urlscan.io logo urlscan.io
SecurityTrails logo

lescrieursduweb.com Open in urlscan Pro
2606:4700:20::ac43:47b6  Public Scan

Go To Rescan Add Verdict Report
URL: https://lescrieursduweb.com/wp-content/plugins/the-moneytizer/lazy-loading/iframe-src-2.html
Submission: On March 12 via manual from FR — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 22 IPs in 6 countries across 25 domains to perform 36 HTTP transactions. The main IP is 2606:4700:20::ac43:47b6, located in United States and belongs to CLOUDFLARENET, US. The main domain is lescrieursduweb.com.
TLS certificate: Issued by E1 on February 18th 2024. Valid for: 3 months.
This is the only time lescrieursduweb.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2606:4700:20:... 13335 (CLOUDFLAR...)
3 2a02:6ea0:c70... 60068 (CDN77 _)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 13.35.58.23 16509 (AMAZON-02)
1 2.17.113.8 20940 (AKAMAI-ASN1)
1 2a02:2638:3::c 44788 (ASN-CRITE...)
7 145.239.192.166 16276 (OVH)
1 51.89.9.252 16276 (OVH)
2 2620:116:800d... 16509 (AMAZON-02)
1 176.34.155.244 16509 (AMAZON-02)
1 108.129.61.95 16509 (AMAZON-02)
1 216.58.212.162 15169 (GOOGLE)
1 81.17.55.172 60781 (LEASEWEB-...)
2 2 34.243.41.73 16509 (AMAZON-02)
2 2 35.190.24.218 15169 (GOOGLE)
1 1 2607:ae80:4::26 26558 (FREEWHEEL)
2 52.223.40.198 16509 (AMAZON-02)
1 54.78.254.47 16509 (AMAZON-02)
1 52.215.143.61 16509 (AMAZON-02)
1 1 151.101.1.91 54113 (FASTLY)
2 3 185.89.210.20 29990 (ASN-APPNEX)
2 52.57.150.20 16509 (AMAZON-02)
1 1 2a04:4e42:200... 54113 (FASTLY)
3 145.239.193.51 16276 (OVH)
1 162.19.138.118 16276 (OVH)
1 52.48.75.168 16509 (AMAZON-02)
1 2600:9000:223... 16509 (AMAZON-02)
36 22
2    2606:4700:20::ac43:47b6 (United States)

ASN13335 (CLOUDFLARENET, US)
lescrieursduweb.com
3    2a02:6ea0:c700::19 (Frankfurt am Main, Germany)

ASN60068 (CDN77 _, GB)
ads.themoneytizer.com
1    2606:4700::6810:5049 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
1    13.35.58.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-58-23.fra60.r.cloudfront.net
sdk.amazonaws.com
1    2.17.113.8 (Manchester, United Kingdom)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-17-113-8.deploy.static.akamaitechnologies.com
ced.sascdn.com
1    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
7    145.239.192.166 (France)

ASN16276 (OVH, FR)
tag.leadplace.fr
sync.leadplace.fr
1    51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu
onetag-sys.com
2    2620:116:800d:21:e365:4988:e8a7:3270 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
1    176.34.155.244 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-176-34-155-244.eu-west-1.compute.amazonaws.com
p.cpx.to
1    108.129.61.95 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-129-61-95.eu-west-1.compute.amazonaws.com
adtrack.adleadevent.com
1    216.58.212.162 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net
cm.g.doubleclick.net
1    81.17.55.172 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
sync.smartadserver.com
2    34.243.41.73 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-243-41-73.eu-west-1.compute.amazonaws.com
dpm.demdex.net
2    35.190.24.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.24.190.35.bc.googleusercontent.com
rd.frontend.weborama.fr
1    2607:ae80:4::26 (United States)

ASN26558 (FREEWHEEL, US)
ads.stickyadstv.com
2    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    54.78.254.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
loadeu.exelator.com
1    52.215.143.61 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-143-61.eu-west-1.compute.amazonaws.com
beacon.krxd.net
1    151.101.1.91 (United States)

ASN54113 (FASTLY, US)
pixel.mathtag.com
3    185.89.210.20 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
2    52.57.150.20 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-150-20.eu-central-1.compute.amazonaws.com
ps.eyeota.net
1    2a04:4e42:200::300 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
3    145.239.193.51 (France)

ASN16276 (OVH, FR)
sync-uid.leadplace.fr
md5sync.leadplace.fr
1    162.19.138.118 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu
id5-sync.com
1    52.48.75.168 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-75-168.eu-west-1.compute.amazonaws.com
s.cpx.to
1    2600:9000:223c:8600:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
Apex Domain
Subdomains		 Transfer
10 leadplace.fr
tag.leadplace.fr — Cisco Umbrella Rank: 46285
sync.leadplace.fr — Cisco Umbrella Rank: 275094
sync-uid.leadplace.fr — Cisco Umbrella Rank: 59256
md5sync.leadplace.fr — Cisco Umbrella Rank: 256255
9 KB
3 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 256
3 KB
3 themoneytizer.com
ads.themoneytizer.com — Cisco Umbrella Rank: 51083
29 KB
2 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 1188
2 KB
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 364
572 B
2 weborama.fr
rd.frontend.weborama.fr — Cisco Umbrella Rank: 21879
627 B
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 246
1 KB
2 cpx.to
p.cpx.to — Cisco Umbrella Rank: 11372
s.cpx.to — Cisco Umbrella Rank: 8667
5 KB
2 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1342
pixel.quantserve.com — Cisco Umbrella Rank: 1143
10 KB
2 lescrieursduweb.com
lescrieursduweb.com
1 KB
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1336
1 KB
1 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 433
451 B
1 taboola.com
trc.taboola.com — Cisco Umbrella Rank: 683
290 B
1 mathtag.com
pixel.mathtag.com — Cisco Umbrella Rank: 2136
475 B
1 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 1089
44 B
1 exelator.com
loadeu.exelator.com — Cisco Umbrella Rank: 10348
93 B
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 588
510 B
1 smartadserver.com
sync.smartadserver.com — Cisco Umbrella Rank: 1408
90 B
1 doubleclick.net
cm.g.doubleclick.net — Cisco Umbrella Rank: 271
409 B
1 adleadevent.com
adtrack.adleadevent.com — Cisco Umbrella Rank: 50398
859 B
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 710
1 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 466
291 B
1 sascdn.com
ced.sascdn.com — Cisco Umbrella Rank: 11202
36 KB
1 amazonaws.com
sdk.amazonaws.com — Cisco Umbrella Rank: 14487
429 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 788
7 KB
36 25
Domain Requested by
6 tag.leadplace.fr ads.themoneytizer.com
tag.leadplace.fr
3 ib.adnxs.com 2 redirects p.cpx.to
3 ads.themoneytizer.com lescrieursduweb.com
ads.themoneytizer.com
2 md5sync.leadplace.fr tag.leadplace.fr
2 ps.eyeota.net tag.leadplace.fr
ps.eyeota.net
2 match.adsrvr.org tag.leadplace.fr
p.cpx.to
2 rd.frontend.weborama.fr 2 redirects
2 dpm.demdex.net 2 redirects
2 lescrieursduweb.com static.cloudflareinsights.com
1 pixel.quantserve.com lescrieursduweb.com
1 rules.quantcount.com secure.quantserve.com
1 s.cpx.to p.cpx.to
1 id5-sync.com ced.sascdn.com
1 sync-uid.leadplace.fr tag.leadplace.fr
1 trc.taboola.com 1 redirects
1 pixel.mathtag.com 1 redirects
1 beacon.krxd.net tag.leadplace.fr
1 loadeu.exelator.com tag.leadplace.fr
1 sync.leadplace.fr tag.leadplace.fr
1 ads.stickyadstv.com 1 redirects
1 sync.smartadserver.com tag.leadplace.fr
1 cm.g.doubleclick.net tag.leadplace.fr
1 adtrack.adleadevent.com ads.themoneytizer.com
1 p.cpx.to ads.themoneytizer.com
1 secure.quantserve.com ads.themoneytizer.com
1 onetag-sys.com ads.themoneytizer.com
1 gum.criteo.com ads.themoneytizer.com
1 ced.sascdn.com ads.themoneytizer.com
1 sdk.amazonaws.com ads.themoneytizer.com
1 static.cloudflareinsights.com lescrieursduweb.com
36 30

