pranksite.net Open in urlscan Pro
2606:4700:3031::ac43:bfd4 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://supernewsportal.com/free-candy-147189
Effective URL:
https://pranksite.net/pranked/6ac088178d8b55ae1cbf51ce09ec5fcc
Submission: On October 15 via manual (October 15th 2023, 3:15:02 pm UTC) from SE — Scanned from NL

Summary HTTP 107 Redirects Behaviour Indicators

Summary

This website contacted 34 IPs in 7 countries across 29 domains to perform 107 HTTP transactions. The main IP is 2606:4700:3031::ac43:bfd4, located in United States and belongs to CLOUDFLARENET, US. The main domain is pranksite.net.
TLS certificate: Issued by GTS CA 1P5 on October 5th 2023. Valid for: 3 months.

This is the only time pranksite.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	139.45.197.251 139.45.197.251	9002 (RETN-AS) (RETN-AS)
10	2a02:6ea0:c70... 2a02:6ea0:c700::19	60068 (CDN77 ^_^) (CDN77 ^_^)
4	2600:9000:211... 2600:9000:211e:7a00:12:abfb:9280:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
3	54.38.64.100 54.38.64.100	16276 (OVH) (OVH)
2	2.16.238.147 2.16.238.147	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a02:2638:d::d 2a02:2638:d::d	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5	2606:4700:10:... 2606:4700:10::6816:1957	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	145.239.193.51 145.239.193.51	16276 (OVH) (OVH)
2	51.89.9.254 51.89.9.254	16276 (OVH) (OVH)
2	2620:116:800d... 2620:116:800d:21:c5a4:625:6563:a5bb	16509 (AMAZON-02) (AMAZON-02)
2	99.80.145.6 99.80.145.6	16509 (AMAZON-02) (AMAZON-02)
2	108.156.61.80 108.156.61.80	16509 (AMAZON-02) (AMAZON-02)
7 17	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
2	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
2	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
2 2	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
2	54.229.17.200 54.229.17.200	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:223... 2600:9000:223c:dc00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
5	2606:4700:303... 2606:4700:3031::ac43:bfd4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.32.99.22 13.32.99.22	16509 (AMAZON-02) (AMAZON-02)
2	146.75.116.193 146.75.116.193	54113 (FASTLY) (FASTLY)
1	2600:9000:206... 2600:9000:206f:4c00:c:abe:f440:93a1	16509 (AMAZON-02) (AMAZON-02)
2	5.196.111.65 5.196.111.65	16276 (OVH) (OVH)
1	13.32.121.68 13.32.121.68	16509 (AMAZON-02) (AMAZON-02)
5	2600:9000:209... 2600:9000:2090:2a00:1d:85c3:6640:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	23.37.42.132 23.37.42.132	16625 (AKAMAI-AS) (AKAMAI-AS)
2	184.30.22.30 184.30.22.30	16625 (AKAMAI-AS) (AKAMAI-AS)
5	151.101.129.44 151.101.129.44	54113 (FASTLY) (FASTLY)
1	5.135.209.96 5.135.209.96	16276 (OVH) (OVH)
3	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
107	34

4 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

supernewsportal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 139.45.197.251 (United Kingdom)

ASN9002 (RETN-AS, GB)

petchoub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:6ea0:c700::19 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

ads.themoneytizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:211e:7a00:12:abfb:9280:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.unblockia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
loader.unblockia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.38.64.100 (France)

ASN16276 (OVH, FR)

c.tmyzer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.16.238.147 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-238-147.deploy.static.akamaitechnologies.com

ced.sascdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:d::d (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 145.239.193.51 (France)

ASN16276 (OVH, FR)

tag.leadplace.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:c5a4:625:6563:a5bb (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.80.145.6 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-145-6.eu-west-1.compute.amazonaws.com

p.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.156.61.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-61-80.ams1.r.cloudfront.net

d2zur9cc2gf1tx.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a02:6b8::1:119 (Ulyanovsk, Russian Federation) 7 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.130 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.229.17.200 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-17-200.eu-west-1.compute.amazonaws.com

adtrack.adleadevent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223c:dc00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3031::ac43:bfd4 (United States)

ASN13335 (CLOUDFLARENET, US)

pranksite.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-22.fra60.r.cloudfront.net

platform-api.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 146.75.116.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:4c00:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)

buttons-config.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 5.196.111.65 (Le Grau-du-Roi, France)

ASN16276 (OVH, FR)
PTR: ip65.ip-5-196-111.eu

ww1097.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-68.fra60.r.cloudfront.net

count-server.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:2090:2a00:1d:85c3:6640:93a1 (United States)

ASN16509 (AMAZON-02, US)

platform-cdn.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.37.42.132 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.30.22.30 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-22-30.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.129.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.135.209.96 (Oignies, France)

ASN16276 (OVH, FR)
PTR: ip96.ip-5-135-209.eu

euw2.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	yandex.com 5 redirects mc.yandex.com — Cisco Umbrella Rank: 7957	6 KB
10	themoneytizer.com ads.themoneytizer.com — Cisco Umbrella Rank: 39785	447 KB
8	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 1126 trc.taboola.com — Cisco Umbrella Rank: 680 trc-events.taboola.com — Cisco Umbrella Rank: 2281	484 KB
8	sharethis.com platform-api.sharethis.com — Cisco Umbrella Rank: 4594 buttons-config.sharethis.com — Cisco Umbrella Rank: 5262 count-server.sharethis.com — Cisco Umbrella Rank: 11014 platform-cdn.sharethis.com — Cisco Umbrella Rank: 9796	52 KB
6	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 108	468 KB
6	petchoub.com petchoub.com	25 KB
5	pranksite.net pranksite.net	35 KB
5	yandex.ru 2 redirects mc.yandex.ru — Cisco Umbrella Rank: 3539	140 KB
5	zeotap.com spl.zeotap.com — Cisco Umbrella Rank: 3127 mwzeom.zeotap.com — Cisco Umbrella Rank: 3540	41 KB
4	rubiconproject.com 1 redirects secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1191 eus.rubiconproject.com — Cisco Umbrella Rank: 662 token.rubiconproject.com — Cisco Umbrella Rank: 504	12 KB
4	doubleclick.net 2 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 255 googleads.g.doubleclick.net — Cisco Umbrella Rank: 45	10 KB
4	unblockia.com cdn.unblockia.com — Cisco Umbrella Rank: 14219 loader.unblockia.com — Cisco Umbrella Rank: 13934	70 KB
4	supernewsportal.com supernewsportal.com	4 KB
3	smartadserver.com ww1097.smartadserver.com — Cisco Umbrella Rank: 43192 euw2.smartadserver.com — Cisco Umbrella Rank: 15434	2 KB
3	criteo.com gum.criteo.com — Cisco Umbrella Rank: 478	868 B
3	tmyzer.com c.tmyzer.com — Cisco Umbrella Rank: 36188	840 B
2	imgur.com i.imgur.com — Cisco Umbrella Rank: 7529	82 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 373	32 KB
2	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1263	2 KB
2	adleadevent.com adtrack.adleadevent.com — Cisco Umbrella Rank: 42072	1 KB
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 405	60 KB
2	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 9763	1 KB
2	cloudfront.net d2zur9cc2gf1tx.cloudfront.net	51 KB
2	cpx.to p.cpx.to — Cisco Umbrella Rank: 10542	5 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1348	18 KB
2	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 913
2	leadplace.fr tag.leadplace.fr — Cisco Umbrella Rank: 41739	11 KB
2	sascdn.com ced.sascdn.com — Cisco Umbrella Rank: 10126	73 KB
0	consensu.org Failed quantcast.mgr.consensu.org Failed
107	29

	Domain	Requested by
12	mc.yandex.com	5 redirects supernewsportal.com pranksite.net mc.yandex.ru
10	ads.themoneytizer.com	supernewsportal.com ads.themoneytizer.com pranksite.net
6	pagead2.googlesyndication.com	supernewsportal.com cdn.unblockia.com pagead2.googlesyndication.com pranksite.net
6	petchoub.com	supernewsportal.com petchoub.com pranksite.net
5	platform-cdn.sharethis.com	pranksite.net
5	pranksite.net	supernewsportal.com pranksite.net petchoub.com
5	mc.yandex.ru	2 redirects supernewsportal.com pranksite.net
4	cdn.taboola.com	supernewsportal.com cdn.taboola.com pranksite.net
4	spl.zeotap.com	ads.themoneytizer.com spl.zeotap.com
4	supernewsportal.com	supernewsportal.com petchoub.com
3	trc-events.taboola.com
3	gum.criteo.com	ads.themoneytizer.com cdn.taboola.com
3	c.tmyzer.com	ads.themoneytizer.com
2	eus.rubiconproject.com	supernewsportal.com eus.rubiconproject.com
2	ww1097.smartadserver.com	ced.sascdn.com
2	i.imgur.com	pranksite.net
2	cdn.jsdelivr.net	pranksite.net
2	rules.quantcount.com	secure.quantserve.com
2	adtrack.adleadevent.com	ajax.googleapis.com
2	loader.unblockia.com	cdn.unblockia.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	cm.g.doubleclick.net	2 redirects
2	ajax.googleapis.com	d2zur9cc2gf1tx.cloudfront.net
2	my.rtmark.net	petchoub.com
2	d2zur9cc2gf1tx.cloudfront.net	ads.themoneytizer.com
2	p.cpx.to	ads.themoneytizer.com
2	secure.quantserve.com	ads.themoneytizer.com
2	onetag-sys.com	ads.themoneytizer.com
2	tag.leadplace.fr	ads.themoneytizer.com
2	ced.sascdn.com	ads.themoneytizer.com
2	cdn.unblockia.com	supernewsportal.com pranksite.net
1	token.rubiconproject.com	eus.rubiconproject.com
1	trc.taboola.com	cdn.taboola.com
1	euw2.smartadserver.com	pranksite.net
1	secure-assets.rubiconproject.com	1 redirects
1	count-server.sharethis.com	platform-api.sharethis.com
1	buttons-config.sharethis.com	platform-api.sharethis.com
1	platform-api.sharethis.com	pranksite.net
1	mwzeom.zeotap.com	supernewsportal.com
0	quantcast.mgr.consensu.org Failed	supernewsportal.com pranksite.net
107	40

This site contains no links.

Subject Issuer	Validity	Valid
supernewsportal.com GTS CA 1P5	`2023-10-05` - `2024-01-03`	3 months	crt.sh
petchoub.com R3	`2023-09-18` - `2023-12-17`	3 months	crt.sh
1266287590.rsc.cdn77.org R3	`2023-09-27` - `2023-12-26`	3 months	crt.sh
*.unblockia.com Amazon RSA 2048 M01	`2023-02-21` - `2024-03-22`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
c.tmyzer.com R3	`2023-09-22` - `2023-12-21`	3 months	crt.sh
*.sascdn.com DigiCert TLS RSA SHA256 2020 CA1	`2023-07-14` - `2024-07-17`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2023-12-23`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-04` - `2024-05-03`	a year	crt.sh
*.leadplace.fr Gandi Standard SSL CA 2	`2023-08-30` - `2024-09-11`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-28` - `2024-01-28`	a year	crt.sh
quantserve.com R3	`2023-08-29` - `2023-11-27`	3 months	crt.sh
p.cpx.to Sectigo RSA Domain Validation Secure Server CA	`2023-01-12` - `2024-01-13`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-08-14` - `2024-01-24`	5 months	crt.sh
rtmark.net R3	`2023-07-25` - `2023-10-23`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.adleadevent.com Amazon RSA 2048 M01	`2023-06-27` - `2024-07-25`	a year	crt.sh
pranksite.net GTS CA 1P5	`2023-10-05` - `2024-01-03`	3 months	crt.sh
sharethis.com Amazon RSA 2048 M02	`2023-05-20` - `2024-06-17`	a year	crt.sh
*.imgur.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-13` - `2024-03-12`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.rubiconproject.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-07` - `2024-04-03`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh

This page contains 7 frames:

Primary Page: https://pranksite.net/pranked/6ac088178d8b55ae1cbf51ce09ec5fcc
Frame ID: ADBD65655EA52CDB62F4EC4C75A0D2C6
Requests: 91 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1697382896168
Frame ID: F8840A5A4D31D41AE0D137A39C1C6FCA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20190131/zrt_lookup.html
Frame ID: CA2DD3391EFD910FFE417865B36AC8B3
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1697382897259
Frame ID: D50796372791B0311F84F72EA59461D9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20190131/zrt_lookup.html
Frame ID: 9E3322B4C78B0EE341372527371B8B84
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Frame ID: 5DF41F4FA848ADBFE3998F66FFF02DDC
Requests: 3 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/themonetizer-network/loader.js
Frame ID: EB9898CDB505580A140B6CCE4411C48F
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Prank Site | Pranked

Page URL History Show full URLs

https://supernewsportal.com/free-candy-147189 Page URL
https://pranksite.net/pranked/6ac088178d8b55ae1cbf51ce09ec5fcc Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

107
Requests

93 %
HTTPS

43 %
IPv6

29
Domains

40
Subdomains

34
IPs

7
Countries

2131 kB
Transfer

7300 kB
Size

29
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://supernewsportal.com/free-candy-147189 Page URL
https://pranksite.net/pranked/6ac088178d8b55ae1cbf51ce09ec5fcc Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27

https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=fce1c2f0-12c0-445b-6793-ef3a7b28ef93&reqId=9bb08c64-8e3c-4586-5e49-0e75d381512e&zdid=1258 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=fce1c2f0-12c0-445b-6793-ef3a7b28ef93&reqId=9bb08c64-8e3c-4586-5e49-0e75d381512e&zdid=1258&google_tc= HTTP 302
https://mwzeom.zeotap.com/mw?google_gid=CAESEHdsqArTTIcz3SfRGP8v_u0&google_cver=1&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=fce1c2f0-12c0-445b-6793-ef3a7b28ef93&reqId=9bb08c64-8e3c-4586-5e49-0e75d381512e&zdid=1258

Request Chain 33

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10157.DyP77o8VUMm-GmSuNaXRXnLmF3ove6MLtFauOLGuYne1LfYKQB3t1OKeqCmra_7b.iAeDWZ32gINsBmYF-V8Cijs05iw%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=10157.ICYaa9-ieuivUAmexaEEQDFw1snv-1w-gROtWnxscHh8EUbd0CN2qrsIu-W-XgE19ZqR3F43_KzdppcRN1B_SH8i2i4HZFiO3Qxd2oQ_SuQ%2C.mHoieKg7Kk__qfO5jHwkM3rn-0I%2C

