u339511gj5.ha002.t.justns.ru Open in urlscan Pro
2a00:b700::6:b Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://s.id/3yAOu
Effective URL:
http://u339511gj5.ha002.t.justns.ru/refer/index.html
Submission: On February 26 via manual (February 26th 2019, 2:46:53 pm UTC) from FR

Summary HTTP 70 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 29 IPs in 9 countries across 33 domains to perform 70 HTTP transactions. The main IP is 2a00:b700::6:b, located in Russian Federation and belongs to ASBAXET, RU. The main domain is u339511gj5.ha002.t.justns.ru.

This is the only time u339511gj5.ha002.t.justns.ru was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Credit Agricole (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1	203.119.112.228 203.119.112.228	56088 (PANDI-ID ...) (PANDI-ID PANDI - Pengelola Nama Domain Internet Indonesia)
1	77.222.56.187 77.222.56.187	44112 (SWEB-AS) (SWEB-AS)
1 1	2606:4700:31:... 2606:4700:31::681f:ab2	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2606:4700:31:... 2606:4700:31::681f:bb2	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2606:4700::68... 2606:4700::6813:c597	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
6 28	2a00:b700::6:b 2a00:b700::6:b	51659 (ASBAXET) (ASBAXET)
5	151.139.241.23 151.139.241.23	12989 (HWNG) (HWNG)
1	74.214.194.131 74.214.194.131	59940 (PULSEPOIN...) (PULSEPOINT-EU)
1	13.35.253.10 13.35.253.10	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	13.35.254.18 13.35.254.18	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 2	185.86.137.17 185.86.137.17	201081 (SMARTADSE...) (SMARTADSERVER)
4	68.232.35.16 68.232.35.16	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
1	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	147.135.143.43 147.135.143.43	16276 (OVH) (OVH)
1	18.184.103.21 18.184.103.21	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
3	5.179.192.20 5.179.192.20	34235 (ASPSERVEU...) (ASPSERVEUR-AS)
1	94.23.196.203 94.23.196.203	16276 (OVH) (OVH)
5	63.33.91.112 63.33.91.112	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1	37.252.172.70 37.252.172.70	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
2	213.19.162.51 213.19.162.51	26667 (RUBICONPR...) (RUBICONPROJECT - The Rubicon Project)
1	2.23.106.5 2.23.106.5	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	54.75.225.184 54.75.225.184	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 1	2600:9000:20b... 2600:9000:20bb:ba00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2600:9000:20b... 2600:9000:20bb:8800:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2 2	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC - PubMatic)
1 1	46.228.164.13 46.228.164.13	56396 (TURN) (TURN)
2 2	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	185.33.223.197 185.33.223.197	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
1	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2.16.186.115 2.16.186.115	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	209.197.3.15 209.197.3.15	20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group)
1	158.191.172.76 158.191.172.76	9159 () ()
1	54.38.64.100 54.38.64.100	16276 (OVH) (OVH)
70	29

1 203.119.112.228 (Indonesia)

ASN56088 (PANDI-ID PANDI - Pengelola Nama Domain Internet Indonesia, ID)
PTR: s.id.112.119.203.in-addr.arpa

s.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 77.222.56.187 (Russian Federation)

ASN44112 (SWEB-AS, RU)
PTR: vh228.sweb.ru

mauriciolo.temp.swtest.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:31::681f:ab2 (United States) 1 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

urlz.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:31::681f:bb2 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

urlz.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:c597 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a00:b700::6:b (Russian Federation) 6 redirects

ASN51659 (ASBAXET, RU)

u339511gj5.ha002.t.justns.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.139.241.23 (Dallas, United States)

ASN12989 (HWNG, NL)

ads.themoneytizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.214.194.131 (Amsterdam, Netherlands)

ASN59940 (PULSEPOINT-EU, NL)

tag.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.253.10 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-35-253-10.fra6.r.cloudfront.net

p.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.254.18 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-35-254-18.fra6.r.cloudfront.net

d2zur9cc2gf1tx.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.137.17 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

ww1097.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 68.232.35.16 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

ced-ns.sascdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 147.135.143.43 (Waltham, United States)

ASN16276 (OVH, FR)

tag.leadplace.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.184.103.21 (Cambridge, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-184-103-21.eu-central-1.compute.amazonaws.com

edge.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 5.179.192.20 (France)

ASN34235 (ASPSERVEUR-AS, FR)
PTR: 5-179-192-20.dynamixhost.net

player.pepsia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.23.196.203 (France)

ASN16276 (OVH, FR)
PTR: serveur8.wilsoftech.com

www.noowho.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 63.33.91.112 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-63-33-91-112.eu-west-1.compute.amazonaws.com

s.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.172.70 (European Union)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 154.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.19.162.51 (United Kingdom)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.23.106.5 (European Union)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-23-106-5.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.75.225.184 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-75-225-184.eu-west-1.compute.amazonaws.com

adtrack.adleadevent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20bb:ba00:6:44e3:f8c0:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20bb:8800:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.110 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC - PubMatic, Inc., US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.228.164.13 (United Kingdom) 1 redirects

ASN56396 (TURN, GB)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.98 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: zrh04s05-in-f98.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.223.197 (European Union) 1 redirects

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.186.115 (European Union)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-115.deploy.static.akamaitechnologies.com

api.dmcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.197.3.15 (Phoenix, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: vip0x00f.map2.ssl.hwcdn.net

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 158.191.172.76 (France)

ASN9159 (, FR)

www.ca-aquitaine.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.38.64.100 (Woodbridge, United States)

ASN16276 (OVH, FR)

c.tmyzer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	justns.ru 6 redirects u339511gj5.ha002.t.justns.ru	101 KB
6	cpx.to p.cpx.to s.cpx.to	6 KB
5	themoneytizer.com ads.themoneytizer.com	117 KB
4	sascdn.com ced-ns.sascdn.com	13 KB
3	pepsia.com player.pepsia.com	53 KB
2	doubleclick.net 2 redirects cm.g.doubleclick.net	594 B
2	pubmatic.com 2 redirects image2.pubmatic.com	1005 B
2	quantcount.com 1 redirects rules.quantcount.com	1 KB
2	rubiconproject.com fastlane.rubiconproject.com	3 KB
2	adnxs.com 1 redirects ib.adnxs.com secure.adnxs.com	2 KB
2	leadplace.fr tag.leadplace.fr	3 KB
2	smartadserver.com 1 redirects ww1097.smartadserver.com	5 KB
2	urlz.fr 1 redirects urlz.fr	2 KB
1	ca-aquitaine.fr www.ca-aquitaine.fr	783 B
1	bootstrapcdn.com maxcdn.bootstrapcdn.com	18 KB
1	dmcdn.net api.dmcdn.net	9 KB
1	google-analytics.com www.google-analytics.com	17 KB
1	turn.com 1 redirects d.turn.com	514 B
1	adleadevent.com adtrack.adleadevent.com	517 B
1	stickyadstv.com ads.stickyadstv.com	548 B
1	googleapis.com ajax.googleapis.com	30 KB
1	noowho.com www.noowho.com	2 KB
1	quantserve.com edge.quantserve.com	6 KB
1	criteo.com gum.criteo.com	305 B
1	cloudfront.net d2zur9cc2gf1tx.cloudfront.net	25 KB
1	contextweb.com tag.contextweb.com	11 KB
1	tmyzer.com g.tmyzer.com Failed c.tmyzer.com	200 B
1	cloudflare.com ajax.cloudflare.com	4 KB
1	swtest.ru mauriciolo.temp.swtest.ru	336 B
1	s.id s.id analytics.s.id Failed	2 KB
0	webmasterplan.com Failed banners.webmasterplan.com Failed
0	dailymotion.com Failed www.dailymotion.com Failed
0	tapad.com Failed pixel.tapad.com Failed
70	33

	Domain	Requested by
28	u339511gj5.ha002.t.justns.ru	6 redirects urlz.fr s.id u339511gj5.ha002.t.justns.ru
5	s.cpx.to	p.cpx.to
5	ads.themoneytizer.com	ajax.cloudflare.com ads.themoneytizer.com
4	ced-ns.sascdn.com	ads.themoneytizer.com
3	player.pepsia.com	s.id player.pepsia.com
2	cm.g.doubleclick.net	2 redirects
2	image2.pubmatic.com	2 redirects
2	rules.quantcount.com	1 redirects
2	fastlane.rubiconproject.com	ads.themoneytizer.com
2	tag.leadplace.fr	ads.themoneytizer.com tag.leadplace.fr
2	ww1097.smartadserver.com	1 redirects ads.themoneytizer.com
2	urlz.fr	1 redirects
1	c.tmyzer.com	ads.themoneytizer.com
1	www.ca-aquitaine.fr	urlz.fr
1	maxcdn.bootstrapcdn.com	player.pepsia.com
1	api.dmcdn.net	player.pepsia.com
1	www.google-analytics.com	s.id
1	secure.adnxs.com	1 redirects
1	d.turn.com	1 redirects
1	adtrack.adleadevent.com	ajax.googleapis.com
1	ads.stickyadstv.com	ads.themoneytizer.com
1	ib.adnxs.com	ads.themoneytizer.com
1	ajax.googleapis.com	d2zur9cc2gf1tx.cloudfront.net
1	www.noowho.com
1	edge.quantserve.com	ads.themoneytizer.com
1	gum.criteo.com	ads.themoneytizer.com
1	d2zur9cc2gf1tx.cloudfront.net	ads.themoneytizer.com
1	p.cpx.to	ads.themoneytizer.com
1	tag.contextweb.com	ads.themoneytizer.com
1	ajax.cloudflare.com	urlz.fr
1	mauriciolo.temp.swtest.ru	s.id
1	s.id
0	banners.webmasterplan.com Failed	ced-ns.sascdn.com
0	www.dailymotion.com Failed	api.dmcdn.net
0	pixel.tapad.com Failed
0	g.tmyzer.com Failed	ads.themoneytizer.com
0	analytics.s.id Failed	s.id
70	37

This site contains links to these domains. Also see Links.

Domain
www.ca-normandie-seine.fr

Subject Issuer	Validity	Valid
*.s.id COMODO RSA Domain Validation Secure Server CA	`2018-12-03` - `2020-12-02`	2 years	crt.sh
ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2018-09-22` - `2019-03-31`	6 months	crt.sh
*.themoneytizer.com Sectigo RSA Domain Validation Secure Server CA	`2019-02-15` - `2021-02-14`	2 years	crt.sh
www.noowho.com Gandi Standard SSL CA 2	`2017-02-07` - `2020-02-07`	3 years	crt.sh
s.cpx.to COMODO RSA Domain Validation Secure Server CA	`2015-02-10` - `2020-02-09`	5 years	crt.sh
adtrack.adleadevent.com Amazon	`2018-07-28` - `2019-08-28`	a year	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2018-10-16` - `2019-10-21`	a year	crt.sh
*.google-analytics.com Google Internet Authority G3	`2019-01-29` - `2019-04-23`	3 months	crt.sh
api.dmcdn.net Let's Encrypt Authority X3	`2019-02-14` - `2019-05-15`	3 months	crt.sh
*.bootstrapcdn.com COMODO RSA Domain Validation Secure Server CA	`2018-10-03` - `2019-10-12`	a year	crt.sh
www.ca-aquitaine.fr COMODO RSA Organization Validation Secure Server CA	`2018-12-12` - `2019-12-12`	a year	crt.sh

This page contains 7 frames:

Primary Page: http://u339511gj5.ha002.t.justns.ru/refer/index.html
Frame ID: 1BA37EA5B85FBE6A8403FA647B4822C3
Requests: 61 HTTP requests in this frame

Frame: http://u339511gj5.ha002.t.justns.ru/refer/index.html
Frame ID: 143BA3EEA4F3C123ED421CB9F4339F3E
Requests: 1 HTTP requests in this frame

Frame: http://u339511gj5.ha002.t.justns.ru/refer/index.html
Frame ID: C93042C3C6912907780F91E97C677740
Requests: 1 HTTP requests in this frame

Frame: http://tag.leadplace.fr/wckr.php?nogdpr&id=MTIZ
Frame ID: 0D19FA4A69776CB399276A18C6216D0F
Requests: 1 HTTP requests in this frame

Frame: https://www.google-analytics.com/analytics.js
Frame ID: C114095D66D41D452BD589E7E0529E33
Requests: 5 HTTP requests in this frame