This site contains no links.

Subject Issuer Validity Valid
lescrieursduweb.com
E1		 2024-02-18 -
2024-05-18		 3 months crt.sh
1266287590.rsc.cdn77.org
R3		 2024-02-15 -
2024-05-15		 3 months crt.sh
cloudflareinsights.com
GTS CA 1P5		 2024-03-10 -
2024-06-08		 3 months crt.sh
sdk.amazonaws.com
Amazon RSA 2048 M03		 2023-10-24 -
2024-11-21		 a year crt.sh
*.sascdn.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-07-14 -
2024-07-17		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-02-08 -
2024-05-07		 3 months crt.sh
*.leadplace.fr
Gandi Standard SSL CA 2		 2023-08-30 -
2024-09-11		 a year crt.sh
*.onetag-sys.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1		 2024-01-23 -
2025-01-29		 a year crt.sh
quantserve.com
R3		 2024-02-25 -
2024-05-25		 3 months crt.sh
p.cpx.to
Sectigo RSA Domain Validation Secure Server CA		 2024-01-09 -
2025-01-13		 a year crt.sh
*.adleadevent.com
Amazon RSA 2048 M01		 2023-06-27 -
2024-07-25		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
ingress-haproxy-public.ingress-haproxy-public
kubernetes-ingress-ca		 2024-01-24 -
2025-01-23		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.exelator.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-29 -
2024-06-11		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2024-01-31 -
2025-01-29		 a year crt.sh
eyeota.net
GoGetSSL RSA DV CA		 2023-03-08 -
2024-04-07		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2024-02-14 -
2025-03-16		 a year crt.sh
*.id5-sync.com
R3		 2024-03-01 -
2024-05-30		 3 months crt.sh
s.cpx.to
Sectigo RSA Domain Validation Secure Server CA		 2024-01-09 -
2025-01-17		 a year crt.sh

This page contains 5 frames:

Primary Page: https://lescrieursduweb.com/wp-content/plugins/the-moneytizer/lazy-loading/iframe-src-2.html
Frame ID: 342FB4F70747E64BC964B744BEA38D3B
Requests: 19 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1710240108899
Frame ID: 16A96C9CB804E8FA140FE6E6077AEF27
Requests: 1 HTTP requests in this frame

Frame: https://tag.leadplace.fr/wckr.php?ref=https%3A%2F%2Flescrieursduweb.com%2Fwp-content%2Fplugins%2Fthe-moneytizer%2Flazy-loading%2Fiframe-src-2.html&id=MTIZ
Frame ID: 1215C5A6E8EE0C1FAADD6FCAC6570305
Requests: 14 HTTP requests in this frame

Frame: https://md5sync.leadplace.fr/wapcrto.php?part=livedatasolutions
Frame ID: E6375022DFF5D9D4510AB4CF39F0314E
Requests: 1 HTTP requests in this frame

Frame: https://md5sync.leadplace.fr/wapcrto.php?part=remailme
Frame ID: 57133F06FC7D1142DBF5160FE3C4839F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js

Page Statistics

36
Requests

81 %
HTTPS

30 %
IPv6

25
Domains

30
Subdomains

22
IPs

6
Countries

532 kB
Transfer

3630 kB
Size

13
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14
  • https://dpm.demdex.net/ibs:dpid=58578&dpuuid=1369094703120739756&redir=https%3A%2F%2Ftag.leadplace.fr%2Fwappad.php%3Fuid%3D1369094703120739756%26dd_uuid%3D%24%7BDD_UUID%7D HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=58578&dpuuid=1369094703120739756&redir=https%3A%2F%2Ftag.leadplace.fr%2Fwappad.php%3Fuid%3D1369094703120739756%26dd_uuid%3D%24%7BDD_UUID%7D HTTP 302
  • https://tag.leadplace.fr/wappad.php?uid=1369094703120739756&dd_uuid=72974685840227209610571575306588236986
Request Chain 15
  • https://rd.frontend.weborama.fr/rd?url=https://tag.leadplace.fr/wappweb.php%3FWEBO_CID=%7BWEBO_CID%7D%26uid=1369094703120739756 HTTP 307
  • https://rd.frontend.weborama.fr/rd?url=https%3A%2F%2Ftag.leadplace.fr%2Fwappweb.php%3FWEBO_CID%3D%7BWEBO_CID%7D%26uid%3D1369094703120739756&bounce=1&random=3617842549 HTTP 302
  • https://tag.leadplace.fr/wappweb.php?WEBO_CID=VG9.z77JzOtac/ddtL/sCu&uid=1369094703120739756
Request Chain 16
  • https://ads.stickyadstv.com/data-registering?dataProviderId=1073&redirectId=1521 HTTP 302
  • https://sync.leadplace.fr/callback.php?id=82ea90baabb8e4bb377f82a27ac66a&id_part=stickyads
Request Chain 20
  • https://pixel.mathtag.com/sync/img?sync=auto&redir=https%3A%2F%2Ftag.leadplace.fr%2Fwappmed.php%3Fmmuuid%3D[UUID]%26uid%3D1369094703120739756 HTTP 302
  • https://tag.leadplace.fr/wappmed.php?mmuuid=00f165f0-316d-4e00-9a96-d0aba261e456&uid=1369094703120739756
Request Chain 21
  • https://ib.adnxs.com/getuid?https://tag.leadplace.fr/wappnxs.php?uid=1369094703120739756&id=%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Ftag.leadplace.fr%2Fwappnxs.php%3Fuid%3D1369094703120739756%26id%3D%2524UID HTTP 302
  • https://tag.leadplace.fr/wappnxs.php?uid=1369094703120739756&id=3277871820934838630
Request Chain 23
  • https://trc.taboola.com/sg/ermes/1/cm?redirect=https://sync-uid.leadplace.fr/sync-uid.php?part%3Dtaboola%26id%3D%3CTUID%3E%26gdpr%3D%26gdpr_consent%3D HTTP 302
  • https://sync-uid.leadplace.fr/sync-uid.php?part=taboola&id=b55a542d-24a1-40cb-a1f1-38015d01cb63-tuctce9b6ed&gdpr=&gdpr_consent=

