urlz.fr Open in urlscan Pro
2606:4700:31::681f:ab2 Public Scan

URL:
https://urlz.fr/aT2m
Submission: On October 30 via api (October 30th 2019, 2:45:01 am UTC) from BE

Summary HTTP 37 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 23 IPs in 9 countries across 27 domains to perform 37 HTTP transactions. The main IP is 2606:4700:31::681f:ab2, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is urlz.fr.
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on August 21st 2019. Valid for: 6 months.

This is the only time urlz.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:31:... 2606:4700:31::681f:ab2	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2606:4700::68... 2606:4700::6813:c597	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	199.34.228.53 199.34.228.53	27647 (WEEBLY) (WEEBLY - Weebly)
6	151.139.241.23 151.139.241.23	33438 (HIGHWINDS2) (HIGHWINDS2 - Highwinds Network Group)
1	145.239.193.145 145.239.193.145	16276 (OVH) (OVH)
1	51.89.9.251 51.89.9.251	16276 (OVH) (OVH)
1	74.214.194.132 74.214.194.132	59940 (PULSEPOIN...) (PULSEPOINT-EU)
1	13.225.78.80 13.225.78.80	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 1	185.86.137.17 185.86.137.17	201081 (SMARTADSE...) (SMARTADSERVER)
1	2a02:26f0:6c0... 2a02:26f0:6c00:18d::c01	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	145.239.192.166 145.239.192.166	16276 (OVH) (OVH)
1	91.228.74.165 91.228.74.165	27281 (QUANTCAST) (QUANTCAST - Quantcast Corporation)
1	13.225.84.175 13.225.84.175	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
3	5.179.192.20 5.179.192.20	34235 (ASPSERVEU...) (ASPSERVEUR-AS)
1	94.23.196.203 94.23.196.203	16276 (OVH) (OVH)
6	34.246.169.240 34.246.169.240	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2600:9000:20e... 2600:9000:20eb:2000:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a00:1450:400... 2a00:1450:4001:81d::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1	91.228.74.226 91.228.74.226	27281 (QUANTCAST) (QUANTCAST - Quantcast Corporation)
1	54.247.104.216 54.247.104.216	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2600:9000:200... 2600:9000:200c:7600:c:a9b7:ddc0:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2 2	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC - PubMatic)
1 1	172.217.23.130 172.217.23.130	15169 (GOOGLE) (GOOGLE - Google LLC)
2 2	52.208.204.25 52.208.204.25	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	104.16.92.60 104.16.92.60	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1 1	185.33.223.218 185.33.223.218	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
1 1	18.185.45.212 18.185.45.212	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
37	23

1 2606:4700:31::681f:ab2 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

urlz.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:c597 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.34.228.53 (San Francisco, United States)

ASN27647 (WEEBLY - Weebly, Inc., US)
PTR: pages-wildcard-1.weebly.com

prxms502.weebly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.139.241.23 (Dallas, United States)

ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US)

ads.themoneytizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 145.239.193.145 (France)

ASN16276 (OVH, FR)

g.themoneytizer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.251 (Germany)

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.214.194.132 (Amsterdam, Netherlands)

ASN59940 (PULSEPOINT-EU, NL)

tag.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.80 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-225-78-80.fra2.r.cloudfront.net

p.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.137.17 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

ww1097.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:18d::c01 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

ced-ns.sascdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 145.239.192.166 (France)

ASN16276 (OVH, FR)

tag.leadplace.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.228.74.165 (United Kingdom)

ASN27281 (QUANTCAST - Quantcast Corporation, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.84.175 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-225-84-175.fra2.r.cloudfront.net

d2zur9cc2gf1tx.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 5.179.192.20 (Paris, France)

ASN34235 (ASPSERVEUR-AS, FR)
PTR: 5-179-192-20.dynamixhost.net

player.pepsia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.23.196.203 (France)

ASN16276 (OVH, FR)
PTR: serveur8.wilsoftech.com

www.noowho.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.246.169.240 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-246-169-240.eu-west-1.compute.amazonaws.com

s.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:2000:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.228.74.226 (United Kingdom)

ASN27281 (QUANTCAST - Quantcast Corporation, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.247.104.216 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-247-104-216.eu-west-1.compute.amazonaws.com

adtrack.adleadevent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:200c:7600:c:a9b7:ddc0:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

c.sharethis.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.110 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC - PubMatic, Inc., US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.130 (United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s18-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.208.204.25 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-208-204-25.eu-west-1.compute.amazonaws.com

ads.avocet.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.92.60 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

dmp.truoptik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.223.218 (Netherlands) 1 redirects

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 313.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.185.45.212 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-185-45-212.eu-central-1.compute.amazonaws.com

pool.grid-data.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	cpx.to p.cpx.to s.cpx.to	8 KB
6	themoneytizer.com ads.themoneytizer.com	165 KB
3	pepsia.com player.pepsia.com	40 KB
2	avocet.io 2 redirects ads.avocet.io	1 KB
2	pubmatic.com 2 redirects image2.pubmatic.com	1 KB
2	quantserve.com secure.quantserve.com pixel.quantserve.com	6 KB
2	leadplace.fr tag.leadplace.fr	3 KB
2	weebly.com prxms502.weebly.com
1	bidswitch.net 1 redirects pool.grid-data.bidswitch.net	338 B
1	adnxs.com 1 redirects secure.adnxs.com	948 B
1	truoptik.com dmp.truoptik.com
1	doubleclick.net 1 redirects cm.g.doubleclick.net	155 B
1	consensu.org c.sharethis.mgr.consensu.org	402 B
1	adleadevent.com adtrack.adleadevent.com	518 B
1	googleapis.com ajax.googleapis.com	30 KB
1	quantcount.com rules.quantcount.com	966 B
1	noowho.com www.noowho.com	2 KB
1	cloudfront.net d2zur9cc2gf1tx.cloudfront.net	26 KB
1	criteo.com gum.criteo.com	311 B
1	sascdn.com ced-ns.sascdn.com	8 KB
1	smartadserver.com 1 redirects ww1097.smartadserver.com	198 B
1	contextweb.com tag.contextweb.com	11 KB
1	onetag-sys.com onetag-sys.com
1	themoneytizer.net g.themoneytizer.net	200 B
1	cloudflare.com ajax.cloudflare.com	4 KB
1	urlz.fr urlz.fr	1 KB
0	id5-sync.com Failed id5-sync.com Failed
37	27

