sex-dates4.com Open in urlscan Pro
79.110.24.78 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://urlz.fr/bbOt
Effective URL:
https://sex-dates4.com/?u=yhwkte4&o=23bpkzz&t=7sex&cid=2ml1b9snl2co0ct102ns00000
Submission: On November 28 via api (November 28th 2019, 1:02:15 pm UTC) from BE

Summary HTTP 71 Redirects Behaviour Indicators

Summary

This website contacted 34 IPs in 7 countries across 35 domains to perform 71 HTTP transactions. The main IP is 79.110.24.78, located in Haarlem, Netherlands and belongs to FASTCONTENT, DE. The main domain is sex-dates4.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on November 19th 2019. Valid for: 3 months.

This is the only time sex-dates4.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Porn Scam (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 2	2606:4700:303... 2606:4700:3038::681f:ab2	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2606:4700::68... 2606:4700::6811:4104	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
3 3	184.168.131.241 184.168.131.241	26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com)
3	5.23.55.196 5.23.55.196	9123 (TIMEWEB-AS) (TIMEWEB-AS)
7	151.139.241.23 151.139.241.23	33438 (HIGHWINDS2) (HIGHWINDS2 - Highwinds Network Group)
1	145.239.193.145 145.239.193.145	16276 (OVH) (OVH)
2	51.89.9.251 51.89.9.251	16276 (OVH) (OVH)
1	74.214.194.132 74.214.194.132	59940 (PULSEPOIN...) (PULSEPOINT-EU)
1	13.225.78.4 13.225.78.4	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 2	185.86.137.43 185.86.137.43	201081 (SMARTADSE...) (SMARTADSERVER)
1	2a01:4a0:1338... 2a01:4a0:1338:28::c38a:ff11	201011 (NETZBETRI...) (NETZBETRIEB-GMBH)
1 2	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	145.239.192.166 145.239.192.166	16276 (OVH) (OVH)
1	91.228.74.184 91.228.74.184	27281 (QUANTCAST) (QUANTCAST - Quantcast Corporation)
1	143.204.98.185 143.204.98.185	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
3	5.179.192.20 5.179.192.20	34235 (ASPSERVEU...) (ASPSERVEUR-AS)
1	94.23.196.203 94.23.196.203	16276 (OVH) (OVH)
1 1	2600:9000:20e... 2600:9000:20eb:8000:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2600:9000:215... 2600:9000:2156:de00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
5	52.214.1.180 52.214.1.180	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	91.228.74.165 91.228.74.165	27281 (QUANTCAST) (QUANTCAST - Quantcast Corporation)
1	2a00:1450:400... 2a00:1450:4001:81a::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2606:4700:30:... 2606:4700:30::681c:112a	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	185.33.223.216 185.33.223.216	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
1	2.21.38.3 2.21.38.3	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 3	35.157.238.72 35.157.238.72	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	69.173.144.140 69.173.144.140	26667 (RUBICONPR...) (RUBICONPROJECT - The Rubicon Project)
1 3	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	54.247.175.102 54.247.175.102	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2600:9000:215... 2600:9000:2156:fe00:c:a9b7:ddc0:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 1	104.16.91.60 104.16.91.60	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2 2	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC - PubMatic)
2 2	185.33.223.221 185.33.223.221	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
1 1	172.217.23.162 172.217.23.162	15169 (GOOGLE) (GOOGLE - Google LLC)
1	54.38.64.100 54.38.64.100	16276 (OVH) (OVH)
1 16	79.110.24.78 79.110.24.78	209813 (FASTCONTENT) (FASTCONTENT)
1	2a00:1450:400... 2a00:1450:4001:825::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1	185.50.248.46 185.50.248.46	209813 (FASTCONTENT) (FASTCONTENT)
71	34

2 2606:4700:3038::681f:ab2 (United States) 1 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

urlz.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:4104 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 184.168.131.241 (Scottsdale, United States) 3 redirects

ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US)
PTR: ip-184-168-131-241.ip.secureserver.net

7sex.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 5.23.55.196 (Russian Federation)

ASN9123 (TIMEWEB-AS, RU)
PTR: vds-ca59628.timeweb.ru

pavlovanon.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 151.139.241.23 (Dallas, United States)

ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US)

ads.themoneytizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 145.239.193.145 (France)

ASN16276 (OVH, FR)

g.themoneytizer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.89.9.251 (Germany)

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.214.194.132 (Amsterdam, Netherlands)

ASN59940 (PULSEPOINT-EU, NL)

tag.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.4 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-225-78-4.fra2.r.cloudfront.net

p.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.137.43 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

ww1097.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a01:4a0:1338:28::c38a:ff11 (Germany)

ASN201011 (NETZBETRIEB-GMBH, DE)

ced-ns.sascdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 145.239.192.166 (France)

ASN16276 (OVH, FR)

tag.leadplace.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.228.74.184 (United Kingdom)

ASN27281 (QUANTCAST - Quantcast Corporation, US)

edge.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.185 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-98-185.fra50.r.cloudfront.net

d2zur9cc2gf1tx.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 5.179.192.20 (Paris, France)

ASN34235 (ASPSERVEUR-AS, FR)
PTR: 5-179-192-20.dynamixhost.net

player.pepsia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.23.196.203 (France)

ASN16276 (OVH, FR)
PTR: serveur8.wilsoftech.com

www.noowho.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:8000:6:44e3:f8c0:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:de00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.214.1.180 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-214-1-180.eu-west-1.compute.amazonaws.com

s.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.228.74.165 (United Kingdom)

ASN27281 (QUANTCAST - Quantcast Corporation, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:30::681c:112a (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.223.216 (Netherlands)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 312.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.21.38.3 (France)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-21-38-3.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.157.238.72 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-157-238-72.eu-central-1.compute.amazonaws.com

ice.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.0.165 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.247.175.102 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-247-175-102.eu-west-1.compute.amazonaws.com

adtrack.adleadevent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:fe00:c:a9b7:ddc0:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

c.sharethis.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.91.60 (United States) 1 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

dmp.truoptik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.80 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC - PubMatic, Inc., US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.223.221 (Netherlands) 2 redirects

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 316.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.162 (United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s22-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.38.64.100 (France)

ASN16276 (OVH, FR)

c.tmyzer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 79.110.24.78 (Haarlem, Netherlands) 1 redirects

ASN209813 (FASTCONTENT, DE)

sex-dates4.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.50.248.46 (Haarlem, Netherlands)

ASN209813 (FASTCONTENT, DE)

tdsjsext3.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	sex-dates4.com 1 redirects sex-dates4.com	642 KB
7	themoneytizer.com ads.themoneytizer.com	185 KB
6	cpx.to p.cpx.to s.cpx.to	7 KB
5	criteo.com 2 redirects gum.criteo.com bidder.criteo.com	939 B
4	adnxs.com 2 redirects ib.adnxs.com secure.adnxs.com	3 KB
3	gstatic.com fonts.gstatic.com	35 KB
3	360yield.com 1 redirects ice.360yield.com	3 KB
3	pepsia.com player.pepsia.com	40 KB
3	pavlovanon.ru pavlovanon.ru	2 KB
3	7sex.nl 3 redirects 7sex.nl	657 B
2	pubmatic.com 2 redirects image2.pubmatic.com	1 KB
2	4dex.io script.4dex.io	18 KB
2	googleapis.com ajax.googleapis.com fonts.googleapis.com	31 KB
2	quantcount.com 1 redirects rules.quantcount.com	1 KB
2	quantserve.com edge.quantserve.com pixel.quantserve.com	6 KB
2	leadplace.fr tag.leadplace.fr	3 KB
2	smartadserver.com 1 redirects ww1097.smartadserver.com	2 KB
2	onetag-sys.com onetag-sys.com	508 B
2	urlz.fr 1 redirects urlz.fr	2 KB
1	tdsjsext3.com tdsjsext3.com	597 B
1	tmyzer.com c.tmyzer.com	200 B
1	doubleclick.net 1 redirects cm.g.doubleclick.net	156 B
1	truoptik.com 1 redirects dmp.truoptik.com	688 B
1	consensu.org c.sharethis.mgr.consensu.org	404 B
1	adleadevent.com adtrack.adleadevent.com	517 B
1	rubiconproject.com fastlane.rubiconproject.com	2 KB
1	stickyadstv.com ads.stickyadstv.com	609 B
1	noowho.com www.noowho.com	2 KB
1	cloudfront.net d2zur9cc2gf1tx.cloudfront.net	26 KB
1	sascdn.com ced-ns.sascdn.com	8 KB
1	contextweb.com tag.contextweb.com	11 KB
1	themoneytizer.net g.themoneytizer.net	200 B
1	cloudflare.com ajax.cloudflare.com	4 KB
0	bidswitch.net Failed pool.grid-data.bidswitch.net Failed
0	creative-serving.com Failed ads.creative-serving.com Failed
71	35

	Domain	Requested by
16	sex-dates4.com	1 redirects pavlovanon.ru sex-dates4.com
7	ads.themoneytizer.com	ajax.cloudflare.com ads.themoneytizer.com
5	s.cpx.to	p.cpx.to
3	fonts.gstatic.com	sex-dates4.com
3	bidder.criteo.com	1 redirects
3	ice.360yield.com	1 redirects
3	player.pepsia.com	urlz.fr player.pepsia.com
3	pavlovanon.ru	urlz.fr
3	7sex.nl	3 redirects
2	secure.adnxs.com	2 redirects
2	image2.pubmatic.com	2 redirects
2	ib.adnxs.com	ads.themoneytizer.com
2	script.4dex.io	ads.themoneytizer.com script.4dex.io
2	rules.quantcount.com	1 redirects
2	tag.leadplace.fr	ads.themoneytizer.com tag.leadplace.fr
2	gum.criteo.com	1 redirects
2	ww1097.smartadserver.com	1 redirects ads.themoneytizer.com
2	onetag-sys.com	ads.themoneytizer.com
2	urlz.fr	1 redirects
1	tdsjsext3.com	sex-dates4.com
1	fonts.googleapis.com	sex-dates4.com
1	c.tmyzer.com	ads.themoneytizer.com
1	cm.g.doubleclick.net	1 redirects
1	dmp.truoptik.com	1 redirects
1	c.sharethis.mgr.consensu.org	player.pepsia.com
1	adtrack.adleadevent.com	ajax.googleapis.com
1	fastlane.rubiconproject.com	ads.themoneytizer.com
1	ads.stickyadstv.com	ads.themoneytizer.com
1	ajax.googleapis.com	d2zur9cc2gf1tx.cloudfront.net
1	pixel.quantserve.com
1	www.noowho.com
1	d2zur9cc2gf1tx.cloudfront.net	ads.themoneytizer.com
1	edge.quantserve.com	ads.themoneytizer.com
1	ced-ns.sascdn.com
1	p.cpx.to	ads.themoneytizer.com
1	tag.contextweb.com	ads.themoneytizer.com
1	g.themoneytizer.net	ads.themoneytizer.com
1	ajax.cloudflare.com	urlz.fr
0	pool.grid-data.bidswitch.net Failed
0	ads.creative-serving.com Failed
71	40

This site contains no links.