Frame: http://www.dailymotion.com/embed?api=postMessage&autoplay-mute=true&autoplay=true&controls=false&endscreen-enable=false&id=player_screen_video&mute=true&origin=http%3A%2F%2Furlz.fr&sharing-enable=false&syndication=273739&ui-logo=false&ui-start-screen-info=false
Frame ID: 0BE5AA617B984AD20C44D0D6ADDB0448
Requests: 1 HTTP requests in this frame

Frame: http://banners.webmasterplan.com/view.asp?ref=794613&site=9192&type=html&hnb=1&js=1&subid=205724
Frame ID: 57EBAA1F5D9C697AC7B1DFF981305931
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://s.id/3yAOu Page URL
http://mauriciolo.temp.swtest.ru/ Page URL
https://urlz.fr/90JN HTTP 301
http://urlz.fr/90JN Page URL
http://u339511gj5.ha002.t.justns.ru/refer HTTP 301
http://u339511gj5.ha002.t.justns.ru/refer/ HTTP 302
http://u339511gj5.ha002.t.justns.ru/refer/index.html Page URL

Detected technologies

Ubuntu (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Ubuntu/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

70
Requests

24 %
HTTPS

26 %
IPv6

33
Domains

37
Subdomains

29
IPs

9
Countries

429 kB
Transfer

1054 kB
Size

0
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://www.ca-normandie-seine.fr/bam-information/
Title:

Search URL Search Domain Scan URL

URL: http://www.ca-normandie-seine.fr/faq.html
Title: Foire Aux Questions

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://s.id/3yAOu Page URL
http://mauriciolo.temp.swtest.ru/ Page URL
https://urlz.fr/90JN HTTP 301
http://urlz.fr/90JN Page URL
http://u339511gj5.ha002.t.justns.ru/refer HTTP 301
http://u339511gj5.ha002.t.justns.ru/refer/ HTTP 302
http://u339511gj5.ha002.t.justns.ru/refer/index.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://urlz.fr/90JN HTTP 301
http://urlz.fr/90JN

Request Chain 5

http://u339511gj5.ha002.t.justns.ru/refer HTTP 301
http://u339511gj5.ha002.t.justns.ru/refer/ HTTP 302
http://u339511gj5.ha002.t.justns.ru/refer/index.html

Request Chain 14

http://ww1097.smartadserver.com/config.js?nwid=1097 HTTP 302
http://ced-ns.sascdn.com/diff/js/smart.js

Request Chain 17

http://id5-sync.com/i/12/9.gif HTTP 302
http://id5-sync.com/c/12/0/9/1.gif HTTP 302
http://ib.adnxs.com/getuid?http://id5-sync.com/c/12/2/8/2.gif?puid=$UID HTTP 302
http://ib.adnxs.com/bounce?%2Fgetuid%3Fhttp%3A%2F%2Fid5-sync.com%2Fc%2F12%2F2%2F8%2F2.gif%3Fpuid%3D%24UID HTTP 302
http://id5-sync.com/c/12/2/8/2.gif?puid=4479100661768519048 HTTP 302
http://c1.adform.net/serving/cookie/match?party=1135&callback=http%3A%2F%2Fid5-sync.com%2Fc%2F12%2F10%2F7%2F3.gif%3Fpuid%3D%5Badformuid%5D HTTP 302
http://c1.adform.net/serving/cookie/match?CC=1&party=1135&callback=http%3A%2F%2Fid5-sync.com%2Fc%2F12%2F10%2F7%2F3.gif%3Fpuid%3D%5Badformuid%5D HTTP 302
http://id5-sync.com/c/12/10/7/3.gif?puid=2094191279726221527 HTTP 302
http://ads.creative-serving.com/id5_cm?callback=http%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F6%2F4.gif%3Fpuid%3D%5BUID%5D HTTP 302
http://ads.creative-serving.com/ul_cb/id5_cm?callback=http%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F6%2F4.gif%3Fpuid%3D%5BUID%5D HTTP 302
http://id5-sync.com/c/12/101/6/4.gif?puid=da3428a1-f1d4-4d0d-b721-1dbcfd3ff54e HTTP 302
http://rtb-csync.smartadserver.com/redir/?partnerid=111&partneruserid=ID5-SWe6Wsvd7WleROtO97-4frzTQdfSEHAoLXiHBDFwgQ&redirurl=http%3A%2F%2Fid5-sync.com%2Fc%2F12%2F102%2F5%2F5.gif%3Fpuid%3DSMART_USER_ID HTTP 302
http://id5-sync.com/c/12/102/5/5.gif?puid=739035173878121993 HTTP 302
http://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=http%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F4%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D

Request Chain 21

http://u339511gj5.ha002.t.justns.ru/refer HTTP 301
http://u339511gj5.ha002.t.justns.ru/refer/ HTTP 302
http://u339511gj5.ha002.t.justns.ru/refer/index.html

Request Chain 31

http://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js HTTP 301
https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js

Request Chain 34

https://ads.avocet.io/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Davocet%26dsp_uid%3D%7B%7BUUID%7D%7D%26fid%3Db569355d-0320-47bc-8349-5979576c8289 HTTP 302
https://ads.avocet.io/getuid?bounce=true&url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Davocet%26dsp_uid%3D%7B%7BUUID%7D%7D%26fid%3Db569355d-0320-47bc-8349-5979576c8289 HTTP 302
https://s.cpx.to/sync?dsp=avocet&dsp_uid=a8376583-21fd-47be-a800-5d8411e4fee9&fid=b569355d-0320-47bc-8349-5979576c8289

Request Chain 35

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Db569355d-0320-47bc-8349-5979576c8289 HTTP 302
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Db569355d-0320-47bc-8349-5979576c8289 HTTP 302
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=DF3AE8DA-4186-47AC-B2F7-AA3207603FD8&fid=b569355d-0320-47bc-8349-5979576c8289

Request Chain 36

https://d.turn.com/r/dd/id/L21rdC8xMjgwL2NpZC8xNzQ4MDc2NjU4L3QvMg/url/https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Damobee%26dsp_uid%3D%24%21%7BTURN_UUID%7D%26fid%3Db569355d-0320-47bc-8349-5979576c8289 HTTP 302
https://s.cpx.to/sync?dsp=amobee&dsp_uid=3938752816429736857&fid=b569355d-0320-47bc-8349-5979576c8289

Request Chain 37

https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=b569355d-0320-47bc-8349-5979576c8289 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm=&dsp=dbm&fid=b569355d-0320-47bc-8349-5979576c8289&google_tc= HTTP 302
https://s.cpx.to/ca.png?dsp=dbm&fid=b569355d-0320-47bc-8349-5979576c8289&google_gid=CAESEA7n78MQCCnjv9CDYnJWW_U&google_cver=1

Request Chain 38

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D11528%26ref%3Dhttp%253A%252F%252Fmauriciolo.temp.swtest.ru%252F%26hn_ver%3D10%26fid%3Db569355d-0320-47bc-8349-5979576c8289 HTTP 302
https://s.cpx.to/an_fire?app_nexus_uid=4479100661768519048&pid=11528&ref=http%3A%2F%2Fmauriciolo.temp.swtest.ru%2F&hn_ver=10&fid=b569355d-0320-47bc-8349-5979576c8289

70 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Cookie set 3yAOu
s.id/ 2 KB
2 KB 618ms
245ms Document
text/html 203.119.112.228
Pengelola Nama Do...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.id/3yAOu
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.119.112.228 , Indonesia, ASN56088 (PANDI-ID PANDI - Pengelola Nama Domain Internet Indonesia, ID),
Reverse DNS: s.id.112.119.203.in-addr.arpa
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash

Request headers

Host: s.id
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 26 Feb 2019 14:46:37 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: private, must-revalidate
pragma: no-cache
expires: -1
Set-Cookie: XSRF-TOKEN=eyJpdiI6InAyeE1uNzJFUlN0SHNcL09FUU50UEFBPT0iLCJ2YWx1ZSI6Ilwvc2FnRXBQV3lzekhVaWF4MmZYak1mQmZiQUs5UmxJMEcyY1BBYnM0QnRIVkFqeit2MXBtYk91WFQyVlwvWGlIMENcL1ArRFhSQlwvS0dYSTF0NEhzS1RZUT09IiwibWFjIjoiMGU4NjA0MDQ2MzFhYzJlMzAxNmY4MjUzOGQ0MmNiMzJjNjE5NDZjYTkzYjQzOTIyZmU1YTI2Mjg4YTMyOThlMSJ9; expires=Tue, 26-Feb-2019 16:46:37 GMT; Max-Age=7200; path=/ major_tom=eyJpdiI6ImdBTXdacGY3NGFJTmFqNGplTXptZVE9PSIsInZhbHVlIjoiVXh2eFVlK3JPWitoWG9Bek1hNXdJN2RwQWVjRHNHRVVCS0JoSWhKMThtQWN1WG5QUTVTOHlUQURwekJpSVZ4NTRlc3BrSE11ZFJsWTVSdVZNVFRFNEE9PSIsIm1hYyI6IjI4ZWRhOGQwOTBlNzQzYzVlZTc1ZWIxZWI0NDFjNmEwOGFjZTg2MDhmMGRjZGU0NWU4YTJlOGViZTc4ODczOWUifQ%3D%3D; expires=Tue, 26-Feb-2019 16:46:37 GMT; Max-Age=7200; path=/; httponly
Content-Encoding: gzip

GET piwik.js
analytics.s.id/ 0
0

GET
H/1.1 200
OK /
mauriciolo.temp.swtest.ru/ 64 B
336 B 198ms
72ms Document
text/html 77.222.56.187
SWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://mauriciolo.temp.swtest.ru/
Requested by: Host: s.id
URL: https://s.id/3yAOu
Protocol: HTTP/1.1
Server: 77.222.56.187 , Russian Federation, ASN44112 (SWEB-AS, RU),
Reverse DNS: vh228.sweb.ru
Software: nginx/1.15.2 /
Resource Hash

Request headers

Host: mauriciolo.temp.swtest.ru
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Server: nginx/1.15.2
Date: Tue, 26 Feb 2019 14:46:38 GMT
Content-Type: text/html
Content-Length: 64
Connection: keep-alive
Keep-Alive: timeout=10
Last-Modified: Tue, 26 Feb 2019 04:31:35 GMT
ETag: "bc3b59-40-582c48853237d"
Accept-Ranges: bytes

GET
H/1.1

200
OK

90JN Show response
urlz.fr/
Redirect Chain

https://urlz.fr/90JN
http://urlz.fr/90JN

3 KB
1 KB

39ms
32ms

Document
text/html

2606:4700:31::681f:bb2
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://urlz.fr/90JN
Protocol: HTTP/1.1
Server: 2606:4700:31::681f:bb2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 446f054536501c302854ac0385c0a16c7f215eb11786419b68769eefd8665578

Request headers

Host: urlz.fr
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://mauriciolo.temp.swtest.ru/
Accept-Encoding: gzip, deflate
Cookie: __cfduid=d0b82e9397d091042f0bc29bd86de382a1551192398
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://mauriciolo.temp.swtest.ru/

Response headers

Date: Tue, 26 Feb 2019 14:46:38 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: cloudflare
CF-RAY: 4af333c8ddc627aa-FRA
Content-Encoding: gzip

Redirect headers

status: 301
date: Tue, 26 Feb 2019 14:46:38 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d0b82e9397d091042f0bc29bd86de382a1551192398; expires=Wed, 26-Feb-20 14:46:38 GMT; path=/; domain=.urlz.fr; HttpOnly
location: http://urlz.fr/90JN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 4af333c84ca19774-FRA

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/cb7744ae/cloudflare-static/ 11 KB
4 KB 20ms
9ms Script
application/javascript 2606:4700::6813:c597
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/cb7744ae/cloudflare-static/rocket-loader.min.js

Requested by

Host: urlz.fr
URL: http://urlz.fr/90JN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:c597 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

3349f7ebfafd1cf105f9f4a41a1be792db6dfc5d754de2fbce192a2185486b73

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://urlz.fr/90JN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 26 Feb 2019 14:46:38 GMT
content-encoding: gzip
last-modified: Mon, 18 Feb 2019 17:46:56 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5c6aef90-2d8b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=172800, public
strict-transport-security: max-age=15780000; includeSubDomains
cf-ray: 4af333c94bbd9ab8-FRA
expires: Thu, 28 Feb 2019 14:46:38 GMT