	Domain	Requested by
6	s.cpx.to	p.cpx.to
6	ads.themoneytizer.com	ajax.cloudflare.com ads.themoneytizer.com
3	player.pepsia.com	urlz.fr player.pepsia.com
2	ads.avocet.io	2 redirects
2	image2.pubmatic.com	2 redirects
2	tag.leadplace.fr	ads.themoneytizer.com tag.leadplace.fr
2	prxms502.weebly.com	urlz.fr
1	pool.grid-data.bidswitch.net	1 redirects
1	secure.adnxs.com	1 redirects
1	dmp.truoptik.com
1	cm.g.doubleclick.net	1 redirects
1	c.sharethis.mgr.consensu.org	player.pepsia.com
1	adtrack.adleadevent.com	ajax.googleapis.com
1	pixel.quantserve.com
1	ajax.googleapis.com	d2zur9cc2gf1tx.cloudfront.net
1	rules.quantcount.com	secure.quantserve.com
1	www.noowho.com
1	d2zur9cc2gf1tx.cloudfront.net	ads.themoneytizer.com
1	secure.quantserve.com	ads.themoneytizer.com
1	gum.criteo.com	ads.themoneytizer.com
1	ced-ns.sascdn.com
1	ww1097.smartadserver.com	1 redirects
1	p.cpx.to	ads.themoneytizer.com
1	tag.contextweb.com	ads.themoneytizer.com
1	onetag-sys.com	ads.themoneytizer.com
1	g.themoneytizer.net	ads.themoneytizer.com
1	ajax.cloudflare.com	urlz.fr
1	urlz.fr
0	id5-sync.com Failed
37	29

This site contains links to these domains. Also see Links.

Domain
www.noowho.com

Subject Issuer	Validity	Valid
sni21163.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-08-21` - `2020-02-27`	6 months	crt.sh
ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-08-10` - `2020-02-16`	6 months	crt.sh
*.weebly.com RapidSSL RSA CA 2018	`2019-10-04` - `2021-12-02`	2 years	crt.sh
*.themoneytizer.com Sectigo RSA Domain Validation Secure Server CA	`2019-02-15` - `2021-02-14`	2 years	crt.sh
g.themoneytizer.net Let's Encrypt Authority X3	`2019-10-11` - `2020-01-09`	3 months	crt.sh
onetag-sys.com Let's Encrypt Authority X3	`2019-10-10` - `2020-01-08`	3 months	crt.sh
*.contextweb.com DigiCert SHA2 Secure Server CA	`2018-07-07` - `2020-06-03`	2 years	crt.sh
p.cpx.to COMODO RSA Domain Validation Secure Server CA	`2015-02-10` - `2020-02-09`	5 years	crt.sh
*.sascdn.com DigiCert SHA2 Secure Server CA	`2019-03-12` - `2020-06-10`	a year	crt.sh
*.criteo.com DigiCert ECC Secure Server CA	`2019-03-28` - `2020-04-01`	a year	crt.sh
*.leadplace.fr Gandi Standard SSL CA 2	`2018-09-06` - `2020-09-12`	2 years	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2019-10-04` - `2020-10-07`	a year	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2019-07-17` - `2020-07-05`	a year	crt.sh
player.pepsia.com Let's Encrypt Authority X3	`2019-09-28` - `2019-12-27`	3 months	crt.sh
www.noowho.com Gandi Standard SSL CA 2	`2017-02-07` - `2020-02-07`	3 years	crt.sh
s.cpx.to COMODO RSA Domain Validation Secure Server CA	`2015-02-10` - `2020-02-09`	5 years	crt.sh
*.googleapis.com GTS CA 1O1	`2019-10-10` - `2020-01-02`	3 months	crt.sh
adtrack.adleadevent.com Amazon	`2019-06-30` - `2020-07-30`	a year	crt.sh
*.sharethis.mgr.consensu.org Go Daddy Secure Certificate Authority - G2	`2018-05-21` - `2020-05-21`	2 years	crt.sh
*.truoptik.com Go Daddy Secure Certificate Authority - G2	`2018-11-13` - `2020-11-13`	2 years	crt.sh

This page contains 5 frames:

Primary Page: https://urlz.fr/aT2m
Frame ID: 1E46A4EA4B6E36268DB616124344736E
Requests: 33 HTTP requests in this frame

Frame: https://prxms502.weebly.com/
Frame ID: 402589D0459CF1911F4B84F8B3C8EAE0
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1572403485460
Frame ID: C3E556CC4ACA3480C30148829EFBDA2C
Requests: 1 HTTP requests in this frame

Frame: https://prxms502.weebly.com/
Frame ID: 8829BC6517458944A4336CC0E72DC223
Requests: 1 HTTP requests in this frame

Frame: https://tag.leadplace.fr/wckr.php?nogdpr&id=MTIZ
Frame ID: 83F910AEC1DDD139C6AE9C42AA827E31
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /\/prebid\.js/i

Quantcast (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /\.quantserve\.com\/quant\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

37
Requests

97 %
HTTPS

25 %
IPv6

27
Domains

29
Subdomains

23
IPs

9
Countries

306 kB
Transfer

782 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.noowho.com/Show-23690713.html

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

https://ww1097.smartadserver.com/config.js?nwid=1097 HTTP 302
https://ced-ns.sascdn.com/diff/js/smart.js

Request Chain 19

https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent= HTTP 302
https://id5-sync.com/c/12/0/9/1.gif?gdpr=1&gdpr_consent= HTTP 302
https://secure.adnxs.com/getuid?https://id5-sync.com/c/12/2/8/2.gif?puid=$UID&gdpr=1&gdpr_consent= HTTP 302
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fid5-sync.com%2Fc%2F12%2F2%2F8%2F2.gif%3Fpuid%3D%24UID%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/12/2/8/2.gif?puid=3688940521099640744&gdpr=1&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F10%2F7%2F3.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/12/10/7/3.gif?puid=3221004126244004069&gdpr=1&gdpr_consent= HTTP 302
https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F6%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F6%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/12/101/6/4.gif?puid=2628da0f-f816-4d3f-a5b8-f8ea207c5a8d&gdpr=1&gdpr_consent= HTTP 302
https://rtb-csync.smartadserver.com/redir/?partnerid=111&partneruserid=ID5-ZHMONbbf2Deagb5KYtdeEn5yYVS56xWeFaU9-1LlXA&redirurl=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F102%2F5%2F5.gif%3Fpuid%3DSMART_USER_ID%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/12/102/5/5.gif?puid=8615282268742393127&gdpr=1&gdpr_consent= HTTP 302
https://loadus.exelator.com/load/?p=1082&g=204&j=r&gdpr=1&gdpr_consent=&ru=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F103%2F4%2F6.gif%3Fpuid%3D%25%25UID%25%25%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://loadus.exelator.com/load/?p=1082&g=204&j=r&gdpr=1&gdpr_consent=&ru=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F103%2F4%2F6.gif%3Fpuid%3D%25%25UID%25%25%26gdpr%3D1%26gdpr_consent%3D&xl8blockcheck=1 HTTP 302
https://id5-sync.com/c/12/103/4/6.gif?puid=6d1c6770cc2d0585833820eefaaaf5d0&gdpr=1&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F3%2F7.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F3%2F7.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/12/108/3/7.gif?puid=3bb9a331-fabf-11e9-b48d-4adede4242db&gdpr=1&gdpr_consent= HTTP 302
https://uipglob.semasio.net/id5/1/get?_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F112%2F2%2F8.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://uipglob.semasio.net/id5/1/get2?_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F112%2F2%2F8.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/12/112/2/8.gif?puid=65780E56E598A51D&gdpr=1&gdpr_consent=

