urlz.fr Open in urlscan Pro
2606:4700:3038::6815:ead6 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://urlz.fr/ncPV
Submission: On August 13 via api (August 13th 2023, 3:11:59 pm UTC) from US — Scanned from US

Summary HTTP 176 Redirects Behaviour Indicators

Summary

This website contacted 70 IPs in 9 countries across 73 domains to perform 176 HTTP transactions. The main IP is 2606:4700:3038::6815:ead6, located in United States and belongs to CLOUDFLARENET, US. The main domain is urlz.fr. The Cisco Umbrella rank of the primary domain is 821304.
TLS certificate: Issued by GTS CA 1P5 on July 10th 2023. Valid for: 3 months.

This is the only time urlz.fr was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: JR East (Transportation)

Domain & IP information

	IP Address	AS Autonomous System
2	2606:4700:303... 2606:4700:3038::6815:ead6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 30	155.94.138.49 155.94.138.49	8100 (ASN-QUADR...) (ASN-QUADRANET-GLOBAL)
2	2607:f8b0:400... 2607:f8b0:4006:821::2008	15169 (GOOGLE) (GOOGLE)
18	2a02:6ea0:c40... 2a02:6ea0:c400::12	60068 (CDN77 ^_^) (CDN77 ^_^)
2	2600:9000:230... 2600:9000:2305:9000:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
5	54.38.64.100 54.38.64.100	16276 (OVH) (OVH)
3	2607:f8b0:400... 2607:f8b0:4006:80c::200e	15169 (GOOGLE) (GOOGLE)
1	104.117.182.17 104.117.182.17	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 3	2620:100:a001::c 2620:100:a001::c	19750 (AS-CRITEO) (AS-CRITEO)
3	2606:4700:10:... 2606:4700:10::6816:1857	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	145.239.192.166 145.239.192.166	16276 (OVH) (OVH)
2 10	51.222.39.184 51.222.39.184	16276 (OVH) (OVH)
1 3	2620:116:800b... 2620:116:800b:21:c1e8:5385:5098:6bf0	14618 (AMAZON-AES) (AMAZON-AES)
1	54.229.255.191 54.229.255.191	16509 (AMAZON-02) (AMAZON-02)
1	54.192.100.71 54.192.100.71	16509 (AMAZON-02) (AMAZON-02)
1 1	74.121.140.211 74.121.140.211	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1	213.19.162.90 213.19.162.90	26667 (RUBICONPR...) (RUBICONPROJECT)
4 5	68.67.160.75 68.67.160.75	29990 (ASN-APPNEX) (ASN-APPNEX)
1	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
8 9	142.251.35.162 142.251.35.162	15169 (GOOGLE) (GOOGLE)
1	23.105.12.171 23.105.12.171	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
1 3	52.46.128.147 52.46.128.147	16509 (AMAZON-02) (AMAZON-02)
1	162.248.18.32 162.248.18.32	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	198.148.27.131 198.148.27.131	19189 (PULSEPOINT) (PULSEPOINT)
4 4	2606:ae80:145... 2606:ae80:1451:14::1080	25751 (VALUECLICK) (VALUECLICK)
2 3	3.225.218.10 3.225.218.10	14618 (AMAZON-AES) (AMAZON-AES)
4 5	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
3 4	35.211.178.172 35.211.178.172	19527 (GOOGLE-2) (GOOGLE-2)
1	2600:9000:21d... 2600:9000:21dd:2200:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	74.119.119.139 74.119.119.139	19750 (AS-CRITEO) (AS-CRITEO)
3	162.19.138.119 162.19.138.119	16276 (OVH) (OVH)
2	2606:4700:20:... 2606:4700:20::ac43:4bf1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:816::200a	15169 (GOOGLE) (GOOGLE)
1	51.15.145.115 51.15.145.115	12876 (Online SAS) (Online SAS)
1	2606:4700::68... 2606:4700::6812:1691	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.77.129.231 54.77.129.231	16509 (AMAZON-02) (AMAZON-02)
5	54.171.14.125 54.171.14.125	16509 (AMAZON-02) (AMAZON-02)
1	162.19.138.117 162.19.138.117	16276 (OVH) (OVH)
4	52.9.22.152 52.9.22.152	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:372	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2620:100:a001... 2620:100:a001::18	19750 (AS-CRITEO) (AS-CRITEO)
1	35.205.65.172 35.205.65.172	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	3.223.12.17 3.223.12.17	14618 (AMAZON-AES) (AMAZON-AES)
1	52.22.181.173 52.22.181.173	14618 (AMAZON-AES) (AMAZON-AES)
1	34.202.151.41 34.202.151.41	14618 (AMAZON-AES) (AMAZON-AES)
1 2	172.98.26.245 172.98.26.245	399668 (E-PLANNING-) (E-PLANNING-)
4	104.22.68.131 104.22.68.131	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.225.131.246 3.225.131.246	14618 (AMAZON-AES) (AMAZON-AES)
1	2602:803:c002... 2602:803:c002:300::98	26667 (RUBICONPR...) (RUBICONPROJECT)
1	195.244.31.11 195.244.31.11	() ()
1	96.46.183.20 96.46.183.20	7979 (SERVERS-COM) (SERVERS-COM)
1	185.184.10.30 185.184.10.30	203690 (RTB-HOUSE...) (RTB-HOUSE-ASH)
1	70.42.32.191 70.42.32.191	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
2	23.54.68.197 23.54.68.197	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 8	8.28.7.83 8.28.7.83	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	8.28.7.81 8.28.7.81	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
1 1	199.38.167.131 199.38.167.131	54312 (ROCKETFUEL) (ROCKETFUEL)
2 15	162.248.18.37 162.248.18.37	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	173.231.178.77 173.231.178.77	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1	38.91.45.7 38.91.45.7	398989 (DEEPINTENT) (DEEPINTENT)
1	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
1 1	54.156.100.188 54.156.100.188	14618 (AMAZON-AES) (AMAZON-AES)
2 2	52.5.225.244 52.5.225.244	14618 (AMAZON-AES) (AMAZON-AES)
1 2	54.225.185.242 54.225.185.242	() ()
1 2	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	34.102.163.6 34.102.163.6	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	35.214.128.248 35.214.128.248	() ()
1 1	69.90.254.78 69.90.254.78	() ()
1	34.149.40.38 34.149.40.38	15169 (GOOGLE) (GOOGLE)
1 2	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	40.76.134.238 40.76.134.238	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	52.223.22.214 52.223.22.214	16509 (AMAZON-02) (AMAZON-02)
1 1	35.236.220.17 35.236.220.17	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	2620:112:f002... 2620:112:f002:bbbb::21	6336 (TURN-US-ASN) (TURN-US-ASN)
1	2600:1f18:4e9... 2600:1f18:4e9:5a07:25d3:b867:be5a:94f0	14618 (AMAZON-AES) (AMAZON-AES)
1	8.28.7.84 8.28.7.84	() ()
1 1	52.206.114.15 52.206.114.15	14618 (AMAZON-AES) (AMAZON-AES)
2 2	2604:9e00:1:1... 2604:9e00:1:129::2:a01	() ()
1 1	174.137.133.49 174.137.133.49	() ()
1	54.159.4.118 54.159.4.118	14618 (AMAZON-AES) (AMAZON-AES)
1 2	38.98.69.175 38.98.69.175	174 (COGENT-174) (COGENT-174)
2 2	207.198.113.89 207.198.113.89	() ()
2 2	185.167.164.49 185.167.164.49	() ()
1 1	72.247.65.83 72.247.65.83	() ()
1	23.52.162.21 23.52.162.21	() ()
4	151.101.1.44 151.101.1.44	() ()
176	70