GET
H/1.1

200
OK

index.html
u339511gj5.ha002.t.justns.ru/refer/ Frame 143B
Redirect Chain

http://u339511gj5.ha002.t.justns.ru/refer
http://u339511gj5.ha002.t.justns.ru/refer/
http://u339511gj5.ha002.t.justns.ru/refer/index.html

0
0

78ms
39ms

Document
text/html

2a00:b700::6:b
ASBAXET

General

Check archive.org

Show headers Download Go to

Full URL: http://u339511gj5.ha002.t.justns.ru/refer/index.html
Requested by: Host: urlz.fr
URL: http://urlz.fr/90JN
Protocol: HTTP/1.1
Server: 2a00:b700::6:b , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash

Request headers

Host: u339511gj5.ha002.t.justns.ru
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://urlz.fr/90JN
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://urlz.fr/90JN

Response headers

ETag: "55d5-5c74c034-ffcfbad0a59cde69;gz"
Last-Modified: Tue, 26 Feb 2019 04:27:32 GMT
Content-Type: text/html
Content-Length: 6653
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding,User-Agent
Date: Tue, 26 Feb 2019 14:46:39 GMT
Server: LiteSpeed
Connection: close

Redirect headers

Location: index.html
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Date: Tue, 26 Feb 2019 14:46:39 GMT
Server: LiteSpeed
Cache-Control: no-cache, no-store, must-revalidate, max-age=0
Vary: User-Agent
Connection: close

GET
H/1.1 200
OK requestform.js Show response
ads.themoneytizer.com/s/ 43 KB
9 KB 38ms
16ms Script
text/html 151.139.241.23
HWNG

General

Check archive.org

Show headers Download Go to

Full URL: http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/cb7744ae/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Server: 151.139.241.23 Dallas, United States, ASN12989 (HWNG, NL),
Reverse DNS
Software: NetDNA-cache/2.2 / PHP/5.4.45
Resource Hash: 983364371c4e05731c4ac45028811eba0bbaa0a71e1c1c1d25e6757aef763607

Request headers

Referer: http://urlz.fr/90JN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 26 Feb 2019 14:46:38 GMT
Content-Encoding: gzip
Server: NetDNA-cache/2.2
X-Powered-By: PHP/5.4.45
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/html; charset=UTF-8
Cache-control: max-age=86400
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes
Expires: Wed, 27 Feb 2019 14:46:38 GMT

GET
H/1.1 200
OK gen.js Show response
ads.themoneytizer.com/s/ 6 KB
2 KB 46ms
7ms Script
text/html 151.139.241.23
HWNG

General

Check archive.org

Show headers Download Go to

Full URL: http://ads.themoneytizer.com/s/gen.js?type=28
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/cb7744ae/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Server: 151.139.241.23 Dallas, United States, ASN12989 (HWNG, NL),
Reverse DNS
Software: NetDNA-cache/2.2 / PHP/5.4.45
Resource Hash: dd76fdd2142192064e0af855f1b21bdad5ed9e807f053e813827e601404a83cb

Request headers

Referer: http://urlz.fr/90JN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 26 Feb 2019 14:46:23 GMT
Content-Encoding: gzip
Server: NetDNA-cache/2.2
X-Powered-By: PHP/5.4.45
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/html; charset=UTF-8
Cache-control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2186
Expires: Wed, 27 Feb 2019 14:46:23 GMT

GET /
g.tmyzer.com/g/ 0
0

GET
H2 200 moneyvisibility.js Show response
ads.themoneytizer.com/ 12 KB
4 KB 52ms
8ms Script
text/javascript 151.139.241.23
HWNG

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneyvisibility.js
Requested by: Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN12989 (HWNG, NL),
Reverse DNS
Software: nginx /
Resource Hash: 7665c874bc98e44bd494def2883069f2f4c14cdef48d52d517cbbfce75440f37

Request headers

Referer: http://urlz.fr/90JN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 26 Feb 2019 14:46:40 GMT
content-encoding: gzip
last-modified: Tue, 03 Oct 2017 20:38:26 GMT
server: nginx
etag: "779a-308e-55aaa791f67cd"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 3931
expires: Wed, 27 Feb 2019 14:46:32 GMT

GET
H2 200 moneybile.js Show response
ads.themoneytizer.com/ 37 KB
16 KB 58ms
14ms Script
text/javascript 151.139.241.23
HWNG

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneybile.js
Requested by: Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN12989 (HWNG, NL),
Reverse DNS
Software: nginx /
Resource Hash: 94666aec361fee9a9294bb32a5bc11867e479d41c199dd6ec8053122ae105a4b

Request headers

Referer: http://urlz.fr/90JN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 26 Feb 2019 14:46:40 GMT
content-encoding: gzip
last-modified: Tue, 26 Dec 2017 18:31:28 GMT
server: nginx
etag: "7ff1-9390-561427db3104d"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 15733
expires: Wed, 27 Feb 2019 14:46:39 GMT

GET
H/1.1 200
OK getjs.static.js Show response
tag.contextweb.com/ 32 KB
11 KB 68ms
21ms Script
application/x-javascript 74.214.194.131
PULSEPOINT-EU

General

Check archive.org

Show headers Download Go to

Full URL: http://tag.contextweb.com/getjs.static.js
Requested by: Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol: HTTP/1.1
Server: 74.214.194.131 Amsterdam, Netherlands, ASN59940 (PULSEPOINT-EU, NL),
Reverse DNS
Software: envoy /
Resource Hash: bf0e17523e8f57ccb02223b6e5adea462a5479afc4e79d9cbf80ca7f6186dc69

Request headers

Referer: http://urlz.fr/90JN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 26 Feb 2019 14:46:39 GMT
content-encoding: gzip
server: envoy
etag: d13c8ae45565efb782b52cb7f6a3b3828e3d77a7
p3p: policyref="/TagPublish/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: max-age=432000, public
x-envoy-upstream-service-time: 4
content-type: application/x-javascript
content-length: 11296

GET
H/1.1 200
OK px.js Show response
p.cpx.to/p/11528/ 1 KB
2 KB 37ms
8ms Script
application/javascript 13.35.253.10
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://p.cpx.to/p/11528/px.js?r=1532d
Requested by: Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol: HTTP/1.1
Server: 13.35.253.10 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-35-253-10.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 759d88dd7c8fa0d1e31323bd2ebf3f238156fdcbd1ed108215f69fece482d0c2

Request headers

Referer: http://urlz.fr/90JN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 03 Nov 2018 08:41:56 GMT
Content-Encoding: UTF-8
Last-Modified: Wed, 10 Oct 2018 10:49:46 GMT
Server: AmazonS3
Age: 232194
ETag: "f30057c89bf67afeaf18ceba624fa4b7"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
Cache-Control: max-age=2419200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1498
X-Amz-Cf-Id: VBcJoAIy59NktK2glPwQNGXS1KV-JasC3iKrhaTKIoN9y7piSI2QSg==

GET
H/1.1 200
OK notifyme.js Show response
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/ 25 KB
25 KB 40ms
7ms Script
text/javascript 13.35.254.18
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Requested by: Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol: HTTP/1.1
Server: 13.35.254.18 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-35-254-18.fra6.r.cloudfront.net
Software: Apache /
Resource Hash: b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213

Request headers

Referer: http://urlz.fr/90JN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 25 Feb 2019 16:55:45 GMT
Via: 1.1 baa5702f7bd64fcbae1e3bd950d9a245.cloudfront.net (CloudFront)
Last-Modified: Mon, 18 Feb 2019 16:54:28 GMT
Server: Apache
Age: 78694
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 25704
X-Amz-Cf-Id: 9iq0H7CsVXN-sSyDUyY80G17g3g4-FnvCFkiGPno6Jdb_2ioUOTXEw==

GET
H/1.1

200
OK

smart.js Show response
ced-ns.sascdn.com/diff/js/
Redirect Chain

http://ww1097.smartadserver.com/config.js?nwid=1097
http://ced-ns.sascdn.com/diff/js/smart.js

23 KB
8 KB

82ms
22ms

Script
application/x-javascript

68.232.35.16
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: http://ced-ns.sascdn.com/diff/js/smart.js
Protocol: HTTP/1.1
Server: 68.232.35.16 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40E6) /
Resource Hash: 26517193e17e52b864db99512527c75112afb1290eee8b7d4548e23082f0e876

Request headers

Referer: http://urlz.fr/90JN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 26 Feb 2019 14:46:40 GMT
Content-Encoding: gzip
Last-Modified: Mon, 11 Feb 2019 13:12:51 GMT
Server: ECS (fcn/40E6)
X-N: S
Etag: "18d57cd29660668e0675302a0f212fc1:1549890771"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: application/x-javascript
Cache-Control: max-age=86400
Accept-Ranges: bytes
Content-Length: 7698

Redirect headers

Location: http://ced-ns.sascdn.com/diff/js/smart.js
Date: Tue, 26 Feb 2019 14:46:39 GMT
Cache-Control: public, no-cache="Set-Cookie", max-age=3600
Content-Type: text/html; charset=utf-8
ETag: "C29C0A1DA9C8611605C482B212EBAE40"
Content-Length: 158
Expires: Tue, 26 Feb 2019 15:46:40 GMT

GET
H/1.1 200
OK sync Show response
gum.criteo.com/ 49 B
305 B 71ms
26ms Script
text/javascript 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: http://gum.criteo.com/sync?c=147&r=2&j=criteoCallback
Requested by: Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol: HTTP/1.1
Server: 2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0

Request headers

Referer: http://urlz.fr/90JN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 26 Feb 2019 14:46:39 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=3600
Content-Length: 49
Expires: 60

GET
H/1.1 200
OK libJsLP.js Show response
tag.leadplace.fr/ 3 KB
3 KB 66ms
18ms Script
application/javascript 147.135.143.43
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://tag.leadplace.fr/libJsLP.js
Requested by: Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol: HTTP/1.1
Server: 147.135.143.43 Waltham, United States, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 90e6f92e956b0b2b6e655f63d36cd44cef727f54c2b2a175ab5144de14ba2a31

Request headers

Referer: http://urlz.fr/90JN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 26 Feb 2019 14:46:40 GMT
Last-Modified: Wed, 28 Nov 2018 09:16:40 GMT
Server: nginx/1.14.2
ETag: "5bfe5cf8-a72"
X-IPLB-Instance: 13157
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 2674

GET

push
pixel.tapad.com/idsync/ex/
Redirect Chain

http://id5-sync.com/i/12/9.gif
http://id5-sync.com/c/12/0/9/1.gif
http://ib.adnxs.com/getuid?http://id5-sync.com/c/12/2/8/2.gif?puid=$UID
http://ib.adnxs.com/bounce?%2Fgetuid%3Fhttp%3A%2F%2Fid5-sync.com%2Fc%2F12%2F2%2F8%2F2.gif%3Fpuid%3D%24UID
http://id5-sync.com/c/12/2/8/2.gif?puid=4479100661768519048
http://c1.adform.net/serving/cookie/match?party=1135&callback=http%3A%2F%2Fid5-sync.com%2Fc%2F12%2F10%2F7%2F3.gif%3Fpuid%3D%5Badformuid%5D
http://c1.adform.net/serving/cookie/match?CC=1&party=1135&callback=http%3A%2F%2Fid5-sync.com%2Fc%2F12%2F10%2F7%2F3.gif%3Fpuid%3D%5Badformuid%5D
http://id5-sync.com/c/12/10/7/3.gif?puid=2094191279726221527
http://ads.creative-serving.com/id5_cm?callback=http%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F6%2F4.gif%3Fpuid%3D%5BUID%5D
http://ads.creative-serving.com/ul_cb/id5_cm?callback=http%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F6%2F4.gif%3Fpuid%3D%5BUID%5D
http://id5-sync.com/c/12/101/6/4.gif?puid=da3428a1-f1d4-4d0d-b721-1dbcfd3ff54e
http://rtb-csync.smartadserver.com/redir/?partnerid=111&partneruserid=ID5-SWe6Wsvd7WleROtO97-4frzTQdfSEHAoLXiHBDFwgQ&redirurl=http%3A%2F%2Fid5-sync.com%2Fc%2F12%2F102%2F5%2F5.gif%3Fpuid%3DSMART_USE...
http://id5-sync.com/c/12/102/5/5.gif?puid=739035173878121993
http://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=http%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F4%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D