Subject Issuer	Validity	Valid
ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-11-20` - `2020-05-28`	6 months	crt.sh
*.themoneytizer.com Sectigo RSA Domain Validation Secure Server CA	`2019-02-15` - `2021-02-14`	2 years	crt.sh
onetag-sys.com Let's Encrypt Authority X3	`2019-10-10` - `2020-01-08`	3 months	crt.sh
*.sascdn.com DigiCert SHA2 Secure Server CA	`2019-10-17` - `2020-10-16`	a year	crt.sh
*.criteo.com DigiCert ECC Secure Server CA	`2019-03-28` - `2020-04-01`	a year	crt.sh
www.noowho.com Gandi Standard SSL CA 2	`2017-02-07` - `2020-02-07`	3 years	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2019-10-04` - `2020-10-07`	a year	crt.sh
s.cpx.to COMODO RSA Domain Validation Secure Server CA	`2015-02-10` - `2020-02-09`	5 years	crt.sh
*.360yield.com Amazon	`2019-09-24` - `2020-10-24`	a year	crt.sh
sni50822.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-09-03` - `2020-03-11`	6 months	crt.sh
adtrack.adleadevent.com Amazon	`2019-06-30` - `2020-07-30`	a year	crt.sh
*.sharethis.mgr.consensu.org Go Daddy Secure Certificate Authority - G2	`2018-05-21` - `2020-05-21`	2 years	crt.sh
sex-dates4.com Let's Encrypt Authority X3	`2019-11-19` - `2020-02-17`	3 months	crt.sh
*.googleapis.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
*.google.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
tdsjsext3.com Let's Encrypt Authority X3	`2019-11-07` - `2020-02-05`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://sex-dates4.com/?u=yhwkte4&o=23bpkzz&t=7sex&cid=2ml1b9snl2co0ct102ns00000
Frame ID: E6714226AB4659A935477C1273E347B0
Requests: 67 HTTP requests in this frame

Frame: http://pavlovanon.ru/z9kfWr
Frame ID: 4E4D682C7E8D1B5308131CE6FC989DAA
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1574946118053
Frame ID: BDFACBE8F296075654E5A3F7F516632D
Requests: 1 HTTP requests in this frame

Frame: http://pavlovanon.ru/z9kfWr
Frame ID: 10EF4C459F13B54AF96F9A0F9BDF3397
Requests: 1 HTTP requests in this frame

Frame: http://tag.leadplace.fr/wckr.php?nogdpr&id=MTIZ
Frame ID: 156F94C624EFE109310F9E3BC85DDF5A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://urlz.fr/bbOt HTTP 301
http://urlz.fr/bbOt Page URL
http://7sex.nl/ HTTP 301
http://pavlovanon.ru/z9kfWr Page URL
http://sex-dates4.com/?u=yhwkte4&o=23bpkzz&t=7sex&cid=2ml1b9snl2co0ct102ns00000 HTTP 301
https://sex-dates4.com/?u=yhwkte4&o=23bpkzz&t=7sex&cid=2ml1b9snl2co0ct102ns00000 Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

71
Requests

61 %
HTTPS

28 %
IPv6

35
Domains

40
Subdomains

34
IPs

7
Countries

1031 kB
Transfer

1579 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://urlz.fr/bbOt HTTP 301
http://urlz.fr/bbOt Page URL
http://7sex.nl/ HTTP 301
http://pavlovanon.ru/z9kfWr Page URL
http://sex-dates4.com/?u=yhwkte4&o=23bpkzz&t=7sex&cid=2ml1b9snl2co0ct102ns00000 HTTP 301
https://sex-dates4.com/?u=yhwkte4&o=23bpkzz&t=7sex&cid=2ml1b9snl2co0ct102ns00000 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://urlz.fr/bbOt HTTP 301
http://urlz.fr/bbOt

Request Chain 2

http://7sex.nl/ HTTP 301
http://pavlovanon.ru/z9kfWr

Request Chain 11

https://ww1097.smartadserver.com/config.js?nwid=1097 HTTP 302
https://ced-ns.sascdn.com/diff/js/smart.js

Request Chain 12

http://gum.criteo.com/sync?c=147&r=2&j=criteoCallback HTTP 302
https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback

Request Chain 18

http://7sex.nl/ HTTP 301
http://pavlovanon.ru/z9kfWr

Request Chain 20

https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent= HTTP 302
https://id5-sync.com/c/12/0/9/1.gif?gdpr=1&gdpr_consent= HTTP 302
https://secure.adnxs.com/getuid?https://id5-sync.com/c/12/2/8/2.gif?puid=$UID&gdpr=1&gdpr_consent= HTTP 302
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fid5-sync.com%2Fc%2F12%2F2%2F8%2F2.gif%3Fpuid%3D%24UID%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/12/2/8/2.gif?puid=1287397931511925787&gdpr=1&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/12/19/7/3.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/12/19/7/3.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/12/19/7/3.gif?puid=60a27f28561360efe114db27de6ad90b&gdpr=1&gdpr_consent= HTTP 302
https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F6%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D

Request Chain 22

http://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js HTTP 301
https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js

Request Chain 30

https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%22183dfc626f0ad0e%22%2C%22version%22%3A%225.2.0-JS-6.2.0%22%2C%22referrer%22%3A%22http%3A%2F%2Furlz.fr%2FbbOt%22%2C%22imp%22%3A%5B%7B%22id%22%3A%229621a48367fb67%22%2C%22pid%22%3A%221121191%22%2C%22tid%22%3A%22fa1dff68-1749-4695-a2e6-3c08dce9c5f6%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%5D%7D%7D%5D%7D%7D HTTP 302
https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%22183dfc626f0ad0e%22%2C%22version%22%3A%225.2.0-JS-6.2.0%22%2C%22referrer%22%3A%22http%3A%2F%2Furlz.fr%2FbbOt%22%2C%22imp%22%3A%5B%7B%22id%22%3A%229621a48367fb67%22%2C%22pid%22%3A%221121191%22%2C%22tid%22%3A%22fa1dff68-1749-4695-a2e6-3c08dce9c5f6%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%5D%7D%7D%5D%7D%7D

Request Chain 34

http://bidder.criteo.com/cdb?profileId=207&av=20&wv=2.31.0&cb=16336833789 HTTP 307
https://bidder.criteo.com/cdb?profileId=207&av=20&wv=2.31.0&cb=16336833789

Request Chain 41

https://dmp.truoptik.com/0362536315099b06/sync.gif?cbk=https%3A%2F%2Fs.cpx.to%2Fsync&dsp=TRUOPTIK&fid=c19836cd-f077-4c83-97ba-ecd54a8f67bb&fck=72a5b27b6ec968ed&cbp=dsp_uid HTTP 302
https://s.cpx.to/sync?dsp_uid=a4c2e85cfb0e462809c5914587be4338&fid=c19836cd-f077-4c83-97ba-ecd54a8f67bb&dsp=TRUOPTIK&fck=72a5b27b6ec968ed

Request Chain 42

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Dc19836cd-f077-4c83-97ba-ecd54a8f67bb HTTP 302
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Dc19836cd-f077-4c83-97ba-ecd54a8f67bb HTTP 302
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=308FF2FF-18C8-4F2C-9CBC-DB4563BD7632&fid=c19836cd-f077-4c83-97ba-ecd54a8f67bb

Request Chain 43

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D11528%26ref%3D%26hn_ver%3D10%26fid%3Dc19836cd-f077-4c83-97ba-ecd54a8f67bb HTTP 302
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.cpx.to%252Fan_fire%253Fapp_nexus_uid%253D%2524UID%2526pid%253D11528%2526ref%253D%2526hn_ver%253D10%2526fid%253Dc19836cd-f077-4c83-97ba-ecd54a8f67bb HTTP 302
https://s.cpx.to/an_fire?app_nexus_uid=4452921914596008034&pid=11528&ref=&hn_ver=10&fid=c19836cd-f077-4c83-97ba-ecd54a8f67bb

Request Chain 44

https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=c19836cd-f077-4c83-97ba-ecd54a8f67bb HTTP 302
https://s.cpx.to/ca.png?dsp=dbm&fid=c19836cd-f077-4c83-97ba-ecd54a8f67bb&google_gid=CAESEJXB590wa3EtpzTOVj3tG7E&google_cver=1

Request Chain 48

http://7sex.nl/ HTTP 301
http://pavlovanon.ru/z9kfWr

71 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

bbOt Show response
urlz.fr/
Redirect Chain

https://urlz.fr/bbOt
http://urlz.fr/bbOt

3 KB
1 KB

78ms
65ms

Document
text/html

2606:4700:3038::681f:ab2
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://urlz.fr/bbOt
Protocol: HTTP/1.1
Server: 2606:4700:3038::681f:ab2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e923bf1ceaa29ae85651bef8247f19cfa382719295d44a7cd1a37397f7f7312f

Request headers

Host: urlz.fr
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Cookie: __cfduid=df9437379311c7d8bfe402a864be595f11574946117
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-User: ?1

Response headers

Date: Thu, 28 Nov 2019 13:01:57 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 53cc88902d93599a-VIE
Content-Encoding: gzip

Redirect headers

status: 301
date: Thu, 28 Nov 2019 13:01:57 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=df9437379311c7d8bfe402a864be595f11574946117; expires=Sat, 28-Dec-19 13:01:57 GMT; path=/; domain=.urlz.fr; HttpOnly
location: http://urlz.fr/bbOt
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 53cc888f5a5b598e-VIE

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/ 12 KB
4 KB 15ms
13ms Script
application/javascript 2606:4700::6811:4104
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Requested by

Host: urlz.fr
URL: http://urlz.fr/bbOt

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4104 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://urlz.fr/bbOt
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 28 Nov 2019 13:01:57 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Mon, 25 Nov 2019 12:00:05 GMT
server: cloudflare
etag: W/"5ddbc245-3016"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/javascript
status: 200
cache-control: max-age=172800, public
strict-transport-security: max-age=15780000; includeSubDomains
cf-ray: 53cc88909bf3cbcc-VIE
alt-svc: h3-23=":443"; ma=86400
expires: Sat, 30 Nov 2019 13:01:57 GMT

GET
H/1.1

200
OK

Cookie set z9kfWr
pavlovanon.ru/ Frame 4E4D
Redirect Chain

http://7sex.nl/
http://pavlovanon.ru/z9kfWr

0
0

285ms
148ms

Document
text/html

5.23.55.196
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://pavlovanon.ru/z9kfWr

Requested by

Host: urlz.fr
URL: http://urlz.fr/bbOt

Protocol

HTTP/1.1

Server

5.23.55.196 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),

Reverse DNS

vds-ca59628.timeweb.ru

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Host: pavlovanon.ru
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://urlz.fr/bbOt
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://urlz.fr/bbOt

Response headers

Server: nginx
Date: Thu, 28 Nov 2019 13:01:58 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 764
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate,post-check=0,pre-check=0
Expires: 0
Last-Modified: Thu, 28 Nov 2019 13:01:57 GMT
Pragma: no-cache
Set-Cookie: _subid=2ml1b9snl1napjb67hnig0000;Expires=Sunday, 29-Dec-2019 13:01:57 GMT;Max-Age=2678400;Path=/ _token=uuid_2ml1b9snl1napjb67hnig0000_2ml1b9snl1napjb67hnig00005ddfc54601b611.90090211;Expires=Sunday, 29-Dec-2019 13:01:58 GMT;Max-Age=2678400;Path=/ c6b5c=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjUwNFwiOjE1NzQ5NDYxMTd9LFwiY2FtcGFpZ25zXCI6e1wiNTZcIjoxNTc0OTQ2MTE3fSxcInRpbWVcIjoxNTc0OTQ2MTE3fSJ9.769NXfmIyE_61DN077rbQjyDCZyglsIcCdWAuBZepd0;Expires=Sunday, 29-Dec-2019 13:01:58 GMT;Max-Age=2678400;Path=/
X-Content-Type-Options: nosniff

Redirect headers

Server: nginx/1.12.2
Date: Thu, 28 Nov 2019 13:01:57 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: close
Location: http://pavlovanon.ru/z9kfWr

GET
H/1.1 200
OK requestform.js Show response
ads.themoneytizer.com/s/ 35 KB
9 KB 41ms
23ms Script
text/html 151.139.241.23
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: NetDNA-cache/2.2 / PHP/5.4.45
Resource Hash: 577e145f74655ecae607c23cb6ee8c5afc4a6be386d0fc594735ac742be6dbf2

Request headers

Referer: http://urlz.fr/bbOt
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 28 Nov 2019 13:01:57 GMT
Content-Encoding: gzip
Server: NetDNA-cache/2.2
X-Powered-By: PHP/5.4.45
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/html; charset=UTF-8
Cache-control: max-age=86400
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes
Expires: Fri, 29 Nov 2019 13:01:57 GMT

GET
H/1.1 200
OK gen.js Show response
ads.themoneytizer.com/s/ 8 KB
3 KB 39ms
21ms Script
text/html 151.139.241.23
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: http://ads.themoneytizer.com/s/gen.js?type=28
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: NetDNA-cache/2.2 / PHP/5.4.45
Resource Hash: aa976605d1e09bed284b5d85b80fe5a598292f3f22ec79e380a7b318578e90ea