Request Chain 36

https://mc.yandex.com/watch/90922533?wmode=7&page-url=https%3A%2F%2Fsupernewsportal.com%2Ffree-candy-147189&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Afp%3A380%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1135%3Acn%3A2%3Adp%3A0%3Als%3A1425613437851%3Ahid%3A580359893%3Az%3A120%3Ai%3A20231015171456%3Aet%3A1697382897%3Ac%3A1%3Arn%3A49711452%3Arqn%3A1%3Au%3A1697382897843976688%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C62%2C74%2C1%2C0%2C0%2C%2C192%2C0%2C%2C%2C%2C373%3Aco%3A0%3Acpf%3A1%3Ans%3A1697382895810%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1697382897%3At%3AFree%20candy&t=gdpr(14%2C14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
https://mc.yandex.com/watch/90922533/1?wmode=7&page-url=https%3A%2F%2Fsupernewsportal.com%2Ffree-candy-147189&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Afp%3A380%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1135%3Acn%3A2%3Adp%3A0%3Als%3A1425613437851%3Ahid%3A580359893%3Az%3A120%3Ai%3A20231015171456%3Aet%3A1697382897%3Ac%3A1%3Arn%3A49711452%3Arqn%3A1%3Au%3A1697382897843976688%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C62%2C74%2C1%2C0%2C0%2C%2C192%2C0%2C%2C%2C%2C373%3Aco%3A0%3Acpf%3A1%3Ans%3A1697382895810%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1697382897%3At%3AFree%20candy&t=gdpr%2814%2C14%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29&redirnss=1

Request Chain 37

https://mc.yandex.com/watch/84679249?wmode=7&page-url=https%3A%2F%2Fsupernewsportal.com%2Ffree-candy-147189&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Afp%3A380%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1135%3Acn%3A1%3Adp%3A0%3Als%3A1293165262153%3Ahid%3A580359893%3Az%3A120%3Ai%3A20231015171456%3Aet%3A1697382897%3Ac%3A1%3Arn%3A408862902%3Arqn%3A1%3Au%3A1697382897843976688%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C62%2C74%2C1%2C0%2C0%2C%2C192%2C0%2C%2C%2C%2C373%3Aco%3A0%3Acpf%3A1%3Ans%3A1697382895810%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1697382897%3At%3AFree%20candy&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
https://mc.yandex.com/watch/84679249/1?wmode=7&page-url=https%3A%2F%2Fsupernewsportal.com%2Ffree-candy-147189&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Afp%3A380%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1135%3Acn%3A1%3Adp%3A0%3Als%3A1293165262153%3Ahid%3A580359893%3Az%3A120%3Ai%3A20231015171456%3Aet%3A1697382897%3Ac%3A1%3Arn%3A408862902%3Arqn%3A1%3Au%3A1697382897843976688%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C62%2C74%2C1%2C0%2C0%2C%2C192%2C0%2C%2C%2C%2C373%3Aco%3A0%3Acpf%3A1%3Ans%3A1697382895810%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1697382897%3At%3AFree%20candy&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29&redirnss=1

Request Chain 69

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10157.Z2qNEUTknAcSMnYQBOcTjHYDi1py0cb5dz-aFAE0ES7xgmEz2wZafl4N0Uv77jrP.hnQE05VnGu92IHbKILmVcZTjhUY%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=10157.3dapp2ukPwymVIxuHD8M9513MjVJVlSv9pbrGptHtxwqT1eWwx7y-2MHUUyEiR4BDrOPdHFfIpR23xHpYnMkIDtO6lz-r9RJUudT5YNCusA%2C.0bG7wXnw1KkGpglp8vrnCuovw5M%2C HTTP 302
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10157.wH9dZ6k0MN3PrEIvUqd6EKDgFVmOYG7i-jbfY5nxmfb2GuqgZM6wEX0ID_I7f9LqQUsevhaqFtJ59LxCLoAc6NCakovmn7L7QS4UQdUrQ9gDU3ZFrQcxLU5rn-1UsuGo-BJEMEFd4CXjTZh_wN6-Ts-gX5CKrIFQCMvknAZLpIKBzYZdZ8bgCaC-e8bMpXUTzfPWfxIcnryXhHFacYAwBQ%2C%2C.cb4vRq-_OdZLR5X3Ai6VXzEi5jM%2C

Request Chain 93

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=smartadserver&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu

107 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 free-candy-147189 Show response
supernewsportal.com/ 11 KB
3 KB 173ms
74ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://supernewsportal.com/free-candy-147189
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13b6404438300bfebf4f48de95a44c5639f616748aec17e7fdc4cb67e28aaee7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 816903bb8e166627-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 15 Oct 2023 15:14:55 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B%2BvZsE1bGvpI5xJFDIMRW7vOOAwtRk9Qoifa%2FRUv7Zqj6cZ5NDgszJC5UiLYd6fEVbdPGl0pWs%2B2ZPdU2QlIKPc%2Bt5vNZccG6v48fk7S9ngagvmK0Qd86PYxFXxYEHmJcWhbp5oBd4peX3LOnx%2Bvla0%2B"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 micro.tag.min.js Show response
petchoub.com/pfe/current/ 26 KB
11 KB 197ms
50ms Script
application/javascript 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://petchoub.com/pfe/current/micro.tag.min.js?z=5943046&sw=/sw-check-permissions.js
Requested by: Host: supernewsportal.com
URL: https://supernewsportal.com/free-candy-147189
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 4cb9ba6761454eb812b6ac09519f152111e1aa4362a9a058cfa65bf7f467585a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://supernewsportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Oct 2023 15:14:56 GMT
content-encoding: gzip
last-modified: Thu, 12 Oct 2023 11:51:57 GMT
server: nginx
etag: W/"6527dddd-68a0"
content-type: application/javascript
cache-control: no-cache
access-control-allow-credentials: true

GET
H2 200 gen.js Show response
ads.themoneytizer.com/s/ 4 KB
3 KB 134ms
36ms Script
text/html 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/gen.js?type=6
Requested by: Host: supernewsportal.com
URL: https://supernewsportal.com/free-candy-147189
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 9d6941be30ffc5f9a8b0d95dd5dd823e408519818d8df064d24bada85593dba2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://supernewsportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-77-nzt: AcO1qhE3Nzf/kj8DAA
x-accel-expires: @1697774814
date: Sun, 15 Oct 2023 15:14:56 GMT
x-77-pop: frankfurtDE
x-77-age: 212882
content-encoding: gzip
server: CDN77-Turbo
x-77-nzt-ray: 4c156224a3f64f07f0012c650a688b06
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
x-77-cache: HIT
cache-control: max-age=604800
x-age: 212882
x-accel-date: 1697170014

GET
H2 200 requestform.js Show response
ads.themoneytizer.com/s/ 182 KB
20 KB 168ms
70ms Script
text/html 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/requestform.js?siteId=83273&formatId=6
Requested by: Host: supernewsportal.com
URL: https://supernewsportal.com/free-candy-147189
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 3ecba50d362ffa306af0c30665ab0d9a459e07a4a431ba21a4f6fff26a4f4a2e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://supernewsportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-77-nzt: AcO1qhE3Nzf/LgAAAA
x-accel-expires: @1697987650
date: Sun, 15 Oct 2023 15:14:56 GMT
x-77-pop: frankfurtDE
x-77-age: 46
content-encoding: gzip
server: CDN77-Turbo
x-77-nzt-ray: 4c156224a3f64f07f0012c65142d9506
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
x-77-cache: HIT
cache-control: max-age=604800
x-age: 46
x-accel-date: 1697382850

GET
H2 200 h.js Show response
cdn.unblockia.com/ 164 KB
35 KB 126ms
42ms Script
application/x-javascript 2600:9000:211e:7a00:12:abfb:9280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unblockia.com/h.js
Requested by: Host: supernewsportal.com
URL: https://supernewsportal.com/free-candy-147189
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:7a00:12:abfb:9280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b7d2974070cf9f476d97e4401209a440e8fee787781d9084655cca366dad4d21

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://supernewsportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id: m8vKRZ4OANVjVfMIKL3cKYiXKt6EM9QQ
content-encoding: br
via: 1.1 dca6db3c8f31f3cd48bb06d78a8be624.cloudfront.net (CloudFront)
date: Sun, 15 Oct 2023 14:15:51 GMT
x-amz-cf-pop: FRA56-C2
age: 3546
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:987257285531:build/unblockia-loader-codebuild-project:4e52eb3f-761b-4c10-a85a-162fb4fa3980
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: fb4d4b7b1d35720e2d2481016ef4369b
last-modified: Tue, 20 Jun 2023 10:06:46 GMT
server: AmazonS3
etag: W/"bc5af0220c4116294c4e9c72ae4e244c"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
x-amz-meta-codebuild-content-sha256: 02f1ef29ead1d705cce351046cded37a79615ae12624547bfa0e8307765c8765
x-amz-cf-id: uu5t0ehgCM2Lxjqx9QV66Bufxa8LhqBAjOarjRSTluNFgCrLpyDBjA==

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
50 KB 258ms
125ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3088437782050756

Requested by

Host: supernewsportal.com
URL: https://supernewsportal.com/free-candy-147189

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef01d0ddc569c9eb1c586facf911a60eda357cb97eb4d8578b5e90965e13bd51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://supernewsportal.com/
Origin: https://supernewsportal.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 15:14:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51017
x-xss-protection: 0
server: cafe
etag: 10351942163568555096
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 15 Oct 2023 15:14:56 GMT

GET choice.js
quantcast.mgr.consensu.org/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/ 0
0

GET
H/1.1 200
OK / Show response
c.tmyzer.com/c/ 0
280 B 145ms
52ms XHR
text/html 54.38.64.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tmyzer.com/c/?s=83273&f=6&fi=99
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=83273&formatId=6
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://supernewsportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 15:14:56 GMT
server: nginx
x-iplb-request-id: 1FCC98C5:8536_36264064:01BB_652C01F0_56F2417:01FC
x-iplb-instance: 38431
transfer-encoding: chunked
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
geo: rbx

GET
H2 200 lib_fs_close.js Show response
ads.themoneytizer.com/ 667 B
811 B 35ms
34ms Script
application/javascript 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/lib_fs_close.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=83273&formatId=6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: e5014bac0fa3e49a6eab8b146d9d57d5ef82b624aa3593900ce1cac72cb97882

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://supernewsportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 15 Oct 2023 15:14:56 GMT
content-encoding: gzip
x-cache: HIT
x-77-cache: HIT
x-age: 40080
x-accel-date: 1697342816
x-77-nzt: AcO1qhE3Nzf/kJwAAA
pragma: public
x-accel-expires: @1697429216
x-77-age: 40080
last-modified: Thu, 19 Jan 2023 15:05:03 GMT
server: CDN77-Turbo
x-77-nzt-ray: 4c156224a3f64f07f0012c6573a8490b
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400, public, no-transform
expires: Sat, 14 Oct 2023 04:06:54 GMT

GET
H/1.1 200
OK smart.js Show response
ced.sascdn.com/tag/1097/ 110 KB
37 KB 136ms
39ms Script
application/javascript 2.16.238.147
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ced.sascdn.com/tag/1097/smart.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=83273&formatId=6
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.238.147 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-238-147.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f28fdae33f8ef4ea1c515edc121c58a5d8117f6b69b7069b2029578313fcfb8d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://supernewsportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sun, 15 Oct 2023 15:14:56 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=7200
Connection: keep-alive
Content-Length: 37248
Expires: Sun, 15 Oct 2023 17:14:56 GMT

GET
H2 200 sync Show response
gum.criteo.com/ 49 B
291 B 115ms
38ms Script
text/javascript 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=83273&formatId=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://supernewsportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 15:14:55 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 239640
expires: 60

GET
H2 200 mapper.js Show response
spl.zeotap.com/ 61 KB
20 KB 110ms
38ms Script
application/javascript 2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spl.zeotap.com/mapper.js?env=mWeb&eventType=pageview&zdid=1258

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=83273&formatId=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1df2e870b373f1bf5c660a65e0afc2c47226992fdec0b26db18aff14e9d3299b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://supernewsportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 15:14:56 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=2592000; includeSubDomains; preload
age: 1633
cf-polished: origSize=62059
cf-bgj: minify
server: cloudflare
vary: Origin, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://family-news.space
cache-control: public, max-age=21600
access-control-allow-credentials: true
cf-ray: 816903bd98a40bcc-AMS
access-control-allow-headers: *
expires: Sun, 15 Oct 2023 20:47:43 GMT

GET
H/1.1 200
OK libJsLP.js Show response
tag.leadplace.fr/ 5 KB
6 KB 169ms
36ms Script
application/javascript 145.239.193.51
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.leadplace.fr/libJsLP.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=83273&formatId=6
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 145.239.193.51 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 80fccb00db57a177d26368cda09f8a540cf1aa641b8b6837047e86d3bd8d6333

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://supernewsportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 15:14:56 GMT
last-modified: Thu, 14 Oct 2021 07:27:52 GMT
server: nginx/1.20.1
x-iplb-request-id: 1FCC98C5:DB22_91EFC133:01BB_652C01F0_52FB53C:A158
etag: "6167dbf8-15ab"
x-iplb-instance: 29922
content-type: application/javascript
accept-ranges: bytes
content-length: 5547

GET
H2 204 /
onetag-sys.com/usync/ Frame F884 0
0 110ms
33ms Document
text/plain 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1697382896168

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=83273&formatId=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://supernewsportal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 200 quant.js Show response
secure.quantserve.com/ 22 KB
9 KB 354ms
45ms Script
application/javascript 2620:116:800d:21:c5a4:625:6563:a5bb
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=83273&formatId=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7c1b0b0523c8cd715c6a906f13a121cd27392d8e61d58c38c7ceb32ec22e59f4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://supernewsportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 15:14:56 GMT
content-encoding: gzip
etag: "6ioqmyHWSWLYz5hkRjy8Uw=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Sun, 22 Oct 2023 15:14:56 GMT

