yield.com/match?publisher_dsp_id=79&external_user_id=ID5-ZHMO-XEJZCFbhOxj39V4f4SaoWeayqUgIpZD72hxew&dsp_callback=0&gdpr=1&gdpr_consent=BOo5R8OOrzZvPCLAAAENCz-AAAAtDAAA

43 B
420 B

30ms
30ms

Image
image/gif

52.57.38.160
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ice.360yield.com/match?publisher_dsp_id=79&external_user_id=ID5-ZHMO-XEJZCFbhOxj39V4f4SaoWeayqUgIpZD72hxew&dsp_callback=0&gdpr=1&gdpr_consent=BOo5R8OOrzZvPCLAAAENCz-AAAAtDAAA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.38.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-57-38-160.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://urlz.fr/bmjC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Thu, 19 Dec 2019 09:27:00 GMT
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length: 43
content-type: image/gif

Redirect headers

Location: https://ice.360yield.com/match?publisher_dsp_id=79&external_user_id=ID5-ZHMO-XEJZCFbhOxj39V4f4SaoWeayqUgIpZD72hxew&dsp_callback=0&gdpr=1&gdpr_consent=BOo5R8OOrzZvPCLAAAENCz-AAAAtDAAA
Date: Thu, 19 Dec 2019 09:27:00 GMT
Transfer-Encoding: chunked
P3P: CP="CAO PSA OUR"

GET
H2

200

match
ad.360yield.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=improvedigital&google_cm&google_sc&gdpr=1&gdpr_consent=BOo5R8OOrzZvPCLAAAENCz-AAAAtDAAA
https://ad.360yield.com/match?publisher_dsp_id=55&gdpr=1&gdpr_consent=BOo5R8OOrzZvPCLAAAENCz-AAAAtDAAA&external_user_id=CAESEEf8jEHno92tHX7GnlH6_Lk&google_cver=1

43 B
400 B

1087ms
30ms

Image
image/gif

18.196.246.102
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/match?publisher_dsp_id=55&gdpr=1&gdpr_consent=BOo5R8OOrzZvPCLAAAENCz-AAAAtDAAA&external_user_id=CAESEEf8jEHno92tHX7GnlH6_Lk&google_cver=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.246.102 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-18-196-246-102.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://urlz.fr/bmjC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Thu, 19 Dec 2019 09:27:01 GMT
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 19 Dec 2019 09:27:00 GMT
server: HTTP server (unknown)
location: https://ad.360yield.com/match?publisher_dsp_id=55&gdpr=1&gdpr_consent=BOo5R8OOrzZvPCLAAAENCz-AAAAtDAAA&external_user_id=CAESEEf8jEHno92tHX7GnlH6_Lk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 374
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

match
ice.360yield.com/
Redirect Chain

https://ib.adnxs.com/getuid?https://ice.360yield.com/match?external_user_id=$UID&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOo5R8OOrzZvPCLAAAENCz-AAAAtDAAA
https://ice.360yield.com/match?external_user_id=3450276408942664895&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOo5R8OOrzZvPCLAAAENCz-AAAAtDAAA

43 B
391 B

29ms
29ms

Image
image/gif

52.57.38.160
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ice.360yield.com/match?external_user_id=3450276408942664895&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOo5R8OOrzZvPCLAAAENCz-AAAAtDAAA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.38.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-57-38-160.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://urlz.fr/bmjC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Thu, 19 Dec 2019 09:27:00 GMT
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length: 43
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Thu, 19 Dec 2019 09:27:02 GMT
AN-X-Request-Uuid: 2006dd88-f301-409e-8b61-0d7751bc3497
Content-Type: text/html; charset=utf-8
Server: nginx/1.13.4
Location: https://ice.360yield.com/match?external_user_id=3450276408942664895&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOo5R8OOrzZvPCLAAAENCz-AAAAtDAAA
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 109.236.94.15; 109.236.94.15; 539.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.40:80
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET

check
pixeltrack.eyeviewads.com/
Redirect Chain

https://ads.stickyadstv.com/auto-user-sync
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEC-WA6FVP-drkPYVhc_ndOo&google_cver=1
https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/wGbQAlJJ?redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&_test=XftCZQAAAEaNggxi
https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=XftCZQAAAEaNggxi&_test=XftCZQAAAEaNggxi
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1
https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=5b27a767-456a-47fc-9ba8-ed3d8978a905
https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209%26userId%3D$UID
https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=3450276408942664895
https://sync.mathtag.com/sync/img?mt_exid=44&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D
https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=f5ee5dfb-3c91-4100-a55a-545e35c1e2a6
https://ad.turn.com/r/cs?pid=34
https://ads.stickyadstv.com/user-registering?dataProviderId=147&userId=7290506518743712842
https://pr-bh.ybp.yahoo.com/sync/stickyads/668b6cf46df653fb9a1a99fd73a2833?
https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-vQU9.il1lwSOrmKPcRzvE6ehgHY3QCUEiYZH8p1D
https://match.prod.bidr.io/cookie-sync/stv?
https://match.prod.bidr.io/cookie-sync/stv?_bee_ppp=1
https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AAHJEU679oUAADJGw6vzpw
https://track.eyeviewads.com/sync/fwel?
https://pixeltrack.eyeviewads.com/check?r=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D625%26userId%3Db560f9627286a4d19076476bc531dce9&vndr=fwel