36 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request iframe-src-2.html
lescrieursduweb.com/wp-content/plugins/the-moneytizer/lazy-loading/ 		609 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lescrieursduweb.com/wp-content/plugins/the-moneytizer/lazy-loading/iframe-src-2.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / WP Rocket/3.15.1
Resource Hash
5d198f0974c450fc9cb6e3f3dbd101de98d6939dee923929790580d25f858308
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=0, public
cf-apo-via
origin,no-cache
cf-cache-status
BYPASS
cf-ray
86332c8749846ef7-CDG
content-encoding
br
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Tue, 12 Mar 2024 10:41:48 GMT
expires
Tue, 12 Mar 2024 10:41:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
geolocation=self
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tZ1L2kIqY%2Fj7xT6RgMXQjSAn%2F7PexFt3VdNAJXGy6t3R6Z2sa86bJYo7dBvoUQy1B3C3rFdF3wA7v7dilCy1wkspwSfWXwPq7pZdmdl4aX%2FzhYd3rV9kUlPuU8p7CtUVtOz2upM77EmTPmnW%2F3kZzj8%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
vary
Accept-Encoding,User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
WP Rocket/3.15.1
x-xss-protection
1; mode=block
gen.js
ads.themoneytizer.com/s/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/gen.js?type=2
Requested by
Host: lescrieursduweb.com
URL: https://lescrieursduweb.com/wp-content/plugins/the-moneytizer/lazy-loading/iframe-src-2.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
aa08ed3725920fefd909f8763945e103af21df309cc27a821dc9b3b5b6dd8773

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://lescrieursduweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-77-nzt
EgwBw7WqEQH3vE0AAAwBJRPCNAH3EAAAAA
x-accel-expires
@1710824992
date
Tue, 12 Mar 2024 10:41:48 GMT
content-encoding
gzip
x-77-age
19916
x-77-pop
frankfurtDE
server
CDN77-Turbo
x-77-nzt-ray
4c1562244364361a6c31f06579c92032
vary
Accept-Encoding
x-77-cache
HIT
content-type
text/html; charset=UTF-8
x-cache
HIT
cache-control
max-age=604800
x-age
19900
x-accel-date
1710220208
requestform.js
ads.themoneytizer.com/s/ 		217 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/requestform.js?siteId=122061&formatId=2
Requested by
Host: lescrieursduweb.com
URL: https://lescrieursduweb.com/wp-content/plugins/the-moneytizer/lazy-loading/iframe-src-2.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
914c99963071ca0326333221ad2d938e3eb8acd082ceaee7b676ed4b7dd1873b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://lescrieursduweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-77-nzt
EgwBw7WqEQH3FB4AAAwBisclwQH3iS4AAA
x-accel-expires
@1710825295
date
Tue, 12 Mar 2024 10:41:48 GMT
content-encoding
gzip
x-77-age
19613
x-77-pop
frankfurtDE
server
CDN77-Turbo
x-77-nzt-ray
4c1562244364361a6c31f0659f002932
vary
Accept-Encoding
x-77-cache
HIT
content-type
text/html; charset=UTF-8
x-cache
HIT
cache-control
max-age=604800
x-age
7700
x-accel-date
1710232408
v84a3a4012de94ce1a686ba8c167c359c1696973893317
static.cloudflareinsights.com/beacon.min.js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by
Host: lescrieursduweb.com
URL: https://lescrieursduweb.com/wp-content/plugins/the-moneytizer/lazy-loading/iframe-src-2.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer
https://lescrieursduweb.com/
Origin
https://lescrieursduweb.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 10:41:48 GMT
content-encoding
gzip
last-modified
Tue, 10 Oct 2023 21:38:13 GMT
server
cloudflare
etag
W/"2023.10.0"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
86332c88094fd52e-CDG
aws-sdk-2.1531.0.min.js
sdk.amazonaws.com/js/ 		3 MB
429 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.amazonaws.com/js/aws-sdk-2.1531.0.min.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=122061&formatId=2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.35.58.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-58-23.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
841aa9ca85d7e4bc5124187affee730a2d5d31e8e2e99dde64915d84a24e9a5d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; script-src 'self' 'unsafe-inline' *.awsstatic.com *.cdn.uis.awsstatic.com *.cdn.console.awsstatic.com docs.aws.amazon.com; object-src 'none'; frame-ancestors 'self'; base-uri 'none'
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://lescrieursduweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date
Tue, 12 Mar 2024 01:51:23 GMT
Content-Encoding
gzip
Via
1.1 133ff3be92540995db4a7234eada8b80.cloudfront.net (CloudFront)
Content-Security-Policy
upgrade-insecure-requests; script-src 'self' 'unsafe-inline' *.awsstatic.com *.cdn.uis.awsstatic.com *.cdn.console.awsstatic.com docs.aws.amazon.com; object-src 'none'; frame-ancestors 'self'; base-uri 'none'
Strict-Transport-Security
max-age=31536000
X-Amz-Cf-Pop
FRA60-P10
Age
31826
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 05 Jan 2024 19:29:37 GMT
Server
AmazonS3
ETag
W/"fac5cd87d4c09ab5791034bcb1b0b2a6"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
X-Amz-Cf-Id
d3K6lkAVntbJ4cqc6NVLixYIjoSeTELe9q5TelAjfxffAOvkFDyRgA==
smart.js
ced.sascdn.com/tag/1097/ 		105 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ced.sascdn.com/tag/1097/smart.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=122061&formatId=2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.17.113.8 Manchester, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-113-8.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
75f5d5f13d14851431b3b014fe015e71d06a43aac83701319a15d44b2ed4f0a8

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://lescrieursduweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date
Tue, 12 Mar 2024 10:41:49 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=7200
Connection
keep-alive
Content-Length
36438
Expires
Tue, 12 Mar 2024 12:41:49 GMT
sync
gum.criteo.com/ 		49 B
291 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=122061&formatId=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://lescrieursduweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 10:41:48 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
532494
expires
60
libJsLP.js
tag.leadplace.fr/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.leadplace.fr/libJsLP.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=122061&formatId=2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
145.239.192.166 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
97c32278e8275102822dd3f18f9de62b7ff1f796bb43cf04c0845114ec912d16