Request headers

Referer: http://urlz.fr/bbOt
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 28 Nov 2019 13:01:01 GMT
Content-Encoding: gzip
Server: NetDNA-cache/2.2
X-Powered-By: PHP/5.4.45
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/html; charset=UTF-8
Cache-control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2746
Expires: Fri, 29 Nov 2019 13:01:01 GMT

GET
H/1.1 200
OK / Show response
g.themoneytizer.net/g/ 26 B
200 B 70ms
53ms Script
text/html 145.239.193.145
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://g.themoneytizer.net/g/
Requested by: Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol: HTTP/1.1
Server: 145.239.193.145 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 278393caf9e3b1246267fb79e95027449f041bbf8e8774a4cf46d72cc09b7405

Request headers

Referer: http://urlz.fr/bbOt
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 28 Nov 2019 13:01:58 GMT
Server: nginx
X-IPLB-Instance: 29821
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 moneyvisibility.js Show response
ads.themoneytizer.com/ 12 KB
4 KB 59ms
19ms Script
text/javascript 151.139.241.23
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneyvisibility.js
Requested by: Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: 7665c874bc98e44bd494def2883069f2f4c14cdef48d52d517cbbfce75440f37

Request headers

Referer: http://urlz.fr/bbOt
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 28 Nov 2019 13:01:58 GMT
content-encoding: gzip
last-modified: Wed, 27 Feb 2019 16:57:07 GMT
server: nginx
etag: "779a-308e-582e3105a6be4"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 3931
expires: Fri, 29 Nov 2019 13:01:02 GMT

GET
H2 200 moneybile.js Show response
ads.themoneytizer.com/ 37 KB
16 KB 76ms
37ms Script
text/javascript 151.139.241.23
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneybile.js
Requested by: Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: 94666aec361fee9a9294bb32a5bc11867e479d41c199dd6ec8053122ae105a4b

Request headers

Referer: http://urlz.fr/bbOt
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 28 Nov 2019 13:01:58 GMT
content-encoding: gzip
last-modified: Wed, 27 Feb 2019 16:57:00 GMT
server: nginx
etag: "7ff1-9390-582e30fefbc74"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 15733
expires: Fri, 29 Nov 2019 13:01:11 GMT

GET
H2 200 /
onetag-sys.com/usync/ Frame BDFA 0
0 84ms
28ms Document
text/html 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1574946118053
Requested by: Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.89.9.251 , Germany, ASN16276 (OVH, FR),
Reverse DNS: ip251.ip-51-89-9.eu
Software: /
Resource Hash

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?pubId=2a897e3f18e6769&cb=1574946118053
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: http://urlz.fr/bbOt
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://urlz.fr/bbOt

Response headers

status: 200
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
set-cookie: OTP=WCFBj0BJuQGAPefIL-kzPZehALbTuMeXluonBpPSQBE; path=/; expires=Sat, 27 Nov 2021 13:01:58; domain=onetag-sys.com; SameSite=None;
content-type: text/html
expires: Sun, 01-Jan-2034 12:34:56 GMT
cache-control: max-age=2628000,public
content-encoding: gzip

GET
H/1.1 200
OK getjs.static.js Show response
tag.contextweb.com/ 32 KB
11 KB 67ms
24ms Script
application/x-javascript 74.214.194.132
PULSEPOINT-EU

General

Check archive.org

Show headers Download Go to

Full URL: http://tag.contextweb.com/getjs.static.js
Requested by: Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol: HTTP/1.1
Server: 74.214.194.132 Amsterdam, Netherlands, ASN59940 (PULSEPOINT-EU, NL),
Reverse DNS
Software: envoy /
Resource Hash: bf0e17523e8f57ccb02223b6e5adea462a5479afc4e79d9cbf80ca7f6186dc69

Request headers

Referer: http://urlz.fr/bbOt
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 28 Nov 2019 13:01:57 GMT
content-encoding: gzip
server: envoy
etag: d13c8ae45565efb782b52cb7f6a3b3828e3d77a7
p3p: policyref="/TagPublish/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: max-age=432000, public
x-envoy-upstream-service-time: 3
content-type: application/x-javascript
content-length: 11296

GET
H/1.1 200
OK px.js Show response
p.cpx.to/p/11528/ 1 KB
2 KB 62ms
44ms Script
application/javascript 13.225.78.4
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://p.cpx.to/p/11528/px.js?r=1d0da
Requested by: Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol: HTTP/1.1
Server: 13.225.78.4 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-225-78-4.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 759d88dd7c8fa0d1e31323bd2ebf3f238156fdcbd1ed108215f69fece482d0c2

Request headers

Referer: http://urlz.fr/bbOt
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 25 Nov 2019 06:42:40 GMT
Content-Encoding: UTF-8
Last-Modified: Wed, 10 Oct 2018 10:49:46 GMT
Server: AmazonS3
Age: 281959
ETag: "f30057c89bf67afeaf18ceba624fa4b7"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
Cache-Control: max-age=2419200
X-Amz-Cf-Pop: FRA2-C2
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1498
X-Amz-Cf-Id: TSngyPhr_JxKadDGcpZI_1BCJwIDOkq1_YIqmdNA8CeBYXIhTC2VCg==

GET
H/1.1

200
OK

smart.js Show response
ced-ns.sascdn.com/diff/js/
Redirect Chain

https://ww1097.smartadserver.com/config.js?nwid=1097
https://ced-ns.sascdn.com/diff/js/smart.js

24 KB
8 KB

22ms
6ms

Script
application/x-javascript

2a01:4a0:1338:28::c38a:ff11
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to

Full URL: https://ced-ns.sascdn.com/diff/js/smart.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff11 , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: Apache /
Resource Hash: e74d4b9c447f963778d2309bf36b2c9acd06d8c7096f9a98b28643cae53f426b

Request headers

Referer: http://urlz.fr/bbOt
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 28 Nov 2019 13:01:58 GMT
Content-Encoding: gzip
Last-Modified: Thu, 05 Sep 2019 12:08:33 GMT
Server: Apache
ETag: "1fc11a0f5e30485338c4562812f21662:1567685313"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8004

Redirect headers

Location: https://ced-ns.sascdn.com/diff/js/smart.js
Date: Thu, 28 Nov 2019 13:01:57 GMT
Cache-Control: private
Content-Length: 159
Content-Type: text/html; charset=utf-8

GET
H2

200

sync Show response
gum.criteo.com/
Redirect Chain

http://gum.criteo.com/sync?c=147&r=2&j=criteoCallback
https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback

49 B
311 B

56ms
17ms

Script
text/javascript

2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: /
Resource Hash: 005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0

Request headers

Referer: http://urlz.fr/bbOt
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 28 Nov 2019 13:01:58 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
status: 200
cache-control: private, max-age=3600
content-length: 165
expires: 60

Redirect headers

location: https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback
date: Thu, 28 Nov 2019 13:01:57 GMT
content-length: 179
content-type: text/html; charset=utf-8

GET
H/1.1 200
OK libJsLP.js Show response
tag.leadplace.fr/ 3 KB
3 KB 55ms
37ms Script
application/javascript 145.239.192.166
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://tag.leadplace.fr/libJsLP.js
Requested by: Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol: HTTP/1.1
Server: 145.239.192.166 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 90e6f92e956b0b2b6e655f63d36cd44cef727f54c2b2a175ab5144de14ba2a31

Request headers

Referer: http://urlz.fr/bbOt
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 28 Nov 2019 13:01:58 GMT
Last-Modified: Wed, 28 Nov 2018 09:16:40 GMT
Server: nginx/1.14.2
ETag: "5bfe5cf8-a72"
X-IPLB-Instance: 30195
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 2674

GET
H/1.1 200
OK quant.js Show response
edge.quantserve.com/ 12 KB
6 KB 55ms
36ms Script
application/x-javascript 91.228.74.184
Quantcast Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: http://edge.quantserve.com/quant.js
Requested by: Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol: HTTP/1.1
Server: 91.228.74.184 , United Kingdom, ASN27281 (QUANTCAST - Quantcast Corporation, US),
Reverse DNS
Software: QS /
Resource Hash: 404a9b0ffbcc813e8ddbb8d8510a24a69c09079282f8083ee94f4adc5d627176

Request headers

Referer: http://urlz.fr/bbOt
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 28 Nov 2019 13:01:58 GMT
Content-Encoding: gzip
Last-Modified: Thu, 28-Nov-2019 13:01:58 GMT
Server: QS
ETag: M0-e2b9884a
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=604800
Connection: keep-alive
Content-Length: 5456
Expires: Thu, 05 Dec 2019 13:01:58 GMT

GET
H/1.1 200
OK notifyme.js Show response
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/ 25 KB
26 KB 68ms
50ms Script
text/javascript 143.204.98.185
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Requested by: Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol: HTTP/1.1
Server: 143.204.98.185 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-98-185.fra50.r.cloudfront.net
Software: Apache /
Resource Hash: b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213

Request headers

Referer: http://urlz.fr/bbOt
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 27 Nov 2019 19:42:04 GMT
Via: 1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
Last-Modified: Mon, 18 Feb 2019 16:54:28 GMT
Server: Apache
Age: 62409
X-Cache: Hit from cloudfront
Content-Type: text/javascript
X-Amz-Cf-Pop: FRA50-C1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 25704
X-Amz-Cf-Id: IWFcp2kvbaaglZOTMAJzz8ydlL29V3-RD8JStNfRSp3HitKwGwm5yg==

GET
H2 200 prebid.js Show response
ads.themoneytizer.com/moneybid2_31/build/dist/ 409 KB
130 KB 25ms
24ms Script
text/javascript 151.139.241.23
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneybid2_31/build/dist/prebid.js
Requested by: Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: fcbae18825d52376d32deb98bdc1a8f7bb517dce83afb11ea0335670b66eea8a

Request headers

Referer: http://urlz.fr/bbOt
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 28 Nov 2019 13:01:58 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 17:51:51 GMT
server: nginx
etag: "3ba96-663d5-596d96fcf8651"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 132349
expires: Fri, 29 Nov 2019 13:01:14 GMT

GET
H/1.1 200
OK sdk.js Show response
player.pepsia.com/ 39 KB
39 KB 106ms
88ms Script
application/javascript 5.179.192.20
ASPSERVEUR-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://player.pepsia.com/sdk.js?d=16eb21a99ab
Requested by: Host: urlz.fr
URL: http://urlz.fr/bbOt
Protocol: HTTP/1.1
Server: 5.179.192.20 Paris, France, ASN34235 (ASPSERVEUR-AS, FR),
Reverse DNS: 5-179-192-20.dynamixhost.net
Software: nginx /
Resource Hash: e210f56421f422144d56bc89278101007da57f4533e3c0788ba82a9d49170cdc

Request headers

Referer: http://urlz.fr/bbOt
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 28 Nov 2019 13:01:58 GMT
Last-Modified: Tue, 29 Oct 2019 09:15:39 GMT
Server: nginx
Accept-Ranges: bytes
ETag: "5db8033b-9b78"
Content-Length: 39800
Content-Type: application/javascript

GET
H/1.1

200
OK

Cookie set z9kfWr
pavlovanon.ru/ Frame 10EF
Redirect Chain

http://7sex.nl/
http://pavlovanon.ru/z9kfWr

0
0

92ms
92ms

Document
text/html

5.23.55.196
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://pavlovanon.ru/z9kfWr

Requested by

Host: urlz.fr
URL: http://urlz.fr/bbOt

Protocol

HTTP/1.1

Server

5.23.55.196 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),

Reverse DNS

vds-ca59628.timeweb.ru

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Host: pavlovanon.ru
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://urlz.fr/bbOt
Accept-Encoding: gzip, deflate
Cookie: _subid=2ml1b9snl1napjb67hnig0000; _token=uuid_2ml1b9snl1napjb67hnig0000_2ml1b9snl1napjb67hnig00005ddfc54601b611.90090211; c6b5c=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjUwNFwiOjE1NzQ5NDYxMTd9LFwiY2FtcGFpZ25zXCI6e1wiNTZcIjoxNTc0OTQ2MTE3fSxcInRpbWVcIjoxNTc0OTQ2MTE3fSJ9.769NXfmIyE_61DN077rbQjyDCZyglsIcCdWAuBZepd0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://urlz.fr/bbOt