Request Chain 29

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D89fe4cc9-5190-471a-a340-af88da1dff5e HTTP 302
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D89fe4cc9-5190-471a-a340-af88da1dff5e HTTP 302
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=DE0ED155-D953-4AC5-A6F5-3C82DE878DFB&fid=89fe4cc9-5190-471a-a340-af88da1dff5e

Request Chain 30

https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=89fe4cc9-5190-471a-a340-af88da1dff5e HTTP 302
https://s.cpx.to/ca.png?dsp=dbm&fid=89fe4cc9-5190-471a-a340-af88da1dff5e&google_gid=CAESEHevFVNgKR2MHJggpHn-b9Y&google_cver=1

Request Chain 31

https://ads.avocet.io/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Davocet%26dsp_uid%3D%7B%7BUUID%7D%7D%26fid%3D89fe4cc9-5190-471a-a340-af88da1dff5e HTTP 302
https://ads.avocet.io/getuid?bounce=true&url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Davocet%26dsp_uid%3D%7B%7BUUID%7D%7D%26fid%3D89fe4cc9-5190-471a-a340-af88da1dff5e HTTP 302
https://s.cpx.to/sync?dsp=avocet&dsp_uid=c13c4ff7-bd8c-4d23-a3ef-7a236b112bd3&fid=89fe4cc9-5190-471a-a340-af88da1dff5e

Request Chain 33

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D11528%26ref%3D%26hn_ver%3D10%26fid%3D89fe4cc9-5190-471a-a340-af88da1dff5e HTTP 302
https://s.cpx.to/an_fire?app_nexus_uid=3688940521099640744&pid=11528&ref=&hn_ver=10&fid=89fe4cc9-5190-471a-a340-af88da1dff5e

Request Chain 34

https://pool.grid-data.bidswitch.net/sync?pid=42 HTTP 302
https://s.cpx.to/sync?dsp_uid=03c3d0df-3a5a-47e5-a09c-07318f18f580&dsp=BIDSWITCH

37 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request aT2m Show response
urlz.fr/ 3 KB
1 KB 153ms
117ms Document
text/html 2606:4700:31::681f:ab2
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://urlz.fr/aT2m
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:31::681f:ab2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 924ba28af1362727156743fa15ecd327721201387c0cadc0178e6b20f17b6738

Request headers

:method: GET
:authority: urlz.fr
:scheme: https
:path: /aT2m
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: none
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1

Response headers

status: 200
date: Wed, 30 Oct 2019 02:44:44 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d3596389135cba88db95c3b89d9f911611572403483; expires=Thu, 29-Oct-20 02:44:43 GMT; path=/; domain=.urlz.fr; HttpOnly
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 52da0c8e8d18cbc8-VIE
content-encoding: br

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/95c75768/cloudflare-static/ 12 KB
4 KB 42ms
16ms Script
application/javascript 2606:4700::6813:c597
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/95c75768/cloudflare-static/rocket-loader.min.js

Requested by

Host: urlz.fr
URL: https://urlz.fr/aT2m

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:c597 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ebb1042972496d60bb6555b9622f7e23201bbfe5d25b33d1096f1b61d659045

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://urlz.fr/aT2m
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Wed, 30 Oct 2019 02:44:44 GMT
content-encoding: gzip
last-modified: Thu, 24 Oct 2019 14:43:45 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5db1b8a1-2fb5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=172800, public
strict-transport-security: max-age=15780000; includeSubDomains
cf-ray: 52da0c8f7854cbb4-VIE
alt-svc: h3-23=":443"; ma=86400
expires: Fri, 01 Nov 2019 02:44:44 GMT

GET
H/1.1 200
OK Cookie set /
prxms502.weebly.com/ Frame 4025 0
0 505ms
178ms Document
text/html 199.34.228.53
Weebly

General

Check archive.org

Show headers Download Go to

Full URL: https://prxms502.weebly.com/
Requested by: Host: urlz.fr
URL: https://urlz.fr/aT2m
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.34.228.53 San Francisco, United States, ASN27647 (WEEBLY - Weebly, Inc., US),
Reverse DNS: pages-wildcard-1.weebly.com
Software: Apache /
Resource Hash

Request headers

Host: prxms502.weebly.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: https://urlz.fr/aT2m
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://urlz.fr/aT2m

Response headers

Date: Wed, 30 Oct 2019 02:44:44 GMT
Server: Apache
Set-Cookie: is_mobile=0; path=/; domain=prxms502.weebly.com language=en; expires=Wed, 13-Nov-2019 02:44:44 GMT; Max-Age=1209600; path=/
Vary: X-W-SSL,Accept-Encoding,User-Agent
Cache-Control: private
ETag: W/"85745f1f85a35b71e038fcdb95e021ee-gzip"
Content-Encoding: gzip
X-Host: pages8.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 6412
Keep-Alive: timeout=10, max=58
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H2 200 requestform.js Show response
ads.themoneytizer.com/s/ 36 KB
8 KB 26ms
11ms Script
text/html 151.139.241.23
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/95c75768/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx / PHP/5.4.45
Resource Hash: c81577fb7e0a51e5ee14cce173f35ef1ea8be355a33fc7ba431808cc52789215

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://urlz.fr/aT2m
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Wed, 30 Oct 2019 02:44:44 GMT
content-encoding: gzip
server: nginx
x-powered-by: PHP/5.4.45
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
status: 200
cache-control: max-age=86400
accept-ranges: bytes
expires: Thu, 31 Oct 2019 02:44:44 GMT

GET
H2 200 gen.js Show response
ads.themoneytizer.com/s/ 8 KB
3 KB 22ms
7ms Script
text/html 151.139.241.23
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/gen.js?type=28
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/95c75768/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx / PHP/5.4.45
Resource Hash: afa9fb95b610a889e744ede0461b995ff3ab0ed1d517f1d47b3a4c797ec070c8

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://urlz.fr/aT2m
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Wed, 30 Oct 2019 02:44:44 GMT
content-encoding: gzip
server: nginx
x-powered-by: PHP/5.4.45
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 2742
expires: Thu, 31 Oct 2019 02:44:31 GMT

GET
H/1.1 200
OK / Show response
g.themoneytizer.net/g/ 26 B
200 B 49ms
11ms Script
text/html 145.239.193.145
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://g.themoneytizer.net/g/
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=28
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 145.239.193.145 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 8c8543047af01eee8aec752d049f35aff3abc468628af82f9585117411786d8c