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://lescrieursduweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 10:41:48 GMT
last-modified
Wed, 06 Dec 2023 10:36:32 GMT
server
nginx/1.20.1
x-iplb-request-id
253BA46E:ACAA_91EFC0A6:01BB_65F0316C_B73330A5:27B4
etag
"65704eb0-f36"
x-iplb-instance
54293
content-type
application/javascript
accept-ranges
bytes
content-length
3894
/
onetag-sys.com/usync/ Frame 16A9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1710240108899
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=122061&formatId=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://lescrieursduweb.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-store
strict-transport-security
max-age=15552000
quant.js
secure.quantserve.com/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=122061&formatId=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://lescrieursduweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 10:41:49 GMT
content-encoding
gzip
etag
"bvEECQq4Zy6gU9J/qv1O6Q=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Tue, 19 Mar 2024 10:41:49 GMT
px.js
p.cpx.to/p/12761/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.cpx.to/p/12761/px.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=122061&formatId=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.34.155.244 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-176-34-155-244.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
58ef01cf054184b5b7ee5b05ef529f9937708b1b07d4d37277117756d9139a3f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://lescrieursduweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 10:41:48 GMT
cache-control
public, max-age=2419200
content-length
4396
content-type
application/javascript; charset=UTF-8
mailNotification.php
adtrack.adleadevent.com/ 		0
859 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adtrack.adleadevent.com/mailNotification.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=122061&formatId=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.129.61.95 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-129-61-95.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://lescrieursduweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Mar 2024 10:41:49 GMT
Content-Encoding
gzip
Last-Modified
Tue, 12 Mar 2024 10:41:49 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0, no-cache="set-cookie"
Connection
keep-alive
Content-Length
20
Expires
Sat, 26 Jul 1997 05:00:00 GMT
wckr.php
tag.leadplace.fr/ Frame 1215 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tag.leadplace.fr/wckr.php?ref=https%3A%2F%2Flescrieursduweb.com%2Fwp-content%2Fplugins%2Fthe-moneytizer%2Flazy-loading%2Fiframe-src-2.html&id=MTIZ
Requested by
Host: tag.leadplace.fr
URL: https://tag.leadplace.fr/libJsLP.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
145.239.192.166 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
435e49383e9d5884d6e41ba8b1b1e069c9c86842bcbea15c4fb15827e140f7e9

Request headers

Referer
https://lescrieursduweb.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

content-type
text/html; charset=UTF-8
date
Tue, 12 Mar 2024 10:41:48 GMT
server
nginx/1.20.1
transfer-encoding
chunked
x-iplb-instance
54293
x-iplb-request-id
253BA46E:ACAA_91EFC0A6:01BB_65F0316C_B73330B1:27B4
pixel
cm.g.doubleclick.net/ Frame 1215 		170 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=temelio_dmp&google_sc&google_cm&uid=1369094703120739756
Requested by
Host: tag.leadplace.fr
URL: https://tag.leadplace.fr/wckr.php?ref=https%3A%2F%2Flescrieursduweb.com%2Fwp-content%2Fplugins%2Fthe-moneytizer%2Flazy-loading%2Fiframe-src-2.html&id=MTIZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://tag.leadplace.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Mar 2024 10:41:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
getuid
sync.smartadserver.com/ Frame 1215 		9 B
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.smartadserver.com/getuid?url=https%3A%2F%2Ftag.leadplace.fr%2Fwappsma.php%3Fid%3D%5Bsas_uid%5D%26uid%3D1369094703120739756
Requested by
Host: tag.leadplace.fr
URL: https://tag.leadplace.fr/wckr.php?ref=https%3A%2F%2Flescrieursduweb.com%2Fwp-content%2Fplugins%2Fthe-moneytizer%2Flazy-loading%2Fiframe-src-2.html&id=MTIZ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.172 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://tag.leadplace.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 10:41:48 GMT
content-length
9
content-type
text/plain; charset=utf-8
wappad.php
tag.leadplace.fr/ Frame 1215
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=58578&dpuuid=1369094703120739756&redir=https%3A%2F%2Ftag.leadplace.fr%2Fwappad.php%3Fuid%3D1369094703120739756%26dd_uuid%3D%24%7BDD_UUID%7D
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=58578&dpuuid=1369094703120739756&redir=https%3A%2F%2Ftag.leadplace.fr%2Fwappad.php%3Fuid%3D1369094703120739756%26dd_uuid%3D%24%7BDD_UUID%7D
  • https://tag.leadplace.fr/wappad.php?uid=1369094703120739756&dd_uuid=72974685840227209610571575306588236986
35 B
272 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tag.leadplace.fr/wappad.php?uid=1369094703120739756&dd_uuid=72974685840227209610571575306588236986
Requested by
Host: tag.leadplace.fr
URL: https://tag.leadplace.fr/wckr.php?ref=https%3A%2F%2Flescrieursduweb.com%2Fwp-content%2Fplugins%2Fthe-moneytizer%2Flazy-loading%2Fiframe-src-2.html&id=MTIZ
Protocol
HTTP/1.1
Server
145.239.192.166 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://tag.leadplace.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 10:41:49 GMT
server
nginx/1.20.1
x-iplb-request-id
253BA46E:ACB4_91EFC0A6:01BB_65F0316D_B73330FC:27B4
x-iplb-instance
54293
transfer-encoding
chunked
content-type
image/gif