Response headers

Server: nginx
Date: Thu, 28 Nov 2019 13:01:58 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 764
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate,post-check=0,pre-check=0
Expires: 0
Last-Modified: Thu, 28 Nov 2019 13:01:58 GMT
Pragma: no-cache
Set-Cookie: _subid=2ml1b9snl1ehmi9gh8t080000;Expires=Sunday, 29-Dec-2019 13:01:58 GMT;Max-Age=2678400;Path=/ _token=uuid_2ml1b9snl1ehmi9gh8t080000_2ml1b9snl1ehmi9gh8t0800005ddfc5466b1921.53588677;Expires=Sunday, 29-Dec-2019 13:01:58 GMT;Max-Age=2678400;Path=/ c6b5c=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjUwNFwiOjE1NzQ5NDYxMTd9LFwiY2FtcGFpZ25zXCI6e1wiNTZcIjoxNTc0OTQ2MTE3fSxcInRpbWVcIjoxNTc0OTQ2MTE3fSJ9.769NXfmIyE_61DN077rbQjyDCZyglsIcCdWAuBZepd0;Expires=Sunday, 29-Dec-2019 13:01:58 GMT;Max-Age=2678400;Path=/
X-Content-Type-Options: nosniff

Redirect headers

Server: nginx/1.12.2
Date: Thu, 28 Nov 2019 13:01:58 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: close
Location: http://pavlovanon.ru/z9kfWr

GET
H/1.1 200
OK image.php
www.noowho.com/ 1 KB
2 KB 143ms
65ms Image
image/gif 94.23.196.203
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.noowho.com/image.php?site=23690713&ref=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.23.196.203 , France, ASN16276 (OVH, FR),
Reverse DNS: serveur8.wilsoftech.com
Software: Apache/2.4.7 (Ubuntu) / PHP/5.5.9-1ubuntu4.22
Resource Hash: caafcb7a374221a77ffb54543d22f57f38d5995e9474f4884b770747b4fb5552

Request headers

Referer: http://urlz.fr/bbOt
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 28 Nov 2019 13:12:05 GMT
Cache-Control: no-store, no-cache, must-revalidate
Server: Apache/2.4.7 (Ubuntu)
Connection: close
X-Powered-By: PHP/5.5.9-1ubuntu4.22
Content-Length: 1416
Content-Type: image/gif

GET

id5_cm
ads.creative-serving.com/
Redirect Chain

https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent=
https://id5-sync.com/c/12/0/9/1.gif?gdpr=1&gdpr_consent=
https://secure.adnxs.com/getuid?https://id5-sync.com/c/12/2/8/2.gif?puid=$UID&gdpr=1&gdpr_consent=
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fid5-sync.com%2Fc%2F12%2F2%2F8%2F2.gif%3Fpuid%3D%24UID%26gdpr%3D1%26gdpr_consent%3D
https://id5-sync.com/c/12/2/8/2.gif?puid=1287397931511925787&gdpr=1&gdpr_consent=
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/12/19/7/3.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/12/19/7/3.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
https://id5-sync.com/c/12/19/7/3.gif?puid=60a27f28561360efe114db27de6ad90b&gdpr=1&gdpr_consent=
https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F6%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D

0
0

GET
H/1.1 200
OK wckr.php
tag.leadplace.fr/ Frame 156F 0
0 31ms
31ms Document
text/html 145.239.192.166
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://tag.leadplace.fr/wckr.php?nogdpr&id=MTIZ
Requested by: Host: tag.leadplace.fr
URL: http://tag.leadplace.fr/libJsLP.js
Protocol: HTTP/1.1
Server: 145.239.192.166 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash

Request headers

Host: tag.leadplace.fr
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://urlz.fr/bbOt
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://urlz.fr/bbOt

Response headers

Server: nginx/1.14.2
Date: Thu, 28 Nov 2019 13:01:58 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
X-IPLB-Instance: 30195

GET
H2

200

rules-p-6Fv0cGNfc_bw8.js Show response
rules.quantcount.com/
Redirect Chain

http://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js

1 KB
967 B

7ms
7ms

Script
application/x-javascript

2600:9000:2156:de00:6:44e3:f8c0:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2156:de00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681

Request headers

Referer: http://urlz.fr/bbOt
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 28 Nov 2019 12:59:03 GMT
content-encoding: gzip
last-modified: Mon, 19 Mar 2018 22:28:36 GMT
server: AmazonS3
age: 176
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=3600
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: XMnEtcWHIn1x5R3PbNAT6E95Y3VKhrKjM7Ex2oSdJsmV6M4BYAVJJA==
via: 1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)

Redirect headers

Date: Thu, 28 Nov 2019 13:01:58 GMT
Via: 1.1 f046bfa1468bb4385e357c8c9128cf51.cloudfront.net (CloudFront)
Server: CloudFront
X-Amz-Cf-Pop: FRA2-C1
X-Cache: Redirect from cloudfront
Content-Type: text/html
Location: https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Connection: keep-alive
Content-Length: 183
X-Amz-Cf-Id: 5L7PMK2KoP29PkwoJuR3rkxqAIYtKnEpFoyjxUPUMtlX4F6UvILh2Q==

GET
H/1.1 200
OK fire.js Show response
s.cpx.to/ 772 B
1 KB 153ms
40ms Script
application/javascript 52.214.1.180
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://s.cpx.to/fire.js?pid=11528&ref=&hn_ver=10&fid=c19836cd-f077-4c83-97ba-ecd54a8f67bb

Requested by

Host: p.cpx.to
URL: http://p.cpx.to/p/11528/px.js?r=1d0da

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.214.1.180 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-214-1-180.eu-west-1.compute.amazonaws.com

Software

Resource Hash

70025e5e131729d4c80997637536be511770eeba2ae1b4e8bf9a24c6db25b921

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: http://urlz.fr/bbOt
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Thu, 28 Nov 2019 13:01:58 GMT
X-Frame-Options: sameorigin
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Type: application/javascript; charset=UTF-8
Content-Length: 772
Expires: Tue, 26 Nov 2019 13:49:06 GMT

GET
H/1.1 200
OK pixel;r=1357326241;labels=Categories.hobbiesandinterests;rf=0;a=p-6Fv0cGNfc_bw8;url=http%3A%2F%2Furlz.fr%2FbbOt;fpan=1;fpa=P0-416070954-1574946118139;ns=0;ce=1;qjs=1;qv=4c19192-20180628134937;cm=;r...
pixel.quantserve.com/ 35 B
494 B 61ms
43ms Image
image/gif 91.228.74.165
Quantcast Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://pixel.quantserve.com/pixel;r=1357326241;labels=Categories.hobbiesandinterests;rf=0;a=p-6Fv0cGNfc_bw8;url=http%3A%2F%2Furlz.fr%2FbbOt;fpan=1;fpa=P0-416070954-1574946118139;ns=0;ce=1;qjs=1;qv=4c19192-20180628134937;cm=;ref=;je=0;sr=1600x1200x24;enc=n;dst=1;et=1574946118139;tzo=-60;ogl=
Protocol: HTTP/1.1
Server: 91.228.74.165 , United Kingdom, ASN27281 (QUANTCAST - Quantcast Corporation, US),
Reverse DNS
Software: QS /
Resource Hash: a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Request headers

Referer: http://urlz.fr/bbOt
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 28 Nov 2019 13:01:58 GMT
Server: QS
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
Cache-Control: private, no-cache, no-store, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1 200
OK jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.0.0/ 84 KB
30 KB 11ms
5ms Script
text/javascript 2a00:1450:4001:81a::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js

Requested by

Host: d2zur9cc2gf1tx.cloudfront.net
URL: http://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://urlz.fr/bbOt
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 21 Nov 2019 07:00:42 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 20 Dec 2016 18:17:03 GMT
Server: sffe
Age: 626476
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 30186
X-XSS-Protection: 0
Expires: Fri, 20 Nov 2020 07:00:42 GMT

GET
H/1.1 200
OK localstore.js Show response
script.4dex.io/ 409 B
923 B 30ms
18ms Script
application/javascript 2606:4700:30::681c:112a
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://script.4dex.io/localstore.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_31/build/dist/prebid.js
Protocol: HTTP/1.1
Server: 2606:4700:30::681c:112a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86aaaf7d30279a13050276ee51c2e1983c77ff3f650dc000828cbbfe20d6f0ae

Request headers

Referer: http://urlz.fr/bbOt
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 28 Nov 2019 13:01:58 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Wed, 27 Nov 2019 07:15:11 GMT
Server: cloudflare
Age: 866
ETag: W/"4b47be3773e54c93b4788a00c3d0324b"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=1800
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 53cc8896bdaf59d6-VIE
x-amz-request-id: A76C7B5AF8F95815
x-amz-id-2: zrMS/8lGzZRz0OQKI9MApHMAPie7xmFrf0RivYH8v1yz4Pbx/n4u4Ry9REnPWarke/kwyonvk7w=

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
702 B 40ms
23ms XHR
application/json 185.33.223.216
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

http://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_31/build/dist/prebid.js

Protocol

HTTP/1.1

Server

185.33.223.216 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

312.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://urlz.fr/bbOt
Origin: http://urlz.fr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 28 Nov 2019 13:02:00 GMT
X-Proxy-Origin: 109.236.94.25; 109.236.94.25; 312.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.187:80
AN-X-Request-Uuid: d6f802a4-cae3-4d9f-a61d-143aa81d2ccb
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://urlz.fr
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 moneybid.js Show response
ads.themoneytizer.com/bidder1/ 631 B
666 B 59ms
20ms XHR
text/html 151.139.241.23
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=15056&adid=28&formatid=30012&size=desktop
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_31/build/dist/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx / PHP/5.4.45
Resource Hash: 87d0504a593794695c2f77db0efde1f65e73a7086abf260f07f491482517cd07

Request headers

Referer: http://urlz.fr/bbOt
Origin: http://urlz.fr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 28 Nov 2019 13:01:58 GMT
content-encoding: gzip
server: nginx
status: 200
x-powered-by: PHP/5.4.45
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 435
expires: Fri, 29 Nov 2019 13:01:58 GMT

GET
H/1.1 200
OK swfIndex.php
ads.stickyadstv.com/www/delivery/ 67 B
609 B 302ms
285ms XHR
application/xml 2.21.38.3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=5224337&componentId=mustang&timestamp=1574946118204&pKey=-1156527840&_fw_gdpr_consent=undefined&loc=http%3A%2F%2Furlz.fr%2FbbOt&playerSize=640x480&
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_31/build/dist/prebid.js
Protocol: HTTP/1.1
Server: 2.21.38.3 , France, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-21-38-3.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash

Request headers

Referer: http://urlz.fr/bbOt
Origin: http://urlz.fr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 28 Nov 2019 13:01:58 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: http://urlz.fr
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive, Transfer-Encoding
x-sticky-vk: 1574946118200095-17
Expires: Thu, 28 Nov 2019 13:01:58 GMT

GET
H2

302

hb Show response
ice.360yield.com/ul_cb/
Redirect Chain

https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%22183dfc626f0ad0e%22%2C%22version%22%3A%225.2.0-JS-6.2.0%22%2C%22referrer%22%3A%22http%3A%2F%2Furlz.fr%2Fb...
https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%22183dfc626f0ad0e%22%2C%22version%22%3A%225.2.0-JS-6.2.0%22%2C%22referrer%22%3A%22http%3A%2F%2Furlz....