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://urlz.fr/aT2m
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date: Wed, 30 Oct 2019 02:44:45 GMT
Server: nginx
X-IPLB-Instance: 29894
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 moneyvisibility.js Show response
ads.themoneytizer.com/ 12 KB
4 KB 6ms
5ms Script
text/javascript 151.139.241.23
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneyvisibility.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=28
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: 7665c874bc98e44bd494def2883069f2f4c14cdef48d52d517cbbfce75440f37

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://urlz.fr/aT2m
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Wed, 30 Oct 2019 02:44:45 GMT
content-encoding: gzip
last-modified: Wed, 27 Feb 2019 16:57:07 GMT
server: nginx
etag: "779a-308e-582e3105a6be4"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 3931
expires: Thu, 31 Oct 2019 02:44:03 GMT

GET
H2 200 moneybile.js Show response
ads.themoneytizer.com/ 37 KB
16 KB 7ms
6ms Script
text/javascript 151.139.241.23
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneybile.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=28
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: 94666aec361fee9a9294bb32a5bc11867e479d41c199dd6ec8053122ae105a4b

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://urlz.fr/aT2m
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Wed, 30 Oct 2019 02:44:45 GMT
content-encoding: gzip
last-modified: Wed, 27 Feb 2019 16:57:00 GMT
server: nginx
etag: "7ff1-9390-582e30fefbc74"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 15733
expires: Thu, 31 Oct 2019 02:43:54 GMT

GET
H/1.1 200
OK Cookie set /
onetag-sys.com/usync/ Frame C3E5 0
0 30ms
8ms Document
text/html 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1572403485460
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=28
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.89.9.251 , Germany, ASN16276 (OVH, FR),
Reverse DNS: ip251.ip-51-89-9.eu
Software: /
Resource Hash

Request headers

Host: onetag-sys.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: https://urlz.fr/aT2m
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://urlz.fr/aT2m

Response headers

P3P: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
Set-Cookie: OTP=u0ydsqGFr7mkRbbJim8GrvkMzdqQHhxKzebPX-kJIt0; path=/; expires=Fri, 29 Oct 2021 02:44:45; domain=onetag-sys.com; SameSite=None;
Content-Type: text/html
Expires: Sun, 01-Jan-2034 12:34:56 GMT
Cache-Control: max-age=2628000,public
content-encoding: gzip
transfer-encoding: chunked

GET
H2 200 getjs.static.js Show response
tag.contextweb.com/ 32 KB
11 KB 55ms
15ms Script
application/x-javascript 74.214.194.132
PULSEPOINT-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.contextweb.com/getjs.static.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=28
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 74.214.194.132 Amsterdam, Netherlands, ASN59940 (PULSEPOINT-EU, NL),
Reverse DNS
Software: envoy /
Resource Hash: bf0e17523e8f57ccb02223b6e5adea462a5479afc4e79d9cbf80ca7f6186dc69

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://urlz.fr/aT2m
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Wed, 30 Oct 2019 02:44:45 GMT
content-encoding: gzip
server: envoy
etag: d13c8ae45565efb782b52cb7f6a3b3828e3d77a7
p3p: policyref="/TagPublish/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
status: 200
cache-control: max-age=432000, public
x-envoy-upstream-service-time: 2
content-type: application/x-javascript
content-length: 11296

GET
H/1.1 200
OK px.js Show response
p.cpx.to/p/11528/ 1 KB
2 KB 23ms
7ms Script
application/javascript 13.225.78.80
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://p.cpx.to/p/11528/px.js?r=1de02
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=28
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.78.80 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-225-78-80.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 759d88dd7c8fa0d1e31323bd2ebf3f238156fdcbd1ed108215f69fece482d0c2

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://urlz.fr/aT2m
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date: Sat, 26 Oct 2019 20:57:24 GMT
Content-Encoding: UTF-8
Connection: keep-alive
Last-Modified: Wed, 10 Oct 2018 10:49:46 GMT
Server: AmazonS3
Age: 280042
ETag: "f30057c89bf67afeaf18ceba624fa4b7"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 216b2e0a8a27f8fca1b540a1c4ea6922.cloudfront.net (CloudFront)
Cache-Control: max-age=2419200
X-Amz-Cf-Pop: FRA2-C2
Accept-Ranges: bytes
Content-Length: 1498
X-Amz-Cf-Id: KP3yvzmg1uVBaGkw7SCuxkaRwKrJi7XJgi-lfpNhEg101KI8ZULZJg==

GET
H/1.1

200
OK

smart.js Show response
ced-ns.sascdn.com/diff/js/
Redirect Chain

https://ww1097.smartadserver.com/config.js?nwid=1097
https://ced-ns.sascdn.com/diff/js/smart.js

24 KB
8 KB

34ms
7ms

Script
application/x-javascript

2a02:26f0:6c00:18d::c01
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ced-ns.sascdn.com/diff/js/smart.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:18d::c01 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: Apache /
Resource Hash: e74d4b9c447f963778d2309bf36b2c9acd06d8c7096f9a98b28643cae53f426b

Request headers

Referer: https://urlz.fr/aT2m
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date: Wed, 30 Oct 2019 02:44:45 GMT
Content-Encoding: gzip
Last-Modified: Thu, 05 Sep 2019 12:08:33 GMT
Server: Apache
ETag: "1fc11a0f5e30485338c4562812f21662:1567685313"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8004

Redirect headers

Location: https://ced-ns.sascdn.com/diff/js/smart.js
Date: Wed, 30 Oct 2019 02:44:44 GMT
Cache-Control: private
Content-Length: 159
Content-Type: text/html; charset=utf-8

GET
H2 200 sync Show response
gum.criteo.com/ 49 B
311 B 51ms
16ms Script
text/javascript 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=28
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: /
Resource Hash: 005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://urlz.fr/aT2m
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Wed, 30 Oct 2019 02:44:44 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
status: 200
cache-control: private, max-age=3600
content-length: 165
expires: 60

GET
H/1.1 200
OK libJsLP.js Show response
tag.leadplace.fr/ 3 KB
3 KB 60ms
17ms Script
application/javascript 145.239.192.166
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.leadplace.fr/libJsLP.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=28
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 145.239.192.166 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 90e6f92e956b0b2b6e655f63d36cd44cef727f54c2b2a175ab5144de14ba2a31

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://urlz.fr/aT2m
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date: Wed, 30 Oct 2019 02:44:45 GMT
Last-Modified: Tue, 27 Nov 2018 14:13:54 GMT
Server: nginx/1.14.2
ETag: "5bfd5122-a72"
X-IPLB-Instance: 30195
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 2674

GET
H/1.1 200
OK quant.js Show response
secure.quantserve.com/ 12 KB
6 KB 30ms
7ms Script
application/x-javascript 91.228.74.165
Quantcast Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.228.74.165 , United Kingdom, ASN27281 (QUANTCAST - Quantcast Corporation, US),
Reverse DNS
Software: QS /
Resource Hash: 404a9b0ffbcc813e8ddbb8d8510a24a69c09079282f8083ee94f4adc5d627176