2 2606:4700:3038::6815:ead6 (United States)

ASN13335 (CLOUDFLARENET, US)

urlz.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 155.94.138.49 (Los Angeles, United States) 2 redirects

ASN8100 (ASN-QUADRANET-GLOBAL, US)
PTR: 155.94.138.49.static.quadranet.com

www.jrodakake.xpkzqpcwif.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:821::2008 (Stony Point, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a02:6ea0:c400::12 (New York, United States)

ASN60068 (CDN77 ^_^, GB)

ads.themoneytizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2305:9000:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.quantcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.38.64.100 (France)

ASN16276 (OVH, FR)

c.tmyzer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80c::200e (Stony Point, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.117.182.17 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-117-182-17.deploy.static.akamaitechnologies.com

ced.sascdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:100:a001::c (United States) 1 redirects

ASN19750 (AS-CRITEO, US)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 145.239.192.166 (Valence, France)

ASN16276 (OVH, FR)

tag.leadplace.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 51.222.39.184 (Canada) 2 redirects

ASN16276 (OVH, FR)
PTR: ip184.ip-51-222-39.net

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:116:800b:21:c1e8:5385:5098:6bf0 (United States) 1 redirects

ASN14618 (AMAZON-AES, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.229.255.191 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-255-191.eu-west-1.compute.amazonaws.com

p.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.192.100.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-100-71.ewr53.r.cloudfront.net

d2zur9cc2gf1tx.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.121.140.211 (Reston, United States) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.162.90 (United Kingdom)

ASN26667 (RUBICONPROJECT, US)

pixel-eu.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 68.67.160.75 (New York, United States) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.251.35.162 (Marriottsville, United States) 8 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s78-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.105.12.171 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)

ssbsync-global.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.46.128.147 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.248.18.32 (United States)

ASN62713 (AS-PUBMATIC, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.131 (New York, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:ae80:1451:14::1080 (United States) 4 redirects

ASN25751 (VALUECLICK, US)

prebid-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pubmatic-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.225.218.10 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-218-10.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.223.40.198 (United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.211.178.172 (North Charleston, United States) 3 redirects

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21dd:2200:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.19.138.119 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4bf1 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:816::200a (Stony Point, United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.15.145.115 (France)

ASN12876 (Online SAS, FR)
PTR: kube-rr.sirdata.fr

kvt.sddan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1691 (United States)

ASN13335 (CLOUDFLARENET, US)

cadmus.script.ac	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.77.129.231 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-129-231.eu-west-1.compute.amazonaws.com

adtrack.adleadevent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.171.14.125 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-14-125.eu-west-1.compute.amazonaws.com

s.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.117 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.9.22.152 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-9-22-152.us-west-1.compute.amazonaws.com

apis.cmp.quantcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:372 (United States)

ASN13335 (CLOUDFLARENET, US)

mp.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:100:a001::18 (United States)

ASN19750 (AS-CRITEO, US)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.205.65.172 (Brussels, Belgium)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 172.65.205.35.bc.googleusercontent.com

engine.bliink.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.223.12.17 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-223-12-17.compute-1.amazonaws.com

pre.ads.justpremium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.22.181.173 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-181-173.compute-1.amazonaws.com

ads.servenobid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.202.151.41 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-202-151-41.compute-1.amazonaws.com

bid.missena.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.98.26.245 (Ashburn, United States) 1 redirects

ASN399668 (E-PLANNING-, US)
PTR: ads.us.e-planning.net

pbjs.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.22.68.131 (None, )

ASN13335 (CLOUDFLARENET, US)

prebid.smilewanted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.225.131.246 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-131-246.compute-1.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c002:300::98 (United States)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.244.31.11 (None, )

ASN- ()

hb-api.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 96.46.183.20 (United States)

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.184.10.30 (Poland)

ASN203690 (RTB-HOUSE-ASH, PL)
PTR: ip-185-184-10-30.rtbhouse.net

prebid-us.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 70.42.32.191 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

b1h.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.54.68.197 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-54-68-197.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 8.28.7.83 (United States) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 8.28.7.81 (United States) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.66.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.38.167.131 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 162.248.18.37 (United States) 2 redirects

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.231.178.77 (United States) 2 redirects

ASN32475 (SINGLEHOP-LLC, US)

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 38.91.45.7 (United States)

ASN398989 (DEEPINTENT, US)

match.deepintent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.156.100.188 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-156-100-188.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.5.225.244 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-225-244.compute-1.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.225.185.242 (None, ) 1 redirects

ASN- ()

beacon.lynx.cognitivlabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:19ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.163.6 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 6.163.102.34.bc.googleusercontent.com

ad.mrtnsvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.214.128.248 (None, ) 1 redirects

ASN- ()

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.90.254.78 (None, ) 1 redirects

ASN- ()

ums.acuityplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.149.40.38 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 38.40.149.34.bc.googleusercontent.com

u.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.113.62 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 40.76.134.238 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

us01.z.antigena.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.22.214 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.236.220.17 (Washington, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 17.220.236.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:112:f002:bbbb::21 (United States) 1 redirects

ASN6336 (TURN-US-ASN, US)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:4e9:5a07:25d3:b867:be5a:94f0 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.28.7.84 (None, )

ASN- ()

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.206.114.15 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-206-114-15.compute-1.amazonaws.com

sync.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2604:9e00:1:129::2:a01 (None, ) 2 redirects

ASN- ()

rtb2-useast.marketiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 174.137.133.49 (None, ) 1 redirects

ASN- ()

dsp.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.159.4.118 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-159-4-118.compute-1.amazonaws.com

rtb.adentifi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 38.98.69.175 (New York, United States) 1 redirects

ASN174 (COGENT-174, US)

pmp.mxptint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 207.198.113.89 (None, ) 2 redirects

ASN- ()

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.167.164.49 (None, ) 2 redirects

ASN- ()

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.247.65.83 (None, ) 1 redirects

ASN- ()

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.52.162.21 (None, )

ASN- ()

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.1.44 (None, )

ASN- ()