0
-1 B

95ms
30ms

XHR
text/plain

35.157.238.72
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%22183dfc626f0ad0e%22%2C%22version%22%3A%225.2.0-JS-6.2.0%22%2C%22referrer%22%3A%22http%3A%2F%2Furlz.fr%2FbbOt%22%2C%22imp%22%3A%5B%7B%22id%22%3A%229621a48367fb67%22%2C%22pid%22%3A%221121191%22%2C%22tid%22%3A%22fa1dff68-1749-4695-a2e6-3c08dce9c5f6%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%5D%7D%7D%5D%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.238.72 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-35-157-238-72.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://urlz.fr/bbOt
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 28 Nov 2019 13:01:58 GMT
access-control-allow-origin: http://urlz.fr
location: https://ice.360yield.com:443/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%22183dfc626f0ad0e%22%2C%22version%22%3A%225.2.0-JS-6.2.0%22%2C%22referrer%22%3A%22http%3A%2F%2Furlz.fr%2FbbOt%22%2C%22imp%22%3A%5B%7B%22id%22%3A%229621a48367fb67%22%2C%22pid%22%3A%221121191%22%2C%22tid%22%3A%22fa1dff68-1749-4695-a2e6-3c08dce9c5f6%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%5D%7D%7D%5D%7D%7D
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
status: 302
access-control-allow-credentials: true
content-type: text/plain
content-length: 0

Redirect headers

date: Thu, 28 Nov 2019 13:01:58 GMT
status: 302
location: https://ice.360yield.com:443/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%22183dfc626f0ad0e%22%2C%22version%22%3A%225.2.0-JS-6.2.0%22%2C%22referrer%22%3A%22http%3A%2F%2Furlz.fr%2FbbOt%22%2C%22imp%22%3A%5B%7B%22id%22%3A%229621a48367fb67%22%2C%22pid%22%3A%221121191%22%2C%22tid%22%3A%22fa1dff68-1749-4695-a2e6-3c08dce9c5f6%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%5D%7D%7D%5D%7D%7D
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: http://urlz.fr
access-control-allow-credentials: true
content-type: text/plain
content-length: 0

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 255 B
2 KB 94ms
76ms XHR
application/json 69.173.144.140
The Rubicon Project

General

Check archive.org

Show headers Download Go to

Full URL: http://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11740&site_id=39544&zone_id=1078310&size_id=2&p_pos=atf&rf=https%3A%2F%2Furlz.fr&kw=15056&tg_i.siteid=15056&tk_flint=pbjs_lite_v2.31.0&x_source.tid=fa1dff68-1749-4695-a2e6-3c08dce9c5f6&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=0&slots=1&rand=0.132333147370421
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_31/build/dist/prebid.js
Protocol: HTTP/1.1
Server: 69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: 90e6cadb5d7ae8ebb4842b34442a3841d7720a79271fd1d6e9b4260a9664e9b0

Request headers

Referer: http://urlz.fr/bbOt
Origin: http://urlz.fr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 28 Nov 2019 13:01:58 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: http://urlz.fr
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=5, max=421
Content-Length: 255
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
508 B 106ms
106ms XHR
application/json 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-sys.com/prebid-request
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_31/build/dist/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.89.9.251 , Germany, ASN16276 (OVH, FR),
Reverse DNS: ip251.ip-51-89-9.eu
Software: /
Resource Hash: 663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Request headers

Referer: http://urlz.fr/bbOt
Origin: http://urlz.fr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

content-encoding: gzip
status: 200
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: http://urlz.fr
cache-control: no-cache, no-transform
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: Content-Type

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 21 B
704 B 39ms
23ms XHR
application/json 185.33.223.216
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

http://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_31/build/dist/prebid.js

Protocol

HTTP/1.1

Server

185.33.223.216 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

312.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

aaaabde3f68c325033b37bb3ebff887e3b589b7137e717e96648a52221881429

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://urlz.fr/bbOt
Origin: http://urlz.fr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 28 Nov 2019 13:02:00 GMT
X-Proxy-Origin: 109.236.94.25; 109.236.94.25; 312.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.142:80
AN-X-Request-Uuid: df392577-5b7a-41ac-bc5f-ed54eede50bd
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://urlz.fr
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 21
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1

307
Temporary Redirect

cdb Show response
bidder.criteo.com/
Redirect Chain

http://bidder.criteo.com/cdb?profileId=207&av=20&wv=2.31.0&cb=16336833789
https://bidder.criteo.com/cdb?profileId=207&av=20&wv=2.31.0&cb=16336833789

0
-1 B

69ms
51ms

XHR

178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=20&wv=2.31.0&cb=16336833789
Protocol: HTTP/1.1
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://urlz.fr/bbOt
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 28 Nov 2019 13:01:58 GMT
server: Finatra
access-control-allow-origin: http://urlz.fr
vary: Origin
location: https://bidder.criteo.com/cdb?profileId=207&av=20&wv=2.31.0&cb=16336833789
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 0

Redirect headers

date: Thu, 28 Nov 2019 13:01:58 GMT
server: Finatra
location: https://bidder.criteo.com/cdb?profileId=207&av=20&wv=2.31.0&cb=16336833789
vary: Origin
access-control-allow-origin: http://urlz.fr
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 0

GET
H2 200 adagio.js
script.4dex.io/ 57 KB
17 KB 373ms
338ms Fetch
application/javascript 2606:4700:30::681c:112a
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: http://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681c:112a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://urlz.fr/bbOt
Origin: http://urlz.fr

Response headers

date: Thu, 28 Nov 2019 13:01:58 GMT
content-encoding: br
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: REVALIDATED
x-amz-request-id: 7B9CD42F35A58D51
status: 200
x-amz-id-2: KLnq6+SC2+EsN+YHy/Glkw3Jhro9JzmzyimvySMe1vCSktPnDY3ZrKeGwTS78q4Y98B+p4doQIA=
last-modified: Wed, 27 Nov 2019 07:15:09 GMT
server: cloudflare
etag: W/"862344c8919fb49a033a0884dbd2733f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
cf-ray: 53cc8897281a59dc-VIE

GET
H/1.1 200
OK notifyme.php Show response
adtrack.adleadevent.com/ 0
517 B 153ms
40ms XHR
application/x-javascript 54.247.175.102
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
Requested by: Host: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.247.175.102 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-247-175-102.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: http://urlz.fr/bbOt
Origin: http://urlz.fr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 28 Nov 2019 13:01:58 GMT
Content-Encoding: gzip
Last-Modified: Thu, 28 Nov 2019 13:01:58 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: http://urlz.fr
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 get_consent Show response
c.sharethis.mgr.consensu.org/ 13 B
404 B 19ms
19ms XHR
application/json 2600:9000:2156:fe00:c:a9b7:ddc0:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://c.sharethis.mgr.consensu.org/get_consent
Requested by: Host: player.pepsia.com
URL: http://player.pepsia.com/sdk.js?d=16eb21a99ab
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2156:fe00:c:a9b7:ddc0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: /
Resource Hash: 38bc0f256821a9c0a02a1c0cedf8ff70c211e637ef77ac199de2fe0cf36ba9ec

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://urlz.fr/bbOt
Origin: http://urlz.fr

Response headers

date: Thu, 28 Nov 2019 13:01:58 GMT
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
status: 200
etag: W/"d-+DingHfG0CPg0LypXw8zXfS4tGg"
vary: Origin,Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: http://urlz.fr
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-length: 13
x-amz-cf-id: adAoIBRNmbtAMmB4ndy4SfXHG95Kqw6JO_kOFVPXwKcb2xI_NiQ1zg==

GET
H/1.1 200
OK indexv2.php Show response
player.pepsia.com/V2/ 170 B
412 B 47ms
46ms XHR
text/html 5.179.192.20
ASPSERVEUR-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://player.pepsia.com/V2/indexv2.php?token=00I4&controls=1&autoplay=1&logo=true&volume=1&api=1&id=0&origin=http://urlz.fr&gdpr=1&d=16eb21a9a73
Requested by: Host: player.pepsia.com
URL: http://player.pepsia.com/sdk.js?d=16eb21a99ab
Protocol: HTTP/1.1
Server: 5.179.192.20 Paris, France, ASN34235 (ASPSERVEUR-AS, FR),
Reverse DNS: 5-179-192-20.dynamixhost.net
Software: nginx /
Resource Hash: 89085930fdff263d643c4fa37f489efadd7d9f8361661113d67eb61aa7d6311a

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://urlz.fr/bbOt
Origin: http://urlz.fr

Response headers

Access-Control-Allow-Origin: http://urlz.fr
Date: Thu, 28 Nov 2019 13:01:58 GMT
Content-Encoding: gzip
Access-Control-Allow-Credentials: true
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK algov2.php Show response
player.pepsia.com/V2/ 1 KB
782 B 131ms
115ms XHR
text/html 5.179.192.20
ASPSERVEUR-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://player.pepsia.com/V2/algov2.php?token=00I4&num=9&origin=http://urlz.fr&d=16eb21a9a73
Requested by: Host: player.pepsia.com
URL: http://player.pepsia.com/sdk.js?d=16eb21a99ab
Protocol: HTTP/1.1
Server: 5.179.192.20 Paris, France, ASN34235 (ASPSERVEUR-AS, FR),
Reverse DNS: 5-179-192-20.dynamixhost.net
Software: nginx /
Resource Hash: 5f93f648f5700cc6b98b92067538d7671f2dda507caa3f034d255077dfecf0e3

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://urlz.fr/bbOt
Origin: http://urlz.fr

Response headers

Access-Control-Allow-Origin: http://urlz.fr
Date: Thu, 28 Nov 2019 13:01:58 GMT
Content-Encoding: gzip
Access-Control-Allow-Credentials: true
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
126 B 109ms
37ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=20&wv=2.31.0&cb=16336833789
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://urlz.fr/bbOt
Origin: null
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Thu, 28 Nov 2019 13:01:58 GMT
access-control-allow-credentials: true
server: Finatra
access-control-allow-origin: null
timing-allow-origin: *
vary: Origin

GET
H/1.1

200
OK

sync
s.cpx.to/
Redirect Chain

https://dmp.truoptik.com/0362536315099b06/sync.gif?cbk=https%3A%2F%2Fs.cpx.to%2Fsync&dsp=TRUOPTIK&fid=c19836cd-f077-4c83-97ba-ecd54a8f67bb&fck=72a5b27b6ec968ed&cbp=dsp_uid
https://s.cpx.to/sync?dsp_uid=a4c2e85cfb0e462809c5914587be4338&fid=c19836cd-f077-4c83-97ba-ecd54a8f67bb&dsp=TRUOPTIK&fck=72a5b27b6ec968ed

95 B
877 B

38ms
38ms

Image
image/png

52.214.1.180
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/sync?dsp_uid=a4c2e85cfb0e462809c5914587be4338&fid=c19836cd-f077-4c83-97ba-ecd54a8f67bb&dsp=TRUOPTIK&fck=72a5b27b6ec968ed

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.214.1.180 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-214-1-180.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: http://urlz.fr/bbOt
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Thu, 28 Nov 2019 13:01:58 GMT
X-Frame-Options: sameorigin
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Type: image/png
Content-Length: 95
Expires: Thu, 28 Nov 2019 13:01:58 GMT

Redirect headers

date: Thu, 28 Nov 2019 13:01:58 GMT
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 302
to-dmp-balancer: balancer2-dmp-nyc1-do.truoptik.com
content-length: 154
pragma: no-cache
to-dmp-sync: sync4-dmp-nyc1-do.truoptik.com
server: cloudflare
user-agent: Tru Optik DMP 1.3.1
location: https://s.cpx.to/sync?dsp_uid=a4c2e85cfb0e462809c5914587be4338&fid=c19836cd-f077-4c83-97ba-ecd54a8f67bb&dsp=TRUOPTIK&fck=72a5b27b6ec968ed
content-type: text/html
access-control-allow-origin: *
cache-control: no-store
cf-ray: 53cc88992bc5d925-AMS
expires: 0

GET
H/1.1

200
OK

sync
s.cpx.to/
Redirect Chain

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Dc19836cd-f077-4c83-97ba-ecd54a8f67bb
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Dc19836cd-f077-4c83-97ba-ecd54a8f67bb
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=308FF2FF-18C8-4F2C-9CBC-DB4563BD7632&fid=c19836cd-f077-4c83-97ba-ecd54a8f67bb

95 B
881 B

40ms
38ms

Image
image/png

52.214.1.180
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=308FF2FF-18C8-4F2C-9CBC-DB4563BD7632&fid=c19836cd-f077-4c83-97ba-ecd54a8f67bb

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.214.1.180 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-214-1-180.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: http://urlz.fr/bbOt
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Thu, 28 Nov 2019 13:01:58 GMT
X-Frame-Options: sameorigin
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Type: image/png
Content-Length: 95
Expires: Thu, 28 Nov 2019 13:01:58 GMT