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://urlz.fr/aT2m
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date: Wed, 30 Oct 2019 02:44:45 GMT
Content-Encoding: gzip
Last-Modified: Wed, 30-Oct-2019 02:44:45 GMT
Server: QS
ETag: M0-e2b9884a
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=604800
Connection: keep-alive
Content-Length: 5456
Expires: Wed, 06 Nov 2019 02:44:45 GMT

GET
H/1.1 200
OK notifyme.js Show response
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/ 25 KB
26 KB 22ms
6ms Script
text/javascript 13.225.84.175
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.84.175 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-225-84-175.fra2.r.cloudfront.net
Software: Apache /
Resource Hash: b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://urlz.fr/aT2m
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date: Wed, 07 Aug 2019 01:39:13 GMT
Via: 1.1 03d509e8374e9f42668961b5e0201349.cloudfront.net (CloudFront)
Last-Modified: Mon, 18 Feb 2019 16:54:28 GMT
Server: Apache
Age: 84304
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C2
Accept-Ranges: bytes
Content-Length: 25704
X-Amz-Cf-Id: B8GsT1hDcki5nDvGxc2iVUhNCX5kzfxNAiXeKAjDvH-YTwEfJAC5CQ==

GET
H2 200 prebid.js Show response
ads.themoneytizer.com/moneybid2_31/build/dist/ 351 KB
111 KB 6ms
6ms Script
text/javascript 151.139.241.23
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneybid2_31/build/dist/prebid.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: 0d22f9b6f2b7945e7f86a028a8e38ffa8bf63d62b977b01ef4d33135217b1183

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://urlz.fr/aT2m
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Wed, 30 Oct 2019 02:44:45 GMT
content-encoding: gzip
last-modified: Thu, 17 Oct 2019 20:30:51 GMT
server: nginx
etag: "33a7b-57c0c-5952117f11681"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 113444
expires: Thu, 31 Oct 2019 02:44:11 GMT

GET
H/1.1 200
OK sdk.js Show response
player.pepsia.com/ 39 KB
39 KB 141ms
54ms Script
application/javascript 5.179.192.20
ASPSERVEUR-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.pepsia.com/sdk.js?d=16e1a8d1b18
Requested by: Host: urlz.fr
URL: https://urlz.fr/aT2m
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.179.192.20 Paris, France, ASN34235 (ASPSERVEUR-AS, FR),
Reverse DNS: 5-179-192-20.dynamixhost.net
Software: nginx /
Resource Hash: e210f56421f422144d56bc89278101007da57f4533e3c0788ba82a9d49170cdc

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://urlz.fr/aT2m
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date: Wed, 30 Oct 2019 02:44:45 GMT
Last-Modified: Tue, 29 Oct 2019 09:15:39 GMT
Server: nginx
Accept-Ranges: bytes
ETag: "5db8033b-9b78"
Content-Length: 39800
Content-Type: application/javascript

GET
H/1.1 200
OK Cookie set /
prxms502.weebly.com/ Frame 8829 0
0 179ms
178ms Document
text/html 199.34.228.53
Weebly

General

Check archive.org

Show headers Download Go to

Full URL: https://prxms502.weebly.com/
Requested by: Host: urlz.fr
URL: https://urlz.fr/aT2m
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.34.228.53 San Francisco, United States, ASN27647 (WEEBLY - Weebly, Inc., US),
Reverse DNS: pages-wildcard-1.weebly.com
Software: Apache /
Resource Hash

Request headers

Host: prxms502.weebly.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: https://urlz.fr/aT2m
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://urlz.fr/aT2m

Response headers

Date: Wed, 30 Oct 2019 02:44:45 GMT
Server: Apache
Set-Cookie: is_mobile=0; path=/; domain=prxms502.weebly.com language=en; expires=Wed, 13-Nov-2019 02:44:45 GMT; Max-Age=1209600; path=/
Vary: X-W-SSL,Accept-Encoding,User-Agent
Cache-Control: private
ETag: W/"85745f1f85a35b71e038fcdb95e021ee-gzip"
Content-Encoding: gzip
X-Host: pages23.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 6412
Keep-Alive: timeout=10, max=49
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK image.php
www.noowho.com/ 1 KB
2 KB 174ms
123ms Image
image/gif 94.23.196.203
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.noowho.com/image.php?site=23690713&ref=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.23.196.203 , France, ASN16276 (OVH, FR),
Reverse DNS: serveur8.wilsoftech.com
Software: Apache/2.4.7 (Ubuntu) / PHP/5.5.9-1ubuntu4.22
Resource Hash: 36166cacdd0e282d22b9934b5926e31c24950d2a2fe575145288b39304db8a56

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://urlz.fr/aT2m
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date: Wed, 30 Oct 2019 02:54:12 GMT
Cache-Control: no-store, no-cache, must-revalidate
Server: Apache/2.4.7 (Ubuntu)
Connection: close
X-Powered-By: PHP/5.5.9-1ubuntu4.22
Content-Length: 1356
Content-Type: image/gif

GET

8.gif
id5-sync.com/c/12/112/2/
Redirect Chain

https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent=
https://id5-sync.com/c/12/0/9/1.gif?gdpr=1&gdpr_consent=
https://secure.adnxs.com/getuid?https://id5-sync.com/c/12/2/8/2.gif?puid=$UID&gdpr=1&gdpr_consent=
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fid5-sync.com%2Fc%2F12%2F2%2F8%2F2.gif%3Fpuid%3D%24UID%26gdpr%3D1%26gdpr_consent%3D
https://id5-sync.com/c/12/2/8/2.gif?puid=3688940521099640744&gdpr=1&gdpr_consent=
https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F10%2F7%2F3.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D1%26gdpr_consent%3D
https://id5-sync.com/c/12/10/7/3.gif?puid=3221004126244004069&gdpr=1&gdpr_consent=
https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F6%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F6%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
https://id5-sync.com/c/12/101/6/4.gif?puid=2628da0f-f816-4d3f-a5b8-f8ea207c5a8d&gdpr=1&gdpr_consent=
https://rtb-csync.smartadserver.com/redir/?partnerid=111&partneruserid=ID5-ZHMONbbf2Deagb5KYtdeEn5yYVS56xWeFaU9-1LlXA&redirurl=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F102%2F5%2F5.gif%3Fpuid%3DSMART_U...
https://id5-sync.com/c/12/102/5/5.gif?puid=8615282268742393127&gdpr=1&gdpr_consent=
https://loadus.exelator.com/load/?p=1082&g=204&j=r&gdpr=1&gdpr_consent=&ru=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F103%2F4%2F6.gif%3Fpuid%3D%25%25UID%25%25%26gdpr%3D1%26gdpr_consent%3D
https://loadus.exelator.com/load/?p=1082&g=204&j=r&gdpr=1&gdpr_consent=&ru=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F103%2F4%2F6.gif%3Fpuid%3D%25%25UID%25%25%26gdpr%3D1%26gdpr_consent%3D&xl8blockcheck=1
https://id5-sync.com/c/12/103/4/6.gif?puid=6d1c6770cc2d0585833820eefaaaf5d0&gdpr=1&gdpr_consent=
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F3%2F7.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F3%2F7.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D
https://id5-sync.com/c/12/108/3/7.gif?puid=3bb9a331-fabf-11e9-b48d-4adede4242db&gdpr=1&gdpr_consent=
https://uipglob.semasio.net/id5/1/get?_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F112%2F2%2F8.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D1%26gdpr_consent%3D
https://uipglob.semasio.net/id5/1/get2?_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F112%2F2%2F8.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D1%26gdpr_consent%3D
https://id5-sync.com/c/12/112/2/8.gif?puid=65780E56E598A51D&gdpr=1&gdpr_consent=