0
0

GET
H/1.1 200
OK quant.js Show response
edge.quantserve.com/ 12 KB
6 KB 137ms
8ms Script
application/x-javascript 18.184.103.21
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://edge.quantserve.com/quant.js
Requested by: Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol: HTTP/1.1
Server: 18.184.103.21 Cambridge, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-18-184-103-21.eu-central-1.compute.amazonaws.com
Software: QS /
Resource Hash: 404a9b0ffbcc813e8ddbb8d8510a24a69c09079282f8083ee94f4adc5d627176

Request headers

Referer: http://urlz.fr/90JN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 26 Feb 2019 14:46:40 GMT
Content-Encoding: gzip
Last-Modified: Tue, 26-Feb-2019 14:46:40 GMT
Server: QS
ETag: M0-e2b9884a
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=604800
Connection: keep-alive
Content-Length: 5456
Expires: Tue, 05 Mar 2019 14:46:40 GMT

GET
H2 200 prebid.js Show response
ads.themoneytizer.com/moneybid1_39/build/dist/ 271 KB
86 KB 15ms
14ms Script
text/javascript 151.139.241.23
HWNG

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneybid1_39/build/dist/prebid.js
Requested by: Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN12989 (HWNG, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1617ade5ea3ecc2ae90f24d08b42edb9f46a30730ff606cbbd8ccbcf19a4a16a

Request headers

Referer: http://urlz.fr/90JN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 26 Feb 2019 14:46:40 GMT
content-encoding: gzip
last-modified: Fri, 22 Feb 2019 20:23:17 GMT
server: nginx
etag: "1b9b6-43a55-582815c7e4cb1"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 87434
expires: Wed, 27 Feb 2019 14:46:35 GMT

GET
H/1.1 200
OK sdk.js Show response
player.pepsia.com/ 37 KB
37 KB 90ms
38ms Script
application/javascript 5.179.192.20
ASPSERVEUR-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://player.pepsia.com/sdk.js?d=1692a45a1ae
Requested by: Host: s.id
URL: https://s.id/3yAOu
Protocol: HTTP/1.1
Server: 5.179.192.20 , France, ASN34235 (ASPSERVEUR-AS, FR),
Reverse DNS: 5-179-192-20.dynamixhost.net
Software: nginx /
Resource Hash: 66171501c2a2df0ccfb7e034730b81578492b3508f54e05b0c3847e81c8b8bb2

Request headers

Referer: http://urlz.fr/90JN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 26 Feb 2019 14:46:40 GMT
Last-Modified: Tue, 19 Feb 2019 15:33:45 GMT
Server: nginx
Accept-Ranges: bytes
ETag: "5c6c21d9-9462"
Content-Length: 37986
Content-Type: application/javascript

GET
H/1.1

200
OK

index.html
u339511gj5.ha002.t.justns.ru/refer/ Frame C930
Redirect Chain

http://u339511gj5.ha002.t.justns.ru/refer
http://u339511gj5.ha002.t.justns.ru/refer/
http://u339511gj5.ha002.t.justns.ru/refer/index.html

0
0

80ms
39ms

Document
text/html

2a00:b700::6:b
ASBAXET

General

Check archive.org

Show headers Download Go to

Full URL: http://u339511gj5.ha002.t.justns.ru/refer/index.html
Requested by: Host: s.id
URL: https://s.id/3yAOu
Protocol: HTTP/1.1
Server: 2a00:b700::6:b , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash

Request headers

Host: u339511gj5.ha002.t.justns.ru
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://urlz.fr/90JN
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://urlz.fr/90JN

Response headers

ETag: "55d5-5c74c034-ffcfbad0a59cde69;gz"
Last-Modified: Tue, 26 Feb 2019 04:27:32 GMT
Content-Type: text/html
Content-Length: 6653
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding,User-Agent
Date: Tue, 26 Feb 2019 14:46:40 GMT
Server: LiteSpeed
Connection: close

Redirect headers

Location: index.html
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Date: Tue, 26 Feb 2019 14:46:40 GMT
Server: LiteSpeed
Cache-Control: no-cache, no-store, must-revalidate, max-age=0
Vary: User-Agent
Connection: close

GET
H/1.1 200
OK image.php
www.noowho.com/ 1 KB
2 KB 181ms
82ms Image
image/gif 94.23.196.203
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.noowho.com/image.php?site=23690713&ref=http://mauriciolo.temp.swtest.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.23.196.203 , France, ASN16276 (OVH, FR),
Reverse DNS: serveur8.wilsoftech.com
Software: Apache/2.4.7 (Ubuntu) / PHP/5.5.9-1ubuntu4.22
Resource Hash: d01911e5cd23948baa57eaf709c86932d09a4deb133086ef9386bc49cb1124d7

Request headers

Referer: http://urlz.fr/90JN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 26 Feb 2019 14:50:27 GMT
Cache-Control: no-store, no-cache, must-revalidate
Server: Apache/2.4.7 (Ubuntu)
Connection: close
X-Powered-By: PHP/5.5.9-1ubuntu4.22
Content-Length: 1466
Content-Type: image/gif

GET
H/1.1 200
OK fire.js Show response
s.cpx.to/ 946 B
1 KB 192ms
31ms Script
text/plain 63.33.91.112
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://s.cpx.to/fire.js?pid=11528&ref=http%3A%2F%2Fmauriciolo.temp.swtest.ru%2F&hn_ver=10&fid=b569355d-0320-47bc-8349-5979576c8289
Requested by: Host: p.cpx.to
URL: http://p.cpx.to/p/11528/px.js?r=1532d
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.91.112 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-63-33-91-112.eu-west-1.compute.amazonaws.com
Software: akka-http/2.4.17 /
Resource Hash: 6e7beda9f3ed90316bad09c861392b56f5f8125a0fbb4a29c76933e38c44dce7

Request headers

Referer: http://urlz.fr/90JN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 26 Feb 2019 14:46:40 GMT
Server: akka-http/2.4.17
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Type: text/plain; charset=UTF-8
Content-Length: 946
Expires: Tue, 05 Feb 2019 11:29:18 GMT

GET
H/1.1 200
OK jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.0.0/ 84 KB
30 KB 29ms
6ms Script
text/javascript 2a00:1450:4001:808::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js

Requested by

Host: d2zur9cc2gf1tx.cloudfront.net
URL: http://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://urlz.fr/90JN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 17 Jan 2019 18:15:08 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 20 Dec 2016 18:17:03 GMT
Server: sffe
Age: 3443492
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 30186
X-XSS-Protection: 1; mode=block
Expires: Fri, 17 Jan 2020 18:15:08 GMT

GET
H/1.1 200
OK wckr.php
tag.leadplace.fr/ Frame 0D19 0
0 21ms
18ms Document
text/html 147.135.143.43
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://tag.leadplace.fr/wckr.php?nogdpr&id=MTIZ
Requested by: Host: tag.leadplace.fr
URL: http://tag.leadplace.fr/libJsLP.js
Protocol: HTTP/1.1
Server: 147.135.143.43 Waltham, United States, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash

Request headers

Host: tag.leadplace.fr
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://urlz.fr/90JN
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://urlz.fr/90JN

Response headers

Server: nginx/1.14.2
Date: Tue, 26 Feb 2019 14:46:40 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
X-IPLB-Instance: 13157

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 372 B
1 KB 91ms
80ms XHR
application/json 37.252.172.70
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

http://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid1_39/build/dist/prebid.js

Protocol

HTTP/1.1

Server

37.252.172.70 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

154.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

c9b1de23ef555ae2b01ed1ffbf1a93643f09d79e1b17c89fe05b4b7552059c02

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://urlz.fr/90JN
Origin: http://urlz.fr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 26 Feb 2019 14:46:42 GMT
X-Proxy-Origin: 185.220.70.202; 185.220.70.202; 154.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.202:80
AN-X-Request-Uuid: d34f17e6-4920-43cb-a972-d99daa7b5cde
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://urlz.fr
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 372
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 255 B
2 KB 139ms
90ms XHR
application/json 213.19.162.51
The Rubicon Project

General

Check archive.org

Show headers Download Go to

Full URL: http://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11740&site_id=39544&zone_id=1078226&size_id=2&p_pos=unknown&rf=https%3A%2F%2Furlz.fr&kw=15056&tg_i.siteid=15056&tk_flint=pbjs_lite_v1.39.0&x_source.tid=fe92c03d-ff4f-4aaa-bf69-da328248aca7&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=0&slots=1&rand=0.7661825601483421
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid1_39/build/dist/prebid.js
Protocol: HTTP/1.1
Server: 213.19.162.51 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: 7e21f113c0b7b34045da6c870dfcb863c6af5d0a8de63ae0d539373ea8f99a0d

Request headers

Referer: http://urlz.fr/90JN
Origin: http://urlz.fr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 26 Feb 2019 14:46:40 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: http://urlz.fr
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=0, max=6
Content-Length: 255
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 255 B
2 KB 133ms
83ms XHR
application/json 213.19.162.51
The Rubicon Project

General

Check archive.org

Show headers Download Go to

Full URL: http://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11740&site_id=39544&zone_id=1078310&size_id=2&p_pos=unknown&rf=https%3A%2F%2Furlz.fr&kw=15056&tg_i.siteid=15056&tk_flint=pbjs_lite_v1.39.0&x_source.tid=62911cec-8698-42be-98a3-840d08b5e46a&p_screen_res=1600x1200&rp_floor=0.37&rp_secure=0&slots=1&rand=0.9948311432588699
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid1_39/build/dist/prebid.js
Protocol: HTTP/1.1
Server: 213.19.162.51 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: 507f173bd882e8b2be46be53bec61bf98230cde18af89ec0bbe0866ef0497da9

Request headers

Referer: http://urlz.fr/90JN
Origin: http://urlz.fr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 26 Feb 2019 14:46:40 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: http://urlz.fr
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=0, max=9
Content-Length: 255
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK swfIndex.php
ads.stickyadstv.com/www/delivery/ 67 B
548 B 259ms
225ms XHR
application/xml 2.23.106.5
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: http://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=5224337&componentId=mustang&timestamp=1551192400423&pKey=1260479155&_fw_gdpr_consent=undefined&loc=http%3A%2F%2Furlz.fr%2F90JN&playerSize=640x480&
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid1_39/build/dist/prebid.js
Protocol: HTTP/1.1
Server: 2.23.106.5 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-23-106-5.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash

Request headers

Referer: http://urlz.fr/90JN
Origin: http://urlz.fr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 26 Feb 2019 14:46:40 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: http://urlz.fr
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1551192400463014-130
Expires: Tue, 26 Feb 2019 14:46:40 GMT

GET
H/1.1 200
OK notifyme.php Show response
adtrack.adleadevent.com/ 0
517 B 171ms
34ms XHR
application/x-javascript 54.75.225.184
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
Requested by: Host: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.75.225.184 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-75-225-184.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: http://urlz.fr/90JN
Origin: http://urlz.fr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 26 Feb 2019 14:46:40 GMT
Content-Encoding: gzip
Last-Modified: Tue, 26 Feb 2019 14:46:40 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: http://urlz.fr
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

rules-p-6Fv0cGNfc_bw8.js Show response
rules.quantcount.com/
Redirect Chain

http://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js

1 KB
952 B

7ms
6ms

Script
application/x-javascript

2600:9000:20bb:8800:6:44e3:f8c0:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20bb:8800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681

Request headers

Referer: http://urlz.fr/90JN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 26 Feb 2019 14:29:33 GMT
content-encoding: gzip
last-modified: Mon, 19 Mar 2018 22:28:36 GMT
server: AmazonS3
age: 1032
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=3600
x-amz-cf-id: h4elp4pycrUXppCUmWrtVK8nao52xN5f-eGt421ZE_jZ89AywnEAVw==
via: 1.1 617456b5ad99c756ee702b235ecfe148.cloudfront.net (CloudFront)

Redirect headers

Date: Tue, 26 Feb 2019 14:46:40 GMT
Via: 1.1 e77255787d333d7481d3de3a89fb3ee2.cloudfront.net (CloudFront)
Server: CloudFront
X-Cache: Redirect from cloudfront
Content-Type: text/html
Location: https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Connection: keep-alive
Content-Length: 183
X-Amz-Cf-Id: ea8wONywZb0iEqmC-L62gDBI9ysueKb4LmEyQsZRA1nHZHoH7xaU2A==