Redirect headers

Location: https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=308FF2FF-18C8-4F2C-9CBC-DB4563BD7632&fid=c19836cd-f077-4c83-97ba-ecd54a8f67bb
Date: Thu, 28 Nov 2019 13:01:58 GMT
X-Cnection: close
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
Content-Type: text/html; charset=iso-8859-1
Content-Length: 447
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1

200
OK

an_fire
s.cpx.to/
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D11528%26ref%3D%26hn_ver%3D10%26fid%3Dc19836cd-f077-4c83-97ba-ecd54a8f67bb
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.cpx.to%252Fan_fire%253Fapp_nexus_uid%253D%2524UID%2526pid%253D11528%2526ref%253D%2526hn_ver%253D10%2526fid%253Dc19836cd-f077-4c83-9...
https://s.cpx.to/an_fire?app_nexus_uid=4452921914596008034&pid=11528&ref=&hn_ver=10&fid=c19836cd-f077-4c83-97ba-ecd54a8f67bb

95 B
865 B

39ms
38ms

Image
image/png

52.214.1.180
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/an_fire?app_nexus_uid=4452921914596008034&pid=11528&ref=&hn_ver=10&fid=c19836cd-f077-4c83-97ba-ecd54a8f67bb

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.214.1.180 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-214-1-180.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: http://urlz.fr/bbOt
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Thu, 28 Nov 2019 13:01:58 GMT
X-Frame-Options: sameorigin
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Type: image/png
Content-Length: 95
Expires: Thu, 28 Nov 2019 13:01:58 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 28 Nov 2019 13:02:00 GMT
AN-X-Request-Uuid: 7a50d59e-da72-4c9c-81a4-69a29ab76f17
Content-Type: text/html; charset=utf-8
Server: nginx/1.13.4
Location: https://s.cpx.to/an_fire?app_nexus_uid=4452921914596008034&pid=11528&ref=&hn_ver=10&fid=c19836cd-f077-4c83-97ba-ecd54a8f67bb
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 109.236.94.25; 109.236.94.25; 316.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.170:80
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

ca.png
s.cpx.to/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=c19836cd-f077-4c83-97ba-ecd54a8f67bb
https://s.cpx.to/ca.png?dsp=dbm&fid=c19836cd-f077-4c83-97ba-ecd54a8f67bb&google_gid=CAESEJXB590wa3EtpzTOVj3tG7E&google_cver=1

95 B
804 B

38ms
37ms

Image
image/png

52.214.1.180
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/ca.png?dsp=dbm&fid=c19836cd-f077-4c83-97ba-ecd54a8f67bb&google_gid=CAESEJXB590wa3EtpzTOVj3tG7E&google_cver=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.214.1.180 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-214-1-180.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: http://urlz.fr/bbOt
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Frame-Options: sameorigin
Date: Thu, 28 Nov 2019 13:01:58 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Cache-Control: no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 95

Redirect headers

pragma: no-cache
date: Thu, 28 Nov 2019 13:01:58 GMT
server: HTTP server (unknown)
location: https://s.cpx.to/ca.png?dsp=dbm&fid=c19836cd-f077-4c83-97ba-ecd54a8f67bb&google_gid=CAESEJXB590wa3EtpzTOVj3tG7E&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 334
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET sync
pool.grid-data.bidswitch.net/ 0
0

GET
H2 200 hb Show response
ice.360yield.com/ul_cb/ 3 KB
2 KB 41ms
40ms XHR
application/json 35.157.238.72
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%22183dfc626f0ad0e%22%2C%22version%22%3A%225.2.0-JS-6.2.0%22%2C%22referrer%22%3A%22http%3A%2F%2Furlz.fr%2FbbOt%22%2C%22imp%22%3A%5B%7B%22id%22%3A%229621a48367fb67%22%2C%22pid%22%3A%221121191%22%2C%22tid%22%3A%22fa1dff68-1749-4695-a2e6-3c08dce9c5f6%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%5D%7D%7D%5D%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.238.72 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-35-157-238-72.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 06df42344ad85a2179baedd33df1893ce43655f210ffc07f13aeab97aee6dac0

Request headers

Referer: http://urlz.fr/bbOt
Origin: http://urlz.fr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 28 Nov 2019 13:01:58 GMT
content-encoding: gzip
status: 200
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: http://urlz.fr
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 1746

GET
H2 200 bundle.js
ads.themoneytizer.com/cs2/dist/ 97 KB
23 KB 27ms
26ms Script
text/javascript 151.139.241.23
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/cs2/dist/bundle.js
Requested by: Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: http://urlz.fr/bbOt
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 28 Nov 2019 13:01:58 GMT
content-encoding: gzip
last-modified: Tue, 17 Sep 2019 21:28:09 GMT
server: nginx
etag: "3247a-183db-592c6659901e6"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 23456
expires: Fri, 29 Nov 2019 13:01:29 GMT

GET
H/1.1

200
OK

Cookie set z9kfWr
pavlovanon.ru/
Redirect Chain

http://7sex.nl/
http://pavlovanon.ru/z9kfWr

764 B
2 KB

94ms
94ms

Document
text/html

5.23.55.196
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://pavlovanon.ru/z9kfWr

Requested by

Host: urlz.fr
URL: http://urlz.fr/bbOt

Protocol

HTTP/1.1

Server

5.23.55.196 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),

Reverse DNS

vds-ca59628.timeweb.ru

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Host: pavlovanon.ru
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://urlz.fr/bbOt
Accept-Encoding: gzip, deflate
Cookie: c6b5c=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjUwNFwiOjE1NzQ5NDYxMTd9LFwiY2FtcGFpZ25zXCI6e1wiNTZcIjoxNTc0OTQ2MTE3fSxcInRpbWVcIjoxNTc0OTQ2MTE3fSJ9.769NXfmIyE_61DN077rbQjyDCZyglsIcCdWAuBZepd0; _subid=2ml1b9snl1ehmi9gh8t080000; _token=uuid_2ml1b9snl1ehmi9gh8t080000_2ml1b9snl1ehmi9gh8t0800005ddfc5466b1921.53588677
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://urlz.fr/bbOt

Response headers

Server: nginx
Date: Thu, 28 Nov 2019 13:01:58 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 764
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate,post-check=0,pre-check=0
Expires: 0
Last-Modified: Thu, 28 Nov 2019 13:01:58 GMT
Pragma: no-cache
Set-Cookie: _subid=2ml1b9snl2co0ct102ns00000;Expires=Sunday, 29-Dec-2019 13:01:58 GMT;Max-Age=2678400;Path=/ _token=uuid_2ml1b9snl2co0ct102ns00000_2ml1b9snl2co0ct102ns000005ddfc546d52662.60615375;Expires=Sunday, 29-Dec-2019 13:01:58 GMT;Max-Age=2678400;Path=/ c6b5c=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjUwNFwiOjE1NzQ5NDYxMTd9LFwiY2FtcGFpZ25zXCI6e1wiNTZcIjoxNTc0OTQ2MTE3fSxcInRpbWVcIjoxNTc0OTQ2MTE3fSJ9.769NXfmIyE_61DN077rbQjyDCZyglsIcCdWAuBZepd0;Expires=Sunday, 29-Dec-2019 13:01:58 GMT;Max-Age=2678400;Path=/
X-Content-Type-Options: nosniff

Redirect headers

Server: nginx/1.12.2
Date: Thu, 28 Nov 2019 13:01:58 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: close
Location: http://pavlovanon.ru/z9kfWr

GET
H/1.1 200
OK ac
ww1097.smartadserver.com/ 22 B
2 KB 346ms
78ms Script
application/javascript 185.86.137.43
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: http://ww1097.smartadserver.com/ac?nwid=1097&siteid=205724&pgid=890545&fmtid=30012&async=1&visit=m&tmstp=7082020243&tag=sas_30012&sh=1200&sw=1600&pgDomain=http%3A%2F%2Furlz.fr%2FbbOt&hb_bid=moneytizer&hb_cpm=0.01&hb_ccy=USD&hb_dealid=0&noadcbk=sas.noad
Requested by: Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol: HTTP/1.1
Server: 185.86.137.43 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://urlz.fr/bbOt
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 28 Nov 2019 13:01:58 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-SMRT-D: 3%3b16%3b100
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Cache-Control: no-cache, no-store
Content-Type: application/javascript; charset=utf-8
Content-Length: 140
Expires: -1

GET
H/1.1 200
OK /
c.tmyzer.com/c/ 0
200 B 317ms
49ms XHR
text/html 54.38.64.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://c.tmyzer.com/c/?s=15056&f=28&fi=0
Requested by: Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol: HTTP/1.1
Server: 54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://urlz.fr/bbOt
Origin: http://urlz.fr

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 28 Nov 2019 13:01:58 GMT
Server: nginx
X-IPLB-Instance: 20689
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1

200
OK

Primary Request

Cookie set / Show response
sex-dates4.com/
Redirect Chain

http://sex-dates4.com/?u=yhwkte4&o=23bpkzz&t=7sex&cid=2ml1b9snl2co0ct102ns00000
https://sex-dates4.com/?u=yhwkte4&o=23bpkzz&t=7sex&cid=2ml1b9snl2co0ct102ns00000

7 KB
8 KB

323ms
28ms

Document
text/html

79.110.24.78
FASTCONTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://sex-dates4.com/?u=yhwkte4&o=23bpkzz&t=7sex&cid=2ml1b9snl2co0ct102ns00000
Requested by: Host: pavlovanon.ru
URL: http://pavlovanon.ru/z9kfWr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 79.110.24.78 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx / ASP.NET
Resource Hash: 1bcff1f588486140797bc5e7933a89dff3dba96f84cb8d178d4ccb589306fa43

Request headers

Host: sex-dates4.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: http://pavlovanon.ru/z9kfWr
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://pavlovanon.ru/z9kfWr

Response headers

Server: nginx
Date: Thu, 28 Nov 2019 13:01:59 GMT
Content-Type: text/html
Content-Length: 7284
Connection: keep-alive
Cache-Control: private
Set-Cookie: ASP.NET_SessionId=3nula550s2aw0pra1f4betys; path=/; HttpOnly ASP.NET_SessionId=3nula550s2aw0pra1f4betys; path=/; HttpOnly c=3sk7tw48dlml5blp; path=/
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET

Redirect headers

Server: nginx
Date: Thu, 28 Nov 2019 13:01:59 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://sex-dates4.com/?u=yhwkte4&o=23bpkzz&t=7sex&cid=2ml1b9snl2co0ct102ns00000

GET
H2 200 css
fonts.googleapis.com/ 6 KB
802 B 23ms
16ms Stylesheet
text/css 2a00:1450:4001:825::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Monoton|Raleway:400,700|Roboto:300,700

Requested by

Host: sex-dates4.com
URL: https://sex-dates4.com/?u=yhwkte4&o=23bpkzz&t=7sex&cid=2ml1b9snl2co0ct102ns00000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

fd42d5e0d4d9fa7ea8ad038bb3e1026e3e8e7c15312e701d2d19f451d25274bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://sex-dates4.com/?u=yhwkte4&o=23bpkzz&t=7sex&cid=2ml1b9snl2co0ct102ns00000
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Thu, 28 Nov 2019 13:01:59 GMT
server: ESF
access-control-allow-origin: *
date: Thu, 28 Nov 2019 13:01:59 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Thu, 28 Nov 2019 13:01:59 GMT

GET
H/1.1 200
OK style.css
sex-dates4.com/media/dating/dirtytinder/css/ 15 KB
16 KB 34ms
27ms Stylesheet
text/css 79.110.24.78
FASTCONTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://sex-dates4.com/media/dating/dirtytinder/css/style.css
Requested by: Host: sex-dates4.com
URL: https://sex-dates4.com/?u=yhwkte4&o=23bpkzz&t=7sex&cid=2ml1b9snl2co0ct102ns00000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 79.110.24.78 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx / ASP.NET
Resource Hash: 1f12854c80afd1c18ade0a7c26f00cac5cdb917cb6ddee36bba33f00dfc50814