0
0

GET
H/1.1 200
OK fire.js Show response
s.cpx.to/ 942 B
2 KB 122ms
29ms Script
application/javascript 34.246.169.240
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://s.cpx.to/fire.js?pid=11528&ref=&hn_ver=10&fid=89fe4cc9-5190-471a-a340-af88da1dff5e

Requested by

Host: p.cpx.to
URL: https://p.cpx.to/p/11528/px.js?r=1de02

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.246.169.240 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-34-246-169-240.eu-west-1.compute.amazonaws.com

Software

Resource Hash

fbb44eb56d0ceba90f305aea5a890760a456515e18ad60fe989b1d419f696c03

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://urlz.fr/aT2m
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Wed, 30 Oct 2019 02:44:45 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/javascript; charset=UTF-8
Content-Length: 942
Expires: Thu, 24 Oct 2019 09:34:59 GMT

GET
H2 200 rules-p-6Fv0cGNfc_bw8.js Show response
rules.quantcount.com/ 1 KB
966 B 22ms
6ms Script
application/x-javascript 2600:9000:20eb:2000:6:44e3:f8c0:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:2000:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://urlz.fr/aT2m
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Wed, 30 Oct 2019 02:06:04 GMT
content-encoding: gzip
last-modified: Mon, 19 Mar 2018 22:28:36 GMT
server: AmazonS3
age: 2322
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=3600
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: D6U4wdWcZCszwEgNd66u15fi5x9zwgEDIQpm6Sw1-_UtMIkcT88Psw==
via: 1.1 cb33a7a4640adbb55df3e0d143601559.cloudfront.net (CloudFront)

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.0.0/ 84 KB
30 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:81d::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js

Requested by

Host: d2zur9cc2gf1tx.cloudfront.net
URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://urlz.fr/aT2m
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Fri, 11 Oct 2019 15:10:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1596831
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 30186
x-xss-protection: 0
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Oct 2020 15:10:54 GMT

GET
H/1.1 200
OK pixel;r=1944656823;labels=Categories.hobbiesandinterests;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Furlz.fr%2FaT2m;fpan=1;fpa=P0-1372516821-1572403485538;ns=0;ce=1;qjs=1;qv=4c19192-20180628134937;cm=...
pixel.quantserve.com/ 35 B
494 B 38ms
7ms Image
image/gif 91.228.74.226
Quantcast Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.quantserve.com/pixel;r=1944656823;labels=Categories.hobbiesandinterests;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Furlz.fr%2FaT2m;fpan=1;fpa=P0-1372516821-1572403485538;ns=0;ce=1;qjs=1;qv=4c19192-20180628134937;cm=;ref=;je=0;sr=1600x1200x24;enc=n;dst=1;et=1572403485538;tzo=-60;ogl=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.228.74.226 , United Kingdom, ASN27281 (QUANTCAST - Quantcast Corporation, US),
Reverse DNS
Software: QS /
Resource Hash: a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://urlz.fr/aT2m
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Oct 2019 02:44:45 GMT
Server: QS
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
Cache-Control: private, no-cache, no-store, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1 200
OK wckr.php
tag.leadplace.fr/ Frame 83F9 0
0 20ms
18ms Document
text/html 145.239.192.166
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.leadplace.fr/wckr.php?nogdpr&id=MTIZ
Requested by: Host: tag.leadplace.fr
URL: https://tag.leadplace.fr/libJsLP.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 145.239.192.166 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash

Request headers

Host: tag.leadplace.fr
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: https://urlz.fr/aT2m
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://urlz.fr/aT2m

Response headers

Server: nginx/1.14.2
Date: Wed, 30 Oct 2019 02:44:45 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
X-IPLB-Instance: 30195

GET
H/1.1 200
OK notifyme.php Show response
adtrack.adleadevent.com/ 0
518 B 153ms
33ms XHR
application/x-javascript 54.247.104.216
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.247.104.216 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-247-104-216.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://urlz.fr/aT2m
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Pragma: no-cache
Date: Wed, 30 Oct 2019 02:44:45 GMT
Content-Encoding: gzip
Last-Modified: Wed, 30 Oct 2019 02:44:45 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: https://urlz.fr
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 get_consent Show response
c.sharethis.mgr.consensu.org/ 13 B
402 B 24ms
10ms XHR
application/json 2600:9000:200c:7600:c:a9b7:ddc0:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://c.sharethis.mgr.consensu.org/get_consent
Requested by: Host: player.pepsia.com
URL: https://player.pepsia.com/sdk.js?d=16e1a8d1b18
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:7600:c:a9b7:ddc0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: /
Resource Hash: 38bc0f256821a9c0a02a1c0cedf8ff70c211e637ef77ac199de2fe0cf36ba9ec

Request headers

Sec-Fetch-Mode: cors
Referer: https://urlz.fr/aT2m
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Wed, 30 Oct 2019 02:44:45 GMT
via: 1.1 412049da39a44d4e9af054ecc17534dd.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2
status: 200
etag: W/"d-+DingHfG0CPg0LypXw8zXfS4tGg"
vary: Origin,Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://urlz.fr
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-length: 13
x-amz-cf-id: iMIR4frnmjPgS7Rie44iaZzbvzyVvGq1eCMFtDN_Jjy7toRsTyAgCA==

GET
H/1.1 200
OK indexv2.php Show response
player.pepsia.com/V2/ 170 B
413 B 31ms
30ms XHR
text/html 5.179.192.20
ASPSERVEUR-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.pepsia.com/V2/indexv2.php?token=00I4&controls=1&autoplay=1&logo=true&volume=1&api=1&id=0&origin=https://urlz.fr&gdpr=1&d=16e1a8d1bad
Requested by: Host: player.pepsia.com
URL: https://player.pepsia.com/sdk.js?d=16e1a8d1b18
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.179.192.20 Paris, France, ASN34235 (ASPSERVEUR-AS, FR),
Reverse DNS: 5-179-192-20.dynamixhost.net
Software: nginx /
Resource Hash: 89085930fdff263d643c4fa37f489efadd7d9f8361661113d67eb61aa7d6311a