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	xpkzqpcwif.top 2 redirects www.jrodakake.xpkzqpcwif.top	160 KB
29	pubmatic.com 5 redirects image8.pubmatic.com — Cisco Umbrella Rank: 686 ads.pubmatic.com — Cisco Umbrella Rank: 553 image2.pubmatic.com — Cisco Umbrella Rank: 938 image6.pubmatic.com — Cisco Umbrella Rank: 809 simage2.pubmatic.com — Cisco Umbrella Rank: 786 image4.pubmatic.com	34 KB
18	themoneytizer.com ads.themoneytizer.com — Cisco Umbrella Rank: 38337	263 KB
10	onetag-sys.com 2 redirects onetag-sys.com — Cisco Umbrella Rank: 812	5 KB
9	doubleclick.net 8 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 239	2 KB
8	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 425 mug.criteo.com — Cisco Umbrella Rank: 2553 bidder.criteo.com — Cisco Umbrella Rank: 772 dis.criteo.com — Cisco Umbrella Rank: 608	2 KB
6	cpx.to p.cpx.to — Cisco Umbrella Rank: 11647 s.cpx.to — Cisco Umbrella Rank: 8228	3 KB
6	quantcast.com cmp.quantcast.com — Cisco Umbrella Rank: 3448 apis.cmp.quantcast.com — Cisco Umbrella Rank: 9235	46 KB
5	adsrvr.org 4 redirects match.adsrvr.org — Cisco Umbrella Rank: 363	3 KB
5	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 221 secure.adnxs.com — Cisco Umbrella Rank: 464	4 KB
5	rubiconproject.com 1 redirects pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2333 pixel.rubiconproject.com — Cisco Umbrella Rank: 361 fastlane.rubiconproject.com — Cisco Umbrella Rank: 572 secure-assets.rubiconproject.com eus.rubiconproject.com	2 KB
5	tmyzer.com c.tmyzer.com — Cisco Umbrella Rank: 35786	1 KB
4	taboola.com cdn.taboola.com	640 KB
4	smilewanted.com prebid.smilewanted.com — Cisco Umbrella Rank: 6690	411 B
4	4dex.io script.4dex.io — Cisco Umbrella Rank: 1602 mp.4dex.io — Cisco Umbrella Rank: 2960 u.4dex.io — Cisco Umbrella Rank: 4789	29 KB
4	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 354	2 KB
4	yahoo.com 2 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 320 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 465	1 KB
4	dotomi.com 4 redirects prebid-match.dotomi.com — Cisco Umbrella Rank: 2443 pubmatic-match.dotomi.com — Cisco Umbrella Rank: 4074	1 KB
3	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 423	3 KB
3	amazon-adsystem.com 1 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 317	2 KB
3	quantserve.com 1 redirects secure.quantserve.com — Cisco Umbrella Rank: 1285 pixel.quantserve.com — Cisco Umbrella Rank: 1026 cms.quantserve.com — Cisco Umbrella Rank: 857	10 KB
3	zeotap.com spl.zeotap.com — Cisco Umbrella Rank: 3226 mwzeom.zeotap.com — Cisco Umbrella Rank: 3138	21 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 54	21 KB
2	adform.net 2 redirects c1.adform.net	1 KB
2	sitescout.com 2 redirects pixel-sync.sitescout.com	938 B
2	mxptint.net 1 redirects pmp.mxptint.net — Cisco Umbrella Rank: 5983	967 B
2	marketiq.com 2 redirects rtb2-useast.marketiq.com	766 B
2	3lift.com 1 redirects eb2.3lift.com — Cisco Umbrella Rank: 406	733 B
2	tapad.com 1 redirects pixel.tapad.com — Cisco Umbrella Rank: 499	151 B
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 841 s.tribalfusion.com — Cisco Umbrella Rank: 1914	1 KB
2	cognitivlabs.com 1 redirects beacon.lynx.cognitivlabs.com	837 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 977	2 KB
2	adgrx.com 2 redirects cm.adgrx.com — Cisco Umbrella Rank: 1517	1011 B
2	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 777	772 B
2	openx.net 2 redirects u.openx.net — Cisco Umbrella Rank: 759	638 B
2	e-planning.net 1 redirects pbjs.e-planning.net — Cisco Umbrella Rank: 6855	1 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 65	142 KB
2	urlz.fr urlz.fr — Cisco Umbrella Rank: 821304	7 KB
1	adentifi.com rtb.adentifi.com — Cisco Umbrella Rank: 1356	35 B
1	adkernel.com 1 redirects dsp.adkernel.com	378 B
1	ipredictive.com 1 redirects sync.ipredictive.com — Cisco Umbrella Rank: 1093	554 B
1	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 921	518 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 818	659 B
1	antigena.com us01.z.antigena.com — Cisco Umbrella Rank: 3334
1	acuityplatform.com 1 redirects ums.acuityplatform.com	674 B
1	loopme.me 1 redirects csync.loopme.me	225 B
1	mrtnsvr.com 1 redirects ad.mrtnsvr.com — Cisco Umbrella Rank: 3316	308 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 791	1 KB
1	deepintent.com match.deepintent.com — Cisco Umbrella Rank: 1148	222 B
1	rfihub.com 1 redirects p.rfihub.com — Cisco Umbrella Rank: 891	793 B
1	zemanta.com b1h.zemanta.com — Cisco Umbrella Rank: 5373	113 B
1	creativecdn.com prebid-us.creativecdn.com — Cisco Umbrella Rank: 23994	170 B
1	betweendigital.com ads.betweendigital.com — Cisco Umbrella Rank: 1634	880 B
1	omnitagjs.com hb-api.omnitagjs.com	632 B
1	360yield.com ad.360yield.com — Cisco Umbrella Rank: 670	97 B
1	missena.io bid.missena.io — Cisco Umbrella Rank: 72598	188 B
1	servenobid.com ads.servenobid.com — Cisco Umbrella Rank: 2573	836 B
1	justpremium.com pre.ads.justpremium.com — Cisco Umbrella Rank: 7549	752 B
1	bliink.io engine.bliink.io — Cisco Umbrella Rank: 109385	1015 B
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1147	394 B
1	adleadevent.com adtrack.adleadevent.com — Cisco Umbrella Rank: 41396	913 B
1	script.ac cadmus.script.ac — Cisco Umbrella Rank: 37401	432 B
1	sddan.com kvt.sddan.com — Cisco Umbrella Rank: 43878	648 B
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 392	30 KB
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1242	1 KB
1	contextweb.com 1 redirects bh.contextweb.com — Cisco Umbrella Rank: 558	727 B
1	smartadserver.com ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 1707	45 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 1190	672 B
1	cloudfront.net d2zur9cc2gf1tx.cloudfront.net	26 KB
1	leadplace.fr tag.leadplace.fr — Cisco Umbrella Rank: 40375	6 KB
1	sascdn.com ced.sascdn.com — Cisco Umbrella Rank: 10642 ced-ns.sascdn.com Failed	37 KB
0	technoratimedia.com Failed sync.technoratimedia.com Failed
0	eyeota.net Failed ps.eyeota.net Failed
176	73