Request headers

Referer: https://sex-dates4.com/?u=yhwkte4&o=23bpkzz&t=7sex&cid=2ml1b9snl2co0ct102ns00000
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 28 Nov 2019 13:01:59 GMT
Last-Modified: Sat, 08 Jun 2019 16:43:39 GMT
Server: nginx
X-Powered-By: ASP.NET
ETag: "87e1da52191ed51:0"
Content-Type: text/css
Cache-Control: private
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15853

GET
H/1.1 200
OK flag-icon.css
sex-dates4.com/util/flag-icon/css/ 39 KB
40 KB 71ms
28ms Stylesheet
text/css 79.110.24.78
FASTCONTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://sex-dates4.com/util/flag-icon/css/flag-icon.css
Requested by: Host: sex-dates4.com
URL: https://sex-dates4.com/?u=yhwkte4&o=23bpkzz&t=7sex&cid=2ml1b9snl2co0ct102ns00000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 79.110.24.78 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx / ASP.NET
Resource Hash: 77ab3e7c902a1e37997cd164119231534784760d324e03593e36b36af6541fb5

Request headers

Referer: https://sex-dates4.com/?u=yhwkte4&o=23bpkzz&t=7sex&cid=2ml1b9snl2co0ct102ns00000
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 28 Nov 2019 13:01:59 GMT
Last-Modified: Thu, 14 Mar 2019 14:38:24 GMT
Server: nginx
X-Powered-By: ASP.NET
ETag: "07049473dad41:0"
Content-Type: text/css
Cache-Control: private
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 40258

GET
H/1.1 200
OK js.cookie.js Show response
sex-dates4.com/cookie/ 4 KB
4 KB 69ms
26ms Script
application/javascript 79.110.24.78
FASTCONTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://sex-dates4.com/cookie/js.cookie.js
Requested by: Host: sex-dates4.com
URL: https://sex-dates4.com/?u=yhwkte4&o=23bpkzz&t=7sex&cid=2ml1b9snl2co0ct102ns00000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 79.110.24.78 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx / ASP.NET
Resource Hash: 985659942ab60a92b3c0a7f876d9ef60e8f048ff655a622a172fa4b44f901b6c

Request headers

Referer: https://sex-dates4.com/?u=yhwkte4&o=23bpkzz&t=7sex&cid=2ml1b9snl2co0ct102ns00000
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 28 Nov 2019 13:01:59 GMT
Last-Modified: Sat, 08 Jun 2019 16:38:29 GMT
Server: nginx
X-Powered-By: ASP.NET
ETag: "724d319a181ed51:0"
Content-Type: application/javascript
Cache-Control: private
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4264

GET
H/1.1 200
OK utils.js Show response
sex-dates4.com/util/ 6 KB
6 KB 100ms
27ms Script
application/javascript 79.110.24.78
FASTCONTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://sex-dates4.com/util/utils.js
Requested by: Host: sex-dates4.com
URL: https://sex-dates4.com/?u=yhwkte4&o=23bpkzz&t=7sex&cid=2ml1b9snl2co0ct102ns00000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 79.110.24.78 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx / ASP.NET
Resource Hash: ccaecb21498801a55bf6681a2aed2bb55d512488a8dbbeb927db5ca6e0fe873b

Request headers

Referer: https://sex-dates4.com/?u=yhwkte4&o=23bpkzz&t=7sex&cid=2ml1b9snl2co0ct102ns00000
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 28 Nov 2019 13:01:59 GMT
Last-Modified: Tue, 15 Oct 2019 12:17:12 GMT
Server: nginx
X-Powered-By: ASP.NET
ETag: "01420795283d51:0"
Content-Type: application/javascript
Cache-Control: private
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6019

GET
H/1.1 200
OK logo2.png
sex-dates4.com/media/dating/dirtytinder/images/ 18 KB
19 KB 137ms
34ms Image
image/png 79.110.24.78
FASTCONTENT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sex-dates4.com/media/dating/dirtytinder/images/logo2.png
Requested by: Host: sex-dates4.com
URL: https://sex-dates4.com/?u=yhwkte4&o=23bpkzz&t=7sex&cid=2ml1b9snl2co0ct102ns00000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 79.110.24.78 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx / ASP.NET
Resource Hash: 67f75d375f0b2c4bedd6eb322aed8287f4af1f79ebc0b437083f719ca1b7a4a2

Request headers

Referer: https://sex-dates4.com/?u=yhwkte4&o=23bpkzz&t=7sex&cid=2ml1b9snl2co0ct102ns00000
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 28 Nov 2019 13:01:59 GMT
Last-Modified: Sat, 08 Jun 2019 16:43:39 GMT
Server: nginx
X-Powered-By: ASP.NET
ETag: "be3c5053191ed51:0"
Content-Type: image/png
Cache-Control: private
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18665

GET
H/1.1 200
OK jquery-2.2.4.min.js Show response
sex-dates4.com/media/dating/dirtytinder/js/ 84 KB
84 KB 112ms
27ms Script
application/javascript 79.110.24.78
FASTCONTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://sex-dates4.com/media/dating/dirtytinder/js/jquery-2.2.4.min.js
Requested by: Host: sex-dates4.com
URL: https://sex-dates4.com/?u=yhwkte4&o=23bpkzz&t=7sex&cid=2ml1b9snl2co0ct102ns00000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 79.110.24.78 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx / ASP.NET
Resource Hash: 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

Referer: https://sex-dates4.com/?u=yhwkte4&o=23bpkzz&t=7sex&cid=2ml1b9snl2co0ct102ns00000
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 28 Nov 2019 13:01:59 GMT
Last-Modified: Sat, 08 Jun 2019 16:43:40 GMT
Server: nginx
X-Powered-By: ASP.NET
ETag: "6847553191ed51:0"
Content-Type: application/javascript
Cache-Control: private
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 85578

GET
H/1.1 200
OK trls.js Show response
sex-dates4.com/media/dating/dirtytinder/js/ 17 KB
18 KB 58ms
26ms Script
application/javascript 79.110.24.78
FASTCONTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://sex-dates4.com/media/dating/dirtytinder/js/trls.js
Requested by: Host: sex-dates4.com
URL: https://sex-dates4.com/?u=yhwkte4&o=23bpkzz&t=7sex&cid=2ml1b9snl2co0ct102ns00000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 79.110.24.78 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx / ASP.NET
Resource Hash: a600a39f1aa836e327c60dc5e25d569740a3bd10f8accc89ec2c313f74c81ed8

Request headers

Referer: https://sex-dates4.com/?u=yhwkte4&o=23bpkzz&t=7sex&cid=2ml1b9snl2co0ct102ns00000
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 28 Nov 2019 13:01:59 GMT
Last-Modified: Thu, 05 Sep 2019 15:56:16 GMT
Server: nginx
X-Powered-By: ASP.NET
ETag: "59e67d73264d51:0"
Content-Type: application/javascript
Cache-Control: private
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17828

GET
H/1.1 200
OK bb.js Show response
sex-dates4.com/media/ 1 KB
2 KB 63ms
26ms Script
application/javascript 79.110.24.78
FASTCONTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://sex-dates4.com/media/bb.js
Requested by: Host: sex-dates4.com
URL: https://sex-dates4.com/?u=yhwkte4&o=23bpkzz&t=7sex&cid=2ml1b9snl2co0ct102ns00000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 79.110.24.78 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx / ASP.NET
Resource Hash: 5aa5a69b6cca81fde78fcfffa75e3a33fe55106185e05935e40ae7f4fe214214

Request headers

Referer: https://sex-dates4.com/?u=yhwkte4&o=23bpkzz&t=7sex&cid=2ml1b9snl2co0ct102ns00000
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 28 Nov 2019 13:01:59 GMT
Last-Modified: Sat, 08 Jun 2019 16:38:30 GMT
Server: nginx
X-Powered-By: ASP.NET
ETag: "42a5bf9a181ed51:0"
Content-Type: application/javascript
Cache-Control: private
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1331

GET
H/1.1 200
OK exit-popup.css
sex-dates4.com/media/exit-new/ 3 KB
3 KB 101ms
32ms Stylesheet
text/css 79.110.24.78
FASTCONTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://sex-dates4.com/media/exit-new/exit-popup.css
Requested by: Host: sex-dates4.com
URL: https://sex-dates4.com/?u=yhwkte4&o=23bpkzz&t=7sex&cid=2ml1b9snl2co0ct102ns00000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 79.110.24.78 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx / ASP.NET
Resource Hash: f61d61e21e118725699a14b9b85a45185b12fbfea3220818c5ea6f811d520f29

Request headers

Referer: https://sex-dates4.com/?u=yhwkte4&o=23bpkzz&t=7sex&cid=2ml1b9snl2co0ct102ns00000
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 28 Nov 2019 13:01:59 GMT
Last-Modified: Sat, 08 Jun 2019 16:48:23 GMT
Server: nginx
X-Powered-By: ASP.NET
ETag: "da6535fc191ed51:0"
Content-Type: text/css
Cache-Control: private
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2660

GET
H/1.1 200
OK exit1.js Show response
sex-dates4.com/media/exit-new/ 32 KB
33 KB 230ms
128ms Script
application/javascript 79.110.24.78
FASTCONTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://sex-dates4.com/media/exit-new/exit1.js
Requested by: Host: sex-dates4.com
URL: https://sex-dates4.com/?u=yhwkte4&o=23bpkzz&t=7sex&cid=2ml1b9snl2co0ct102ns00000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 79.110.24.78 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx / ASP.NET
Resource Hash: b5eaefef0eb2427539cd7059a04802b9f9c4b98bc81de89d613ba28dca234b04

Request headers

Referer: https://sex-dates4.com/?u=yhwkte4&o=23bpkzz&t=7sex&cid=2ml1b9snl2co0ct102ns00000
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 28 Nov 2019 13:01:59 GMT
Last-Modified: Thu, 12 Sep 2019 09:48:29 GMT
Server: nginx
X-Powered-By: ASP.NET
ETag: "c9a7653b4f69d51:0"
Content-Type: application/javascript
Cache-Control: private
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 33198

GET
H/1.1 200
OK 1.jpg
sex-dates4.com/media/dating/dirtytinder/images/ 142 KB
142 KB 244ms
35ms Image
image/jpeg 79.110.24.78
FASTCONTENT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sex-dates4.com/media/dating/dirtytinder/images/1.jpg
Requested by: Host: sex-dates4.com
URL: https://sex-dates4.com/?u=yhwkte4&o=23bpkzz&t=7sex&cid=2ml1b9snl2co0ct102ns00000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 79.110.24.78 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx / ASP.NET
Resource Hash: 37a751df9353725b7e06bec81bc5c9f42c77c21701e4717465a13f4df5c0540d

Request headers

Referer: https://sex-dates4.com/?u=yhwkte4&o=23bpkzz&t=7sex&cid=2ml1b9snl2co0ct102ns00000
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 28 Nov 2019 13:01:59 GMT
Last-Modified: Sat, 08 Jun 2019 16:43:39 GMT
Server: nginx
X-Powered-By: ASP.NET
ETag: "48a1e952191ed51:0"
Content-Type: image/jpeg
Cache-Control: private
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 144999

GET
H/1.1 200
OK 2.jpg
sex-dates4.com/media/dating/dirtytinder/images/ 121 KB
122 KB 240ms
28ms Image
image/jpeg 79.110.24.78
FASTCONTENT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sex-dates4.com/media/dating/dirtytinder/images/2.jpg
Requested by: Host: sex-dates4.com
URL: https://sex-dates4.com/?u=yhwkte4&o=23bpkzz&t=7sex&cid=2ml1b9snl2co0ct102ns00000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 79.110.24.78 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx / ASP.NET
Resource Hash: 2949d919c1cbfea9a960e5a7a9fe4fe5086c1f9073c278d7e653980917a5a740

Request headers

Referer: https://sex-dates4.com/?u=yhwkte4&o=23bpkzz&t=7sex&cid=2ml1b9snl2co0ct102ns00000
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 28 Nov 2019 13:01:59 GMT
Last-Modified: Sat, 08 Jun 2019 16:43:39 GMT
Server: nginx
X-Powered-By: ASP.NET
ETag: "bf2b1d53191ed51:0"
Content-Type: image/jpeg
Cache-Control: private
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 124409