GET
H/1.1 200
OK / Show response
player.pepsia.com/V2/ 42 KB
15 KB 43ms
42ms XHR
text/html 5.179.192.20
ASPSERVEUR-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://player.pepsia.com/V2/?token=00I4&autoplay=1&logo=true&volume=1&api=1&id=0&origin=http://urlz.fr&d=1692a45a286
Requested by: Host: player.pepsia.com
URL: http://player.pepsia.com/sdk.js?d=1692a45a1ae
Protocol: HTTP/1.1
Server: 5.179.192.20 , France, ASN34235 (ASPSERVEUR-AS, FR),
Reverse DNS: 5-179-192-20.dynamixhost.net
Software: nginx /
Resource Hash: dd662b6e50e8121af3a3fcdb888012d0eadcefde358452e9b2f45e9980d86325

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://urlz.fr/90JN
Origin: http://urlz.fr

Response headers

Access-Control-Allow-Origin: http://urlz.fr
Date: Tue, 26 Feb 2019 14:46:40 GMT
Content-Encoding: gzip
Access-Control-Allow-Credentials: true
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK algo.php Show response
player.pepsia.com/V2/ 1 KB
679 B 101ms
57ms XHR
text/html 5.179.192.20
ASPSERVEUR-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://player.pepsia.com/V2/algo.php?token=00I4&num=9&origin=http://urlz.fr&d=1692a45a287
Requested by: Host: player.pepsia.com
URL: http://player.pepsia.com/sdk.js?d=1692a45a1ae
Protocol: HTTP/1.1
Server: 5.179.192.20 , France, ASN34235 (ASPSERVEUR-AS, FR),
Reverse DNS: 5-179-192-20.dynamixhost.net
Software: nginx /
Resource Hash: 5ccf70cd1d1da4e1d97e76747d95a93ef3b78bd1a05f0998069d84b2fa8b5d7c

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://urlz.fr/90JN
Origin: http://urlz.fr

Response headers

Access-Control-Allow-Origin: http://urlz.fr
Date: Tue, 26 Feb 2019 14:46:40 GMT
Content-Encoding: gzip
Access-Control-Allow-Credentials: true
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET

sync
s.cpx.to/
Redirect Chain

https://ads.avocet.io/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Davocet%26dsp_uid%3D%7B%7BUUID%7D%7D%26fid%3Db569355d-0320-47bc-8349-5979576c8289
https://ads.avocet.io/getuid?bounce=true&url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Davocet%26dsp_uid%3D%7B%7BUUID%7D%7D%26fid%3Db569355d-0320-47bc-8349-5979576c8289
https://s.cpx.to/sync?dsp=avocet&dsp_uid=a8376583-21fd-47be-a800-5d8411e4fee9&fid=b569355d-0320-47bc-8349-5979576c8289

0
0

GET
H/1.1

200
OK

sync
s.cpx.to/
Redirect Chain

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Db569355d-0320-47bc-8349-5979576c8289
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Db569355d-0320-47bc-8349-5979576c8289
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=DF3AE8DA-4186-47AC-B2F7-AA3207603FD8&fid=b569355d-0320-47bc-8349-5979576c8289

95 B
649 B

35ms
31ms

Image
image/png

63.33.91.112
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=DF3AE8DA-4186-47AC-B2F7-AA3207603FD8&fid=b569355d-0320-47bc-8349-5979576c8289
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.91.112 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-63-33-91-112.eu-west-1.compute.amazonaws.com
Software: akka-http/2.4.17 /
Resource Hash

Request headers

Referer: http://urlz.fr/90JN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 26 Feb 2019 14:46:40 GMT
Server: akka-http/2.4.17
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Type: image/png
Content-Length: 95
Expires: Tue, 26 Feb 2019 14:46:40 GMT

Redirect headers

Location: https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=DF3AE8DA-4186-47AC-B2F7-AA3207603FD8&fid=b569355d-0320-47bc-8349-5979576c8289
Date: Tue, 26 Feb 2019 14:46:40 GMT
X-Cnection: close
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Content-Length: 448
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1

200
OK

sync
s.cpx.to/
Redirect Chain

https://d.turn.com/r/dd/id/L21rdC8xMjgwL2NpZC8xNzQ4MDc2NjU4L3QvMg/url/https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Damobee%26dsp_uid%3D%24%21%7BTURN_UUID%7D%26fid%3Db569355d-0320-47bc-8349-5979576c8289
https://s.cpx.to/sync?dsp=amobee&dsp_uid=3938752816429736857&fid=b569355d-0320-47bc-8349-5979576c8289

95 B
630 B

36ms
30ms

Image
image/png

63.33.91.112
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.cpx.to/sync?dsp=amobee&dsp_uid=3938752816429736857&fid=b569355d-0320-47bc-8349-5979576c8289
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.91.112 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-63-33-91-112.eu-west-1.compute.amazonaws.com
Software: akka-http/2.4.17 /
Resource Hash

Request headers

Referer: http://urlz.fr/90JN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 26 Feb 2019 14:46:40 GMT
Server: akka-http/2.4.17
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Type: image/png
Content-Length: 95
Expires: Tue, 26 Feb 2019 14:46:40 GMT

Redirect headers

Location: https://s.cpx.to/sync?dsp=amobee&dsp_uid=3938752816429736857&fid=b569355d-0320-47bc-8349-5979576c8289
Pragma: no-cache
Date: Tue, 26 Feb 2019 14:46:40 GMT
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Server: Apache-Coyote/1.1
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1

200
OK

ca.png
s.cpx.to/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=b569355d-0320-47bc-8349-5979576c8289
https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm=&dsp=dbm&fid=b569355d-0320-47bc-8349-5979576c8289&google_tc=
https://s.cpx.to/ca.png?dsp=dbm&fid=b569355d-0320-47bc-8349-5979576c8289&google_gid=CAESEA7n78MQCCnjv9CDYnJWW_U&google_cver=1

95 B
492 B

36ms
35ms

Image
image/png

63.33.91.112
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.cpx.to/ca.png?dsp=dbm&fid=b569355d-0320-47bc-8349-5979576c8289&google_gid=CAESEA7n78MQCCnjv9CDYnJWW_U&google_cver=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.91.112 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-63-33-91-112.eu-west-1.compute.amazonaws.com
Software: akka-http/2.4.17 /
Resource Hash: bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Request headers

Referer: http://urlz.fr/90JN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 26 Feb 2019 14:46:40 GMT
Server: akka-http/2.4.17
Connection: keep-alive
Content-Length: 95
Content-Type: image/png

Redirect headers

pragma: no-cache
date: Tue, 26 Feb 2019 14:46:40 GMT
server: HTTP server (unknown)
location: https://s.cpx.to/ca.png?dsp=dbm&fid=b569355d-0320-47bc-8349-5979576c8289&google_gid=CAESEA7n78MQCCnjv9CDYnJWW_U&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39",quic=":443"; ma=2592000; v="44,43,39"
content-length: 334
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

an_fire
s.cpx.to/
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D11528%26ref%3Dhttp%253A%252F%252Fmauriciolo.temp.swtest.ru%252F%26hn_ver%3D10%26fid%3Db569355d-0320...
https://s.cpx.to/an_fire?app_nexus_uid=4479100661768519048&pid=11528&ref=http%3A%2F%2Fmauriciolo.temp.swtest.ru%2F&hn_ver=10&fid=b569355d-0320-47bc-8349-5979576c8289

95 B
633 B

54ms
30ms

Image
image/png

63.33.91.112
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.cpx.to/an_fire?app_nexus_uid=4479100661768519048&pid=11528&ref=http%3A%2F%2Fmauriciolo.temp.swtest.ru%2F&hn_ver=10&fid=b569355d-0320-47bc-8349-5979576c8289
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.91.112 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-63-33-91-112.eu-west-1.compute.amazonaws.com
Software: akka-http/2.4.17 /
Resource Hash

Request headers

Referer: http://urlz.fr/90JN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 26 Feb 2019 14:46:40 GMT
Server: akka-http/2.4.17
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Type: image/png
Content-Length: 95
Expires: Tue, 26 Feb 2019 14:46:40 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 26 Feb 2019 14:46:42 GMT
AN-X-Request-Uuid: 6380c55d-0f77-4a98-afd9-409efb075f76
Content-Type: text/html; charset=utf-8
Server: nginx/1.13.4
Location: https://s.cpx.to/an_fire?app_nexus_uid=4479100661768519048&pid=11528&ref=http%3A%2F%2Fmauriciolo.temp.swtest.ru%2F&hn_ver=10&fid=b569355d-0320-47bc-8349-5979576c8289
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.220.70.202; 185.220.70.202; 302.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.145:80
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame C114 43 KB
17 KB 8ms
5ms Script
text/javascript 2a00:1450:4001:809::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: s.id
URL: https://s.id/3yAOu

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:809::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://urlz.fr/90JN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 16 Jan 2019 20:01:45 GMT
server: Golfe2
age: 907
date: Tue, 26 Feb 2019 14:31:33 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
content-length: 17543
expires: Tue, 26 Feb 2019 16:31:33 GMT

GET
H2 200 all.js
api.dmcdn.net/ Frame C114 27 KB
9 KB 110ms
28ms Script
application/x-javascript 2.16.186.115
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://api.dmcdn.net/all.js

Requested by

Host: player.pepsia.com
URL: http://player.pepsia.com/sdk.js?d=1692a45a1ae

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.16.186.115 , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a2-16-186-115.deploy.static.akamaitechnologies.com

Software

DMS/1.0.42 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31708800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://urlz.fr/90JN
Origin: http://urlz.fr

Response headers

strict-transport-security: max-age=31708800; includeSubDomains
content-encoding: gzip
last-modified: Thu, 20 Sep 2018 10:48:47 GMT
server: DMS/1.0.42
access-control-allow-origin: *
etag: "5ba37b0f-6d98"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=43200, s-maxage=3600
date: Tue, 26 Feb 2019 14:46:40 GMT
accept-ranges: bytes
content-length: 9279
expires: Wed, 27 Feb 2019 02:46:40 GMT

GET
H2 200 glyphicons-halflings-regular.woff2
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/fonts/ Frame C114 18 KB
18 KB 68ms
19ms Font
font/woff2 209.197.3.15
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/fonts/glyphicons-halflings-regular.woff2
Requested by: Host: player.pepsia.com
URL: http://player.pepsia.com/sdk.js?d=1692a45a1ae
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 209.197.3.15 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: vip0x00f.map2.ssl.hwcdn.net
Software: /
Resource Hash: fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://urlz.fr/90JN
Origin: http://urlz.fr

Response headers

date: Tue, 26 Feb 2019 14:46:40 GMT
content-encoding: gzip
last-modified: Wed, 12 Dec 2018 18:36:18 GMT
access-control-allow-origin: *
etag: "1544639778"
vary: Accept-Encoding
x-cache: HIT
content-type: font/woff2
status: 200
cache-control: public, max-age=31536000
x-hello-human: Say hello back! @getBootstrapCDN on Twitter
accept-ranges: bytes
timing-allow-origin: *
content-length: 18056

GET
DATA 200
OK truncated
/ Frame C114 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK favicon.ico
www.ca-aquitaine.fr/ Frame C114 766 B
783 B 127ms
28ms Image
image/vnd.microsoft.icon 158.191.172.76

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ca-aquitaine.fr/favicon.ico

Requested by

Host: urlz.fr
URL: http://urlz.fr/90JN

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

158.191.172.76 , France, ASN9159 (, FR),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://urlz.fr/90JN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 26 Feb 2019 14:46:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Sat, 20 Oct 2007 10:32:50 GMT
Server: Apache
ETag: "2fe-43cea2c528303"
Vary: Accept-Encoding
P3P: CP="ALL DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: image/vnd.microsoft.icon
Keep-Alive: timeout=5, max=100
Content-Length: 224
X-XSS-Protection: 1; mode=block

GET
H/1.1

200
OK

Primary Request index.html Show response
u339511gj5.ha002.t.justns.ru/refer/
Redirect Chain

http://u339511gj5.ha002.t.justns.ru/refer
http://u339511gj5.ha002.t.justns.ru/refer/
http://u339511gj5.ha002.t.justns.ru/refer/index.html