	Domain	Requested by
30	www.jrodakake.xpkzqpcwif.top	2 redirects urlz.fr www.jrodakake.xpkzqpcwif.top
18	ads.themoneytizer.com	urlz.fr ads.themoneytizer.com
15	simage2.pubmatic.com	2 redirects ads.pubmatic.com
10	onetag-sys.com	2 redirects ads.themoneytizer.com onetag-sys.com
9	cm.g.doubleclick.net	8 redirects onetag-sys.com
8	image2.pubmatic.com	2 redirects ads.pubmatic.com
5	s.cpx.to	p.cpx.to
5	match.adsrvr.org	4 redirects p.cpx.to
5	c.tmyzer.com	ads.themoneytizer.com
4	cdn.taboola.com	urlz.fr cdn.taboola.com
4	prebid.smilewanted.com	ads.themoneytizer.com
4	apis.cmp.quantcast.com	cmp.quantcast.com
4	x.bidswitch.net	3 redirects onetag-sys.com
4	ib.adnxs.com	3 redirects p.cpx.to
3	id5-sync.com	ads.themoneytizer.com ced.sascdn.com
3	ups.analytics.yahoo.com	2 redirects onetag-sys.com
3	s.amazon-adsystem.com	1 redirects onetag-sys.com ads.pubmatic.com
3	gum.criteo.com	1 redirects ads.themoneytizer.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	c1.adform.net	2 redirects
2	pixel-sync.sitescout.com	2 redirects
2	pmp.mxptint.net	1 redirects
2	rtb2-useast.marketiq.com	2 redirects
2	pubmatic-match.dotomi.com	2 redirects
2	eb2.3lift.com	1 redirects
2	pixel.tapad.com	1 redirects
2	beacon.lynx.cognitivlabs.com	1 redirects ads.pubmatic.com
2	pm.w55c.net	2 redirects
2	cm.adgrx.com	2 redirects
2	sync-tm.everesttech.net	1 redirects ads.pubmatic.com
2	image6.pubmatic.com	1 redirects ads.pubmatic.com
2	u.openx.net	2 redirects
2	ads.pubmatic.com	urlz.fr
2	pbjs.e-planning.net	1 redirects
2	bidder.criteo.com	ads.themoneytizer.com
2	script.4dex.io	ads.themoneytizer.com script.4dex.io
2	mug.criteo.com
2	prebid-match.dotomi.com	2 redirects
2	spl.zeotap.com	ads.themoneytizer.com spl.zeotap.com
2	cmp.quantcast.com	urlz.fr cmp.quantcast.com
2	www.googletagmanager.com	urlz.fr www.googletagmanager.com
2	urlz.fr	urlz.fr
1	eus.rubiconproject.com	urlz.fr eus.rubiconproject.com
1	secure-assets.rubiconproject.com	1 redirects
1	rtb.adentifi.com
1	dsp.adkernel.com	1 redirects
1	sync.ipredictive.com	1 redirects
1	image4.pubmatic.com
1	pr-bh.ybp.yahoo.com
1	ad.turn.com	1 redirects
1	um.simpli.fi	1 redirects
1	us01.z.antigena.com
1	u.4dex.io	ads.pubmatic.com
1	ums.acuityplatform.com	1 redirects
1	csync.loopme.me	1 redirects
1	ad.mrtnsvr.com	1 redirects
1	s.tribalfusion.com	ads.pubmatic.com
1	a.tribalfusion.com	1 redirects
1	sync.srv.stackadapt.com	1 redirects
1	dis.criteo.com	ads.pubmatic.com
1	cms.quantserve.com	1 redirects
1	match.deepintent.com	ads.pubmatic.com
1	p.rfihub.com	1 redirects
1	pixel.quantserve.com
1	secure.adnxs.com	1 redirects
1	b1h.zemanta.com	ads.themoneytizer.com
1	prebid-us.creativecdn.com	ads.themoneytizer.com
1	ads.betweendigital.com	ads.themoneytizer.com
1	hb-api.omnitagjs.com	ads.themoneytizer.com
1	fastlane.rubiconproject.com	ads.themoneytizer.com
1	ad.360yield.com	ads.themoneytizer.com
1	bid.missena.io	ads.themoneytizer.com
1	ads.servenobid.com	ads.themoneytizer.com
1	pre.ads.justpremium.com	ads.themoneytizer.com
1	engine.bliink.io	ads.themoneytizer.com
1	mp.4dex.io	ads.themoneytizer.com
1	lb.eu-1-id5-sync.com	ads.themoneytizer.com
1	adtrack.adleadevent.com	ajax.googleapis.com
1	cadmus.script.ac	script.4dex.io
1	mwzeom.zeotap.com
1	kvt.sddan.com	ads.themoneytizer.com
1	ajax.googleapis.com	d2zur9cc2gf1tx.cloudfront.net
1	rules.quantcount.com	secure.quantserve.com
1	bh.contextweb.com	1 redirects
1	image8.pubmatic.com	onetag-sys.com
1	ssbsync-global.smartadserver.com	onetag-sys.com
1	pixel.rubiconproject.com	onetag-sys.com
1	pixel-eu.rubiconproject.com	onetag-sys.com
1	sync.mathtag.com	1 redirects
1	d2zur9cc2gf1tx.cloudfront.net	ads.themoneytizer.com
1	p.cpx.to	ads.themoneytizer.com
1	secure.quantserve.com	ads.themoneytizer.com
1	tag.leadplace.fr	ads.themoneytizer.com
1	ced.sascdn.com	ads.themoneytizer.com
0	ced-ns.sascdn.com Failed
0	sync.technoratimedia.com Failed	ads.pubmatic.com
0	ps.eyeota.net Failed
176	97

This site contains no links.