GET
H2 200 px.js Show response
p.cpx.to/p/12773/ 6 KB
3 KB 154ms
45ms Script
application/javascript 99.80.145.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.cpx.to/p/12773/px.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=83273&formatId=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.145.6 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-145-6.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: ff2e9142e32199e94f813d5de7b8ec2872870bdb5679e832f863907ebc65db55

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://supernewsportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 15:14:56 GMT
content-encoding: gzip
cache-control: max-age=7200, public
content-type: application/javascript; charset=UTF-8

GET
H/1.1 200
OK notifyme.js Show response
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/ 25 KB
26 KB 98ms
29ms Script
text/javascript 108.156.61.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=83273&formatId=6
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.61.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-61-80.ams1.r.cloudfront.net
Software: Apache /
Resource Hash: b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://supernewsportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sun, 15 Oct 2023 07:14:13 GMT
Via: 1.1 d3a48a8630785a2a858cfdeb83e66c24.cloudfront.net (CloudFront)
Last-Modified: Mon, 18 Feb 2019 16:54:28 GMT
Server: Apache
X-Amz-Cf-Pop: AMS1-P2
Age: 28843
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 25704
X-Amz-Cf-Id: o4dVV2GWKOYTh5hk1V6K4B7FT9ZXbmdygYAyGCX2-vybMn6no_qJzg==

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 202 KB
70 KB 362ms
158ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: supernewsportal.com
URL: https://supernewsportal.com/free-candy-147189

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e9597987b6f5f6a1e2c0a9bb76f9728ad3bda5548c3b1341dac1e7708c18ee7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://supernewsportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 15:14:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Fri, 06 Oct 2023 14:28:02 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "651fef42-11470"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 70768
expires: Sun, 15 Oct 2023 16:14:56 GMT

POST
H2 200 user.php Show response
supernewsportal.com/ 0
307 B 69ms
68ms XHR
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://supernewsportal.com/user.php
Requested by: Host: supernewsportal.com
URL: https://supernewsportal.com/free-candy-147189
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://supernewsportal.com/free-candy-147189
X-Requested-With: XMLHttpRequest
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sun, 15 Oct 2023 15:14:56 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pw0VWdfP%2BBzIuJTcX3%2FwwXh7%2BTZcL788KfNyoVCyK6hfrkDdlUNxOauU8ZjhviNFT77iX5W4cyOFOqL%2BSHpSQyFUa4yhlRFpwvwumqXAk8r64aIftUuTaia6GiMnl87iSbtzXvJOrKYeBNegIokkUFdM"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 816903bd3f906627-AMS
alt-svc: h3=":443"; ma=86400

POST
H2 200 user.php Show response
supernewsportal.com/ 0
282 B 74ms
74ms XHR
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://supernewsportal.com/user.php
Requested by: Host: supernewsportal.com
URL: https://supernewsportal.com/free-candy-147189
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://supernewsportal.com/free-candy-147189
X-Requested-With: XMLHttpRequest
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sun, 15 Oct 2023 15:14:56 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CwBuMtusRxsvruEUG26bua96HpRGL2mMX8ADd17tHy1h5zNT%2BUNrTZjwLUFmsG2b2cy0FliKUa6UDNcgIo3z2gACC5chaGu5XeCWWSYuPCLqYpevFTvLz%2FWIQNvSngUJ5XwrtYOeB1%2BNpLWGaqQJyKbQ"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 816903bd3f956627-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
50 KB 159ms
158ms Fetch
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?test_adblock=true

Requested by

Host: cdn.unblockia.com
URL: https://cdn.unblockia.com/h.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cbfc11aa13ad13650323d9705a7f8769e3d0f2a80b6599cc30503cfc37a26c94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://supernewsportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 15:14:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50831
x-xss-protection: 0
server: cafe
etag: 12670431246010494724
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 15 Oct 2023 15:14:56 GMT

GET
H2 404 sw-check-permissions.js
supernewsportal.com/ 0
0 71ms
70ms Other
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://supernewsportal.com/sw-check-permissions.js
Requested by: Host: petchoub.com
URL: https://petchoub.com/pfe/current/micro.tag.min.js?z=5943046&sw=/sw-check-permissions.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://supernewsportal.com/free-candy-147189
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 15:14:56 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lCRSMSNNNWZw3hDlslF6qs6qC1tyD0psogicAgl5xLPH%2BA1D4atw8wuUcG9AnemE9ZgLOZCxf1r0rS2ZA79C9D6Iv2nwrja6vGupafwxEYYTmp75X%2BlTJNOtcNMP9XMq3jTJhEM5I4PWst%2BFfYHzDlbL"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: max-age=14400
cf-ray: 816903bd5fae6627-AMS
alt-svc: h3=":443"; ma=86400

POST
H2 200 zone
petchoub.com/ 0
260 B 26ms
25ms Ping
text/plain 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://petchoub.com/zone?&pub=0&zone_id=5943046&is_mobile=false&domain=supernewsportal.com&var=&ymid=&var_3=&var_4=&dsig=&tg=1&action=prerequest

Requested by

Host: petchoub.com
URL: https://petchoub.com/pfe/current/micro.tag.min.js?z=5943046&sw=/sw-check-permissions.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://supernewsportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-trace-id: d3aea6bedf71f480f9dd3717a50ca7b2
date: Sun, 15 Oct 2023 15:14:56 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-origin: https://supernewsportal.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length: 0

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
546 B 104ms
36ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=5943046&checkDuplicate=true&ymid=&var=

Requested by

Host: petchoub.com
URL: https://petchoub.com/pfe/current/micro.tag.min.js?z=5943046&sw=/sw-check-permissions.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

c3eca1c9fa72c7abd8fcde523d04e443fa9f272ef6c350c07a4c12751e1d847b

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://supernewsportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 15:14:56 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://supernewsportal.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H2 200 zone Show response
petchoub.com/ 774 B
1 KB 80ms
25ms Fetch
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://petchoub.com/zone?&pub=0&zone_id=5943046&is_mobile=false&domain=supernewsportal.com&var=&ymid=&var_3=&var_4=&dsig=&tg=1&action=settings

Requested by

Host: petchoub.com
URL: https://petchoub.com/pfe/current/micro.tag.min.js?z=5943046&sw=/sw-check-permissions.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

f042517e7781259f4ddee33e49793c0d6bad91d9e266cce125e8506f1d05aac7

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://supernewsportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-trace-id: d478d5b52d92f67ead7ce3bd27ffbfde
date: Sun, 15 Oct 2023 15:14:56 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: https://supernewsportal.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length: 774

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.0.0/ 84 KB
30 KB 115ms
35ms Script
text/javascript 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js

Requested by

Host: d2zur9cc2gf1tx.cloudfront.net
URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://supernewsportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 10:44:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 275416
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30186
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Oct 2024 10:44:40 GMT

GET
H2 200 / Show response
spl.zeotap.com/ 429 B
629 B 44ms
44ms XHR
text/html 2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spl.zeotap.com/?env=mWeb&eventType=pageview&zdid=1258

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/mapper.js?env=mWeb&eventType=pageview&zdid=1258

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98f8119f46f5c38b043e57f98f18d8bf98a7a34bad646d17a23844ffc0f125ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://supernewsportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 15:14:56 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: text/html
access-control-allow-origin: https://supernewsportal.com
access-control-allow-credentials: true
cf-ray: 816903bdf8f80bcc-AMS
access-control-allow-headers: *

GET
H2

200

mw
mwzeom.zeotap.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=fce1c2f0-12c0-445b-6793-ef3a7b28ef93&reqId=9bb08c64-8e3c-4586-5e49-0e75d381512e&...
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=fce1c2f0-12c0-445b-6793-ef3a7b28ef93&reqId=9bb08c64-8e3c-4586-5e49-0e75d381512e...
https://mwzeom.zeotap.com/mw?google_gid=CAESEHdsqArTTIcz3SfRGP8v_u0&google_cver=1&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=fce1c2f0-12c0-445b-6793-ef3a7b28ef93&reqId=9bb08c64-8e3c-4586-5e4...

95 B
165 B

57ms
48ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?google_gid=CAESEHdsqArTTIcz3SfRGP8v_u0&google_cver=1&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=fce1c2f0-12c0-445b-6793-ef3a7b28ef93&reqId=9bb08c64-8e3c-4586-5e49-0e75d381512e&zdid=1258

Requested by

Host: supernewsportal.com
URL: https://supernewsportal.com/free-candy-147189

Protocol

Server

2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://supernewsportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 15:14:56 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://supernewsportal.com
access-control-allow-credentials: true
cf-ray: 816903c03bd30bcc-AMS
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Sun, 15 Oct 2023 15:14:56 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://mwzeom.zeotap.com/mw?google_gid=CAESEHdsqArTTIcz3SfRGP8v_u0&google_cver=1&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=fce1c2f0-12c0-445b-6793-ef3a7b28ef93&reqId=9bb08c64-8e3c-4586-5e49-0e75d381512e&zdid=1258
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 446
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310120101/ 394 KB
134 KB 261ms
139ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3088437782050756&plah=supernewsportal.com&bust=31078802

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3088437782050756

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://supernewsportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 15:14:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 136746
x-xss-protection: 0
server: cafe
etag: 14934532317266241366
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 15 Oct 2023 15:14:56 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231011/r20190131/ Frame CA2D 10 KB
5 KB 111ms
33ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231011/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3088437782050756

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://supernewsportal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 8321
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 15 Oct 2023 12:56:15 GMT
etag: 2603938475786422795
expires: Sun, 29 Oct 2023 12:56:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 403 id.json
loader.unblockia.com/c/supernewsportal.com/ 255 B
543 B 215ms
143ms Fetch
application/xml 2600:9000:211e:7a00:12:abfb:9280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://loader.unblockia.com/c/supernewsportal.com/id.json
Requested by: Host: cdn.unblockia.com
URL: https://cdn.unblockia.com/h.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:7a00:12:abfb:9280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://supernewsportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 15:14:56 GMT
via: 1.1 3d58896f901dbeed449603f5d2b4d9f0.cloudfront.net (CloudFront)
server: AmazonS3
x-amz-cf-pop: FRA56-C2
x-cache: Error from cloudfront
content-type: application/xml
access-control-allow-origin: *
access-control-expose-headers: *
x-amz-cf-id: yJ9xObLA89Aqj7CjIiJ4hly9ebxstCTFYYnxViZnQg5YR99HjTy2cQ==

GET
H/1.1 200
OK notifyme.php
adtrack.adleadevent.com/ 0
925 B 219ms
45ms XHR
application/x-javascript 54.229.17.200
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.229.17.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-17-200.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://supernewsportal.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 15 Oct 2023 15:14:56 GMT
Content-Encoding: gzip
Last-Modified: Sun, 15 Oct 2023 15:14:56 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: https://supernewsportal.com
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0, no-cache="set-cookie"
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 rules-p-6Fv0cGNfc_bw8.js
rules.quantcount.com/ 1 KB
1 KB 158ms
42ms Script
application/javascript 2600:9000:223c:dc00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:dc00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://supernewsportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 14:39:24 GMT
content-encoding: gzip
via: 1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 2133
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Thu, 13 Oct 2022 22:35:53 GMT
server: AmazonS3
etag: W/"1f431dc94c1f033d6666f0fe637e2d7b"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-id: OZMZ2QAxMjWugdg2PCe_Fwc1VL_lAZUdhsTQUuPV5AYEcLTD-OqO0A==

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10157.DyP77o8VUMm-GmSuNaXRXnLmF3ove6MLtFauOLGuYne1LfYKQB3t1OKeqCmra_7b.iAeDWZ32gINsBmYF-V8Cijs05iw%2C
https://mc.yandex.com/sync_cookie_image_decide?token=10157.ICYaa9-ieuivUAmexaEEQDFw1snv-1w-gROtWnxscHh8EUbd0CN2qrsIu-W-XgE19ZqR3F43_KzdppcRN1B_SH8i2i4HZFiO3Qxd2oQ_SuQ%2C.mHoieKg7Kk__qfO5jHwkM3rn-0I%2C

43 B
67 B

82ms
81ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=10157.ICYaa9-ieuivUAmexaEEQDFw1snv-1w-gROtWnxscHh8EUbd0CN2qrsIu-W-XgE19ZqR3F43_KzdppcRN1B_SH8i2i4HZFiO3Qxd2oQ_SuQ%2C.mHoieKg7Kk__qfO5jHwkM3rn-0I%2C

Protocol

Server

2a02:6b8::1:119 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://supernewsportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 15:14:56 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=10157.ICYaa9-ieuivUAmexaEEQDFw1snv-1w-gROtWnxscHh8EUbd0CN2qrsIu-W-XgE19ZqR3F43_KzdppcRN1B_SH8i2i4HZFiO3Qxd2oQ_SuQ%2C.mHoieKg7Kk__qfO5jHwkM3rn-0I%2C
date: Sun, 15 Oct 2023 15:14:56 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
137 B 101ms
79ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: supernewsportal.com
URL: https://supernewsportal.com/free-candy-147189

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://supernewsportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 15:14:56 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 06 Oct 2023 14:26:04 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "651feecc-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sun, 15 Oct 2023 16:14:56 GMT

GET
H2 200 prebid.js
ads.themoneytizer.com/moneybid8_17/build/dist/ 582 KB
189 KB 44ms
44ms Script
application/javascript 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneybid8_17/build/dist/prebid.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=83273&formatId=6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://supernewsportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 15 Oct 2023 15:14:56 GMT
content-encoding: gzip
x-cache: HIT
x-77-cache: HIT
x-age: 40078
x-accel-date: 1697342818
x-77-nzt: AcO1qhE3Nzf/jpwAAA
pragma: public
x-accel-expires: @1697429218
x-77-age: 40078
last-modified: Mon, 02 Oct 2023 20:52:02 GMT
server: CDN77-Turbo
x-77-nzt-ray: 4c156224a3f64f07f0012c656a554629
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400, public, no-transform
expires: Sat, 14 Oct 2023 04:06:55 GMT

GET
H2 200 Primary Request 6ac088178d8b55ae1cbf51ce09ec5fcc Show response
pranksite.net/pranked/ 19 KB
5 KB 458ms
359ms Document
text/html 2606:4700:3031::ac43:bfd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pranksite.net/pranked/6ac088178d8b55ae1cbf51ce09ec5fcc
Requested by: Host: supernewsportal.com
URL: https://supernewsportal.com/free-candy-147189
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:bfd4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0eb9f54b6c7674acd7a9c1595f5f5a11c9cdf935d05a5f4a116291a6f36b48c6

Request headers

Referer: https://supernewsportal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 816903c0fc290a78-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 15 Oct 2023 15:14:57 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wSGPuRwMPqmKEJinD%2FOETUttjuJRCTYETKiKGMVGCwXhkvmmIsCxMieed6POSAAgGZZMEChpFUSK%2FU9GDdJlDiQayRIHvBYFMXoYveAaYP%2BsZSjpCymtwNqXMT9HhAEZVZpKKqw%2BbJQNiyyl"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2

200

1
mc.yandex.com/watch/90922533/
Redirect Chain

https://mc.yandex.com/watch/90922533?wmode=7&page-url=https%3A%2F%2Fsupernewsportal.com%2Ffree-candy-147189&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Afp%3A38...
https://mc.yandex.com/watch/90922533/1?wmode=7&page-url=https%3A%2F%2Fsupernewsportal.com%2Ffree-candy-147189&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Afp%3A...