Redirect headers

dcs
dcs-prod-irl1-1-v058-055eb5e06.edge-irl1.demdex.com 1 ms
pragma
no-cache
date
Tue, 12 Mar 2024 10:41:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-tid
UtPNvLu+QP8=
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location
https://tag.leadplace.fr/wappad.php?uid=1369094703120739756&dd_uuid=72974685840227209610571575306588236986
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
wappweb.php
tag.leadplace.fr/ Frame 1215
Redirect Chain
  • https://rd.frontend.weborama.fr/rd?url=https://tag.leadplace.fr/wappweb.php%3FWEBO_CID=%7BWEBO_CID%7D%26uid=1369094703120739756
  • https://rd.frontend.weborama.fr/rd?url=https%3A%2F%2Ftag.leadplace.fr%2Fwappweb.php%3FWEBO_CID%3D%7BWEBO_CID%7D%26uid%3D1369094703120739756&bounce=1&random=3617842549
  • https://tag.leadplace.fr/wappweb.php?WEBO_CID=VG9.z77JzOtac/ddtL/sCu&uid=1369094703120739756
35 B
272 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tag.leadplace.fr/wappweb.php?WEBO_CID=VG9.z77JzOtac/ddtL/sCu&uid=1369094703120739756
Requested by
Host: tag.leadplace.fr
URL: https://tag.leadplace.fr/wckr.php?ref=https%3A%2F%2Flescrieursduweb.com%2Fwp-content%2Fplugins%2Fthe-moneytizer%2Flazy-loading%2Fiframe-src-2.html&id=MTIZ
Protocol
HTTP/1.1
Server
145.239.192.166 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://tag.leadplace.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 10:41:49 GMT
server
nginx/1.20.1
x-iplb-request-id
253BA46E:ACAA_91EFC0A6:01BB_65F0316D_B73330FB:27B4
x-iplb-instance
54293
transfer-encoding
chunked
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 12 Mar 2024 10:41:48 GMT
via
1.1 google
last-modified
Tue, 12 Mar 2024 10:41:49 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location
https://tag.leadplace.fr/wappweb.php?WEBO_CID=VG9.z77JzOtac/ddtL/sCu&uid=1369094703120739756
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
callback.php
sync.leadplace.fr/ Frame 1215
Redirect Chain
  • https://ads.stickyadstv.com/data-registering?dataProviderId=1073&redirectId=1521
  • https://sync.leadplace.fr/callback.php?id=82ea90baabb8e4bb377f82a27ac66a&id_part=stickyads
35 B
272 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.leadplace.fr/callback.php?id=82ea90baabb8e4bb377f82a27ac66a&id_part=stickyads
Requested by
Host: tag.leadplace.fr
URL: https://tag.leadplace.fr/wckr.php?ref=https%3A%2F%2Flescrieursduweb.com%2Fwp-content%2Fplugins%2Fthe-moneytizer%2Flazy-loading%2Fiframe-src-2.html&id=MTIZ
Protocol
HTTP/1.1
Server
145.239.192.166 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://tag.leadplace.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 10:41:49 GMT
server
nginx/1.20.1
x-iplb-request-id
253BA46E:ACC2_91EFC0A6:01BB_65F0316D_B73333F4:10B0
x-iplb-instance
54208
transfer-encoding
chunked
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Tue, 12 Mar 2024 10:41:49 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://sync.leadplace.fr/callback.php?id=82ea90baabb8e4bb377f82a27ac66a&id_part=stickyads
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1710240109162055-561
generic
match.adsrvr.org/track/cmf/ Frame 1215 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=lx9z2st&ttd_puid=1369094703120739756&ttd_tpi=1
Requested by
Host: tag.leadplace.fr
URL: https://tag.leadplace.fr/wckr.php?ref=https%3A%2F%2Flescrieursduweb.com%2Fwp-content%2Fplugins%2Fthe-moneytizer%2Flazy-loading%2Fiframe-src-2.html&id=MTIZ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://tag.leadplace.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 10:41:49 GMT
server
Kestrel
content-length
70
content-type
image/gif
/
loadeu.exelator.com/load/ Frame 1215 		0
93 B 		Script
General
Check archive.org
Download Go to
Full URL
https://loadeu.exelator.com/load/?p=830&g=001&gdpr=&gdpr_consent=
Requested by
Host: tag.leadplace.fr
URL: https://tag.leadplace.fr/wckr.php?ref=https%3A%2F%2Flescrieursduweb.com%2Fwp-content%2Fplugins%2Fthe-moneytizer%2Flazy-loading%2Fiframe-src-2.html&id=MTIZ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://tag.leadplace.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 10:41:49 GMT
server
nginx
server-timing
total;dur=0.501
etag
"600050fd-0"
usermatch.gif
beacon.krxd.net/ Frame 1215 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=temelio&partner_uid=1369094703120739756
Requested by
Host: tag.leadplace.fr
URL: https://tag.leadplace.fr/wckr.php?ref=https%3A%2F%2Flescrieursduweb.com%2Fwp-content%2Fplugins%2Fthe-moneytizer%2Flazy-loading%2Fiframe-src-2.html&id=MTIZ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.143.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-143-61.eu-west-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://tag.leadplace.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 10:41:49 GMT
server
awselb/2.0
wappmed.php
tag.leadplace.fr/ Frame 1215
Redirect Chain
  • https://pixel.mathtag.com/sync/img?sync=auto&redir=https%3A%2F%2Ftag.leadplace.fr%2Fwappmed.php%3Fmmuuid%3D[UUID]%26uid%3D1369094703120739756
  • https://tag.leadplace.fr/wappmed.php?mmuuid=00f165f0-316d-4e00-9a96-d0aba261e456&uid=1369094703120739756
35 B
272 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tag.leadplace.fr/wappmed.php?mmuuid=00f165f0-316d-4e00-9a96-d0aba261e456&uid=1369094703120739756
Requested by
Host: tag.leadplace.fr
URL: https://tag.leadplace.fr/wckr.php?ref=https%3A%2F%2Flescrieursduweb.com%2Fwp-content%2Fplugins%2Fthe-moneytizer%2Flazy-loading%2Fiframe-src-2.html&id=MTIZ
Protocol
HTTP/1.1
Server
145.239.192.166 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://tag.leadplace.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 10:41:49 GMT
server
nginx/1.20.1
x-iplb-request-id
253BA46E:ACAA_91EFC0A6:01BB_65F0316D_B7333105:27B4
x-iplb-instance
54293
transfer-encoding
chunked
content-type
image/gif

Redirect headers

x-cache-hits
0
date
Tue, 12 Mar 2024 10:41:49 GMT
via
1.1 varnish
expires
Tue, 12 Mar 2024 10:41:48 GMT
server
MT3 1549 cea2cde master ord ord-pixel-x17 config_version:"828"
x-timer
S1710240109.060252,VS0,VE92
x-cache
MISS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
*
location
https://tag.leadplace.fr/wappmed.php?mmuuid=00f165f0-316d-4e00-9a96-d0aba261e456&uid=1369094703120739756
content-type
image/gif
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-served-by
cache-lcy-eglc8600069-LCY
wappnxs.php
tag.leadplace.fr/ Frame 1215
Redirect Chain
  • https://ib.adnxs.com/getuid?https://tag.leadplace.fr/wappnxs.php?uid=1369094703120739756&id=%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Ftag.leadplace.fr%2Fwappnxs.php%3Fuid%3D1369094703120739756%26id%3D%2524UID
  • https://tag.leadplace.fr/wappnxs.php?uid=1369094703120739756&id=3277871820934838630
35 B
272 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tag.leadplace.fr/wappnxs.php?uid=1369094703120739756&id=3277871820934838630
Requested by
Host: tag.leadplace.fr
URL: https://tag.leadplace.fr/wckr.php?ref=https%3A%2F%2Flescrieursduweb.com%2Fwp-content%2Fplugins%2Fthe-moneytizer%2Flazy-loading%2Fiframe-src-2.html&id=MTIZ
Protocol
HTTP/1.1
Server
145.239.192.166 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://tag.leadplace.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 10:41:49 GMT
server
nginx/1.20.1
x-iplb-request-id
253BA46E:ACAA_91EFC0A6:01BB_65F0316D_B73330F1:27B4
x-iplb-instance
54293
transfer-encoding
chunked
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 12 Mar 2024 10:41:49 GMT
an-x-request-uuid
dff186a0-eef3-49af-be5a-cd6c63877721
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://tag.leadplace.fr/wappnxs.php?uid=1369094703120739756&id=3277871820934838630
x-proxy-origin
37.59.164.110; 37.59.164.110; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
ps.eyeota.net/ Frame 1215 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ps.eyeota.net/pixel?pid=mhoi0ru&t=ajs&uid=1369094703120739756&gdpr=&gdpr_consent=
Requested by
Host: tag.leadplace.fr
URL: https://tag.leadplace.fr/wckr.php?ref=https%3A%2F%2Flescrieursduweb.com%2Fwp-content%2Fplugins%2Fthe-moneytizer%2Flazy-loading%2Fiframe-src-2.html&id=MTIZ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.57.150.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-150-20.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
9433e3254eee643f0aeccbf5c8e3c00ccb3cf3fb016b3d4eb7dbdfd19810dba5