Subject Issuer	Validity	Valid
urlz.fr GTS CA 1P5	`2023-07-10` - `2023-10-08`	3 months	crt.sh
www.jrodakake.xpkzqpcwif.top R3	`2023-08-13` - `2023-11-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
1266287590.rsc.cdn77.org R3	`2023-07-19` - `2023-10-17`	3 months	crt.sh
cmp.quantcast.com R3	`2023-06-13` - `2023-09-11`	3 months	crt.sh
c.tmyzer.com R3	`2023-07-24` - `2023-10-22`	3 months	crt.sh
*.sascdn.com DigiCert TLS RSA SHA256 2020 CA1	`2023-07-14` - `2024-07-17`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-04` - `2024-05-03`	a year	crt.sh
*.leadplace.fr Gandi Standard SSL CA 2	`2022-09-13` - `2023-09-13`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-28` - `2024-01-28`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
p.cpx.to Sectigo RSA Domain Validation Secure Server CA	`2023-01-12` - `2024-01-13`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-03` - `2024-01-24`	6 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
quantserve.com R3	`2023-06-13` - `2023-09-11`	3 months	crt.sh
*.id5-sync.com R3	`2023-07-04` - `2023-10-02`	3 months	crt.sh
script.4dex.io Cloudflare Inc ECC CA-3	`2022-11-23` - `2023-11-22`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
kvt.sddan.com R3	`2023-06-16` - `2023-09-14`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
script.ac E1	`2023-07-05` - `2023-10-03`	3 months	crt.sh
*.adleadevent.com Amazon RSA 2048 M01	`2023-06-27` - `2024-07-25`	a year	crt.sh
s.cpx.to Sectigo RSA Domain Validation Secure Server CA	`2023-01-12` - `2024-01-17`	a year	crt.sh
*.eu-1-id5-sync.com R3	`2023-07-04` - `2023-10-02`	3 months	crt.sh
*.bliink.io GoGetSSL RSA DV CA	`2023-04-13` - `2024-05-13`	a year	crt.sh
tracking.justpremium.com Amazon RSA 2048 M01	`2023-01-26` - `2024-02-24`	a year	crt.sh
ads.servenobid.com Amazon RSA 2048 M02	`2023-04-29` - `2024-05-27`	a year	crt.sh
*.missena.io Amazon RSA 2048 M03	`2023-08-13` - `2024-09-08`	a year	crt.sh
*.360yield.com Amazon RSA 2048 M01	`2023-07-17` - `2024-08-13`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2023-06-23` - `2024-07-22`	a year	crt.sh
*.ads.betweendigital.com Sectigo RSA Domain Validation Secure Server CA	`2023-01-13` - `2024-02-13`	a year	crt.sh
*.creativecdn.com RapidSSL TLS RSA CA G1	`2023-03-29` - `2024-04-28`	a year	crt.sh
*.zemanta.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-16` - `2023-09-06`	a year	crt.sh
*.everesttech.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-08-11` - `2024-09-11`	a year	crt.sh
s.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-03` - `2024-02-19`	a year	crt.sh
*.deepintent.com Go Daddy Secure Certificate Authority - G2	`2022-11-30` - `2024-01-01`	a year	crt.sh
beacon.lynx.cognitivlabs.com Amazon RSA 2048 M02	`2023-03-31` - `2024-04-28`	a year	crt.sh
u.4dex.io GTS CA 1D4	`2023-06-29` - `2023-09-27`	3 months	crt.sh
*.z.antigena.com Sectigo ECC Domain Validation Secure Server CA	`2023-04-03` - `2024-04-02`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-04-04` - `2023-09-27`	6 months	crt.sh
adentifi.com Amazon RSA 2048 M01	`2023-07-06` - `2024-08-03`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh

This page contains 30 frames:

Primary Page: https://urlz.fr/ncPV
Frame ID: C9EBA2BB165D5308330C9C0872BA6704
Requests: 85 HTTP requests in this frame

Frame: https://www.jrodakake.xpkzqpcwif.top/one.php
Frame ID: 7AB21F9BA256BA44AB24E569596F30CA
Requests: 12 HTTP requests in this frame

Frame: https://www.jrodakake.xpkzqpcwif.top/style/xml/index_1.html
Frame ID: B70C3CF0B62522BFC521F442A743A2AA
Requests: 1 HTTP requests in this frame

Frame: https://www.jrodakake.xpkzqpcwif.top/one.php
Frame ID: 057C9E7F6A09FE0E19C45484E23E0D34
Requests: 14 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1691939516897
Frame ID: AF7426DBE0E791282B0EC5C683172703
Requests: 15 HTTP requests in this frame

Frame: https://www.jrodakake.xpkzqpcwif.top/style/xml/index_1.html
Frame ID: BDDF9FF85E5391316AF2406F16B16CFB
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Frame ID: 1C2A9D0BB30696132749CDA1D3E7EBCE
Requests: 20 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZNjyvgAIRDL-mwA_
Frame ID: 3AA0596FA81A9CF127288861B615DE81
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=2810035089260779033
Frame ID: 269012B86A1719133CDBDFADB4AE9AB6
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=BA12448F-1D22-4062-9B28-A1543353816D&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: 9D3B1B391EDDF8661C439A18ADF13779
Requests: 1 HTTP requests in this frame

Frame: https://sync.technoratimedia.com/services?uid=AADPCk7JseUAACiMSzHjWw&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D8851953543440273397%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0
Frame ID: DE16770A3D618CC8A0B3231E46895F7F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1976874031801194826&gdpr=0&gdpr_consent=
Frame ID: 53EBDF1F04E0F2BE5EE64995B037ED57
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=bf8500dc-39eb-11ee-93b9-a76bb9251871
Frame ID: 70693EC719535B29FA08DCA039E3889D
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 0474E992F78813BE874ECC1C3186D7C5
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Fg_7mEYJ_cUNDa_FGAqymBcI_pUNX_uUQw1FFfTR
Frame ID: F884B0E69E4BE2EED0C09054EE8D93C1
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: C7F86CDF650267A76E9264EEE35701AD
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=RY969wYiXAZRYKnPXDIjt6dYB6M&gdpr=0&gdpr_consent=
Frame ID: 0CD9F5A9C80D878A8D032EAB6137A616
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:7KszehaQ1QvcL45&gdpr=0&gdpr_consent=
Frame ID: C80E171D93C52F56AEF7B4E838895EA2
Requests: 1 HTTP requests in this frame

Frame: https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=BA12448F-1D22-4062-9B28-A1543353816D
Frame ID: 188FFA03F638CF0CB63EB5D8A0D3B80F
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 6F8AC40A903717342D42F2390A933782
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=BA12448F-1D22-4062-9B28-A1543353816D&gdpr=0&gdpr_consent=
Frame ID: A8668D71CBA7F9BA88659E2662137D3A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 5EBBE8446958C08E498D1E51B7F1D1CF
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=813369252622
Frame ID: 28A6297156CD06677B41EB8FCDF615D4
Requests: 1 HTTP requests in this frame

Frame: https://u.4dex.io/setuid?bidder=pubmatic&uid=(PM_UID)BA12448F-1D22-4062-9B28-A1543353816D
Frame ID: BEA15AF3AC5AB4B29A4ABAB2E39F6AFE
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
Frame ID: 8C127C81582228362D9BE1981523BF78
Requests: 2 HTTP requests in this frame

Frame: https://cdn.taboola.com/shared/tbframe.js
Frame ID: 932AD6454ACF3CE0C3FD6EDB502E1A20
Requests: 1 HTTP requests in this frame

Frame: https://cdn.taboola.com/shared/tbframe.js
Frame ID: 407462835F6078C86483DA4C4C2F742C
Requests: 1 HTTP requests in this frame

Frame: https://ads.themoneytizer.com/passback/moneytizer/728x90.png
Frame ID: 80AF66B474D888C3DA9070978A5758E1
Requests: 1 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/themonetizer-network/loader.js
Frame ID: 356D9EB444DB18A400DB91CA00CB8B8C
Requests: 2 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/themonetizer-network/loader.js
Frame ID: 27842367FFC614BF61AAF8293E3F1D10
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

えきねっと（JR東日本）｜ログイン

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

176
Requests

80 %
HTTPS

23 %
IPv6

73
Domains

97
Subdomains

70
IPs

9
Countries

1499 kB
Transfer

5378 kB
Size

113
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://www.jrodakake.xpkzqpcwif.top/ HTTP 302
https://www.jrodakake.xpkzqpcwif.top/one.php

Request Chain 28

https://www.jrodakake.xpkzqpcwif.top/ HTTP 302
https://www.jrodakake.xpkzqpcwif.top/one.php

Request Chain 44

https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://onetag-sys.com/match/?int_id=1&uid=41a564d8-f2bd-4c00-a401-0f077cb00cea&gdpr=1&gdpr_consent=