435 B
599 B

83ms
82ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/90922533/1?wmode=7&page-url=https%3A%2F%2Fsupernewsportal.com%2Ffree-candy-147189&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Afp%3A380%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1135%3Acn%3A2%3Adp%3A0%3Als%3A1425613437851%3Ahid%3A580359893%3Az%3A120%3Ai%3A20231015171456%3Aet%3A1697382897%3Ac%3A1%3Arn%3A49711452%3Arqn%3A1%3Au%3A1697382897843976688%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C62%2C74%2C1%2C0%2C0%2C%2C192%2C0%2C%2C%2C%2C373%3Aco%3A0%3Acpf%3A1%3Ans%3A1697382895810%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1697382897%3At%3AFree%20candy&t=gdpr%2814%2C14%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29&redirnss=1

Protocol

Server

2a02:6b8::1:119 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://supernewsportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Oct 2023 15:14:57 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Sun, 15-Oct-2023 15:14:57 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://supernewsportal.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 435
x-xss-protection: 1; mode=block
expires: Sun, 15-Oct-2023 15:14:57 GMT

Redirect headers

pragma: no-cache
date: Sun, 15 Oct 2023 15:14:56 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 15-Oct-2023 15:14:56 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/90922533/1?wmode=7&page-url=https%3A%2F%2Fsupernewsportal.com%2Ffree-candy-147189&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Afp%3A380%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1135%3Acn%3A2%3Adp%3A0%3Als%3A1425613437851%3Ahid%3A580359893%3Az%3A120%3Ai%3A20231015171456%3Aet%3A1697382897%3Ac%3A1%3Arn%3A49711452%3Arqn%3A1%3Au%3A1697382897843976688%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C62%2C74%2C1%2C0%2C0%2C%2C192%2C0%2C%2C%2C%2C373%3Aco%3A0%3Acpf%3A1%3Ans%3A1697382895810%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1697382897%3At%3AFree%20candy&t=gdpr%2814%2C14%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29&redirnss=1
access-control-allow-origin: https://supernewsportal.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Sun, 15-Oct-2023 15:14:56 GMT

GET
H2

200

1
mc.yandex.com/watch/84679249/
Redirect Chain

https://mc.yandex.com/watch/84679249?wmode=7&page-url=https%3A%2F%2Fsupernewsportal.com%2Ffree-candy-147189&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Afp%3A38...
https://mc.yandex.com/watch/84679249/1?wmode=7&page-url=https%3A%2F%2Fsupernewsportal.com%2Ffree-candy-147189&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Afp%3A...

435 B
467 B

82ms
82ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/84679249/1?wmode=7&page-url=https%3A%2F%2Fsupernewsportal.com%2Ffree-candy-147189&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Afp%3A380%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1135%3Acn%3A1%3Adp%3A0%3Als%3A1293165262153%3Ahid%3A580359893%3Az%3A120%3Ai%3A20231015171456%3Aet%3A1697382897%3Ac%3A1%3Arn%3A408862902%3Arqn%3A1%3Au%3A1697382897843976688%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C62%2C74%2C1%2C0%2C0%2C%2C192%2C0%2C%2C%2C%2C373%3Aco%3A0%3Acpf%3A1%3Ans%3A1697382895810%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1697382897%3At%3AFree%20candy&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29&redirnss=1

Protocol

Server

2a02:6b8::1:119 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://supernewsportal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Oct 2023 15:14:57 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Sun, 15-Oct-2023 15:14:57 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://supernewsportal.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 435
x-xss-protection: 1; mode=block
expires: Sun, 15-Oct-2023 15:14:57 GMT

Redirect headers

pragma: no-cache
date: Sun, 15 Oct 2023 15:14:56 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 15-Oct-2023 15:14:56 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/84679249/1?wmode=7&page-url=https%3A%2F%2Fsupernewsportal.com%2Ffree-candy-147189&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Afp%3A380%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1135%3Acn%3A1%3Adp%3A0%3Als%3A1293165262153%3Ahid%3A580359893%3Az%3A120%3Ai%3A20231015171456%3Aet%3A1697382897%3Ac%3A1%3Arn%3A408862902%3Arqn%3A1%3Au%3A1697382897843976688%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C62%2C74%2C1%2C0%2C0%2C%2C192%2C0%2C%2C%2C%2C373%3Aco%3A0%3Acpf%3A1%3Ans%3A1697382895810%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1697382897%3At%3AFree%20candy&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29&redirnss=1
access-control-allow-origin: https://supernewsportal.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Sun, 15-Oct-2023 15:14:56 GMT

GET sync_cookie_image_check_secondary
mc.yandex.com/ 0
0

GET
H2 200 bootstrap-icons.css
cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/ 64 KB
9 KB 109ms
40ms Stylesheet
text/css 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/bootstrap-icons.css

Requested by

Host: pranksite.net
URL: https://pranksite.net/pranked/6ac088178d8b55ae1cbf51ce09ec5fcc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c325075337b768950583012228055ae392e384688d77ec5235e6ca88dcec6ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pranksite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 15:14:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 20328079
x-jsd-version: 1.5.0
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230101-FRA, cache-jnb7026-JNB
x-jsd-version-type: version
server: cloudflare
etag: W/"100a0-GGXd3Lt7Z9zvQlDlkMyalXSrpnM"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xkc4EpUVPse1dl5YPUzdyuaHFxIXGGZok5tm9Ar8TRMYn8o4BX9CKXIDVkAqsSyitUA7sA7tePQd8MFjWersWR93hFrYWsWI00HD3nSRz0T1FVY%2FHHDcR7fIUUgK%2Fmh0IjAJ7avF8O8tLQYFDS8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 816903c3aebf6650-AMS

GET
H2 200 styles.css
pranksite.net/css/ 202 KB
27 KB 38ms
37ms Stylesheet
text/css 2606:4700:3031::ac43:bfd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pranksite.net/css/styles.css
Requested by: Host: pranksite.net
URL: https://pranksite.net/pranked/6ac088178d8b55ae1cbf51ce09ec5fcc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:bfd4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e5b1b6028e74f619c888841e704a09804da14d7f73e80d61ca903c2212eecb9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pranksite.net/pranked/6ac088178d8b55ae1cbf51ce09ec5fcc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 15:14:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 28 Aug 2021 23:49:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 75853
etag: W/"612acba1-326d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BkWh3AiYfVZrLqPGwCHLnPKbaDd0tf%2FDDZltSU7IP1mo%2Blu3giQ5kVoBzWZGhaKEN9PerXB%2FyIrkiZRkEDE98Dk4sy2zZ38IMkIzLV6H%2F0fCOMQ00u7R3QX91hhV455PPqsCksyiourkChsc"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 816903c34e8d0a78-AMS
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 sharethis.js Show response
platform-api.sharethis.com/js/ 203 KB
46 KB 134ms
39ms Script
text/javascript 13.32.99.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://platform-api.sharethis.com/js/sharethis.js

Requested by

Host: pranksite.net
URL: https://pranksite.net/pranked/6ac088178d8b55ae1cbf51ce09ec5fcc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.22 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-22.fra60.r.cloudfront.net

Software

Resource Hash

73118f58510f80a1610100bd3dd56ef7328382a477a0430004be5b76e9a724dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pranksite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 15:09:11 GMT
content-encoding: gzip
via: 1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA60-P3
age: 346
etag: W/"32d37-ZSMPdNFuNLYLRj51RfdXTWzgHX8"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
edge-control: cache-maxage=60m,downstream-ttl=60m
cache-control: max-age=600, public
x-cache: Hit from cloudfront
x-amz-cf-id: FnTKIABPRtQvNQm6_f0vtb8NPtkr_6qP2ZDikhNQSZBeTOL_M1l7lA==

GET
H2 200 micro.tag.min.js Show response
petchoub.com/pfe/current/ 26 KB
11 KB 759ms
752ms Script
application/javascript 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://petchoub.com/pfe/current/micro.tag.min.js?z=5943046&sw=/sw-check-permissions.js
Requested by: Host: pranksite.net
URL: https://pranksite.net/pranked/6ac088178d8b55ae1cbf51ce09ec5fcc
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 4cb9ba6761454eb812b6ac09519f152111e1aa4362a9a058cfa65bf7f467585a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pranksite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Oct 2023 15:14:58 GMT
content-encoding: gzip
last-modified: Thu, 12 Oct 2023 11:51:57 GMT
server: nginx
etag: W/"6527dddd-68a0"
content-type: application/javascript
cache-control: no-cache
access-control-allow-credentials: true

GET
H2 200 gen.js Show response
ads.themoneytizer.com/s/ 4 KB
3 KB 35ms
34ms Script
text/html 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/gen.js?type=6
Requested by: Host: pranksite.net
URL: https://pranksite.net/pranked/6ac088178d8b55ae1cbf51ce09ec5fcc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 9d6941be30ffc5f9a8b0d95dd5dd823e408519818d8df064d24bada85593dba2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pranksite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-77-nzt: AcO1qhE3Nzf/kz8DAA
x-accel-expires: @1697774814
date: Sun, 15 Oct 2023 15:14:57 GMT
x-77-pop: frankfurtDE
x-77-age: 212883
content-encoding: gzip
server: CDN77-Turbo
x-77-nzt-ray: 4c156224a3f64f07f1012c65cf53be09
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
x-77-cache: HIT
cache-control: max-age=604800
x-age: 212883
x-accel-date: 1697170014

GET
H2 200 requestform.js Show response
ads.themoneytizer.com/s/ 182 KB
20 KB 39ms
38ms Script
text/html 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/requestform.js?siteId=83273&formatId=6
Requested by: Host: pranksite.net
URL: https://pranksite.net/pranked/6ac088178d8b55ae1cbf51ce09ec5fcc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 3ecba50d362ffa306af0c30665ab0d9a459e07a4a431ba21a4f6fff26a4f4a2e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pranksite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-77-nzt: AcO1qhE3Nzf/LwAAAA
x-accel-expires: @1697987650
date: Sun, 15 Oct 2023 15:14:57 GMT
x-77-pop: frankfurtDE
x-77-age: 47
content-encoding: gzip
server: CDN77-Turbo
x-77-nzt-ray: 4c156224a3f64f07f1012c65675cc609
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
x-77-cache: HIT
cache-control: max-age=604800
x-age: 47
x-accel-date: 1697382850

GET
H2 200 h.js Show response
cdn.unblockia.com/ 164 KB
35 KB 48ms
41ms Script
application/x-javascript 2600:9000:211e:7a00:12:abfb:9280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unblockia.com/h.js
Requested by: Host: pranksite.net
URL: https://pranksite.net/pranked/6ac088178d8b55ae1cbf51ce09ec5fcc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:7a00:12:abfb:9280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b7d2974070cf9f476d97e4401209a440e8fee787781d9084655cca366dad4d21

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pranksite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id: m8vKRZ4OANVjVfMIKL3cKYiXKt6EM9QQ
content-encoding: br
via: 1.1 dca6db3c8f31f3cd48bb06d78a8be624.cloudfront.net (CloudFront)
date: Sun, 15 Oct 2023 14:15:51 GMT
x-amz-cf-pop: FRA56-C2
age: 3547
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:987257285531:build/unblockia-loader-codebuild-project:4e52eb3f-761b-4c10-a85a-162fb4fa3980
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: fb4d4b7b1d35720e2d2481016ef4369b
last-modified: Tue, 20 Jun 2023 10:06:46 GMT
server: AmazonS3
etag: W/"bc5af0220c4116294c4e9c72ae4e244c"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
x-amz-meta-codebuild-content-sha256: 02f1ef29ead1d705cce351046cded37a79615ae12624547bfa0e8307765c8765
x-amz-cf-id: 82Z6HaEVr8KAcGNXkgpRlBu640-GKrtmCuiTxmJu3LzOEq1v-Km87g==

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
50 KB 120ms
114ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3088437782050756

Requested by

Host: pranksite.net
URL: https://pranksite.net/pranked/6ac088178d8b55ae1cbf51ce09ec5fcc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1471c37c8147b4d69c3385016e7856d658c73dd7c3fec5fd3b2b5e12df3cbf2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pranksite.net/
Origin: https://pranksite.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 15:14:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51483
x-xss-protection: 0
server: cafe
etag: 9503757372637515381
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 15 Oct 2023 15:14:57 GMT

GET
H2 200 hJoMjxj_d.webp
i.imgur.com/ 19 KB
20 KB 123ms
48ms Image
image/png 146.75.116.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/hJoMjxj_d.webp?maxwidth=760&fidelity=grand

Requested by

Host: pranksite.net
URL: https://pranksite.net/pranked/6ac088178d8b55ae1cbf51ce09ec5fcc

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.116.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

2c088e48d098de1b3cd96f25c6fb39a079e68da38686443b87cfc613229c7e02

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pranksite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 15:14:57 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD12-P4
age: 2150351
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT, HIT
content-length: 19618
x-served-by: cache-iad-kiad7000122-IAD, cache-fra-eddf8230023-FRA
x-amz-expiration: expiry-date="Fri, 22 Sep 2023 00:00:00 GMT", rule-id="Expire Thumbnails"
last-modified: Thu, 14 Sep 2023 03:09:21 GMT
server: cat factory 1.0
x-timer: S1697382897.251374,VS0,VE1
etag: "52293bc832b8375ac1699fc0f4b834fa"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: lso9n_8XFh_QAIkLdo7xhv1bNONkGLO2bT_-_GReyeBTUcJPtvPq5g==
x-cache-hits: 383, 1