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://tag.leadplace.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date
Tue, 12 Mar 2024 10:41:49 GMT
Content-Length
1357
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
sync-uid.php
sync-uid.leadplace.fr/ Frame 1215
Redirect Chain
  • https://trc.taboola.com/sg/ermes/1/cm?redirect=https://sync-uid.leadplace.fr/sync-uid.php?part%3Dtaboola%26id%3D%3CTUID%3E%26gdpr%3D%26gdpr_consent%3D
  • https://sync-uid.leadplace.fr/sync-uid.php?part=taboola&id=b55a542d-24a1-40cb-a1f1-38015d01cb63-tuctce9b6ed&gdpr=&gdpr_consent=
35 B
418 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-uid.leadplace.fr/sync-uid.php?part=taboola&id=b55a542d-24a1-40cb-a1f1-38015d01cb63-tuctce9b6ed&gdpr=&gdpr_consent=
Requested by
Host: tag.leadplace.fr
URL: https://tag.leadplace.fr/wckr.php?ref=https%3A%2F%2Flescrieursduweb.com%2Fwp-content%2Fplugins%2Fthe-moneytizer%2Flazy-loading%2Fiframe-src-2.html&id=MTIZ
Protocol
HTTP/1.1
Server
145.239.193.51 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://tag.leadplace.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 10:41:49 GMT
server
nginx/1.20.1
x-iplb-request-id
253BA46E:8910_91EFC133:01BB_65F0316D_A6E9C224:5EED
x-iplb-instance
57475
transfer-encoding
chunked
content-type
image/gif

Redirect headers

x-vcl-time-ms
9
date
Tue, 12 Mar 2024 10:41:49 GMT
via
1.1 varnish
x-served-by
cache-lcy-eglc8600042-LCY
server
nginx
x-timer
S1710240109.161012,VS0,VE9
x-fastly-to-nlb-rtt
7789
x-cache
MISS
location
https://sync-uid.leadplace.fr/sync-uid.php?part=taboola&id=b55a542d-24a1-40cb-a1f1-38015d01cb63-tuctce9b6ed&gdpr=&gdpr_consent=
accept-ranges
bytes
content-length
0
x-service-version
v2
x-cache-hits
0
wapcrto.php
md5sync.leadplace.fr/ Frame E637 		0
392 B 		Document
General
Check archive.org
Download Go to
Full URL
https://md5sync.leadplace.fr/wapcrto.php?part=livedatasolutions
Requested by
Host: tag.leadplace.fr
URL: https://tag.leadplace.fr/wckr.php?ref=https%3A%2F%2Flescrieursduweb.com%2Fwp-content%2Fplugins%2Fthe-moneytizer%2Flazy-loading%2Fiframe-src-2.html&id=MTIZ
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
145.239.193.51 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tag.leadplace.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

content-type
text/html; charset=UTF-8
date
Tue, 12 Mar 2024 10:41:49 GMT
server
nginx/1.20.1
transfer-encoding
chunked
x-iplb-instance
57201
x-iplb-request-id
253BA46E:8904_91EFC133:01BB_65F0316D_A6F27744:2EEA
getuidj
ib.adnxs.com/ 		11 B
702 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/getuidj
Requested by
Host: p.cpx.to
URL: https://p.cpx.to/p/12761/px.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://lescrieursduweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Mar 2024 10:41:49 GMT
an-x-request-uuid
8cd0e809-68ee-4e40-909e-56019e75739c
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://lescrieursduweb.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
37.59.164.110; 37.59.164.110; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
11
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
rid
match.adsrvr.org/track/ 		63 B
424 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=0fkciot&fmt=json
Requested by
Host: p.cpx.to
URL: https://p.cpx.to/p/12761/px.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
86a1511128a63c4d29a35f8acb050e07a4b109ed8bcc3c9cfec004f8e2c24293

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://lescrieursduweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 10:41:49 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://lescrieursduweb.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Thu, 11 Apr 2024 10:41:49 GMT
102.json
id5-sync.com/g/v2/ 		251 B
451 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/102.json
Requested by
Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1097/smart.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
e826db56e751446cd6752a93c44de04dd9f5191d45b27846e50cfa8e63cf3e51
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://lescrieursduweb.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://lescrieursduweb.com
date
Tue, 12 Mar 2024 10:41:48 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin
content-type
application/json
lib_count.js
ads.themoneytizer.com/ 		400 B
746 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/lib_count.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=122061&formatId=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
c25e0b533eb17c8b642e942c326af3afb19df59ccc51fe6b7fe95386dce1d277

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://lescrieursduweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 12 Mar 2024 10:41:49 GMT
content-encoding
gzip
x-77-cache
HIT
x-cache
HIT
x-age
19913
x-accel-date
1710220196
x-77-nzt
EgwBw7WqEQH3yU0AAAwBisclxAH3AgAAAA
pragma
public
x-accel-expires
@1710306594
x-77-age
19915
last-modified
Wed, 07 Feb 2024 09:05:17 GMT
server
CDN77-Turbo
x-77-nzt-ray
4c1562244364361a6d31f065cb434b05
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400, public, no-transform
expires
Wed, 13 Mar 2024 05:09:54 GMT
fire.js
s.cpx.to/ 		0
170 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s.cpx.to/fire.js?pid=12761&url=https%3A%2F%2Flescrieursduweb.com%2Fwp-content%2Fplugins%2Fthe-moneytizer%2Flazy-loading%2Fiframe-src-2.html&hn_ver=72&fid=8c9ce48f-0323-46bc-a4bf-9b7106a7e0e5
Requested by
Host: p.cpx.to
URL: https://p.cpx.to/p/12761/px.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.75.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-75-168.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://lescrieursduweb.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://lescrieursduweb.com
date
Tue, 12 Mar 2024 10:41:49 GMT
access-control-allow-credentials
true
expires
Tue, 12 Mar 2024 10:41:49 GMT
content-length
0
vary
Origin
p3p
CP="NOI DEV ADM"
rules-p-6Fv0cGNfc_bw8.js
rules.quantcount.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:8600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1cc6de1a4f6a561a6aa75d08bae33388b2e8905d01753aa41e4886a466d7c28c