Request Chain 46

https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fonetag-sys.com%252Fmatch%252F%253Fint_id%253D98%2526gdpr%253D1%2526gdpr_consent%253D%2526uid%253D%24UID HTTP 302
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=1976874031801194826

Request Chain 48

https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABie90MxwX4RfidBLhE7ej11Rd7F5Kexawfg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABie90MxwX4RfidBLhE7ej11Rd7F5Kexawfg&google_tc=

Request Chain 50

https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=q69fFF_kmEwsVRLlYUjomm8HzuhvKGGySbkEYGdZ-zg

Request Chain 52

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm=&google_tc= HTTP 302
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEEJCGdaXxprh03aNmh_6y90&google_cver=1

Request Chain 53

https://bh.contextweb.com/bh/rtset?pid=562985&ev=1&us_privacy=&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D149%26gdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%24%7BGDPR_STRING%7D%26uid%3D%25%25VGUID%25%25 HTTP 302
https://onetag-sys.com/match/?int_id=149&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=kN1ac0XCrBNf&ev=1&us_privacy=&pid=562985

Request Chain 54

https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr_consent%3D%26uid%3D HTTP 302
https://prebid-match.dotomi.com/match/bounce/current?DotomiTest=6733fe87651020e3&is_secure=true&version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr_consent%3D%26uid%3D HTTP 302
https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAAMAuYwlyztsANZBHcHAAAAAAA&expiration=1692025917

Request Chain 56

https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= HTTP 302
https://onetag-sys.com/match/?int_id=29&uid=da3ab128-f94b-43f1-82e9-f56755dda26c&gdpr=0&gdpr_consent=

Request Chain 61

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Furlz.fr%2F&domain=urlz.fr&cw=1&lsw=1&gdpr=0 HTTP 302
https://mug.criteo.com/sid?cpp=KJZQFnwxZ1RjUVZLSFFxVXJtNmhPWTVTWkltcUVsQ0VEenhGa3BYUWw3WnVyV29xZWdLU0wwa3JDRm1LWDQ5VDdpNnZlUzhrTnBxWmU0WHJoQk1GKzF0ZTlKMlJDUWd2cWVuWHRFaGhIdGp6YWtBTlJyUmxaR05SZG9neHluMUpGbkFPdGVkQXFaYVpEOVBzNW5GcEdmOXhvYlBqUzAwQlBpSXdhdG1NSnRMQitNR1JHajRRZXBKVmdLVUMxcnpLdmthUCtWOUZlSlhOcEZHWkZ4S1Z1MEV4ZTFuTEM5dW16dnpTdTJCSmp0SUhFSW5zPXw&cppv=2

Request Chain 64

https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent= HTTP 302
https://id5-sync.com/c/12/0/9/1.gif?gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://ib.adnxs.com/getuid?https://id5-sync.com/c/12/2/8/2.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/12/2/8/2.gif?puid=1976874031801194826&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F7%2F3.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F7%2F3.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/12/108/7/3.gif?puid=a915023b-63d9-47b5-a665-8b4fa9007abb&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/k/264.gif?puid=da3ab128-f94b-43f1-82e9-f56755dda26c&ttl=%%TTL%% HTTP 302
https://match.prod.bidr.io/cookie-sync/id5?us_privacy= HTTP 303
https://match.prod.bidr.io/cookie-sync/id5?us_privacy=&_bee_ppp=1 HTTP 303
https://id5-sync.com/k/155.gif?puid=AADPCk7JseUAACiMSzHjWw&id5AccountNum=155&numCascadesAllowed=9 HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-3510_wfcf2XDtwpBd8BE-J3uQvzmfqrMfHbbP7G-3Q&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F3%2F4%2F6.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/12/3/4/6.gif?puid=41a564d8-f2bd-4c00-a401-0f077cb00cea&gdpr=0&gdpr_consent= HTTP 302
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&bid=1mpr7m0&r=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F123%2F3%2F7.gif%3Fpuid%3D%7BUUID%7D%26gdpr%3D0%26gdpr_consent%3D

Request Chain 67

https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&google_hm=ZDU2NzE4NGUtOGQ5OC00MDBkLTQxMDctM2UxM2JhYjYzMDkz&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=d567184e-8d98-400d-4107-3e13bab63093&reqId=2a932328-79aa-4c85-73a1-d803951bac6a&zdid=1258 HTTP 302
https://mwzeom.zeotap.com/mw?google_gid=CAESEBPzXtqg4Q2VS7EvhWrIVrc&google_cver=1&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=d567184e-8d98-400d-4107-3e13bab63093&reqId=2a932328-79aa-4c85-73a1-d803951bac6a&zdid=1258

Request Chain 89

https://pbjs.e-planning.net/pbjs/1/2a156/1/urlz.fr/ROS?rnd=0.4114748371229022&e=video_640x480_0%3A640x480%3B1&ur=https%3A%2F%2Furlz.fr%2FncPV&pbv=8.6.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Furlz.fr%2FncPV&gdpr=0&e_pubcid=db769eb4-0acc-4c3f-9c9c-fdd059084043&vctx=1&vv=3 HTTP 302
https://pbjs.e-planning.net/hb/1/2a156/1/urlz.fr/ROS?ct=1&r=pbjs&rnd=0.4114748371229022&e=video_640x480_0%3A640x480%3B1&ur=https%3A%2F%2Furlz.fr%2FncPV&pbv=8.6.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Furlz.fr%2FncPV&gdpr=0&e_pubcid=db769eb4-0acc-4c3f-9c9c-fdd059084043&vctx=1&vv=3

Request Chain 117

https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm HTTP 302
https://s.cpx.to/sync?dsp_uid=CAESEH1-9a9w3olg01Q09hHJGRg&dsp=dbm&google_cver=1

Request Chain 118

https://u.openx.net/w/1.0/cm?id=f0f39a70-2c21-4d5d-af4b-7350637edcd5&r=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3DOPENX%26dsp_uid%3D%7BOPENX_ID%7D HTTP 302
https://u.openx.net/w/1.0/cm?cc=1&id=f0f39a70-2c21-4d5d-af4b-7350637edcd5&r=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3DOPENX%26dsp_uid%3D%7BOPENX_ID%7D HTTP 302
https://s.cpx.to/sync?dsp=OPENX&dsp_uid=b80f76bf-f718-452e-92d2-ea3ba4d69b13

Request Chain 119

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Ffire.js%3Fdsp%3Dapp_nexus%26dsp_uid%3D%24UID%26pid%3D12773%26url%3Dhttps%253A%252F%252Furlz.fr%252FncPV%26hn_ver%3D57%26fid%3Dfdd7e734-ca29-4121-b086-ba3de9536f33%26dsp%3DTTD%26dsp_uid%3D5def5224-838b-401b-8fab-f14581087974 HTTP 302
https://s.cpx.to/fire.js?dsp=app_nexus&dsp_uid=1976874031801194826&pid=12773&url=https%3A%2F%2Furlz.fr%2FncPV&hn_ver=57&fid=fdd7e734-ca29-4121-b086-ba3de9536f33&dsp=TTD&dsp_uid=5def5224-838b-401b-8fab-f14581087974