GET
H2 200 FzynUpI.jpeg
i.imgur.com/ 62 KB
62 KB 165ms
90ms Image
image/jpeg 146.75.116.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/FzynUpI.jpeg

Requested by

Host: pranksite.net
URL: https://pranksite.net/pranked/6ac088178d8b55ae1cbf51ce09ec5fcc

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.116.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

42b6eaa6fd3275b7b59de1fcd1a01810b0756879af3926cc202c70f1e63eee12

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pranksite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 15:14:57 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD12-P2
age: 2151899
x-cache: Miss from cloudfront, HIT, HIT
content-length: 63162
x-served-by: cache-iad-kiad7000078-IAD, cache-fra-eddf8230023-FRA
last-modified: Sat, 28 Aug 2021 15:55:50 GMT
server: cat factory 1.0
x-timer: S1697382897.251369,VS0,VE2
etag: "a6e471e8880cde0876dbb7dd161b7cdc"
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 3_HHT2A9NS3f2ipxtz537gRsxjtknIH2Eo5yzCNwyXrjY_4SA1_8tw==
x-cache-hits: 191, 1

GET
H2 200 gen.js Show response
ads.themoneytizer.com/s/ 4 KB
3 KB 41ms
34ms Script
text/html 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/gen.js?type=16
Requested by: Host: pranksite.net
URL: https://pranksite.net/pranked/6ac088178d8b55ae1cbf51ce09ec5fcc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 9d6941be30ffc5f9a8b0d95dd5dd823e408519818d8df064d24bada85593dba2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pranksite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-77-nzt: AcO1qhE3Nzf/kT8DAA
x-accel-expires: @1697774816
date: Sun, 15 Oct 2023 15:14:57 GMT
x-77-pop: frankfurtDE
x-77-age: 212881
content-encoding: gzip
server: CDN77-Turbo
x-77-nzt-ray: 4c156224a3f64f07f1012c6546ddd410
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
x-77-cache: HIT
cache-control: max-age=604800
x-age: 212881
x-accel-date: 1697170016

GET
H2 200 requestform.js Show response
ads.themoneytizer.com/s/ 173 KB
19 KB 96ms
88ms Script
text/html 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/requestform.js?siteId=83273&formatId=16
Requested by: Host: pranksite.net
URL: https://pranksite.net/pranked/6ac088178d8b55ae1cbf51ce09ec5fcc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 526e7d2a6118974149ab2a071c77ac6601ddb2220db9e1a463f2fe6978621180

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pranksite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-77-nzt: AcO1qhE3Nzeh
x-77-pop: frankfurtDE
date: Sun, 15 Oct 2023 15:14:57 GMT
content-encoding: gzip
server: CDN77-Turbo
x-77-nzt-ray: 4c156224a3f64f07f1012c6563f3ff10
vary: Accept-Encoding
x-cache: MISS
content-type: text/html; charset=UTF-8
x-77-cache: MISS
cache-control: max-age=604800

GET
H2 200 bootstrap.bundle.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@5.1.0/dist/js/ 77 KB
23 KB 111ms
104ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.1.0/dist/js/bootstrap.bundle.min.js

Requested by

Host: pranksite.net
URL: https://pranksite.net/pranked/6ac088178d8b55ae1cbf51ce09ec5fcc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2aebc2552d7dadf4e3a0b80cc830c274e91146584dad8e29b04338b9ecedb363

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pranksite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 15:14:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 718830
x-jsd-version: 5.1.0
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230126-FRA, cache-yyz4583-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"13284-9SIQN5l0SWUU4krrB+y27yWQY/Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FGb3f%2BeYGCYKlq2mRBCBBIM6eY19PlV%2FCf94CC0D4qanAR0kSHfitwoxiH3aIYM5LPBPXcIb5PEaoZdiLTZLeO1Bm550U268breV%2BhAx47hI2CdEz5ZJ2TcBYWpUrVUno908b1ESP12KeL6veRw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 816903c46f766650-AMS

GET
H3 200 scripts.js Show response
pranksite.net/js/ 346 B
766 B 42ms
36ms Script
application/javascript 2606:4700:3031::ac43:bfd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pranksite.net/js/scripts.js
Requested by: Host: pranksite.net
URL: https://pranksite.net/pranked/6ac088178d8b55ae1cbf51ce09ec5fcc
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:bfd4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c3e4ae1771990834588d304b4f2ed3ec405d6491844e948bb87ddeb7ba80908

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pranksite.net/pranked/6ac088178d8b55ae1cbf51ce09ec5fcc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 15:14:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 28 Aug 2021 23:49:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 133371
etag: W/"612acba2-15a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=68iGB5QVi5fApJTV7se%2FjzVi689YdZSfPCEcjNKQ2afpSjIK5krLQfZasPZbJPhpxAFY657K9T8enlmTfo6BJh2veE04pD2LfiHpfU2YfbZHcGuxb2zUBuojIFN4MeBdPGKSKFxtzeK9kX36"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=315360000
cf-ray: 816903c40bd4669f-AMS
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET choice.js
quantcast.mgr.consensu.org/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/ 0
0

GET
H/1.1 200
OK / Show response
c.tmyzer.com/c/ 0
280 B 48ms
43ms XHR
text/html 54.38.64.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tmyzer.com/c/?s=83273&f=6&fi=99
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=83273&formatId=6
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pranksite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 15:14:57 GMT
server: nginx
x-iplb-request-id: 1FCC98C5:8536_36264064:01BB_652C01F1_56F2469:01FC
x-iplb-instance: 38431
transfer-encoding: chunked
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
geo: rbx

GET
H2 200 lib_fs_close.js Show response
ads.themoneytizer.com/ 667 B
810 B 42ms
36ms Script
application/javascript 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/lib_fs_close.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=83273&formatId=6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: e5014bac0fa3e49a6eab8b146d9d57d5ef82b624aa3593900ce1cac72cb97882

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pranksite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 15 Oct 2023 15:14:57 GMT
content-encoding: gzip
x-cache: HIT
x-77-cache: HIT
x-age: 40081
x-accel-date: 1697342816
x-77-nzt: AcO1qhE3Nzf/kZwAAA
pragma: public
x-accel-expires: @1697429216
x-77-age: 40081
last-modified: Thu, 19 Jan 2023 15:05:03 GMT
server: CDN77-Turbo
x-77-nzt-ray: 4c156224a3f64f07f1012c65e36e0211
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400, public, no-transform
expires: Sat, 14 Oct 2023 04:06:54 GMT

GET
H/1.1 200
OK smart.js Show response
ced.sascdn.com/tag/1097/ 110 KB
37 KB 519ms
514ms Script
application/javascript 2.16.238.147
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ced.sascdn.com/tag/1097/smart.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=83273&formatId=6
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.238.147 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-238-147.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f28fdae33f8ef4ea1c515edc121c58a5d8117f6b69b7069b2029578313fcfb8d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pranksite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sun, 15 Oct 2023 15:14:57 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=7200
Connection: keep-alive
Content-Length: 37248
Expires: Sun, 15 Oct 2023 17:14:57 GMT

GET
H2 200 sync Show response
gum.criteo.com/ 49 B
290 B 49ms
44ms Script
text/javascript 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=83273&formatId=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pranksite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 15:14:57 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 340084
expires: 60

GET
H2 200 mapper.js Show response
spl.zeotap.com/ 61 KB
20 KB 44ms
39ms Script
application/javascript 2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spl.zeotap.com/mapper.js?env=mWeb&eventType=pageview&zdid=1258

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=83273&formatId=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1df2e870b373f1bf5c660a65e0afc2c47226992fdec0b26db18aff14e9d3299b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pranksite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 15:14:57 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=2592000; includeSubDomains; preload
age: 1634
cf-polished: origSize=62059
cf-bgj: minify
server: cloudflare
vary: Origin, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://family-news.space
cache-control: public, max-age=21600
access-control-allow-credentials: true
cf-ray: 816903c40fa50bcc-AMS
access-control-allow-headers: *
expires: Sun, 15 Oct 2023 20:47:43 GMT

GET
H/1.1 200
OK libJsLP.js Show response
tag.leadplace.fr/ 5 KB
6 KB 43ms
39ms Script
application/javascript 145.239.193.51
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.leadplace.fr/libJsLP.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=83273&formatId=6
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 145.239.193.51 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 80fccb00db57a177d26368cda09f8a540cf1aa641b8b6837047e86d3bd8d6333

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pranksite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 15:14:57 GMT
last-modified: Thu, 07 Oct 2021 11:26:48 GMT
server: nginx/1.20.1
x-iplb-request-id: 1FCC98C5:DB22_91EFC133:01BB_652C01F1_52FB5B6:A158
etag: "615ed978-15ab"
x-iplb-instance: 29922
content-type: application/javascript
accept-ranges: bytes
content-length: 5547

GET
H2 204 /
onetag-sys.com/usync/ Frame D507 0
0 39ms
36ms Document
text/plain 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1697382897259

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=83273&formatId=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://pranksite.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 200 quant.js Show response
secure.quantserve.com/ 22 KB
9 KB 40ms
38ms Script
application/javascript 2620:116:800d:21:c5a4:625:6563:a5bb
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=83273&formatId=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7c1b0b0523c8cd715c6a906f13a121cd27392d8e61d58c38c7ceb32ec22e59f4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pranksite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 15:14:57 GMT
content-encoding: gzip
etag: "6ioqmyHWSWLYz5hkRjy8Uw=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Sun, 22 Oct 2023 15:14:57 GMT

GET
H2 200 px.js Show response
p.cpx.to/p/12773/ 6 KB
3 KB 47ms
45ms Script
application/javascript 99.80.145.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.cpx.to/p/12773/px.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=83273&formatId=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.145.6 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-145-6.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: ff2e9142e32199e94f813d5de7b8ec2872870bdb5679e832f863907ebc65db55

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pranksite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 15:14:57 GMT
content-encoding: gzip
cache-control: max-age=7200, public
content-type: application/javascript; charset=UTF-8

GET
H/1.1 200
OK notifyme.js Show response
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/ 25 KB
26 KB 56ms
54ms Script
text/javascript 108.156.61.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=83273&formatId=6
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.61.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-61-80.ams1.r.cloudfront.net
Software: Apache /
Resource Hash: b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pranksite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sun, 15 Oct 2023 07:14:13 GMT
Via: 1.1 d3a48a8630785a2a858cfdeb83e66c24.cloudfront.net (CloudFront)
Last-Modified: Mon, 18 Feb 2019 16:54:28 GMT
Server: Apache
X-Amz-Cf-Pop: AMS1-P2
Age: 28844
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 25704
X-Amz-Cf-Id: qaBhHsCW3E-vX5bKqJIXRqHSBPM44JjJZrOdPuUyg1q1FFIkTG62Ew==

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 202 KB
69 KB 86ms
85ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: pranksite.net
URL: https://pranksite.net/pranked/6ac088178d8b55ae1cbf51ce09ec5fcc

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e9597987b6f5f6a1e2c0a9bb76f9728ad3bda5548c3b1341dac1e7708c18ee7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pranksite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 15:14:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Fri, 06 Oct 2023 14:28:02 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "651fef42-11470"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 70768
expires: Sun, 15 Oct 2023 16:14:57 GMT

POST
H3 200 user.php Show response
pranksite.net/ 0
410 B 75ms
74ms XHR
text/html 2606:4700:3031::ac43:bfd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pranksite.net/user.php
Requested by: Host: pranksite.net
URL: https://pranksite.net/pranked/6ac088178d8b55ae1cbf51ce09ec5fcc
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:bfd4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pranksite.net/pranked/6ac088178d8b55ae1cbf51ce09ec5fcc
X-Requested-With: XMLHttpRequest
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sun, 15 Oct 2023 15:14:57 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5S57Z6RhRPitKibvGo1h43DiGnBRlZZcbE5pcW6O1n0sA9taQLHdCBCe50lNqRJesj1%2FIUeYRNbwz7WWNXMfxCfEPesgnIkTlZ05a1yD6K9QMqL5Lu0Rqri%2BuHGWajPL%2F91yFIODowhp15SH"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 816903c40bd7669f-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 / Show response
spl.zeotap.com/ 95 B
383 B 50ms
49ms XHR
image/png 2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spl.zeotap.com/?env=mWeb&eventType=pageview&zdid=1258

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/mapper.js?env=mWeb&eventType=pageview&zdid=1258

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pranksite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 15:14:57 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://pranksite.net
access-control-allow-credentials: true
cf-ray: 816903c4781f0bcc-AMS
access-control-allow-headers: *
content-length: 95

GET
H2 200 rules-p-6Fv0cGNfc_bw8.js Show response
rules.quantcount.com/ 1 KB
1 KB 35ms
35ms Script
application/javascript 2600:9000:223c:dc00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:dc00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1cc6de1a4f6a561a6aa75d08bae33388b2e8905d01753aa41e4886a466d7c28c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pranksite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 14:39:24 GMT
content-encoding: gzip
via: 1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 2134
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Thu, 13 Oct 2022 22:35:53 GMT
server: AmazonS3
etag: W/"1f431dc94c1f033d6666f0fe637e2d7b"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-id: P6v1ZqQgjsZ72sM3NaY5k0kBdCDtIZbyr4joNZ2r2Kbv381jc_mQKQ==

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.0.0/ 84 KB
30 KB 33ms
30ms Script
text/javascript 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js

Requested by

Host: d2zur9cc2gf1tx.cloudfront.net
URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pranksite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 10:44:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 275417
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30186
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Oct 2024 10:44:40 GMT

GET
H2

200

sync_cookie_image_finish
mc.yandex.ru/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10157.Z2qNEUTknAcSMnYQBOcTjHYDi1py0cb5dz-aFAE0ES7xgmEz2wZafl4N0Uv77jrP.hnQE05VnGu92IHbKILmVcZTjhUY%2C
https://mc.yandex.com/sync_cookie_image_decide?token=10157.3dapp2ukPwymVIxuHD8M9513MjVJVlSv9pbrGptHtxwqT1eWwx7y-2MHUUyEiR4BDrOPdHFfIpR23xHpYnMkIDtO6lz-r9RJUudT5YNCusA%2C.0bG7wXnw1KkGpglp8vrnCuovw5M%2C
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10157.wH9dZ6k0MN3PrEIvUqd6EKDgFVmOYG7i-jbfY5nxmfb2GuqgZM6wEX0ID_I7f9LqQUsevhaqFtJ59LxCLoAc6NCakovmn7L7QS4UQdUrQ9gDU...