Request headers

Sec-Fetch-Mode: cors
Referer: https://urlz.fr/aT2m
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://urlz.fr
Date: Wed, 30 Oct 2019 02:44:45 GMT
Content-Encoding: gzip
Access-Control-Allow-Credentials: true
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK algov2.php Show response
player.pepsia.com/V2/ 1 KB
788 B 81ms
49ms XHR
text/html 5.179.192.20
ASPSERVEUR-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.pepsia.com/V2/algov2.php?token=00I4&num=9&origin=https://urlz.fr&d=16e1a8d1bad
Requested by: Host: player.pepsia.com
URL: https://player.pepsia.com/sdk.js?d=16e1a8d1b18
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.179.192.20 Paris, France, ASN34235 (ASPSERVEUR-AS, FR),
Reverse DNS: 5-179-192-20.dynamixhost.net
Software: nginx /
Resource Hash: 051f42ac337d411aff07dc6d305da534b0bd83f114a8218b19e69116c8add8e3

Request headers

Sec-Fetch-Mode: cors
Referer: https://urlz.fr/aT2m
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://urlz.fr
Date: Wed, 30 Oct 2019 02:44:45 GMT
Content-Encoding: gzip
Access-Control-Allow-Credentials: true
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1

200
OK

sync
s.cpx.to/
Redirect Chain

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D89fe4cc9-5190-471a-a340-af88da1dff5e
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D89fe4cc9-5190-471a-a340-af88da1dff5e
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=DE0ED155-D953-4AC5-A6F5-3C82DE878DFB&fid=89fe4cc9-5190-471a-a340-af88da1dff5e

95 B
881 B

49ms
28ms

Image
image/png

34.246.169.240
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=DE0ED155-D953-4AC5-A6F5-3C82DE878DFB&fid=89fe4cc9-5190-471a-a340-af88da1dff5e

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.246.169.240 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-34-246-169-240.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://urlz.fr/aT2m
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Wed, 30 Oct 2019 02:44:45 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Content-Length: 95
Expires: Wed, 30 Oct 2019 02:44:45 GMT

Redirect headers

Location: https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=DE0ED155-D953-4AC5-A6F5-3C82DE878DFB&fid=89fe4cc9-5190-471a-a340-af88da1dff5e
Date: Wed, 30 Oct 2019 02:44:45 GMT
X-Cnection: close
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Content-Length: 448
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1

200
OK

ca.png
s.cpx.to/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=89fe4cc9-5190-471a-a340-af88da1dff5e
https://s.cpx.to/ca.png?dsp=dbm&fid=89fe4cc9-5190-471a-a340-af88da1dff5e&google_gid=CAESEHevFVNgKR2MHJggpHn-b9Y&google_cver=1

95 B
804 B

28ms
28ms

Image
image/png

34.246.169.240
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/ca.png?dsp=dbm&fid=89fe4cc9-5190-471a-a340-af88da1dff5e&google_gid=CAESEHevFVNgKR2MHJggpHn-b9Y&google_cver=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.246.169.240 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-34-246-169-240.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://urlz.fr/aT2m
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Wed, 30 Oct 2019 02:44:45 GMT
X-Frame-Options: sameorigin
Content-Type: image/png
Cache-Control: no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 95

Redirect headers

pragma: no-cache
date: Wed, 30 Oct 2019 02:44:45 GMT
server: HTTP server (unknown)
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://s.cpx.to/ca.png?dsp=dbm&fid=89fe4cc9-5190-471a-a340-af88da1dff5e&google_gid=CAESEHevFVNgKR2MHJggpHn-b9Y&google_cver=1
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 334
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

sync
s.cpx.to/
Redirect Chain

https://ads.avocet.io/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Davocet%26dsp_uid%3D%7B%7BUUID%7D%7D%26fid%3D89fe4cc9-5190-471a-a340-af88da1dff5e
https://ads.avocet.io/getuid?bounce=true&url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Davocet%26dsp_uid%3D%7B%7BUUID%7D%7D%26fid%3D89fe4cc9-5190-471a-a340-af88da1dff5e
https://s.cpx.to/sync?dsp=avocet&dsp_uid=c13c4ff7-bd8c-4d23-a3ef-7a236b112bd3&fid=89fe4cc9-5190-471a-a340-af88da1dff5e

95 B
879 B

29ms
28ms

Image
image/png

34.246.169.240
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/sync?dsp=avocet&dsp_uid=c13c4ff7-bd8c-4d23-a3ef-7a236b112bd3&fid=89fe4cc9-5190-471a-a340-af88da1dff5e

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.246.169.240 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-34-246-169-240.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://urlz.fr/aT2m
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Wed, 30 Oct 2019 02:44:45 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Content-Length: 95
Expires: Wed, 30 Oct 2019 02:44:45 GMT

Redirect headers

Location: https://s.cpx.to/sync?dsp=avocet&dsp_uid=c13c4ff7-bd8c-4d23-a3ef-7a236b112bd3&fid=89fe4cc9-5190-471a-a340-af88da1dff5e
Date: Wed, 30 Oct 2019 02:44:45 GMT
Connection: keep-alive
P3p: policyref="http://cdn.avocet.io/w3c/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Content-Length: 149
Content-Type: text/html; charset=utf-8

GET
H2 403 sync.gif
dmp.truoptik.com/0362536315099b06/ 0
0 47ms
16ms Image
text/html 104.16.92.60
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.truoptik.com/0362536315099b06/sync.gif?cbk=https%3A%2F%2Fs.cpx.to%2Fsync&dsp=TRUOPTIK&fid=89fe4cc9-5190-471a-a340-af88da1dff5e&fck=687881e9521334db&cbp=dsp_uid
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.92.60 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://urlz.fr/aT2m
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

GET
H/1.1

200
OK

an_fire
s.cpx.to/
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D11528%26ref%3D%26hn_ver%3D10%26fid%3D89fe4cc9-5190-471a-a340-af88da1dff5e
https://s.cpx.to/an_fire?app_nexus_uid=3688940521099640744&pid=11528&ref=&hn_ver=10&fid=89fe4cc9-5190-471a-a340-af88da1dff5e

95 B
865 B

48ms
29ms

Image
image/png

34.246.169.240
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/an_fire?app_nexus_uid=3688940521099640744&pid=11528&ref=&hn_ver=10&fid=89fe4cc9-5190-471a-a340-af88da1dff5e