21 KB
7 KB

79ms
39ms

Document
text/html

2a00:b700::6:b
ASBAXET

General

Check archive.org

Show headers Download Go to

Full URL: http://u339511gj5.ha002.t.justns.ru/refer/index.html
Requested by: Host: s.id
URL: https://s.id/3yAOu
Protocol: HTTP/1.1
Server: 2a00:b700::6:b , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 513338f7ad46596ec12a717a06ccff98f54a7f4ffec67085d5b52e9ed9bf7f09

Request headers

Host: u339511gj5.ha002.t.justns.ru
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://urlz.fr/90JN
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://urlz.fr/90JN

Response headers

ETag: "55d5-5c74c034-ffcfbad0a59cde69;gz"
Last-Modified: Tue, 26 Feb 2019 04:27:32 GMT
Content-Type: text/html
Content-Length: 6653
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding,User-Agent
Date: Tue, 26 Feb 2019 14:46:40 GMT
Server: LiteSpeed
Connection: close

Redirect headers

Location: index.html
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Date: Tue, 26 Feb 2019 14:46:40 GMT
Server: LiteSpeed
Cache-Control: no-cache, no-store, must-revalidate, max-age=0
Vary: User-Agent
Connection: close

GET
H/1.1 200
OK ac
ww1097.smartadserver.com/ 7 KB
4 KB 100ms
99ms Script
application/javascript 185.86.137.17
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: http://ww1097.smartadserver.com/ac?nwid=1097&siteid=205724&pgid=890545&fmtid=30012&async=1&visit=m&tmstp=6575732387&tag=sas_30012&sh=1200&sw=1600&pgDomain=http%3A%2F%2Furlz.fr%2F90JN&noadcbk=sas.noad
Requested by: Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol: HTTP/1.1
Server: 185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://urlz.fr/90JN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 26 Feb 2019 14:46:39 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-SMRT-D: 3%3b16%3b52
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-SMRT-I: 6361286
Cache-Control: no-cache, no-store
Content-Type: application/javascript; charset=utf-8
Content-Length: 3025
Expires: -1

GET
H/1.1 200
OK /
c.tmyzer.com/c/ 0
200 B 84ms
55ms XHR
text/html 54.38.64.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://c.tmyzer.com/c/?s=15056&f=28&fi=0
Requested by: Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol: HTTP/1.1
Server: 54.38.64.100 Woodbridge, United States, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://urlz.fr/90JN
Origin: http://urlz.fr

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 26 Feb 2019 14:46:40 GMT
Server: nginx
X-IPLB-Instance: 24856
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET embed
www.dailymotion.com/ Frame 0BE5 0
0

GET
H/1.1 200
OK sas-browser.js
ced-ns.sascdn.com/diff/templates/js/sas/ 2 KB
1 KB 23ms
20ms Script
application/x-javascript 68.232.35.16
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: http://ced-ns.sascdn.com/diff/templates/js/sas/sas-browser.js
Requested by: Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol: HTTP/1.1
Server: 68.232.35.16 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40EB) /
Resource Hash

Request headers

Referer: http://urlz.fr/90JN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 26 Feb 2019 14:46:40 GMT
Content-Encoding: gzip
Last-Modified: Mon, 27 Jul 2015 14:55:29 GMT
Server: ECS (fcn/40EB)
X-N: S
Etag: "f6e7332722340be0f535a70192991c6d:1438008929"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: application/x-javascript
Cache-Control: max-age=86400
Accept-Ranges: bytes
Content-Length: 945

GET
H/1.1 200
OK sas-dom.js
ced-ns.sascdn.com/diff/templates/js/sas/ 2 KB
1 KB 12ms
7ms Script
application/x-javascript 68.232.35.16
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: http://ced-ns.sascdn.com/diff/templates/js/sas/sas-dom.js
Requested by: Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol: HTTP/1.1
Server: 68.232.35.16 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/4192) /
Resource Hash

Request headers

Referer: http://urlz.fr/90JN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 26 Feb 2019 14:46:40 GMT
Content-Encoding: gzip
Last-Modified: Wed, 20 Aug 2014 13:05:03 GMT
Server: ECS (fcn/4192)
X-N: S
Etag: "6bf614f460a08462cb3319a924c9c36a:1408539903"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: application/x-javascript
Cache-Control: max-age=86400
Accept-Ranges: bytes
Content-Length: 1013

GET
H/1.1 200
OK sas-banner-2.4.js
ced-ns.sascdn.com/diff/templates/js/banner/ 5 KB
3 KB 10ms
9ms Script
application/x-javascript 68.232.35.16
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: http://ced-ns.sascdn.com/diff/templates/js/banner/sas-banner-2.4.js
Requested by: Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol: HTTP/1.1
Server: 68.232.35.16 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40AE) /
Resource Hash

Request headers

Referer: http://urlz.fr/90JN
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 26 Feb 2019 14:46:40 GMT
Content-Encoding: gzip
Last-Modified: Mon, 05 Dec 2016 13:14:52 GMT
Server: ECS (fcn/40AE)
X-N: S
Etag: "83d60385b6d9184ea8ee4b4ce681d960:1480943692"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: application/x-javascript
Cache-Control: max-age=86400
Accept-Ranges: bytes
Content-Length: 2211

GET view.asp
banners.webmasterplan.com/ Frame 57EB 0
0

GET
H/1.1 200
OK antiquus_002.css
u339511gj5.ha002.t.justns.ru/refer/entreeBam_fichiers/ 26 KB
4 KB 87ms
39ms Stylesheet
text/css 2a00:b700::6:b
ASBAXET

General

Check archive.org

Show headers Download Go to

Full URL: http://u339511gj5.ha002.t.justns.ru/refer/entreeBam_fichiers/antiquus_002.css
Requested by: Host: u339511gj5.ha002.t.justns.ru
URL: http://u339511gj5.ha002.t.justns.ru/refer/index.html
Protocol: HTTP/1.1
Server: 2a00:b700::6:b , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash: a307d1f6262aaa120d2d8d18603e6b0eb9a7f58c2865d689a5a7c2d6b707fbbb

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: u339511gj5.ha002.t.justns.ru
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://u339511gj5.ha002.t.justns.ru/refer/index.html
Connection: keep-alive
Cache-Control: no-cache
Referer: http://u339511gj5.ha002.t.justns.ru/refer/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 26 Feb 2019 14:46:40 GMT
Content-Encoding: gzip
Last-Modified: Tue, 26 Feb 2019 04:27:39 GMT
Server: LiteSpeed
ETag: "66a1-5c74c03b-1003aeeca21d07d4;gz"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Cache-Control: public, max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 3823
Expires: Tue, 05 Mar 2019 14:46:40 GMT

GET
H/1.1 200
OK antiquus.css
u339511gj5.ha002.t.justns.ru/refer/entreeBam_fichiers/ 26 KB
4 KB 87ms
40ms Stylesheet
text/css 2a00:b700::6:b
ASBAXET

General

Check archive.org

Show headers Download Go to

Full URL: http://u339511gj5.ha002.t.justns.ru/refer/entreeBam_fichiers/antiquus.css
Requested by: Host: u339511gj5.ha002.t.justns.ru
URL: http://u339511gj5.ha002.t.justns.ru/refer/index.html
Protocol: HTTP/1.1
Server: 2a00:b700::6:b , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash: a307d1f6262aaa120d2d8d18603e6b0eb9a7f58c2865d689a5a7c2d6b707fbbb

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: u339511gj5.ha002.t.justns.ru
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://u339511gj5.ha002.t.justns.ru/refer/index.html
Connection: keep-alive
Cache-Control: no-cache
Referer: http://u339511gj5.ha002.t.justns.ru/refer/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 26 Feb 2019 14:46:40 GMT
Content-Encoding: gzip
Last-Modified: Tue, 26 Feb 2019 04:27:39 GMT
Server: LiteSpeed
ETag: "66a1-5c74c03b-f440933aa39f050a;gz"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Cache-Control: public, max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 3823
Expires: Tue, 05 Mar 2019 14:46:40 GMT

GET
H/1.1 200
OK styles_002.css
u339511gj5.ha002.t.justns.ru/refer/entreeBam_fichiers/ 78 KB
15 KB 87ms
40ms Stylesheet
text/css 2a00:b700::6:b
ASBAXET

General

Check archive.org

Show headers Download Go to

Full URL: http://u339511gj5.ha002.t.justns.ru/refer/entreeBam_fichiers/styles_002.css
Requested by: Host: u339511gj5.ha002.t.justns.ru
URL: http://u339511gj5.ha002.t.justns.ru/refer/index.html
Protocol: HTTP/1.1
Server: 2a00:b700::6:b , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash: f6b6ebd962eb5771760ecfd687419341e5cc2ae2275f27ec8ee18d238fe17b1f

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: u339511gj5.ha002.t.justns.ru
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://u339511gj5.ha002.t.justns.ru/refer/index.html
Connection: keep-alive
Cache-Control: no-cache
Referer: http://u339511gj5.ha002.t.justns.ru/refer/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 26 Feb 2019 14:46:40 GMT
Content-Encoding: gzip
Last-Modified: Tue, 26 Feb 2019 04:27:44 GMT
Server: LiteSpeed
ETag: "1372f-5c74c040-2aacb3d399dffbc5;gz"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Cache-Control: public, max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 15243
Expires: Tue, 05 Mar 2019 14:46:40 GMT

GET
H/1.1 200
OK styles.css
u339511gj5.ha002.t.justns.ru/refer/entreeBam_fichiers/ 78 KB
15 KB 87ms
41ms Stylesheet
text/css 2a00:b700::6:b
ASBAXET

General

Check archive.org

Show headers Download Go to

Full URL: http://u339511gj5.ha002.t.justns.ru/refer/entreeBam_fichiers/styles.css
Requested by: Host: u339511gj5.ha002.t.justns.ru
URL: http://u339511gj5.ha002.t.justns.ru/refer/index.html
Protocol: HTTP/1.1
Server: 2a00:b700::6:b , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 6355d2f569635d7ed7c4fa9286e79a5eb5ecc6b17d64f97e64687195a1d4e7c3

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: u339511gj5.ha002.t.justns.ru
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://u339511gj5.ha002.t.justns.ru/refer/index.html
Connection: keep-alive
Cache-Control: no-cache
Referer: http://u339511gj5.ha002.t.justns.ru/refer/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 26 Feb 2019 14:46:40 GMT
Content-Encoding: gzip
Last-Modified: Tue, 26 Feb 2019 04:27:44 GMT
Server: LiteSpeed
ETag: "13738-5c74c040-21805b296a7f7752;gz"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Cache-Control: public, max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 15254
Expires: Tue, 05 Mar 2019 14:46:40 GMT

GET
H/1.1 200
OK styles-mod_002.css
u339511gj5.ha002.t.justns.ru/refer/entreeBam_fichiers/ 12 KB
4 KB 87ms
41ms Stylesheet
text/css 2a00:b700::6:b
ASBAXET

General

Check archive.org

Show headers Download Go to

Full URL: http://u339511gj5.ha002.t.justns.ru/refer/entreeBam_fichiers/styles-mod_002.css
Requested by: Host: u339511gj5.ha002.t.justns.ru
URL: http://u339511gj5.ha002.t.justns.ru/refer/index.html
Protocol: HTTP/1.1
Server: 2a00:b700::6:b , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash: be75bd4ece74fdb044d991fed3ebe153c99009970c90a171b24d2d8949e28bd8

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: u339511gj5.ha002.t.justns.ru
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://u339511gj5.ha002.t.justns.ru/refer/index.html
Connection: keep-alive
Cache-Control: no-cache
Referer: http://u339511gj5.ha002.t.justns.ru/refer/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 26 Feb 2019 14:46:40 GMT
Content-Encoding: gzip
Last-Modified: Tue, 26 Feb 2019 04:27:43 GMT
Server: LiteSpeed
ETag: "2f03-5c74c03f-f58b6286454ba0bd;gz"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Cache-Control: public, max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 3400
Expires: Tue, 05 Mar 2019 14:46:40 GMT

GET
H/1.1 200
OK styles-mod.css
u339511gj5.ha002.t.justns.ru/refer/entreeBam_fichiers/ 12 KB
4 KB 87ms
41ms Stylesheet
text/css 2a00:b700::6:b
ASBAXET