43 B
391 B

89ms
89ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10157.wH9dZ6k0MN3PrEIvUqd6EKDgFVmOYG7i-jbfY5nxmfb2GuqgZM6wEX0ID_I7f9LqQUsevhaqFtJ59LxCLoAc6NCakovmn7L7QS4UQdUrQ9gDU3ZFrQcxLU5rn-1UsuGo-BJEMEFd4CXjTZh_wN6-Ts-gX5CKrIFQCMvknAZLpIKBzYZdZ8bgCaC-e8bMpXUTzfPWfxIcnryXhHFacYAwBQ%2C%2C.cb4vRq-_OdZLR5X3Ai6VXzEi5jM%2C

Requested by

Host: pranksite.net
URL: https://pranksite.net/pranked/6ac088178d8b55ae1cbf51ce09ec5fcc

Protocol

Server

2a02:6b8::1:119 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pranksite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 15:14:57 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10157.wH9dZ6k0MN3PrEIvUqd6EKDgFVmOYG7i-jbfY5nxmfb2GuqgZM6wEX0ID_I7f9LqQUsevhaqFtJ59LxCLoAc6NCakovmn7L7QS4UQdUrQ9gDU3ZFrQcxLU5rn-1UsuGo-BJEMEFd4CXjTZh_wN6-Ts-gX5CKrIFQCMvknAZLpIKBzYZdZ8bgCaC-e8bMpXUTzfPWfxIcnryXhHFacYAwBQ%2C%2C.cb4vRq-_OdZLR5X3Ai6VXzEi5jM%2C
date: Sun, 15 Oct 2023 15:14:57 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310100101/ 393 KB
133 KB 152ms
151ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3088437782050756&plah=pranksite.net

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3088437782050756

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2e965e84ca5d5761007cbeb0878042d1290022166bf3885db6a697afabbc21cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pranksite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 15:14:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 136617
x-xss-protection: 0
server: cafe
etag: 1190308747304168726
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 15 Oct 2023 15:14:57 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231011/r20190131/ Frame 9E33 10 KB
4 KB 33ms
33ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231011/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3088437782050756

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pranksite.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 8322
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 15 Oct 2023 12:56:15 GMT
etag: 2603938475786422795
expires: Sun, 29 Oct 2023 12:56:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK / Show response
c.tmyzer.com/c/ 0
280 B 50ms
49ms XHR
text/html 54.38.64.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tmyzer.com/c/?s=83273&f=16&fi=99
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=83273&formatId=16
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pranksite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 15:14:57 GMT
server: nginx
x-iplb-request-id: 1FCC98C5:8536_36264064:01BB_652C01F1_56F2477:01FC
x-iplb-instance: 38431
transfer-encoding: chunked
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
geo: rbx

GET
H2 200 612acc630ecb0e001333d7fa.js Show response
buttons-config.sharethis.com/js/ 921 B
1 KB 369ms
36ms Script
text/javascript 2600:9000:206f:4c00:c:abe:f440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://buttons-config.sharethis.com/js/612acc630ecb0e001333d7fa.js

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:4c00:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a5dc1ddac93f907a4ef0cc7022f1a419479323514bfa66c0222dd9ad889aeed8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pranksite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 15:14:57 GMT
via: 1.1 cf2939e85531f45f3306f792ea104eaa.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-C1
age: 33
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 921
last-modified: Sun, 29 Aug 2021 00:12:10 GMT
server: AmazonS3
etag: "db4ff9bb666e971d62d4cb75ef51bfa7"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=60
accept-ranges: bytes
x-amz-cf-id: FtrOU0F4HXBbOasa0x9Hf1NEYqSLUvm0DBS_lhWeAMwb6tSFkG3pKQ==

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
50 KB 92ms
92ms Fetch
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?test_adblock=true

Requested by

Host: cdn.unblockia.com
URL: https://cdn.unblockia.com/h.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

62935b263969c3c3af35686c47ef0b8e10f7103551697c9151a505d6135e66f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pranksite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 15:14:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51181
x-xss-protection: 0
server: cafe
etag: 10663848503551318158
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 15 Oct 2023 15:14:57 GMT

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
137 B 84ms
84ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: pranksite.net
URL: https://pranksite.net/pranked/6ac088178d8b55ae1cbf51ce09ec5fcc

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pranksite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 15:14:57 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 06 Oct 2023 14:26:04 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "651feecc-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sun, 15 Oct 2023 16:14:57 GMT

GET
H/1.1 200
OK notifyme.php Show response
adtrack.adleadevent.com/ 0
524 B 47ms
46ms XHR
application/x-javascript 54.229.17.200
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.229.17.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-17-200.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://pranksite.net/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 15 Oct 2023 15:14:57 GMT
Content-Encoding: gzip
Last-Modified: Sun, 15 Oct 2023 15:14:57 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: https://pranksite.net
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 403 id.json Show response
loader.unblockia.com/c/pranksite.net/ 243 B
530 B 146ms
146ms Fetch
application/xml 2600:9000:211e:7a00:12:abfb:9280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://loader.unblockia.com/c/pranksite.net/id.json
Requested by: Host: cdn.unblockia.com
URL: https://cdn.unblockia.com/h.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:7a00:12:abfb:9280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e1818417657c6aa3bc869b29e57ad49d401bb7f57759b50cc5a7ba73d8f5454f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pranksite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 15:14:57 GMT
via: 1.1 3d58896f901dbeed449603f5d2b4d9f0.cloudfront.net (CloudFront)
server: AmazonS3
x-amz-cf-pop: FRA56-C2
x-cache: Error from cloudfront
content-type: application/xml
access-control-allow-origin: *
access-control-expose-headers: *
x-amz-cf-id: fIn_vnFpa7agD2luDMrgioDVXvKinOnqOF7Ki3IYKKDOy47LkYbukA==

GET
H2 200 90922291 Show response
mc.yandex.com/watch/ 427 B
581 B 89ms
89ms XHR
application/json 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/90922291?wmode=7&page-url=https%3A%2F%2Fpranksite.net%2Fpranked%2F6ac088178d8b55ae1cbf51ce09ec5fcc&page-ref=https%3A%2F%2Fsupernewsportal.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Afp%3A615%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1135%3Acn%3A2%3Adp%3A0%3Als%3A1200218266979%3Ahid%3A314943038%3Az%3A120%3Ai%3A20231015171457%3Aet%3A1697382897%3Ac%3A1%3Arn%3A923828932%3Arqn%3A1%3Au%3A1697382897604327434%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C60%2C359%2C1%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1697382896676%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1697382898%3At%3APrank%20Site%20%7C%20Pranked&t=gdpr(14%2C14)clc(0-0-0)rqnt(1)aw(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

41663e3e9e3f37a5f88327b61d01d7504a8a768d01b0d7adaedee5f6ee8e31a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pranksite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Oct 2023 15:14:57 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Sun, 15-Oct-2023 15:14:57 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://pranksite.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 427
x-xss-protection: 1; mode=block
expires: Sun, 15-Oct-2023 15:14:57 GMT

GET
H2 200 84679249 Show response
mc.yandex.com/watch/ 427 B
837 B 87ms
87ms XHR
application/json 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/84679249?wmode=7&page-url=https%3A%2F%2Fpranksite.net%2Fpranked%2F6ac088178d8b55ae1cbf51ce09ec5fcc&page-ref=https%3A%2F%2Fsupernewsportal.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Afp%3A615%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1135%3Acn%3A1%3Adp%3A0%3Als%3A1555371574364%3Ahid%3A314943038%3Az%3A120%3Ai%3A20231015171457%3Aet%3A1697382897%3Ac%3A1%3Arn%3A59833955%3Arqn%3A1%3Au%3A1697382897604327434%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C60%2C359%2C1%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1697382896676%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1697382898%3At%3APrank%20Site%20%7C%20Pranked&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

9bd6fbb0458c0480da9f1d96b856cb9323f6ac7a2c2fb8403deebf2fe61d01c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pranksite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Oct 2023 15:14:57 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Sun, 15-Oct-2023 15:14:57 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://pranksite.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 427
x-xss-protection: 1; mode=block
expires: Sun, 15-Oct-2023 15:14:57 GMT

GET
H2 200 prebid.js Show response
ads.themoneytizer.com/moneybid8_17/build/dist/ 582 KB
189 KB 37ms
37ms Script
application/javascript 2a02:6ea0:c700::19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneybid8_17/build/dist/prebid.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=83273&formatId=6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: af86ad9a418e18f3cc4e4fe922cd9916b667d1b9c21f110c4c9c37c1b01d52d3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pranksite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 15 Oct 2023 15:14:57 GMT
content-encoding: gzip
x-cache: HIT
x-77-cache: HIT
x-age: 40079
x-accel-date: 1697342818
x-77-nzt: AcO1qhE3Nzf/j5wAAA
pragma: public
x-accel-expires: @1697429218
x-77-age: 40079
last-modified: Mon, 02 Oct 2023 20:52:02 GMT
server: CDN77-Turbo
x-77-nzt-ray: 4c156224a3f64f07f1012c65ac5eb12e
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400, public, no-transform
expires: Sat, 14 Oct 2023 04:06:55 GMT

OPTIONS
H/1.1 204
No Content genericpost
ww1097.smartadserver.com/ Frame 0
0 194ms
35ms Preflight 5.196.111.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ww1097.smartadserver.com/genericpost
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.196.111.65 Le Grau-du-Roi, France, ASN16276 (OVH, FR),
Reverse DNS: ip65.ip-5-196-111.eu
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,save-data
Access-Control-Request-Method: POST
Origin: https://pranksite.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,save-data
access-control-allow-methods: GET,HEAD,POST
access-control-allow-origin: https://pranksite.net
date: Sun, 15 Oct 2023 15:14:57 GMT
vary: Origin

POST
H/1.1 200
OK genericpost Show response
ww1097.smartadserver.com/ 4 KB
2 KB 123ms
55ms XHR
application/javascript 5.196.111.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ww1097.smartadserver.com/genericpost
Requested by: Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1097/smart.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.196.111.65 Le Grau-du-Roi, France, ASN16276 (OVH, FR),
Reverse DNS: ip65.ip-5-196-111.eu
Software: /
Resource Hash: cba66bfc7ae2566016ea47b0fa5ececca90fa3c459748e02ad72adebc188b79f

Request headers

Referer: https://pranksite.net/
accept-language: nl-NL,nl;q=0.9
Save-Data: off
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
content-type: application/javascript

Response headers

pragma: no-cache
date: Sun, 15 Oct 2023 15:14:57 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://pranksite.net
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
x-smrt-i: 8698524

GET
H2 200 get_counts Show response
count-server.sharethis.com/v2.0/ 145 B
511 B 307ms
207ms Script
text/javascript 13.32.121.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://count-server.sharethis.com/v2.0/get_counts?cb=window.__sharethis__.cb&url=https%3A%2F%2Fsupernewsportal.com%2Ffree-candy-147189

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-121-68.fra60.r.cloudfront.net

Software

Resource Hash

58c780c0efba264493fd9628cb8aacaea5b5462b322d5af9eb09ce659ef75caf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pranksite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 15:14:58 GMT
via: 1.1 3141f89cca62ae5784a211a8d1176d1c.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA60-P1
etag: c298b952a122243855d0414f70c4717e
x-cache: Miss from cloudfront
content-type: text/javascript
cache-control: no-cache, no-store, must-revalidate
content-length: 145
apigw-requestid: M2U92iTfoAMEa-w=
x-amz-cf-id: Dv_pGROgEVxSsq03nLfsKibTwNnsXlXQplVvcKqqwZLq7VviBPsDwQ==

GET
H2 200 whatsapp.svg
platform-cdn.sharethis.com/img/ 832 B
1 KB 99ms
28ms Image
image/svg+xml 2600:9000:2090:2a00:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/whatsapp.svg

Requested by

Host: pranksite.net
URL: https://pranksite.net/pranked/6ac088178d8b55ae1cbf51ce09ec5fcc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2090:2a00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

847eb36b4dc4b05f94052dcd98077319e74d882334a106bb9ca451ba211c9c2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pranksite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:58:57 GMT
via: 1.1 e3d9ae12f22103dbc65c451ae520a012.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P1
age: 2585761
etag: "afe7fc60ed757db39a88d2950fce69c9"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 832
x-amz-cf-id: 90soJ9K9NWYemzTujarzmgxS4Uaydl1JP441kqCMKACnEpEiyu04BQ==

GET
H2 200 messenger.svg
platform-cdn.sharethis.com/img/ 372 B
797 B 96ms
25ms Image
image/svg+xml 2600:9000:2090:2a00:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/messenger.svg

Requested by

Host: pranksite.net
URL: https://pranksite.net/pranked/6ac088178d8b55ae1cbf51ce09ec5fcc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2090:2a00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

2986551fd9e82929eabb8cba7c44f74a28d8496c744893432f067b320dff55da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pranksite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:58:57 GMT
via: 1.1 e3d9ae12f22103dbc65c451ae520a012.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P1
age: 2585761
etag: "a5aa43fa302867d3e888ac2f69b7b288"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 372
x-amz-cf-id: KMoix3LmU16gLuwuJQmcY0dDYjcJhzo7vOxiUWySt9yKQzV9Z5calw==

GET
H2 200 facebook.svg
platform-cdn.sharethis.com/img/ 301 B
724 B 97ms
26ms Image
image/svg+xml 2600:9000:2090:2a00:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/facebook.svg

Requested by

Host: pranksite.net
URL: https://pranksite.net/pranked/6ac088178d8b55ae1cbf51ce09ec5fcc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2090:2a00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pranksite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:58:57 GMT
via: 1.1 e3d9ae12f22103dbc65c451ae520a012.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P1
age: 2585761
etag: "c6e9be45643e197ce1db1d7e24a99adc"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 301
x-amz-cf-id: JzDeiEPxcGFHEe6FlEJvhqv3KORy9_twQWzyvo9fNt2mfIEpBgUYiA==

GET
H2 200 twitter.svg
platform-cdn.sharethis.com/img/ 368 B
777 B 97ms
27ms Image
image/svg+xml 2600:9000:2090:2a00:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/twitter.svg