0
0

GET
H2

200

match
ice.360yield.com/
Redirect Chain

https://track.adform.net/serving/cookie/match/?party=5&publisher_user_id=570e23c2-8a67-457b-a671-763497a28b32&publisher_dsp_id=42&publisher_call_type=redirect&gdpr=1&gdpr_consent=BOo5R8OOrzZvPCLAAA...
https://ice.360yield.com/match?publisher_dsp_id=42&Expiration=1577957220&external_user_id=6391564343219681339

43 B
391 B

31ms
31ms

Image
image/gif

52.57.38.160
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ice.360yield.com/match?publisher_dsp_id=42&Expiration=1577957220&external_user_id=6391564343219681339
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.38.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-57-38-160.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://urlz.fr/bmjC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Thu, 19 Dec 2019 09:27:00 GMT
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 19 Dec 2019 09:27:00 GMT
server: nginx
access-control-allow-origin: *
location: https://ice.360yield.com/match?publisher_dsp_id=42&Expiration=1577957220&external_user_id=6391564343219681339
status: 302
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 0
expires: -1

GET
H2

200

match
match.360yield.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=Vw4jwopnRXumcXY0l6KLMg&google_cm&publisher_dsp_id=340
https://match.360yield.com/match?publisher_dsp_id=340&google_gid=CAESEPvxz2yLISo7VPFNOgaTrSw&google_cver=1

43 B
403 B

1086ms
29ms

Image
image/gif

3.120.46.225
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.360yield.com/match?publisher_dsp_id=340&google_gid=CAESEPvxz2yLISo7VPFNOgaTrSw&google_cver=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.46.225 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-3-120-46-225.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://urlz.fr/bmjC
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Thu, 19 Dec 2019 09:27:01 GMT
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 19 Dec 2019 09:27:00 GMT
server: HTTP server (unknown)
location: https://match.360yield.com/match?publisher_dsp_id=340&google_gid=CAESEPvxz2yLISo7VPFNOgaTrSw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 311
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: id5-sync.com
URL: https://id5-sync.com/a/12/121/2/8/gif/0/0/ZGYAAF37QmUAAAASHjqmAw==

Domain: pixeltrack.eyeviewads.com
URL: https://pixeltrack.eyeviewads.com/check?r=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D625%26userId%3Db560f9627286a4d19076476bc531dce9&vndr=fwel

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: PayPal (Financial)

139 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	error	URL: https://player.pepsia.com/sdk.js?d=16f1d7b4c91(Line 4) Message: %c Pepsia.com Player #0 background: #ccc; color: #2176ff Site Désactivé !