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://lescrieursduweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 10:04:02 GMT
content-encoding
gzip
via
1.1 4d0ae7ca3bb5e2d6eaa1450e1906adb4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
2268
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Thu, 13 Oct 2022 22:35:53 GMT
server
AmazonS3
etag
W/"1f431dc94c1f033d6666f0fe637e2d7b"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-id
s4WAdlp_og5UZdbh6kbQfChMfwRCDCuJ0Jfoy-b2GVpaNsiV7diGMw==
pixel;r=2023222865;labels=Categories.news;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Flescrieursduweb.com%2Fwp-content%2Fplugins%2Fthe-moneytizer%2Flazy-loading%2Fiframe-src-2.html;uht=2;fpan=1;fpa=P0...
pixel.quantserve.com/ 		35 B
507 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=2023222865;labels=Categories.news;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Flescrieursduweb.com%2Fwp-content%2Fplugins%2Fthe-moneytizer%2Flazy-loading%2Fiframe-src-2.html;uht=2;fpan=1;fpa=P0-148890703-1710240109232;pbc=;ns=0;ce=1;qjs=1;qv=b70d35e8-20231208114759;cm=;gdpr=0;ref=;d=lescrieursduweb.com;dst=1;et=1710240109311;tzo=-60;ogl=;ses=31cf7302-fd23-43a3-927a-0e2ded360eeb;mdl=
Requested by
Host: lescrieursduweb.com
URL: https://lescrieursduweb.com/wp-content/plugins/the-moneytizer/lazy-loading/iframe-src-2.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://lescrieursduweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Mar 2024 10:41:49 GMT
attribution-reporting-register-trigger
{"event_trigger_data":[{"filters":[{"label":["Categories.news"],"pcode":["p-6Fv0cGNfc_bw8"]}],"trigger_data":"1"}]}
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
wapcrto.php
md5sync.leadplace.fr/ Frame 5713 		0
392 B 		Document
General
Check archive.org
Download Go to
Full URL
https://md5sync.leadplace.fr/wapcrto.php?part=remailme
Requested by
Host: tag.leadplace.fr
URL: https://tag.leadplace.fr/wckr.php?ref=https%3A%2F%2Flescrieursduweb.com%2Fwp-content%2Fplugins%2Fthe-moneytizer%2Flazy-loading%2Fiframe-src-2.html&id=MTIZ
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
145.239.193.51 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tag.leadplace.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

content-type
text/html; charset=UTF-8
date
Tue, 12 Mar 2024 10:41:49 GMT
server
nginx/1.20.1
transfer-encoding
chunked
x-iplb-instance
57201
x-iplb-request-id
253BA46E:8904_91EFC133:01BB_65F0316D_A6F27824:2EEA
pixel
ps.eyeota.net/ Frame 1215 		0
344 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ps.eyeota.net/pixel?pid=mhoi0ru&t=ajs&uid=1369094703120739756&gdpr=&gdpr_consent=&c_b=1&gdpr=0&gdpr_consent=&c_l=0&c_s=1&c_e=
Requested by
Host: ps.eyeota.net
URL: https://ps.eyeota.net/pixel?pid=mhoi0ru&t=ajs&uid=1369094703120739756&gdpr=&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.57.150.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-150-20.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://tag.leadplace.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date
Tue, 12 Mar 2024 10:41:49 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
rum
lescrieursduweb.com/cdn-cgi/ 		0
173 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lescrieursduweb.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://lescrieursduweb.com/wp-content/plugins/the-moneytizer/lazy-loading/iframe-src-2.html
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
content-type
application/json

Response headers

date
Tue, 12 Mar 2024 10:41:49 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://lescrieursduweb.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
86332c8d5f866ef7-CDG

Verdicts & Comments Add Verdict or Comment

116 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| confiantWrap number| themoneytizer_async object| eucountries object| sas function| whenFormatFctDefined function| whenDefined function| tmzrScriptErrorHandler function| tmzrCountExec number| random_cent_ab_test number| tmzr_siteid number| random_cent number| enable_sco function| criteoCallback object| generic object| criteo_gum object| smart_csync object| pwidget_config object| leadplaceScript object| iframe object| node object| tagsObject string| website number| random undefined| pubstack object| headelement object| notifyme object| tmzr object| d object| pbs number| random_sw number| intervalCheckNb number| checkInterval2 number| checkInterval1 object| format_size object| format_size_ix object| format_w_adform object| format_h_adform object| format_size_rubicon object| between_w object| between_h object| counter_refresh object| smart_prebid2 function| refreshVisibility26300 number| checkInterval string| crtg_content object| mydiv object| creatediv undefined| paragraphs undefined| counter undefined| temp undefined| myP undefined| myPNumber undefined| coeffFilterBegin undefined| coeffFilterEnd undefined| filterBegin undefined| filterEnd undefined| limitPargraphs undefined| filteringParagraphs undefined| number undefined| divs undefined| coeffFilterBeginDiv undefined| filterBeginDiv function| isEmpty function| GetMobileDesktop function| GetMobileDesktopId function| GetRichAudienceZone function| GetmnameAdform function| GetwAdform function| GethAdform function| GetsizeTriplelift function| Getsize function| GetsizeRubicon function| Timeout function| refreshSlot function| refreshSlotFooter undefined| convertHtmlToText function| whatToLoad number| nugg_ab number| site_id string| pubstack_ab object| sublime string| sh object| _qevents boolean| moneycaching object| params number| nugg object| amzn_targetingParamsList object| adsAmzn26328 object| adsAmzn26755 number| nugg_amazon function| Adcall_26300 object| __cfBeacon object| libJsLeadPlace boolean| sas_usePostStandard object| ID5 function| SasIabApi object| sas_ads boolean| sas_ajax object| sas_manager object| sas_unrenderedFormats function| sas_render function| SmartAdServer function| SmartAdServerAjax function| sas_gcf function| sas_appendToContainer function| sas_addCleanListener number| sas_renderMode object| AWS function| tmzrLibCountExec function| quantserve function| __qc object| ezt object| _qoptions undefined| __gpp

13 Cookies

Domain/Path Name / Value
.leadplace.fr/ Name: uid
Value: 1369094703120739756
adtrack.adleadevent.com/ Name: AWSELBCORS
Value: 9FC54D150466C174912E5199B1F8E822A79961F459747D218DA8067809F8238A086EE8BF67D63A2A90D1DB19587375008B81DF393E46C0AEB40A8EC769662133B964A72527
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.adnxs.com/ Name: XANDR_PANID
Value: 3wXIezJ51nBwdLgppFfYxyF6mYiKgCnRaZ5yjzMTfsPUX7jVWlQwh0twgKEMCgjI2AXbTZ1CB0608GItXicZ5AWNJTUoJTbhqpnZrz4lNTM.
.adnxs.com/ Name: uuid2
Value: 3277871820934838630
.weborama.fr/ Name: AFFICHE_W
Value: 1yv6mH0khbrX20
.demdex.net/ Name: demdex
Value: 72974685840227209610571575306588236986
.dpm.demdex.net/ Name: dpm
Value: 72974685840227209610571575306588236986
.mathtag.com/ Name: uuid
Value: 00f165f0-316d-4e00-9a96-d0aba261e456
.eyeota.net/ Name: SERVERID
Value: 23545~DM
.ads.stickyadstv.com/ Name: UID
Value: 82ea90baabb8e4bb377f82a27ac66a
.quantserve.com/ Name: mc
Value: 65f0316d-53578-52188-fe381
.lescrieursduweb.com/ Name: __qca
Value: P0-148890703-1710240109232