Requested by

Host: pranksite.net
URL: https://pranksite.net/pranked/6ac088178d8b55ae1cbf51ce09ec5fcc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2090:2a00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

76ffdc5337cd5a509f15d70767b85a793aead82975d0d86912e1607e963c9aed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pranksite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 15:14:44 GMT
via: 1.1 e3d9ae12f22103dbc65c451ae520a012.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 15 Sep 2023 16:58:49 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P1
age: 14
x-amz-server-side-encryption: AES256
etag: "2deb3d5121d475d195577a70b0a91a0c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
accept-ranges: bytes
content-length: 368
x-amz-cf-id: J4hMZTeajRr713LSrNR15Ul5swfhlJq0xX6CpchIczhHR2jqlZfT2Q==

GET
H2 200 reddit.svg
platform-cdn.sharethis.com/img/ 910 B
1 KB 98ms
28ms Image
image/svg+xml 2600:9000:2090:2a00:1d:85c3:6640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://platform-cdn.sharethis.com/img/reddit.svg

Requested by

Host: pranksite.net
URL: https://pranksite.net/pranked/6ac088178d8b55ae1cbf51ce09ec5fcc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2090:2a00:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

dadbb59b37bfea4c78c6e15c8cbb96dfba84526e43a0767dc244fd062a841aba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pranksite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:58:57 GMT
via: 1.1 e3d9ae12f22103dbc65c451ae520a012.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P1
age: 2585760
etag: "78d796ca648d8a5e665b48ed0217c56a"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 910
x-amz-cf-id: 3_uRolP-RzHeJ6NMf5C30KOMb6ZVAKx9heO8cprKuyMXXDIKJXipoQ==

GET
H3 200 sw-check-permissions.js
pranksite.net/ 0
796 B 31ms
31ms Other
application/javascript 2606:4700:3031::ac43:bfd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pranksite.net/sw-check-permissions.js
Requested by: Host: petchoub.com
URL: https://petchoub.com/pfe/current/micro.tag.min.js?z=5943046&sw=/sw-check-permissions.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:bfd4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pranksite.net/pranked/6ac088178d8b55ae1cbf51ce09ec5fcc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 15:14:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 11 May 2023 17:27:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 637327
etag: W/"645d258e-236"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7ZxONPAlC1pQKwJbTjY%2Fuweo1jiHcNp3iqAdtihDdxnpTPoc5y5LNvSFRjkPVSV3S8W9wdDJU2l664NNeAI%2FSiGasjUfJURlUAm7sse5BZF4KBl1fdaRWZii3MvIq%2BFW7vu4G%2FCEBiV5UzMK"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=315360000
cf-ray: 816903c8c8fc669f-AMS
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 200 zone
petchoub.com/ 0
256 B 30ms
29ms Ping
text/plain 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://petchoub.com/zone?&pub=0&zone_id=5943046&is_mobile=false&domain=pranksite.net&var=&ymid=&var_3=&var_4=&dsig=&tg=1&action=prerequest

Requested by

Host: petchoub.com
URL: https://petchoub.com/pfe/current/micro.tag.min.js?z=5943046&sw=/sw-check-permissions.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pranksite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-trace-id: 2f1eabb10474d016b5d64560c2cfd021
date: Sun, 15 Oct 2023 15:14:58 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-origin: https://pranksite.net
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length: 0

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
541 B 28ms
28ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=5943046&checkDuplicate=true&ymid=&var=

Requested by

Host: petchoub.com
URL: https://petchoub.com/pfe/current/micro.tag.min.js?z=5943046&sw=/sw-check-permissions.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

c3eca1c9fa72c7abd8fcde523d04e443fa9f272ef6c350c07a4c12751e1d847b

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pranksite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 15:14:58 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://pranksite.net
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H2 200 zone Show response
petchoub.com/ 774 B
1 KB 26ms
26ms Fetch
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://petchoub.com/zone?&pub=0&zone_id=5943046&is_mobile=false&domain=pranksite.net&var=&ymid=&var_3=&var_4=&dsig=&tg=1&action=settings

Requested by

Host: petchoub.com
URL: https://petchoub.com/pfe/current/micro.tag.min.js?z=5943046&sw=/sw-check-permissions.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

f042517e7781259f4ddee33e49793c0d6bad91d9e266cce125e8506f1d05aac7

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pranksite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-trace-id: f3ee1235bd910e1eee8b046acca365dc
date: Sun, 15 Oct 2023 15:14:58 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: https://pranksite.net
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length: 774

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 5DF4
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=smartadserver&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu

281 B
554 B

149ms
63ms

Document
text/html

184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Requested by: Host: supernewsportal.com
URL: https://supernewsportal.com/free-candy-147189
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://pranksite.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 15 Oct 2023 15:14:58 GMT
ETag: "40011-119-6051b805b8000"
Last-Modified: Mon, 11 Sep 2023 20:52:16 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Sun, 15 Oct 2023 15:14:58 GMT
location: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
server: AkamaiGHost

GET
H2 200 tbframe.js Show response
cdn.taboola.com/shared/ 14 KB
4 KB 88ms
26ms Script
application/x-javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/shared/tbframe.js
Requested by: Host: supernewsportal.com
URL: https://supernewsportal.com/free-candy-147189
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d01d7e89b4d641722a6ee3361a74140f0271768fa9c0fb75168cc1f3dc90ad09

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pranksite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id: 0pDr76RrkFiLTlb_BYFV8nfS5Xv_eohq
content-encoding: gzip
via: 1.1 varnish
date: Sun, 15 Oct 2023 15:14:58 GMT
x-amz-request-id: 81Z3HWY6ENMGWSS7
age: 19196
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 3897
x-amz-id-2: f4/lIBlSpvHJi4MCLsmjTe1byyLmjQRtHbUdUPK+G7xAH8aK52uBXlXtv4VGBjVTyW//F5pUlOY=
x-served-by: cache-ams21071-AMS
last-modified: Thu, 14 Apr 2016 14:04:36 GMT
server: AmazonS3
x-timer: S1697382898.185768,VS0,VE0
etag: "0c6cdb6c2f89bf98124c3679a3412fb6"
vary: Accept-Encoding
content-type: application/x-javascript
abp: 57
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 438

GET
H/1.1 200
OK aip
euw2.smartadserver.com/h/ 43 B
270 B 108ms
37ms Image
image/gif 5.135.209.96
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://euw2.smartadserver.com/h/aip?uii=8513392633052454056&tmstp=8541585978&ckid=7595468342851728042&systgt=%24qc%3d1314914935%3b%24ql%3dUnknown%3b%24qt%3d212_0_0t%3b%24dma%3d0%3b%24b%3d16999%3b%24o%3d11100%3b%24sw%3d1600%3b%24sh%3d1200&acd=1697382898069&envtype=0&hol_cpm=0&opid=3dd7de42-4190-4969-8710-d6dfe40c63fc&opdt=1697382898069&siteid=461586&tgt=%24dt%3d1t&gdpr=1&bldv=13808&visit=V&statid=19&imptype=0&intgtype=0&pgDomain=https%3a%2f%2fpranksite.net%2fpranked%2f6ac088178d8b55ae1cbf51ce09ec5fcc&cappid=7595468342851728042&capp=0&mcrdbt=1&insid=8698524&imgid=0&pgid=1451119&fmtid=26326&isLazy=0
Requested by: Host: pranksite.net
URL: https://pranksite.net/pranked/6ac088178d8b55ae1cbf51ce09ec5fcc
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.135.209.96 Oignies, France, ASN16276 (OVH, FR),
Reverse DNS: ip96.ip-5-135-209.eu
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pranksite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 15 Oct 2023 15:14:57 GMT
cache-control: no-cache,no-store
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/themonetizer-network/ Frame EB98 1 MB
311 KB 27ms
27ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/themonetizer-network/loader.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/shared/tbframe.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c98b840c47e61265c5c13ff27ae4aa5f561c9d34d4251e8b014c6628028fec2f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pranksite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id: v639oo.s1wLi2y7looWZT.sbvNubYLfJ
content-encoding: gzip
via: 1.1 varnish
date: Sun, 15 Oct 2023 15:14:58 GMT
x-amz-request-id: ZJKR2BWD2M4GZ6BM
age: 3358
x-amz-server-side-encryption: AES256
x-cache: HIT
x-from-cache: 1
x-envoy-upstream-service-time: 12
x-amz-replication-status: FAILED
content-length: 317851
x-amz-id-2: NfrBSE2YCfoV0HoeZxwqbDzox1kZ+tCWf0woZDITenlaF62HyrFJA9IBDp7s5wfBLDlYk/zv5Ss=
x-served-by: cache-ams21071-AMS
last-modified: Sun, 15 Oct 2023 10:24:17 UTC
server: nginx
x-timer: S1697382898.240786,VS0,VE2
etag: "7ac8d131d0f3ca26e70ddcc4a48e3f8a45b63e16"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
abp: 11
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 tr5
cdn.taboola.com/libtrc/ Frame EB98 3 B
79 B 26ms
25ms Image
text/html 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/tr5?abgroup=test_var
Requested by: Host: pranksite.net
URL: https://pranksite.net/pranked/6ac088178d8b55ae1cbf51ce09ec5fcc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pranksite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-served-by: cache-ams21071-AMS
date: Sun, 15 Oct 2023 15:14:58 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1697382898.382095,VS0,VE0
x-cache: HIT
content-type: text/html
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
content-length: 3
retry-after: 0
x-cache-hits: 0

GET
H2 200 impl.20231003-6_b3-DEV-140946-test-eliminate-light-unit-call-when-video-returns-a-filler-aaac3f2f64d.js Show response
cdn.taboola.com/libtrc/ Frame EB98 812 KB
168 KB 28ms
27ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20231003-6_b3-DEV-140946-test-eliminate-light-unit-call-when-video-returns-a-filler-aaac3f2f64d.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/themonetizer-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 95070a185c01c9d1705ebee1bbaff81886b8ea2608bde7c0ce4558db98408d7c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pranksite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id: VUoMjsIFlGtYaiLodYw.f9LY6igerttu
content-encoding: br
via: 1.1 varnish
date: Sun, 15 Oct 2023 15:14:58 GMT
x-amz-request-id: F8B5KK9617X6JD7K
age: 22294
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 172017
x-amz-id-2: HeuH1LuvkEClp1m/3wbln+gFNh0wSsSnj5Nb6Gqo/QydOXiAqmQCsSKHTlSM6gUNawgwfc0XyYk=
x-served-by: cache-ams21071-AMS
last-modified: Thu, 05 Oct 2023 08:54:48 GMT
server: AmazonS3-br
x-timer: S1697382898.394778,VS0,VE0
etag: "9905ea804365a12657d89f9bcf1bf622"
vary: Accept-Encoding
content-type: application/javascript
abp: 52
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 66

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 5DF4 38 KB
11 KB 35ms
34ms Script
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 99bdf960b09adfe5ec9832b63b87d5bfdb7a739d9b497107be991276c1615a6d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date: Sun, 15 Oct 2023 15:14:58 GMT
Content-Encoding: gzip
Last-Modified: Sat, 14 Oct 2023 22:33:54 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=26295
Connection: keep-alive
Content-Length: 10838
Expires: Sun, 15 Oct 2023 22:33:13 GMT

GET
H2 200 sync Show response
gum.criteo.com/ Frame EB98 46 B
287 B 37ms
36ms Script
text/javascript 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231003-6_b3-DEV-140946-test-eliminate-light-unit-call-when-video-returns-a-filler-aaac3f2f64d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pranksite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 15:14:58 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 309987
expires: 60

GET
H2 200 json Show response
trc.taboola.com/themonetizer-pranksitenet/trc/3/ Frame EB98 31 B
367 B 49ms
33ms XHR
text/plain 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/themonetizer-pranksitenet/trc/3/json?tim=17%3A14%3A58.448&lti=test_var&data=%7B%22id%22%3A35%2C%22ii%22%3A%22%2Fpranked%2F6ac088178d8b55ae1cbf51ce09ec5fcc%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1697365339107%2C%22vi%22%3A1697382898446%2C%22cv%22%3A%2220231003-6_b3-DEV-140946-test-eliminate-light-unit-call-when-video-returns-a-filler-aaac3f2f64d%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fpranksite.net%2Fpranked%2F6ac088178d8b55ae1cbf51ce09ec5fcc%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22pev%22%3A13498%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22bu%22%3A%22https%3A%2F%2Fpranksite.net%2Fpranked%2F6ac088178d8b55ae1cbf51ce09ec5fcc%22%2C%22vpi%22%3A%22%2Fpranked%2F6ac088178d8b55ae1cbf51ce09ec5fcc%22%2C%22e%22%3A%22https%3A%2F%2Fsupernewsportal.com%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A150%2C%22dw%22%3A1600%2C%22dh%22%3A150%2C%22nsid%22%3A%22themonetizer-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A8%2C%22uim%22%3A%22thumbnails-tm%3Apub%3Dthemonetizer-network%3Aabp%3D0%22%2C%22uip%22%3A%22461586%20Below%20Article%20Monetizer%22%2C%22orig_uip%22%3A%22461586%20Below%20Article%20Monetizer%22%2C%22cd%22%3A8%2C%22mw%22%3A1584%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fpranked%2F6ac088178d8b55ae1cbf51ce09ec5fcc%2C461586%20Below%20Article%20Monetizer%3Dthumbnails-tm%3Apub%3Dthemonetizer-network%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22test_var%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231003-6_b3-DEV-140946-test-eliminate-light-unit-call-when-video-returns-a-filler-aaac3f2f64d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ef3b2092c6bd1a3a6855b7a3a0d67951f0b7cd1678bbcfe563226bfe8a2b9126

Request headers

Referer: https://pranksite.net/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 4
date: Sun, 15 Oct 2023 15:14:58 GMT
content-encoding: gzip
via: 1.1 varnish
x-fastly-to-nlb-rtt: 893
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-ams21071-AMS
x-log-content-encoding: gzip
server: nginx
x-timer: S1697382898.484513,VS0,VE4
vary: Accept-Encoding
content-type: text/plain;charset=utf-8
access-control-allow-origin: https://pranksite.net
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 204 debug
trc-events.taboola.com/themonetizer-pranksitenet/log/2/ Frame EB98 0
89 B 114ms
25ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/themonetizer-pranksitenet/log/2/debug?tim=17%3A14%3A58.499&type=error&msg=Server%20did%20not%20respond%20to%20loadRBox&llvl=2&id=2280&cv=20231003-6_b3-DEV-140946-test-eliminate-light-unit-call-when-video-returns-a-filler-aaac3f2f64d&lt=test_var&uuid=8f9464d51b20e9963d19ebc2b29aa268648a5f7a53a014c595cdb9f5adeb310f&dcc=1&pct=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pranksite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 15:14:58 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 24771