General

Check archive.org

Show headers Download Go to

Full URL: http://u339511gj5.ha002.t.justns.ru/refer/entreeBam_fichiers/styles-mod.css
Requested by: Host: u339511gj5.ha002.t.justns.ru
URL: http://u339511gj5.ha002.t.justns.ru/refer/index.html
Protocol: HTTP/1.1
Server: 2a00:b700::6:b , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 5a812b6d079563d5007a74f2e8a6fb3cb465b65e5199dc8976d9306e664e6fee

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: u339511gj5.ha002.t.justns.ru
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://u339511gj5.ha002.t.justns.ru/refer/index.html
Connection: keep-alive
Cache-Control: no-cache
Referer: http://u339511gj5.ha002.t.justns.ru/refer/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 26 Feb 2019 14:46:40 GMT
Content-Encoding: gzip
Last-Modified: Tue, 26 Feb 2019 04:27:43 GMT
Server: LiteSpeed
ETag: "2f0a-5c74c03f-948765b05b57005c;gz"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Cache-Control: public, max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 3404
Expires: Tue, 05 Mar 2019 14:46:40 GMT

GET
H/1.1 200
OK stb.css
u339511gj5.ha002.t.justns.ru/refer/entreeBam_fichiers/ 3 KB
1 KB 126ms
39ms Stylesheet
text/css 2a00:b700::6:b
ASBAXET

General

Check archive.org

Show headers Download Go to

Full URL: http://u339511gj5.ha002.t.justns.ru/refer/entreeBam_fichiers/stb.css
Requested by: Host: u339511gj5.ha002.t.justns.ru
URL: http://u339511gj5.ha002.t.justns.ru/refer/index.html
Protocol: HTTP/1.1
Server: 2a00:b700::6:b , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 82bb557cf480b5f06d375306fdf9fb8bdfd9c3139250eeac4c56e65435cdddb3

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: u339511gj5.ha002.t.justns.ru
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://u339511gj5.ha002.t.justns.ru/refer/index.html
Connection: keep-alive
Cache-Control: no-cache
Referer: http://u339511gj5.ha002.t.justns.ru/refer/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 26 Feb 2019 14:46:40 GMT
Content-Encoding: gzip
Last-Modified: Tue, 26 Feb 2019 04:27:42 GMT
Server: LiteSpeed
ETag: "a56-5c74c03e-e7ec47ade5620a89;gz"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Cache-Control: public, max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 885
Expires: Tue, 05 Mar 2019 14:46:40 GMT

GET
H/1.1 404
Not Found infosbulle.js
u339511gj5.ha002.t.justns.ru/refer/entreeBam_fichiers/ 0
0 126ms
39ms Script
text/html 2a00:b700::6:b
ASBAXET

General

Check archive.org

Show headers Download Go to

Full URL: http://u339511gj5.ha002.t.justns.ru/refer/entreeBam_fichiers/infosbulle.js
Requested by: Host: u339511gj5.ha002.t.justns.ru
URL: http://u339511gj5.ha002.t.justns.ru/refer/index.html
Protocol: HTTP/1.1
Server: 2a00:b700::6:b , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: u339511gj5.ha002.t.justns.ru
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: http://u339511gj5.ha002.t.justns.ru/refer/index.html
Connection: keep-alive
Cache-Control: no-cache
Referer: http://u339511gj5.ha002.t.justns.ru/refer/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 26 Feb 2019 14:46:40 GMT
Content-Encoding: gzip
Server: LiteSpeed
Connection: close
Content-Length: 488
Vary: Accept-Encoding,User-Agent
Content-Type: text/html

GET
H/1.1 200
OK siteon0.gif
u339511gj5.ha002.t.justns.ru/refer/entreeBam_fichiers/ 8 KB
8 KB 40ms
39ms Image
image/gif 2a00:b700::6:b
ASBAXET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://u339511gj5.ha002.t.justns.ru/refer/entreeBam_fichiers/siteon0.gif
Requested by: Host: u339511gj5.ha002.t.justns.ru
URL: http://u339511gj5.ha002.t.justns.ru/refer/index.html
Protocol: HTTP/1.1
Server: 2a00:b700::6:b , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 5e6e4b59e776656c913d4f6fa9e5c586678c9954a2b75fc287752ee9b6e976d2

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: u339511gj5.ha002.t.justns.ru
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://u339511gj5.ha002.t.justns.ru/refer/index.html
Connection: keep-alive
Cache-Control: no-cache
Referer: http://u339511gj5.ha002.t.justns.ru/refer/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 26 Feb 2019 14:46:40 GMT
Last-Modified: Tue, 26 Feb 2019 04:27:42 GMT
Server: LiteSpeed
ETag: "1fc0-5c74c03e-6fd3c946a9bc88e8;;;"
Vary: User-Agent
Content-Type: image/gif
Cache-Control: public, max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 8128
Expires: Tue, 05 Mar 2019 14:46:40 GMT

GET
H/1.1 200
OK a.jpeg
u339511gj5.ha002.t.justns.ru/refer/entreeBam_fichiers/ 32 KB
32 KB 40ms
39ms Image
image/jpeg 2a00:b700::6:b
ASBAXET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://u339511gj5.ha002.t.justns.ru/refer/entreeBam_fichiers/a.jpeg
Requested by: Host: u339511gj5.ha002.t.justns.ru
URL: http://u339511gj5.ha002.t.justns.ru/refer/index.html
Protocol: HTTP/1.1
Server: 2a00:b700::6:b , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 4400157cffc868a23c307b80c36d8b849473c3a8905661496c6ed3de54470d20

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: u339511gj5.ha002.t.justns.ru
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://u339511gj5.ha002.t.justns.ru/refer/index.html
Connection: keep-alive
Cache-Control: no-cache
Referer: http://u339511gj5.ha002.t.justns.ru/refer/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 26 Feb 2019 14:46:40 GMT
Last-Modified: Tue, 26 Feb 2019 04:27:38 GMT
Server: LiteSpeed
ETag: "7e81-5c74c03a-1c66912a88b311a1;;;"
Vary: User-Agent
Content-Type: image/jpeg
Cache-Control: public, max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 32385
Expires: Tue, 05 Mar 2019 14:46:40 GMT

GET
H/1.1 200
OK point_transp.gif
u339511gj5.ha002.t.justns.ru/refer/entreeBam_fichiers/ 87 B
437 B 260ms
259ms Image
image/gif 2a00:b700::6:b
ASBAXET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://u339511gj5.ha002.t.justns.ru/refer/entreeBam_fichiers/point_transp.gif
Requested by: Host: u339511gj5.ha002.t.justns.ru
URL: http://u339511gj5.ha002.t.justns.ru/refer/index.html
Protocol: HTTP/1.1
Server: 2a00:b700::6:b , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 7a1a0dc539a9129f3ce1a26e7598a54217d8c8c0291f1a267976dcdad89bbe57

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: u339511gj5.ha002.t.justns.ru
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://u339511gj5.ha002.t.justns.ru/refer/index.html
Connection: keep-alive
Cache-Control: no-cache
Referer: http://u339511gj5.ha002.t.justns.ru/refer/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 26 Feb 2019 14:46:41 GMT
Last-Modified: Tue, 26 Feb 2019 04:27:42 GMT
Server: LiteSpeed
ETag: "57-5c74c03e-b7cf95964abcabfe;;;"
Vary: User-Agent
Content-Type: image/gif
Cache-Control: public, max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 87
Expires: Tue, 05 Mar 2019 14:46:41 GMT

GET
H/1.1 200
OK hit.gif
u339511gj5.ha002.t.justns.ru/refer/entreeBam_fichiers/ 43 B
393 B 260ms
259ms Image
image/gif 2a00:b700::6:b
ASBAXET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://u339511gj5.ha002.t.justns.ru/refer/entreeBam_fichiers/hit.gif
Requested by: Host: u339511gj5.ha002.t.justns.ru
URL: http://u339511gj5.ha002.t.justns.ru/refer/index.html
Protocol: HTTP/1.1
Server: 2a00:b700::6:b , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: u339511gj5.ha002.t.justns.ru
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://u339511gj5.ha002.t.justns.ru/refer/index.html
Connection: keep-alive
Cache-Control: no-cache
Referer: http://u339511gj5.ha002.t.justns.ru/refer/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 26 Feb 2019 14:46:41 GMT
Last-Modified: Tue, 26 Feb 2019 04:27:40 GMT
Server: LiteSpeed
ETag: "2b-5c74c03c-39e3eaaf2f58910d;;;"
Vary: User-Agent
Content-Type: image/gif
Cache-Control: public, max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Tue, 05 Mar 2019 14:46:41 GMT

GET
H/1.1 404
Not Found main_repeat.png
u339511gj5.ha002.t.justns.ru/refer/img/ 661 B
661 B 258ms
257ms Image
text/html 2a00:b700::6:b
ASBAXET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://u339511gj5.ha002.t.justns.ru/refer/img/main_repeat.png
Requested by: Host: u339511gj5.ha002.t.justns.ru
URL: http://u339511gj5.ha002.t.justns.ru/refer/index.html
Protocol: HTTP/1.1
Server: 2a00:b700::6:b , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 84ba16f5e88aa6a75681f2aca2a80e22ff8207512f1e616c3a963f358156474a

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: u339511gj5.ha002.t.justns.ru
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://u339511gj5.ha002.t.justns.ru/refer/entreeBam_fichiers/styles.css
Connection: keep-alive
Cache-Control: no-cache
Referer: http://u339511gj5.ha002.t.justns.ru/refer/entreeBam_fichiers/styles.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 26 Feb 2019 14:46:41 GMT
Content-Encoding: gzip
Server: LiteSpeed
Connection: close
Content-Length: 475
Vary: Accept-Encoding,User-Agent
Content-Type: text/html

GET
H/1.1 200
OK entete_light.png
u339511gj5.ha002.t.justns.ru/refer/entreeBam_fichiers/ 411 B
763 B 258ms
257ms Image
image/png 2a00:b700::6:b
ASBAXET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://u339511gj5.ha002.t.justns.ru/refer/entreeBam_fichiers/entete_light.png
Requested by: Host: u339511gj5.ha002.t.justns.ru
URL: http://u339511gj5.ha002.t.justns.ru/refer/index.html
Protocol: HTTP/1.1
Server: 2a00:b700::6:b , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 9fcab327f6ceaf3b22cde395516929fa4a054ce134c67d0c0788b07a240e38ff

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: u339511gj5.ha002.t.justns.ru
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://u339511gj5.ha002.t.justns.ru/refer/entreeBam_fichiers/styles-mod.css
Connection: keep-alive
Cache-Control: no-cache
Referer: http://u339511gj5.ha002.t.justns.ru/refer/entreeBam_fichiers/styles-mod.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 26 Feb 2019 14:46:41 GMT
Last-Modified: Tue, 26 Feb 2019 04:27:40 GMT
Server: LiteSpeed
ETag: "19b-5c74c03c-9167cb546f0828fc;;;"
Vary: User-Agent
Content-Type: image/png
Cache-Control: public, max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 411
Expires: Tue, 05 Mar 2019 14:46:41 GMT

GET
H/1.1 200
OK main_haut.png
u339511gj5.ha002.t.justns.ru/refer/entreeBam_fichiers/ 143 B
494 B 298ms
39ms Image
image/png 2a00:b700::6:b
ASBAXET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://u339511gj5.ha002.t.justns.ru/refer/entreeBam_fichiers/main_haut.png
Requested by: Host: u339511gj5.ha002.t.justns.ru
URL: http://u339511gj5.ha002.t.justns.ru/refer/index.html
Protocol: HTTP/1.1
Server: 2a00:b700::6:b , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash: c2eb575af2dd8cbf678afc27903c39d00e4083a82f2f340e6e7eaebb2c6b7131

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: u339511gj5.ha002.t.justns.ru
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://u339511gj5.ha002.t.justns.ru/refer/entreeBam_fichiers/styles.css
Connection: keep-alive
Cache-Control: no-cache
Referer: http://u339511gj5.ha002.t.justns.ru/refer/entreeBam_fichiers/styles.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 26 Feb 2019 14:46:41 GMT
Last-Modified: Tue, 26 Feb 2019 04:27:42 GMT
Server: LiteSpeed
ETag: "8f-5c74c03e-247d1be89dcaefc0;;;"
Vary: User-Agent
Content-Type: image/png
Cache-Control: public, max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 143
Expires: Tue, 05 Mar 2019 14:46:41 GMT