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.adnxs.com
ad.360yield.com
ads.stickyadstv.com
ads.themoneytizer.com
adtrack.adleadevent.com
ajax.cloudflare.com
ajax.googleapis.com
ams.creativecdn.com
bh.contextweb.com
bidder.criteo.com
bttrack.com
c.sharethis.mgr.consensu.org
c.tmyzer.com
cdn.taboola.com
cds.taboola.com
ced-ns.sascdn.com
cm.g.doubleclick.net
creativecdn.com
csync.smartadserver.com
d2zur9cc2gf1tx.cloudfront.net
dm.hybrid.ai
dmp.truoptik.com
eus.rubiconproject.com
fastlane.rubiconproject.com
g.themoneytizer.net
gum.criteo.com
ib.adnxs.com
ice.360yield.com
id5-sync.com
image2.pubmatic.com
match.360yield.com
match.adsrvr.org
match.taboola.com
onetag-sys.com
p.cpx.to
pixel.quantserve.com
pixel.rubiconproject.com
pixeltrack.eyeviewads.com
player.pepsia.com
pool.grid-data.bidswitch.net
px.powerlinks.com
rtb.mfadsrvr.com
rules.quantcount.com
s.cpx.to
sb.scorecardresearch.com
script.4dex.io
secure.adnxs.com
secure.quantserve.com
static.criteo.net
sync.mathtag.com
tag.contextweb.com
tag.leadplace.fr
track.adform.net
trc.taboola.com
urlz.fr
vire1000.000webhostapp.com
ww1097.smartadserver.com
www.noowho.com
www.storygize.net
x.bidswitch.net
id5-sync.com
pixeltrack.eyeviewads.com
104.16.91.60
141.226.224.32
143.204.101.25
143.204.98.13
145.239.193.145
145.239.193.51
151.101.112.166
151.101.113.108
151.101.114.2
151.101.114.49
151.101.14.2
151.139.241.23
172.217.16.130
178.250.0.130
178.250.2.152
18.185.45.212
18.196.246.102
185.184.8.30
185.29.132.23
185.64.189.110
185.86.137.114
192.132.33.46
2.18.234.233
23.37.55.184
23.5.97.37
2600:9000:2099:2400:6:44e3:f8c0:93a1
2600:9000:20c3:8200:c:a9b7:ddc0:93a1
2606:4700:3038::681f:bb2
2606:4700:30::681c:102a
2606:4700::6811:4004
2a00:1450:4001:819::200a
2a01:4a0:1338:28::c38a:ff0a
2a02:2638:1::13
2a02:4780:dead:63e2::1
3.120.46.225
3.125.138.242
35.157.221.204
35.164.76.159
37.157.4.39
37.18.16.16
37.252.173.22
37.252.173.27
40.113.136.100
5.179.192.20
51.89.9.251
52.215.180.197
52.57.38.160
54.154.104.74
54.247.175.102
54.36.123.231
54.38.64.100
68.232.35.16
69.173.144.140
69.173.144.165
74.214.194.131
91.228.74.152
91.228.74.184
94.23.196.203
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
278393caf9e3b1246267fb79e95027449f041bbf8e8774a4cf46d72cc09b7405
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe
29837b99b9447721f66db7ae51ed589b4c6cd9bb7175a240d5f066a00ec82f2b
2c8add23a684bb83281fdbd16d9c950c68ebbfb4923cd3a1b3934037b739993f
38bc0f256821a9c0a02a1c0cedf8ff70c211e637ef77ac199de2fe0cf36ba9ec
46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681
4d4c90496d45e148fa70ed0f0b1bc93df2d6d5b4d51b9bddf523f31c6d5d9415
52b30cb10c6fcec2aeab52cf1e2641bc7839fc050297210c55de16f4aec2f867
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
599bd73588c5ef3d731c652596594ebfab19280f4443d7a92276a68b9ad6cdc0
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6a5f1e5815aa909321e34e522feca7634854a7e66cfcf20555b41db35234f2a9
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
7345daa22195b1d14202b27ccd3b8e1dd7ec3bca28087c358ac2ebfb2aff59ac
759d88dd7c8fa0d1e31323bd2ebf3f238156fdcbd1ed108215f69fece482d0c2
7665c874bc98e44bd494def2883069f2f4c14cdef48d52d517cbbfce75440f37
76c393f564f53c19e795307e622edc8657a603f7a816c2646385697286d11313
86aaaf7d30279a13050276ee51c2e1983c77ff3f650dc000828cbbfe20d6f0ae
87d0504a593794695c2f77db0efde1f65e73a7086abf260f07f491482517cd07
89085930fdff263d643c4fa37f489efadd7d9f8361661113d67eb61aa7d6311a
8c80baf7d10a38bef375399471a6ba2258084e3ade72ad610059793ff56c76cb
90e6f92e956b0b2b6e655f63d36cd44cef727f54c2b2a175ab5144de14ba2a31
94666aec361fee9a9294bb32a5bc11867e479d41c199dd6ec8053122ae105a4b
9e8b90ee00b26fcd89592ade2c21d394a5b765d8ad167e81423b61916c73767e
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
aa976605d1e09bed284b5d85b80fe5a598292f3f22ec79e380a7b318578e90ea
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
b31cb47ec6601c1481d0a99b27714e6d44f3bff36be72f99883e5d55099ea47d
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213
b7f09fcd3b0e1ea0802316344863eb8bfe55c8401f29fbb9a2d0fe2e4595a2d6
bf0e17523e8f57ccb02223b6e5adea462a5479afc4e79d9cbf80ca7f6186dc69
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
bf3c61be0c658b2d2124e77d4d3640ddd96bb9cd4a380724e1d75948bdd1772f
c1a5750e0d0b4099d453a46597ad550d27819168674b543caba756d24a40fa22
ca01a0000dcd1bc8dd85f6d2d67c4c953b794db2a065b4413915f6b0ae85a5ea
d01d7e89b4d641722a6ee3361a74140f0271768fa9c0fb75168cc1f3dc90ad09
d406f42a088a14459471e30acb1a1c3f856b1f76331473847663a63ba2921250
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
e316625ead39ef6865b9d0a78c787d17ec04226f69519678f6b6272799176886
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e74d4b9c447f963778d2309bf36b2c9acd06d8c7096f9a98b28643cae53f426b
e88ba96d27e97fb2360128e58ff93137c15535e82d1009aabbd441c06622cbe5
e8d7c60749c1d62942a8e0a6f901800bd14ff3094251373626cd99a8875c6391
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
fb2a3d0b14f0c8aa9de08c9222de19b498eacf44818f79ecb07450d2b48a42fa

urlz.fr Open in urlscan Pro 2606:4700:3038::681f:bb2 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

82 Requests

98 %HTTPS

16 %IPv6

44 Domains

60 Subdomains

43 IPs

10 Countries

653 kBTransfer

1989 kBSize

0 Cookies

1 Outgoing links

Redirected requests

82 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

urlz.fr Open in urlscan Pro
2606:4700:3038::681f:bb2 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

82
Requests

98 %
HTTPS

16 %
IPv6

44
Domains

60
Subdomains

43
IPs

10
Countries

653 kB
Transfer

1989 kB
Size

0
Cookies

82 HTTP transactions
0 data transactions