GET
H2 204 debug
trc-events.taboola.com/themonetizer-pranksitenet/log/2/ Frame EB98 0
89 B 115ms
26ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/themonetizer-pranksitenet/log/2/debug?tim=17%3A14%3A58.500&type=error&msg=loadRBox%20failed%2C%20aborting.&llvl=2&id=7515&cv=20231003-6_b3-DEV-140946-test-eliminate-light-unit-call-when-video-returns-a-filler-aaac3f2f64d&lt=test_var&uuid=8f9464d51b20e9963d19ebc2b29aa268648a5f7a53a014c595cdb9f5adeb310f&dcc=2&pct=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pranksite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 15:14:58 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 24771

GET
H2 204 debug
trc-events.taboola.com/themonetizer-pranksitenet/log/2/ Frame EB98 0
90 B 113ms
25ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/themonetizer-pranksitenet/log/2/debug?tim=17%3A14%3A58.500&type=warn&msg=Invalid%20ajax%20response%20from%20server&llvl=2&id=1421&cv=20231003-6_b3-DEV-140946-test-eliminate-light-unit-call-when-video-returns-a-filler-aaac3f2f64d&lt=test_var&uuid=8f9464d51b20e9963d19ebc2b29aa268648a5f7a53a014c595cdb9f5adeb310f&dcc=3&pct=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://pranksite.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 15:14:58 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 24771

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame 5DF4 7 B
380 B 163ms
35ms XHR
application/json 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: ba134c4441b6cdf8ef9f5e0539a8ef3e
Expires: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js

Domain: mc.yandex.com
URL: https://mc.yandex.com/sync_cookie_image_check_secondary

Domain: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js

Verdicts & Comments Add Verdict or Comment

186 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

29 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
pranksite.net/pranked	1970-01-20 15:31:09	Name: view Value: 1
supernewsportal.com/	1970-01-20 15:31:09	Name: view Value: 1
supernewsportal.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: ugdjotn6rceha699dhsduahfsk
supernewsportal.com/	1970-01-20 15:31:09	Name: prefix_views_counter Value: 1
my.rtmark.net/	1970-01-21 00:15:18	Name: ID Value: d24aaac90cd6429abddae405d416972f
.zeotap.com/	1970-01-21 00:15:18	Name: zc Value: fce1c2f0-12c0-445b-6793-ef3a7b28ef93
.doubleclick.net/	1970-01-21 00:51:18	Name: IDE Value: AHWqTUmizF5mrqp4Ji5LiXJ8qCo15Mye03gv0K72qiu3R2yPT7kRA5_7Rdk0HNr0p0E
.supernewsportal.com/	1970-01-21 00:15:18	Name: _ym_uid Value: 1697382897843976688
.supernewsportal.com/	1970-01-21 00:15:18	Name: _ym_d Value: 1697382897
adtrack.adleadevent.com/	1969-12-31 23:59:59	Name: AWSELBCORS Value: 9FC54D150466C174912E5199B1F8E822A79961F459747D218DA8067809F8238A086EE8BF67D63A2A90D1DB19587375008B81DF393E46C0AEB40A8EC769662133B964A72527
.supernewsportal.com/	1970-01-20 15:30:54	Name: _ym_isad Value: 2
.yandex.com/	1970-01-21 00:15:18	Name: ymex Value: 1728918896.yrts.1697382896#1728918896.yrtsi.1697382896
.yandex.com/	1970-01-21 00:15:18	Name: bh Value: KgI/MA==
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 762165401697382896
.yandex.com/	1970-01-21 01:05:42	Name: i Value: i8aFHc++kq7Qcgbhtg7FEP5Ox82V0rG2+1lC/AoWDN6q0ASS8tb+SWQcYK9PpC/JbzfqHidm51EflpIi9ArmnRMqk2U=
.yandex.com/	1970-01-21 01:05:42	Name: yandexuid Value: 5142070591697382896
.yandex.com/	1970-01-21 00:15:18	Name: yuidss Value: 5142070591697382896
pranksite.net/	1969-12-31 23:59:59	Name: PHPSESSID Value: m96n4fv9486p8mnjl37m1p73ft
pranksite.net/	1970-01-20 15:31:09	Name: prefix_views_counter Value: 1
.pranksite.net/	1970-01-21 00:15:18	Name: _ym_uid Value: 1697382897604327434
.pranksite.net/	1970-01-21 00:15:18	Name: _ym_d Value: 1697382897
.zeotap.com/	1970-01-20 15:31:09	Name: zsc Value: %DD%CE%CE%E4%832p%B5f%0D%5D0%5B%D3%00%A4%14m%F4%23f%0Dp%0D%E4%87%97%09%DC%11%14%EB%EF%A5%BA%B8%A1%C5%A9%F0%C5%B9%C9%EF%87MoASg%8E%22%99%C4%EF%C5%F2%82%C5_%94p%29h%CBe%87%C4%87%984%60%A7%D0.%06%CFH%EF.%A9%C5f
.mc.yandex.com/	1970-01-20 15:29:43	Name: sync_cookie_csrf Value: 2554908030fake
.pranksite.net/	1970-01-20 15:30:54	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-20 15:29:43	Name: sync_cookie_csrf Value: 3588925920fake
.mc.yandex.com/	1970-01-20 15:31:09	Name: sync_cookie_ok Value: synced
.yandex.ru/	1970-01-21 01:05:42	Name: yandexuid Value: 5142070591697382896
.yandex.ru/	1970-01-21 01:05:42	Name: yuidss Value: 5142070591697382896
.yandex.ru/	1970-01-21 01:05:42	Name: i Value: i8aFHc++kq7Qcgbhtg7FEP5Ox82V0rG2+1lC/AoWDN6q0ASS8tb+SWQcYK9PpC/JbzfqHidm51EflpIi9ArmnRMqk2U=

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://quantcast.mgr.consensu.org/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://supernewsportal.com/sw-check-permissions.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://loader.unblockia.com/c/supernewsportal.com/id.json Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://quantcast.mgr.consensu.org/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://loader.unblockia.com/c/pranksite.net/id.json Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.themoneytizer.com
adtrack.adleadevent.com
ajax.googleapis.com
buttons-config.sharethis.com
c.tmyzer.com
cdn.jsdelivr.net
cdn.taboola.com
cdn.unblockia.com
ced.sascdn.com
cm.g.doubleclick.net
count-server.sharethis.com
d2zur9cc2gf1tx.cloudfront.net
eus.rubiconproject.com
euw2.smartadserver.com
googleads.g.doubleclick.net
gum.criteo.com
i.imgur.com
loader.unblockia.com
mc.yandex.com
mc.yandex.ru
mwzeom.zeotap.com
my.rtmark.net
onetag-sys.com
p.cpx.to
pagead2.googlesyndication.com
petchoub.com
platform-api.sharethis.com
platform-cdn.sharethis.com
pranksite.net
quantcast.mgr.consensu.org
rules.quantcount.com
secure-assets.rubiconproject.com
secure.quantserve.com
spl.zeotap.com
supernewsportal.com
tag.leadplace.fr
token.rubiconproject.com
trc-events.taboola.com
trc.taboola.com
ww1097.smartadserver.com
mc.yandex.com
quantcast.mgr.consensu.org
108.156.61.80
13.32.121.68
13.32.99.22
139.45.195.8
139.45.197.251
141.226.228.48
142.250.185.130
145.239.193.51
146.75.116.193
151.101.129.44
184.30.22.30
2.16.238.147
23.37.42.132
2600:9000:206f:4c00:c:abe:f440:93a1
2600:9000:2090:2a00:1d:85c3:6640:93a1
2600:9000:211e:7a00:12:abfb:9280:93a1
2600:9000:223c:dc00:6:44e3:f8c0:93a1
2606:4700:10::6816:1957
2606:4700:3031::ac43:bfd4
2606:4700::6810:5814
2620:116:800d:21:c5a4:625:6563:a5bb
2a00:1450:4001:801::200a
2a00:1450:4001:810::2002
2a00:1450:4001:812::2002
2a02:2638:d::d
2a02:6b8::1:119
2a02:6ea0:c700::19
2a06:98c1:3120::3
5.135.209.96
5.196.111.65
51.89.9.254
54.229.17.200
54.38.64.100
69.173.144.139
99.80.145.6
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
0eb9f54b6c7674acd7a9c1595f5f5a11c9cdf935d05a5f4a116291a6f36b48c6
13b6404438300bfebf4f48de95a44c5639f616748aec17e7fdc4cb67e28aaee7
1471c37c8147b4d69c3385016e7856d658c73dd7c3fec5fd3b2b5e12df3cbf2c
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
1cc6de1a4f6a561a6aa75d08bae33388b2e8905d01753aa41e4886a466d7c28c
1df2e870b373f1bf5c660a65e0afc2c47226992fdec0b26db18aff14e9d3299b
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
2986551fd9e82929eabb8cba7c44f74a28d8496c744893432f067b320dff55da
2aebc2552d7dadf4e3a0b80cc830c274e91146584dad8e29b04338b9ecedb363
2c088e48d098de1b3cd96f25c6fb39a079e68da38686443b87cfc613229c7e02
2e965e84ca5d5761007cbeb0878042d1290022166bf3885db6a697afabbc21cd
3c325075337b768950583012228055ae392e384688d77ec5235e6ca88dcec6ef
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ecba50d362ffa306af0c30665ab0d9a459e07a4a431ba21a4f6fff26a4f4a2e
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41663e3e9e3f37a5f88327b61d01d7504a8a768d01b0d7adaedee5f6ee8e31a6
42b6eaa6fd3275b7b59de1fcd1a01810b0756879af3926cc202c70f1e63eee12
4cb9ba6761454eb812b6ac09519f152111e1aa4362a9a058cfa65bf7f467585a
526e7d2a6118974149ab2a071c77ac6601ddb2220db9e1a463f2fe6978621180
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
58c780c0efba264493fd9628cb8aacaea5b5462b322d5af9eb09ce659ef75caf
62935b263969c3c3af35686c47ef0b8e10f7103551697c9151a505d6135e66f1
73118f58510f80a1610100bd3dd56ef7328382a477a0430004be5b76e9a724dd
768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307
76ffdc5337cd5a509f15d70767b85a793aead82975d0d86912e1607e963c9aed
7c1b0b0523c8cd715c6a906f13a121cd27392d8e61d58c38c7ceb32ec22e59f4
7e5b1b6028e74f619c888841e704a09804da14d7f73e80d61ca903c2212eecb9
80fccb00db57a177d26368cda09f8a540cf1aa641b8b6837047e86d3bd8d6333
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
847eb36b4dc4b05f94052dcd98077319e74d882334a106bb9ca451ba211c9c2c
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8c3e4ae1771990834588d304b4f2ed3ec405d6491844e948bb87ddeb7ba80908
95070a185c01c9d1705ebee1bbaff81886b8ea2608bde7c0ce4558db98408d7c
98f8119f46f5c38b043e57f98f18d8bf98a7a34bad646d17a23844ffc0f125ef
99bdf960b09adfe5ec9832b63b87d5bfdb7a739d9b497107be991276c1615a6d
9bd6fbb0458c0480da9f1d96b856cb9323f6ac7a2c2fb8403deebf2fe61d01c7
9d6941be30ffc5f9a8b0d95dd5dd823e408519818d8df064d24bada85593dba2
a5dc1ddac93f907a4ef0cc7022f1a419479323514bfa66c0222dd9ad889aeed8
af86ad9a418e18f3cc4e4fe922cd9916b667d1b9c21f110c4c9c37c1b01d52d3
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213
b7d2974070cf9f476d97e4401209a440e8fee787781d9084655cca366dad4d21
c3eca1c9fa72c7abd8fcde523d04e443fa9f272ef6c350c07a4c12751e1d847b
c98b840c47e61265c5c13ff27ae4aa5f561c9d34d4251e8b014c6628028fec2f
cba66bfc7ae2566016ea47b0fa5ececca90fa3c459748e02ad72adebc188b79f
cbfc11aa13ad13650323d9705a7f8769e3d0f2a80b6599cc30503cfc37a26c94
d01d7e89b4d641722a6ee3361a74140f0271768fa9c0fb75168cc1f3dc90ad09
dadbb59b37bfea4c78c6e15c8cbb96dfba84526e43a0767dc244fd062a841aba
e1818417657c6aa3bc869b29e57ad49d401bb7f57759b50cc5a7ba73d8f5454f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5014bac0fa3e49a6eab8b146d9d57d5ef82b624aa3593900ce1cac72cb97882
e9597987b6f5f6a1e2c0a9bb76f9728ad3bda5548c3b1341dac1e7708c18ee7e
ef01d0ddc569c9eb1c586facf911a60eda357cb97eb4d8578b5e90965e13bd51
ef3b2092c6bd1a3a6855b7a3a0d67951f0b7cd1678bbcfe563226bfe8a2b9126
f042517e7781259f4ddee33e49793c0d6bad91d9e266cce125e8506f1d05aac7
f28fdae33f8ef4ea1c515edc121c58a5d8117f6b69b7069b2029578313fcfb8d
ff2e9142e32199e94f813d5de7b8ec2872870bdb5679e832f863907ebc65db55

pranksite.net Open in urlscan Pro 2606:4700:3031::ac43:bfd4 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

107 Requests

93 %HTTPS

43 %IPv6

29 Domains

40 Subdomains

34 IPs

7 Countries

2131 kBTransfer

7300 kBSize

29 Cookies

0 Outgoing links

Page URL History

Redirected requests

107 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

pranksite.net Open in urlscan Pro
2606:4700:3031::ac43:bfd4 Public Scan

Screenshot
Live screenshot

Full Image

107
Requests

93 %
HTTPS

43 %
IPv6

29
Domains

40
Subdomains

34
IPs

7
Countries

2131 kB
Transfer

7300 kB
Size

29
Cookies

107 HTTP transactions
0 data transactions