Request Chain 120

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID HTTP 302
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID HTTP 302
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=BA12448F-1D22-4062-9B28-A1543353816D

Request Chain 126

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZNjyvgAIRDL-mwA_

Request Chain 127

https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=2810035089260779033

Request Chain 128

https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=BA12448F-1D22-4062-9B28-A1543353816D&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=BA12448F-1D22-4062-9B28-A1543353816D&redir=true&gdpr=0&gdpr_consent=&dcc=t

Request Chain 129

https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEUENrN0pzZVVBQUNpTVN6SGpXdw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Csyn%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Csyn%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
https://rtb-csync.smartadserver.com/redir?partneruserid=AADPCk7JseUAACiMSzHjWw&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsyn%252Cpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=syn%2Cpp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=8851953543440273397&gdpr=0&gdpr_consent= HTTP 303
https://sync.technoratimedia.com/services?uid=AADPCk7JseUAACiMSzHjWw&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D8851953543440273397%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0

Request Chain 130

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1976874031801194826&gdpr=0&gdpr_consent=

Request Chain 131

https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=bf8500dc-39eb-11ee-93b9-a76bb9251871

Request Chain 133

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Fg_7mEYJ_cUNDa_FGAqymBcI_pUNX_uUQw1FFfTR

Request Chain 135

https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=RY969wYiXAZRYKnPXDIjt6dYB6M&gdpr=0&gdpr_consent=

Request Chain 136

https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:7KszehaQ1QvcL45&gdpr=0&gdpr_consent=

Request Chain 137

https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=049d1044-e97b-4975-be7d-14e19f14260a&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=${PUBMATIC_UID} HTTP 302
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=BA12448F-1D22-4062-9B28-A1543353816D

Request Chain 138

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}

Request Chain 139

https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent= HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=BA12448F-1D22-4062-9B28-A1543353816D&gdpr=0&gdpr_consent=

Request Chain 140

https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}

Request Chain 141

https://ums.acuityplatform.com/tum?umid=6 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=813369252622

Request Chain 143

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=uhJEjx0iQGKbKKFUM1OBbQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

Request Chain 144

https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=BA12448F-1D22-4062-9B28-A1543353816D HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=a915023b-63d9-47b5-a665-8b4fa9007abb%252C%252C&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=da3ab128-f94b-43f1-82e9-f56755dda26c&ttd_puid=a915023b-63d9-47b5-a665-8b4fa9007abb%2C%2C

Request Chain 146

https://eb2.3lift.com/xuid?mid=7976&xuid=BA12448F-1D22-4062-9B28-A1543353816D&dongle=u6nf&gdpr=0&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=7976&xuid=BA12448F-1D22-4062-9B28-A1543353816D&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy=

Request Chain 147

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QkExMjQ0OEYtMUQyMi00MDYyLTlCMjgtQTE1NDMzNTM4MTZE&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 148

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEC4CqhwaxDA5cxFmJwwYGuI&google_cver=1

Request Chain 149

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:3BA769B9D40642FEA3A6F36CE46A5C16

Request Chain 150

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=da3ab128-f94b-43f1-82e9-f56755dda26c&gdpr=0&gdpr_consent=

Request Chain 151

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3951097677470504236&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 153

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=BA12448F-1D22-4062-9B28-A1543353816D&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=BA12448F-1D22-4062-9B28-A1543353816D&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-1wwvVkpE2uWr8TrhQZFlhHcOUqVAJ4c-~A&gdpr=0

Request Chain 154

https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=BA12448F-1D22-4062-9B28-A1543353816D&gdpr=0&gdpr_consent= HTTP 302
https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=6d2700641f621cf&is_secure=true&networkId=17100&version=1&nuid=BA12448F-1D22-4062-9B28-A1543353816D&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALrw4daJ3MyQNECN_8AAAAAAA&expiration=1692025918&nuid=BA12448F-1D22-4062-9B28-A1543353816D&is_secure=true&gdpr_consent=&gdpr=0

Request Chain 155

https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=50f2c53a-7abb-4cfa-8e85-7c39afec7468&gdpr=0&gdpr_consent=

Request Chain 156

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://rtb2-useast.marketiq.com/sync?exchange=685&ssp=pubmatic&bsw_param=488c4b8a-6ee0-4999-9297-5c3162e6879c HTTP 302
https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.marketiq.com%2Fsync%3Fexchange%3D685%26ssp%3Dpubmatic%26bsw_param%3D488c4b8a-6ee0-4999-9297-5c3162e6879c HTTP 302
https://rtb2-useast.marketiq.com/sync?adkuid=A3412976901617556202&exchange=685&ssp=pubmatic&bsw_param=488c4b8a-6ee0-4999-9297-5c3162e6879c HTTP 302
https://x.bidswitch.net/sync?dsp_id=458&user_id=A3412976901617556202&expires=5&ssp=pubmatic&bsw_param=488c4b8a-6ee0-4999-9297-5c3162e6879c HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=488c4b8a-6ee0-4999-9297-5c3162e6879c&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 158

https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R33647_10759C0CD_4F251E98&r=https://pmp.mxptint.net/sn.ashx?ak=1 HTTP 302
https://pmp.mxptint.net/sn.ashx?ak=1

Request Chain 159

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=5aab6776-6783-49e0-8af4-9364ead6f9c3-64d8f2be-5553&gdpr=0&gdpr_consent=

Request Chain 160

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3608501076045583537

Request Chain 161

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=onfocus&endpoint=us-west HTTP 301
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west

176 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request ncPV Show response
urlz.fr/ 8 KB
3 KB 478ms
389ms Document
text/html 2606:4700:3038::6815:ead6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://urlz.fr/ncPV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ead6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09d7340bfb3af7a5cd9534b30a47cd211ea4e84fc68445362b192266bfd11cb4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=60
cf-cache-status: DYNAMIC
cf-ray: 7f61e4a4de636324-ORD
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 13 Aug 2023 15:11:53 GMT
expires: Sun, 13 Aug 2023 15:12:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PPaugkk49eU%2BNSkd2wmIW8XQ%2FVc21JniL3aUngiPF9GzZA069dSpOyUm%2BOkHKs48MoZWYAOqwS3S1gP5YQ0k3Fx6pUAWr7AGV%2BCdAjHjiKSal7cprsAUDDex4Rk3%2FAJpGFZm%2FEur"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-fastcgi-cache: MISS

GET
H2

200

one.php Show response
www.jrodakake.xpkzqpcwif.top/ Frame 7AB2
Redirect Chain

https://www.jrodakake.xpkzqpcwif.top/
https://www.jrodakake.xpkzqpcwif.top/one.php

20 KB
5 KB

499ms
499ms

Document
text/html

155.94.138.49
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://www.jrodakake.xpkzqpcwif.top/one.php

Requested by

Host: urlz.fr
URL: https://urlz.fr/ncPV

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

155.94.138.49 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),

Reverse DNS

155.94.138.49.static.quadranet.com

Software

nginx /

Resource Hash

a8988a04ec995488af6d03356fcab0bc3d5c14296a3bd62513dd7b5a59bc0ad8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://urlz.fr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 13 Aug 2023 15:11:56 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: text/html;charset=utf-8
date: Sun, 13 Aug 2023 15:11:55 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: ./one.php
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000