29 Console Messages

Source Level URL
Text
other warning URL: https://lescrieursduweb.com/wp-content/plugins/the-moneytizer/lazy-loading/iframe-src-2.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://lescrieursduweb.com/wp-content/plugins/the-moneytizer/lazy-loading/iframe-src-2.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://lescrieursduweb.com/wp-content/plugins/the-moneytizer/lazy-loading/iframe-src-2.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://lescrieursduweb.com/wp-content/plugins/the-moneytizer/lazy-loading/iframe-src-2.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://sync.smartadserver.com/getuid?url=https%3A%2F%2Ftag.leadplace.fr%2Fwappsma.php%3Fid%3D%5Bsas_uid%5D%26uid%3D1369094703120739756
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://lescrieursduweb.com/wp-content/plugins/the-moneytizer/lazy-loading/iframe-src-2.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://lescrieursduweb.com/wp-content/plugins/the-moneytizer/lazy-loading/iframe-src-2.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://lescrieursduweb.com/wp-content/plugins/the-moneytizer/lazy-loading/iframe-src-2.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://lescrieursduweb.com/wp-content/plugins/the-moneytizer/lazy-loading/iframe-src-2.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://lescrieursduweb.com/wp-content/plugins/the-moneytizer/lazy-loading/iframe-src-2.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://lescrieursduweb.com/wp-content/plugins/the-moneytizer/lazy-loading/iframe-src-2.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://lescrieursduweb.com/wp-content/plugins/the-moneytizer/lazy-loading/iframe-src-2.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://lescrieursduweb.com/wp-content/plugins/the-moneytizer/lazy-loading/iframe-src-2.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://lescrieursduweb.com/wp-content/plugins/the-moneytizer/lazy-loading/iframe-src-2.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://lescrieursduweb.com/wp-content/plugins/the-moneytizer/lazy-loading/iframe-src-2.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://lescrieursduweb.com/wp-content/plugins/the-moneytizer/lazy-loading/iframe-src-2.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://lescrieursduweb.com/wp-content/plugins/the-moneytizer/lazy-loading/iframe-src-2.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://lescrieursduweb.com/wp-content/plugins/the-moneytizer/lazy-loading/iframe-src-2.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://lescrieursduweb.com/wp-content/plugins/the-moneytizer/lazy-loading/iframe-src-2.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://lescrieursduweb.com/wp-content/plugins/the-moneytizer/lazy-loading/iframe-src-2.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://lescrieursduweb.com/wp-content/plugins/the-moneytizer/lazy-loading/iframe-src-2.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://lescrieursduweb.com/wp-content/plugins/the-moneytizer/lazy-loading/iframe-src-2.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://lescrieursduweb.com/wp-content/plugins/the-moneytizer/lazy-loading/iframe-src-2.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://lescrieursduweb.com/wp-content/plugins/the-moneytizer/lazy-loading/iframe-src-2.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://lescrieursduweb.com/wp-content/plugins/the-moneytizer/lazy-loading/iframe-src-2.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://lescrieursduweb.com/wp-content/plugins/the-moneytizer/lazy-loading/iframe-src-2.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://lescrieursduweb.com/wp-content/plugins/the-moneytizer/lazy-loading/iframe-src-2.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://lescrieursduweb.com/wp-content/plugins/the-moneytizer/lazy-loading/iframe-src-2.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://lescrieursduweb.com/wp-content/plugins/the-moneytizer/lazy-loading/iframe-src-2.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.stickyadstv.com
ads.themoneytizer.com
adtrack.adleadevent.com
beacon.krxd.net
ced.sascdn.com
cm.g.doubleclick.net
dpm.demdex.net
gum.criteo.com
ib.adnxs.com
id5-sync.com
lescrieursduweb.com
loadeu.exelator.com
match.adsrvr.org
md5sync.leadplace.fr
onetag-sys.com
p.cpx.to
pixel.mathtag.com
pixel.quantserve.com
ps.eyeota.net
rd.frontend.weborama.fr
rules.quantcount.com
s.cpx.to
sdk.amazonaws.com
secure.quantserve.com
static.cloudflareinsights.com
sync-uid.leadplace.fr
sync.leadplace.fr
sync.smartadserver.com
tag.leadplace.fr
trc.taboola.com
108.129.61.95
13.35.58.23
145.239.192.166
145.239.193.51
151.101.1.91
162.19.138.118
176.34.155.244
185.89.210.20
2.17.113.8
216.58.212.162
2600:9000:223c:8600:6:44e3:f8c0:93a1
2606:4700:20::ac43:47b6
2606:4700::6810:5049
2607:ae80:4::26
2620:116:800d:21:e365:4988:e8a7:3270
2a02:2638:3::c
2a02:6ea0:c700::19
2a04:4e42:200::300
34.243.41.73
35.190.24.218
51.89.9.252
52.215.143.61
52.223.40.198
52.48.75.168
52.57.150.20
54.78.254.47
81.17.55.172
0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
1cc6de1a4f6a561a6aa75d08bae33388b2e8905d01753aa41e4886a466d7c28c
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
435e49383e9d5884d6e41ba8b1b1e069c9c86842bcbea15c4fb15827e140f7e9
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d
58ef01cf054184b5b7ee5b05ef529f9937708b1b07d4d37277117756d9139a3f
5d198f0974c450fc9cb6e3f3dbd101de98d6939dee923929790580d25f858308
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3
75f5d5f13d14851431b3b014fe015e71d06a43aac83701319a15d44b2ed4f0a8
841aa9ca85d7e4bc5124187affee730a2d5d31e8e2e99dde64915d84a24e9a5d
86a1511128a63c4d29a35f8acb050e07a4b109ed8bcc3c9cfec004f8e2c24293
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
914c99963071ca0326333221ad2d938e3eb8acd082ceaee7b676ed4b7dd1873b
9433e3254eee643f0aeccbf5c8e3c00ccb3cf3fb016b3d4eb7dbdfd19810dba5
97c32278e8275102822dd3f18f9de62b7ff1f796bb43cf04c0845114ec912d16
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
aa08ed3725920fefd909f8763945e103af21df309cc27a821dc9b3b5b6dd8773
c25e0b533eb17c8b642e942c326af3afb19df59ccc51fe6b7fe95386dce1d277
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e826db56e751446cd6752a93c44de04dd9f5191d45b27846e50cfa8e63cf3e51