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.246.169.240 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-34-246-169-240.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://urlz.fr/aT2m
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Wed, 30 Oct 2019 02:44:45 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Content-Length: 95
Expires: Wed, 30 Oct 2019 02:44:45 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 30 Oct 2019 02:44:47 GMT
X-Proxy-Origin: 144.76.109.30; 144.76.109.30; 313.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.149:80
AN-X-Request-Uuid: 3e7157d1-b4a6-4d5a-8d62-995d6c4bf1c8
Server: nginx/1.13.4
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://s.cpx.to/an_fire?app_nexus_uid=3688940521099640744&pid=11528&ref=&hn_ver=10&fid=89fe4cc9-5190-471a-a340-af88da1dff5e
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

sync
s.cpx.to/
Redirect Chain

https://pool.grid-data.bidswitch.net/sync?pid=42
https://s.cpx.to/sync?dsp_uid=03c3d0df-3a5a-47e5-a09c-07318f18f580&dsp=BIDSWITCH

95 B
882 B

30ms
30ms

Image
image/png

34.246.169.240
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/sync?dsp_uid=03c3d0df-3a5a-47e5-a09c-07318f18f580&dsp=BIDSWITCH

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.246.169.240 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-34-246-169-240.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://urlz.fr/aT2m
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Wed, 30 Oct 2019 02:44:45 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Content-Length: 95
Expires: Wed, 30 Oct 2019 02:44:45 GMT

Redirect headers

Location: https://s.cpx.to/sync?dsp_uid=03c3d0df-3a5a-47e5-a09c-07318f18f580&dsp=BIDSWITCH
Date: Wed, 30 Oct 2019 02:44:45 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 bundle.js Show response
ads.themoneytizer.com/cs2/dist/ 97 KB
23 KB 6ms
6ms Script
text/javascript 151.139.241.23
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/cs2/dist/bundle.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: d406f42a088a14459471e30acb1a1c3f856b1f76331473847663a63ba2921250

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://urlz.fr/aT2m
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Wed, 30 Oct 2019 02:44:45 GMT
content-encoding: gzip
last-modified: Tue, 17 Sep 2019 21:28:09 GMT
server: nginx
etag: "3247a-183db-592c6659901e6"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 23456
expires: Thu, 31 Oct 2019 02:44:28 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: id5-sync.com
URL: https://id5-sync.com/c/12/112/2/8.gif?puid=65780E56E598A51D&gdpr=1&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

117 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	error	URL: https://player.pepsia.com/sdk.js?d=16e1a8d1b18(Line 4) Message: %c Pepsia.com Player #0 background: #ccc; color: #2176ff Site Désactivé !

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.avocet.io
ads.themoneytizer.com
adtrack.adleadevent.com
ajax.cloudflare.com
ajax.googleapis.com
c.sharethis.mgr.consensu.org
ced-ns.sascdn.com
cm.g.doubleclick.net
d2zur9cc2gf1tx.cloudfront.net
dmp.truoptik.com
g.themoneytizer.net
gum.criteo.com
id5-sync.com
image2.pubmatic.com
onetag-sys.com
p.cpx.to
pixel.quantserve.com
player.pepsia.com
pool.grid-data.bidswitch.net
prxms502.weebly.com
rules.quantcount.com
s.cpx.to
secure.adnxs.com
secure.quantserve.com
tag.contextweb.com
tag.leadplace.fr
urlz.fr
ww1097.smartadserver.com
www.noowho.com
id5-sync.com
104.16.92.60
13.225.78.80
13.225.84.175
145.239.192.166
145.239.193.145
151.139.241.23
172.217.23.130
18.185.45.212
185.33.223.218
185.64.189.110
185.86.137.17
199.34.228.53
2600:9000:200c:7600:c:a9b7:ddc0:93a1
2600:9000:20eb:2000:6:44e3:f8c0:93a1
2606:4700:31::681f:ab2
2606:4700::6813:c597
2a00:1450:4001:81d::200a
2a02:2638::1c
2a02:26f0:6c00:18d::c01
34.246.169.240
5.179.192.20
51.89.9.251
52.208.204.25
54.247.104.216
74.214.194.132
91.228.74.165
91.228.74.226
94.23.196.203
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
051f42ac337d411aff07dc6d305da534b0bd83f114a8218b19e69116c8add8e3
0d22f9b6f2b7945e7f86a028a8e38ffa8bf63d62b977b01ef4d33135217b1183
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
36166cacdd0e282d22b9934b5926e31c24950d2a2fe575145288b39304db8a56
38bc0f256821a9c0a02a1c0cedf8ff70c211e637ef77ac199de2fe0cf36ba9ec
404a9b0ffbcc813e8ddbb8d8510a24a69c09079282f8083ee94f4adc5d627176
46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681
759d88dd7c8fa0d1e31323bd2ebf3f238156fdcbd1ed108215f69fece482d0c2
7665c874bc98e44bd494def2883069f2f4c14cdef48d52d517cbbfce75440f37
7ebb1042972496d60bb6555b9622f7e23201bbfe5d25b33d1096f1b61d659045
89085930fdff263d643c4fa37f489efadd7d9f8361661113d67eb61aa7d6311a
8c8543047af01eee8aec752d049f35aff3abc468628af82f9585117411786d8c
90e6f92e956b0b2b6e655f63d36cd44cef727f54c2b2a175ab5144de14ba2a31
924ba28af1362727156743fa15ecd327721201387c0cadc0178e6b20f17b6738
94666aec361fee9a9294bb32a5bc11867e479d41c199dd6ec8053122ae105a4b
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
afa9fb95b610a889e744ede0461b995ff3ab0ed1d517f1d47b3a4c797ec070c8
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213
bf0e17523e8f57ccb02223b6e5adea462a5479afc4e79d9cbf80ca7f6186dc69
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
c81577fb7e0a51e5ee14cce173f35ef1ea8be355a33fc7ba431808cc52789215
d406f42a088a14459471e30acb1a1c3f856b1f76331473847663a63ba2921250
e210f56421f422144d56bc89278101007da57f4533e3c0788ba82a9d49170cdc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e74d4b9c447f963778d2309bf36b2c9acd06d8c7096f9a98b28643cae53f426b
fbb44eb56d0ceba90f305aea5a890760a456515e18ad60fe989b1d419f696c03

urlz.fr Open in urlscan Pro 2606:4700:31::681f:ab2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

37 Requests

97 %HTTPS

25 %IPv6

27 Domains

29 Subdomains

23 IPs

9 Countries

306 kBTransfer

782 kBSize

0 Cookies

1 Outgoing links

Redirected requests

37 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

urlz.fr Open in urlscan Pro
2606:4700:31::681f:ab2 Public Scan

Screenshot
Live screenshot

Full Image

37
Requests

97 %
HTTPS

25 %
IPv6

27
Domains

29
Subdomains

23
IPs

9
Countries

306 kB
Transfer

782 kB
Size

0
Cookies

37 HTTP transactions
0 data transactions