GET
H/1.1 404
Not Found bloc_arrond_bas.png
u339511gj5.ha002.t.justns.ru/refer/img/ 665 B
665 B 252ms
218ms Image
text/html 2a00:b700::6:b
ASBAXET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://u339511gj5.ha002.t.justns.ru/refer/img/bloc_arrond_bas.png
Requested by: Host: u339511gj5.ha002.t.justns.ru
URL: http://u339511gj5.ha002.t.justns.ru/refer/index.html
Protocol: HTTP/1.1
Server: 2a00:b700::6:b , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 9802c25176beb0ba013230dcd15ca0fc266030a03a6d078a0ddabd2a5592445e

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: u339511gj5.ha002.t.justns.ru
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://u339511gj5.ha002.t.justns.ru/refer/entreeBam_fichiers/styles.css
Connection: keep-alive
Cache-Control: no-cache
Referer: http://u339511gj5.ha002.t.justns.ru/refer/entreeBam_fichiers/styles.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 26 Feb 2019 14:46:41 GMT
Content-Encoding: gzip
Server: LiteSpeed
Connection: close
Content-Length: 479
Vary: Accept-Encoding,User-Agent
Content-Type: text/html

GET
H/1.1 404
Not Found bloc_arrond_haut.png
u339511gj5.ha002.t.justns.ru/refer/img/ 666 B
666 B 253ms
224ms Image
text/html 2a00:b700::6:b
ASBAXET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://u339511gj5.ha002.t.justns.ru/refer/img/bloc_arrond_haut.png
Requested by: Host: u339511gj5.ha002.t.justns.ru
URL: http://u339511gj5.ha002.t.justns.ru/refer/index.html
Protocol: HTTP/1.1
Server: 2a00:b700::6:b , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 0d2c7627f6fcf59e8249fcea47eee72281980d52535704651a625d719de72449

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: u339511gj5.ha002.t.justns.ru
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://u339511gj5.ha002.t.justns.ru/refer/entreeBam_fichiers/styles.css
Connection: keep-alive
Cache-Control: no-cache
Referer: http://u339511gj5.ha002.t.justns.ru/refer/entreeBam_fichiers/styles.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 26 Feb 2019 14:46:41 GMT
Content-Encoding: gzip
Server: LiteSpeed
Connection: close
Content-Length: 480
Vary: Accept-Encoding,User-Agent
Content-Type: text/html

GET
H/1.1 404
Not Found thead.png
u339511gj5.ha002.t.justns.ru/refer/img/ 655 B
655 B 292ms
40ms Image
text/html 2a00:b700::6:b
ASBAXET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://u339511gj5.ha002.t.justns.ru/refer/img/thead.png
Requested by: Host: u339511gj5.ha002.t.justns.ru
URL: http://u339511gj5.ha002.t.justns.ru/refer/index.html
Protocol: HTTP/1.1
Server: 2a00:b700::6:b , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 203f597381a781c167ae6c5fb151fb8ea91eb6c8c2f3e831ad14256e71a5d10e

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: u339511gj5.ha002.t.justns.ru
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://u339511gj5.ha002.t.justns.ru/refer/entreeBam_fichiers/styles-mod.css
Connection: keep-alive
Cache-Control: no-cache
Referer: http://u339511gj5.ha002.t.justns.ru/refer/entreeBam_fichiers/styles-mod.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 26 Feb 2019 14:46:41 GMT
Content-Encoding: gzip
Server: LiteSpeed
Connection: close
Content-Length: 469
Vary: Accept-Encoding,User-Agent
Content-Type: text/html

GET
H/1.1 404
Not Found bg_form.png
u339511gj5.ha002.t.justns.ru/refer/img/ 657 B
657 B 291ms
39ms Image
text/html 2a00:b700::6:b
ASBAXET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://u339511gj5.ha002.t.justns.ru/refer/img/bg_form.png
Requested by: Host: u339511gj5.ha002.t.justns.ru
URL: http://u339511gj5.ha002.t.justns.ru/refer/index.html
Protocol: HTTP/1.1
Server: 2a00:b700::6:b , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash: e4f62cf0c74e65ce947a5942261b9d2e4b40733f8866b4b618b39c7b51a337f4

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: u339511gj5.ha002.t.justns.ru
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://u339511gj5.ha002.t.justns.ru/refer/entreeBam_fichiers/styles.css
Connection: keep-alive
Cache-Control: no-cache
Referer: http://u339511gj5.ha002.t.justns.ru/refer/entreeBam_fichiers/styles.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 26 Feb 2019 14:46:41 GMT
Content-Encoding: gzip
Server: LiteSpeed
Connection: close
Content-Length: 471
Vary: Accept-Encoding,User-Agent
Content-Type: text/html

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: analytics.s.id
URL: https://analytics.s.id/piwik.js

Domain: g.tmyzer.com
URL: http://g.tmyzer.com/g/

Domain: pixel.tapad.com
URL: http://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=http%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F4%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D

Domain: s.cpx.to
URL: https://s.cpx.to/sync?dsp=avocet&dsp_uid=a8376583-21fd-47be-a800-5d8411e4fee9&fid=b569355d-0320-47bc-8349-5979576c8289

Domain: www.dailymotion.com
URL: http://www.dailymotion.com/embed?api=postMessage&autoplay-mute=true&autoplay=true&controls=false&endscreen-enable=false&id=player_screen_video&mute=true&origin=http%3A%2F%2Furlz.fr&sharing-enable=false&syndication=273739&ui-logo=false&ui-start-screen-info=false

Domain: banners.webmasterplan.com
URL: http://banners.webmasterplan.com/view.asp?ref=794613&site=9192&type=html&hnb=1&js=1&subid=205724

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Credit Agricole (Banking)

83 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.stickyadstv.com
ads.themoneytizer.com
adtrack.adleadevent.com
ajax.cloudflare.com
ajax.googleapis.com
analytics.s.id
api.dmcdn.net
banners.webmasterplan.com
c.tmyzer.com
ced-ns.sascdn.com
cm.g.doubleclick.net
d.turn.com
d2zur9cc2gf1tx.cloudfront.net
edge.quantserve.com
fastlane.rubiconproject.com
g.tmyzer.com
gum.criteo.com
ib.adnxs.com
image2.pubmatic.com
mauriciolo.temp.swtest.ru
maxcdn.bootstrapcdn.com
p.cpx.to
pixel.tapad.com
player.pepsia.com
rules.quantcount.com
s.cpx.to
s.id
secure.adnxs.com
tag.contextweb.com
tag.leadplace.fr
u339511gj5.ha002.t.justns.ru
urlz.fr
ww1097.smartadserver.com
www.ca-aquitaine.fr
www.dailymotion.com
www.google-analytics.com
www.noowho.com
analytics.s.id
banners.webmasterplan.com
g.tmyzer.com
pixel.tapad.com
s.cpx.to
www.dailymotion.com
13.35.253.10
13.35.254.18
147.135.143.43
151.139.241.23
158.191.172.76
172.217.18.98
18.184.103.21
185.33.223.197
185.64.189.110
185.86.137.17
2.16.186.115
2.23.106.5
203.119.112.228
209.197.3.15
213.19.162.51
2600:9000:20bb:8800:6:44e3:f8c0:93a1
2600:9000:20bb:ba00:6:44e3:f8c0:93a1
2606:4700:31::681f:ab2
2606:4700:31::681f:bb2
2606:4700::6813:c597
2a00:1450:4001:808::200a
2a00:1450:4001:809::200e
2a00:b700::6:b
2a02:2638::1c
37.252.172.70
46.228.164.13
5.179.192.20
54.38.64.100
54.75.225.184
63.33.91.112
68.232.35.16
74.214.194.131
77.222.56.187
94.23.196.203
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
0d2c7627f6fcf59e8249fcea47eee72281980d52535704651a625d719de72449
1617ade5ea3ecc2ae90f24d08b42edb9f46a30730ff606cbbd8ccbcf19a4a16a
203f597381a781c167ae6c5fb151fb8ea91eb6c8c2f3e831ad14256e71a5d10e
26517193e17e52b864db99512527c75112afb1290eee8b7d4548e23082f0e876
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3349f7ebfafd1cf105f9f4a41a1be792db6dfc5d754de2fbce192a2185486b73
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
404a9b0ffbcc813e8ddbb8d8510a24a69c09079282f8083ee94f4adc5d627176
4400157cffc868a23c307b80c36d8b849473c3a8905661496c6ed3de54470d20
446f054536501c302854ac0385c0a16c7f215eb11786419b68769eefd8665578
46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681
507f173bd882e8b2be46be53bec61bf98230cde18af89ec0bbe0866ef0497da9
513338f7ad46596ec12a717a06ccff98f54a7f4ffec67085d5b52e9ed9bf7f09
5a812b6d079563d5007a74f2e8a6fb3cb465b65e5199dc8976d9306e664e6fee
5ccf70cd1d1da4e1d97e76747d95a93ef3b78bd1a05f0998069d84b2fa8b5d7c
5e6e4b59e776656c913d4f6fa9e5c586678c9954a2b75fc287752ee9b6e976d2
6355d2f569635d7ed7c4fa9286e79a5eb5ecc6b17d64f97e64687195a1d4e7c3
66171501c2a2df0ccfb7e034730b81578492b3508f54e05b0c3847e81c8b8bb2
6e7beda9f3ed90316bad09c861392b56f5f8125a0fbb4a29c76933e38c44dce7
759d88dd7c8fa0d1e31323bd2ebf3f238156fdcbd1ed108215f69fece482d0c2
7665c874bc98e44bd494def2883069f2f4c14cdef48d52d517cbbfce75440f37
7a1a0dc539a9129f3ce1a26e7598a54217d8c8c0291f1a267976dcdad89bbe57
7e21f113c0b7b34045da6c870dfcb863c6af5d0a8de63ae0d539373ea8f99a0d
82bb557cf480b5f06d375306fdf9fb8bdfd9c3139250eeac4c56e65435cdddb3
84ba16f5e88aa6a75681f2aca2a80e22ff8207512f1e616c3a963f358156474a
90e6f92e956b0b2b6e655f63d36cd44cef727f54c2b2a175ab5144de14ba2a31
94666aec361fee9a9294bb32a5bc11867e479d41c199dd6ec8053122ae105a4b
9802c25176beb0ba013230dcd15ca0fc266030a03a6d078a0ddabd2a5592445e
983364371c4e05731c4ac45028811eba0bbaa0a71e1c1c1d25e6757aef763607
9fcab327f6ceaf3b22cde395516929fa4a054ce134c67d0c0788b07a240e38ff
a307d1f6262aaa120d2d8d18603e6b0eb9a7f58c2865d689a5a7c2d6b707fbbb
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213
be75bd4ece74fdb044d991fed3ebe153c99009970c90a171b24d2d8949e28bd8
bf0e17523e8f57ccb02223b6e5adea462a5479afc4e79d9cbf80ca7f6186dc69
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
c2eb575af2dd8cbf678afc27903c39d00e4083a82f2f340e6e7eaebb2c6b7131
c9b1de23ef555ae2b01ed1ffbf1a93643f09d79e1b17c89fe05b4b7552059c02
d01911e5cd23948baa57eaf709c86932d09a4deb133086ef9386bc49cb1124d7
dd662b6e50e8121af3a3fcdb888012d0eadcefde358452e9b2f45e9980d86325
dd76fdd2142192064e0af855f1b21bdad5ed9e807f053e813827e601404a83cb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4f62cf0c74e65ce947a5942261b9d2e4b40733f8866b4b618b39c7b51a337f4
f6b6ebd962eb5771760ecfd687419341e5cc2ae2275f27ec8ee18d238fe17b1f
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

u339511gj5.ha002.t.justns.ru Open in urlscan Pro 2a00:b700::6:b Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

70 Requests

24 %HTTPS

26 %IPv6

33 Domains

37 Subdomains

29 IPs

9 Countries

429 kBTransfer

1054 kBSize

0 Cookies

2 Outgoing links

Page URL History

Redirected requests

70 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

u339511gj5.ha002.t.justns.ru Open in urlscan Pro
2a00:b700::6:b Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

70
Requests

24 %
HTTPS

26 %
IPv6

33
Domains

37
Subdomains

29
IPs

9
Countries

429 kB
Transfer

1054 kB
Size

0
Cookies

70 HTTP transactions
1 data transactions