GET
H/1.1 200
OK 3.jpg
sex-dates4.com/media/dating/dirtytinder/images/ 146 KB
146 KB 49ms
39ms Image
image/jpeg 79.110.24.78
FASTCONTENT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sex-dates4.com/media/dating/dirtytinder/images/3.jpg
Requested by: Host: sex-dates4.com
URL: https://sex-dates4.com/?u=yhwkte4&o=23bpkzz&t=7sex&cid=2ml1b9snl2co0ct102ns00000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 79.110.24.78 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx / ASP.NET
Resource Hash: 8f31c428593d808f5dd1697233414338d03fdc0f7f88334ef3be339efc2ebda2

Request headers

Referer: https://sex-dates4.com/?u=yhwkte4&o=23bpkzz&t=7sex&cid=2ml1b9snl2co0ct102ns00000
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 28 Nov 2019 13:01:59 GMT
Last-Modified: Sat, 08 Jun 2019 16:43:39 GMT
Server: nginx
X-Powered-By: ASP.NET
ETag: "ae8e2453191ed51:0"
Content-Type: image/jpeg
Cache-Control: private
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 149377

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 8ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2

Requested by

Host: sex-dates4.com
URL: https://sex-dates4.com/?u=yhwkte4&o=23bpkzz&t=7sex&cid=2ml1b9snl2co0ct102ns00000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Monoton|Raleway:400,700|Roboto:300,700
Origin: https://sex-dates4.com

Response headers

date: Tue, 19 Nov 2019 01:14:28 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:52 GMT
server: sffe
age: 820051
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11180
x-xss-protection: 0
expires: Wed, 18 Nov 2020 01:14:28 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 8ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: sex-dates4.com
URL: https://sex-dates4.com/?u=yhwkte4&o=23bpkzz&t=7sex&cid=2ml1b9snl2co0ct102ns00000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Monoton|Raleway:400,700|Roboto:300,700
Origin: https://sex-dates4.com

Response headers

date: Wed, 20 Nov 2019 18:56:52 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 669907
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11020
x-xss-protection: 0
expires: Thu, 19 Nov 2020 18:56:52 GMT

GET
H2 200 1Ptrg8zYS_SKggPNwJYtWqZPANqczVs.woff2
fonts.gstatic.com/s/raleway/v14/ 13 KB
13 KB 8ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v14/1Ptrg8zYS_SKggPNwJYtWqZPANqczVs.woff2

Requested by

Host: sex-dates4.com
URL: https://sex-dates4.com/?u=yhwkte4&o=23bpkzz&t=7sex&cid=2ml1b9snl2co0ct102ns00000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

5c1dde4cdc5c608da53737233f02219a7421ab6870d5d90bc0b7b294d571942c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Monoton|Raleway:400,700|Roboto:300,700
Origin: https://sex-dates4.com

Response headers

date: Wed, 20 Nov 2019 15:05:01 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:47:42 GMT
server: sffe
age: 683818
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 13228
x-xss-protection: 0
expires: Thu, 19 Nov 2020 15:05:01 GMT

GET
H/1.1 200
OK getextparams Show response
tdsjsext3.com/ExtService.svc/ 298 B
597 B 304ms
242ms XHR
application/json 185.50.248.46
FASTCONTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://tdsjsext3.com/ExtService.svc/getextparams
Requested by: Host: sex-dates4.com
URL: https://sex-dates4.com/util/utils.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.50.248.46 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx / ASP.NET
Resource Hash: b43b9f2e600fa0ec3a6216e161b8093c9b6d7f123246cb4df70f3db1391423a1

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://sex-dates4.com/?u=yhwkte4&o=23bpkzz&t=7sex&cid=2ml1b9snl2co0ct102ns00000
Origin: https://sex-dates4.com

Response headers

Date: Thu, 28 Nov 2019 13:02:00 GMT
Server: nginx
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Access-Control-Allow-Methods: GET,OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: private
Connection: keep-alive
Content-Length: 298

GET
H/1.1 200
OK nl.svg
sex-dates4.com/util/flag-icon/flags/4x3/ 380 B
706 B 33ms
33ms Image
image/svg+xml 79.110.24.78
FASTCONTENT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sex-dates4.com/util/flag-icon/flags/4x3/nl.svg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 79.110.24.78 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx / ASP.NET
Resource Hash: e3305095b3544d76cbb66aab63bd7b3debd18ae41f8a7ca4df8fe0875b2bec4f

Request headers

Referer: https://sex-dates4.com/util/flag-icon/css/flag-icon.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 28 Nov 2019 13:02:00 GMT
Last-Modified: Thu, 14 Mar 2019 14:38:38 GMT
Server: nginx
X-Powered-By: ASP.NET
ETag: "0ab5c9c73dad41:0"
Content-Type: image/svg+xml
Cache-Control: private
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 380

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ads.creative-serving.com
URL: https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F6%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D

Domain: pool.grid-data.bidswitch.net
URL: https://pool.grid-data.bidswitch.net/sync?pid=42

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Porn Scam (Online)

50 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			sex-dates4.com/	1969-12-31 23:59:59	Name: c Value: 3sk7tw48dlml5blp
			sex-dates4.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: 3nula550s2aw0pra1f4betys

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	error	URL: http://player.pepsia.com/sdk.js?d=16eb21a99ab(Line 4) Message: %c Pepsia.com Player #0 background: #ccc; color: #2176ff Site Désactivé !

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7sex.nl
ads.creative-serving.com
ads.stickyadstv.com
ads.themoneytizer.com
adtrack.adleadevent.com
ajax.cloudflare.com
ajax.googleapis.com
bidder.criteo.com
c.sharethis.mgr.consensu.org
c.tmyzer.com
ced-ns.sascdn.com
cm.g.doubleclick.net
d2zur9cc2gf1tx.cloudfront.net
dmp.truoptik.com
edge.quantserve.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g.themoneytizer.net
gum.criteo.com
ib.adnxs.com
ice.360yield.com
image2.pubmatic.com
onetag-sys.com
p.cpx.to
pavlovanon.ru
pixel.quantserve.com
player.pepsia.com
pool.grid-data.bidswitch.net
rules.quantcount.com
s.cpx.to
script.4dex.io
secure.adnxs.com
sex-dates4.com
tag.contextweb.com
tag.leadplace.fr
tdsjsext3.com
urlz.fr
ww1097.smartadserver.com
www.noowho.com
ads.creative-serving.com
pool.grid-data.bidswitch.net
104.16.91.60
13.225.78.4
143.204.98.185
145.239.192.166
145.239.193.145
151.139.241.23
172.217.23.162
178.250.0.165
184.168.131.241
185.33.223.216
185.33.223.221
185.50.248.46
185.64.190.80
185.86.137.43
2.21.38.3
2600:9000:20eb:8000:6:44e3:f8c0:93a1
2600:9000:2156:de00:6:44e3:f8c0:93a1
2600:9000:2156:fe00:c:a9b7:ddc0:93a1
2606:4700:3038::681f:ab2
2606:4700:30::681c:112a
2606:4700::6811:4104
2a00:1450:4001:809::2003
2a00:1450:4001:81a::200a
2a00:1450:4001:825::200a
2a01:4a0:1338:28::c38a:ff11
2a02:2638::1c
35.157.238.72
5.179.192.20
5.23.55.196
51.89.9.251
52.214.1.180
54.247.175.102
54.38.64.100
69.173.144.140
74.214.194.132
79.110.24.78
91.228.74.165
91.228.74.184
94.23.196.203
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
06df42344ad85a2179baedd33df1893ce43655f210ffc07f13aeab97aee6dac0
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
1bcff1f588486140797bc5e7933a89dff3dba96f84cb8d178d4ccb589306fa43
1f12854c80afd1c18ade0a7c26f00cac5cdb917cb6ddee36bba33f00dfc50814
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
278393caf9e3b1246267fb79e95027449f041bbf8e8774a4cf46d72cc09b7405
2949d919c1cbfea9a960e5a7a9fe4fe5086c1f9073c278d7e653980917a5a740
37a751df9353725b7e06bec81bc5c9f42c77c21701e4717465a13f4df5c0540d
38bc0f256821a9c0a02a1c0cedf8ff70c211e637ef77ac199de2fe0cf36ba9ec
404a9b0ffbcc813e8ddbb8d8510a24a69c09079282f8083ee94f4adc5d627176
46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681
577e145f74655ecae607c23cb6ee8c5afc4a6be386d0fc594735ac742be6dbf2
5aa5a69b6cca81fde78fcfffa75e3a33fe55106185e05935e40ae7f4fe214214
5c1dde4cdc5c608da53737233f02219a7421ab6870d5d90bc0b7b294d571942c
5f93f648f5700cc6b98b92067538d7671f2dda507caa3f034d255077dfecf0e3
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
67f75d375f0b2c4bedd6eb322aed8287f4af1f79ebc0b437083f719ca1b7a4a2
70025e5e131729d4c80997637536be511770eeba2ae1b4e8bf9a24c6db25b921
759d88dd7c8fa0d1e31323bd2ebf3f238156fdcbd1ed108215f69fece482d0c2
7665c874bc98e44bd494def2883069f2f4c14cdef48d52d517cbbfce75440f37
77ab3e7c902a1e37997cd164119231534784760d324e03593e36b36af6541fb5
86aaaf7d30279a13050276ee51c2e1983c77ff3f650dc000828cbbfe20d6f0ae
87d0504a593794695c2f77db0efde1f65e73a7086abf260f07f491482517cd07
89085930fdff263d643c4fa37f489efadd7d9f8361661113d67eb61aa7d6311a
8f31c428593d808f5dd1697233414338d03fdc0f7f88334ef3be339efc2ebda2
90e6cadb5d7ae8ebb4842b34442a3841d7720a79271fd1d6e9b4260a9664e9b0
90e6f92e956b0b2b6e655f63d36cd44cef727f54c2b2a175ab5144de14ba2a31
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
94666aec361fee9a9294bb32a5bc11867e479d41c199dd6ec8053122ae105a4b
985659942ab60a92b3c0a7f876d9ef60e8f048ff655a622a172fa4b44f901b6c
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a600a39f1aa836e327c60dc5e25d569740a3bd10f8accc89ec2c313f74c81ed8
aa976605d1e09bed284b5d85b80fe5a598292f3f22ec79e380a7b318578e90ea
aaaabde3f68c325033b37bb3ebff887e3b589b7137e717e96648a52221881429
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
b43b9f2e600fa0ec3a6216e161b8093c9b6d7f123246cb4df70f3db1391423a1
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213
b5eaefef0eb2427539cd7059a04802b9f9c4b98bc81de89d613ba28dca234b04
bf0e17523e8f57ccb02223b6e5adea462a5479afc4e79d9cbf80ca7f6186dc69
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
caafcb7a374221a77ffb54543d22f57f38d5995e9474f4884b770747b4fb5552
ccaecb21498801a55bf6681a2aed2bb55d512488a8dbbeb927db5ca6e0fe873b
e210f56421f422144d56bc89278101007da57f4533e3c0788ba82a9d49170cdc
e3305095b3544d76cbb66aab63bd7b3debd18ae41f8a7ca4df8fe0875b2bec4f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e74d4b9c447f963778d2309bf36b2c9acd06d8c7096f9a98b28643cae53f426b
e923bf1ceaa29ae85651bef8247f19cfa382719295d44a7cd1a37397f7f7312f
f61d61e21e118725699a14b9b85a45185b12fbfea3220818c5ea6f811d520f29
fcbae18825d52376d32deb98bdc1a8f7bb517dce83afb11ea0335670b66eea8a
fd42d5e0d4d9fa7ea8ad038bb3e1026e3e8e7c15312e701d2d19f451d25274bc

sex-dates4.com Open in urlscan Pro 79.110.24.78 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

71 Requests

61 %HTTPS

28 %IPv6

35 Domains

40 Subdomains

34 IPs

7 Countries

1031 kBTransfer

1579 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

71 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

sex-dates4.com Open in urlscan Pro
79.110.24.78 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

71
Requests

61 %
HTTPS

28 %
IPv6

35
Domains

40
Subdomains

34
IPs

7
Countries

1031 kB
Transfer

1579 kB
Size

2
Cookies

71 HTTP transactions
0 data transactions