GET
H2 200 rocket-loader.min.js Show response
urlz.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 92ms
90ms Script
application/javascript 2606:4700:3038::6815:ead6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://urlz.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: urlz.fr
URL: https://urlz.fr/ncPV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3038::6815:ead6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://urlz.fr/ncPV
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 15:11:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 07 Aug 2023 18:20:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64d135f1-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5FoPbaofoY3Fc9omvw81o%2BU08dF15jrGELU66z0C12s2%2BUs%2FhpfufcXmzTb4ibZ7f6klqCn8yN6ZvDkxNPcpmgoWlmFznYPVZqArlhIEhXZhOf83L6%2Bpk3X6ZwUh8KgWJSzPlZKc"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 7f61e4a809666324-ORD
expires: Tue, 15 Aug 2023 15:11:53 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 179 KB
65 KB 161ms
61ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-162669458-1

Requested by

Host: urlz.fr
URL: https://urlz.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f252234692e20fc59f19c15d98dfe7dca13a04437e8c1edbabf9f023118518f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://urlz.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 15:11:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 66517
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 13 Aug 2023 15:11:53 GMT

GET
H2 200 requestform.js Show response
ads.themoneytizer.com/s/ 3 KB
1 KB 1585ms
1140ms Script
text/html 2a02:6ea0:c400::12
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=6
Requested by: Host: urlz.fr
URL: https://urlz.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::12 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 5d2faa51bcb0191ca5517403a2503f22ab76fedfb72f97ba13b3dfd8a5e443b2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://urlz.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-77-nzt: AVm7sQ9hfgf/1jsDAA
x-accel-expires: @1692332389
date: Sun, 13 Aug 2023 15:11:55 GMT
x-77-pop: newyorkUSNY
content-encoding: gzip
server: CDN77-Turbo
x-77-nzt-ray: 49be1408759e130bbbf2d864b4b6e20f
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
x-77-cache: HIT
cache-control: max-age=604800
x-age: 211926
x-accel-date: 1691727589

GET
H2 200 gen.js Show response
ads.themoneytizer.com/s/ 4 KB
3 KB 1587ms
1142ms Script
text/html 2a02:6ea0:c400::12
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/gen.js?type=6
Requested by: Host: urlz.fr
URL: https://urlz.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::12 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 9d6941be30ffc5f9a8b0d95dd5dd823e408519818d8df064d24bada85593dba2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://urlz.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-77-nzt: AVm7sQ++4rL/F0ADAA
x-accel-expires: @1692331300
date: Sun, 13 Aug 2023 15:11:55 GMT
x-77-pop: newyorkUSNY
content-encoding: gzip
server: CDN77-Turbo
x-77-nzt-ray: 49be1408759e130bbbf2d8643698ec0f
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
x-77-cache: HIT
cache-control: max-age=604800
x-age: 213015
x-accel-date: 1691726500

GET
H2 200 requestform.js Show response
ads.themoneytizer.com/s/ 3 KB
1 KB 1587ms
1143ms Script
text/html 2a02:6ea0:c400::12
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Requested by: Host: urlz.fr
URL: https://urlz.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::12 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 9ad0bc30b41dd6ad00fe80dec7dd49ebe4518cb3902da37343eb972652d63727

Request headers

accept-language: en-US,en;q=0.9
Referer: https://urlz.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-77-nzt: AVm7sQ/FNEb/1jsDAA
x-accel-expires: @1692332389
date: Sun, 13 Aug 2023 15:11:55 GMT
x-77-pop: newyorkUSNY
content-encoding: gzip
server: CDN77-Turbo
x-77-nzt-ray: 49be1408759e130bbbf2d864b53ff10f
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
x-77-cache: HIT
cache-control: max-age=604800
x-age: 211926
x-accel-date: 1691727589

GET
H2 200 gen.js Show response
ads.themoneytizer.com/s/ 4 KB
3 KB 1600ms
1156ms Script
text/html 2a02:6ea0:c400::12
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/gen.js?type=28
Requested by: Host: urlz.fr
URL: https://urlz.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::12 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 9d6941be30ffc5f9a8b0d95dd5dd823e408519818d8df064d24bada85593dba2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://urlz.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-77-nzt: AVm7sQ8BkLj/FkADAA
x-accel-expires: @1692331301
date: Sun, 13 Aug 2023 15:11:55 GMT
x-77-pop: newyorkUSNY
content-encoding: gzip
server: CDN77-Turbo
x-77-nzt-ray: 49be1408759e130bbbf2d8640a00f50f
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
x-77-cache: HIT
cache-control: max-age=604800
x-age: 213014
x-accel-date: 1691726501

GET
H2 200 requestform.js Show response
ads.themoneytizer.com/s/ 3 KB
1 KB 1601ms
1157ms Script
text/html 2a02:6ea0:c400::12
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1
Requested by: Host: urlz.fr
URL: https://urlz.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::12 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: f6563ac04ade0d9f3a00521865e0be2931c810eece342b69746a85ac68624536

Request headers

accept-language: en-US,en;q=0.9
Referer: https://urlz.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-77-nzt: AVm7sQ/9IVL/1jsDAA
x-accel-expires: @1692332389
date: Sun, 13 Aug 2023 15:11:55 GMT
x-77-pop: newyorkUSNY
content-encoding: gzip
server: CDN77-Turbo
x-77-nzt-ray: 49be1408759e130bbbf2d8648169f90f
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
x-77-cache: HIT
cache-control: max-age=604800
x-age: 211926
x-accel-date: 1691727589

GET
H2 200 gen.js Show response
ads.themoneytizer.com/s/ 4 KB
3 KB 1601ms
1158ms Script
text/html 2a02:6ea0:c400::12
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/gen.js?type=1
Requested by: Host: urlz.fr
URL: https://urlz.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::12 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 9d6941be30ffc5f9a8b0d95dd5dd823e408519818d8df064d24bada85593dba2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://urlz.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-77-nzt: AVm7sQ+CDlr/GEADAA
x-accel-expires: @1692331299
date: Sun, 13 Aug 2023 15:11:55 GMT
x-77-pop: newyorkUSNY
content-encoding: gzip
server: CDN77-Turbo
x-77-nzt-ray: 49be1408759e130bbbf2d864ea15fd0f
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
x-77-cache: HIT
cache-control: max-age=604800
x-age: 213016
x-accel-date: 1691726499

GET
H2 200 common.css
www.jrodakake.xpkzqpcwif.top/style/css/ Frame 7AB2 120 KB
18 KB 400ms
399ms Stylesheet
text/css 155.94.138.49
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://www.jrodakake.xpkzqpcwif.top/style/css/common.css

Requested by

Host: www.jrodakake.xpkzqpcwif.top
URL: https://www.jrodakake.xpkzqpcwif.top/one.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

155.94.138.49 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),

Reverse DNS

155.94.138.49.static.quadranet.com

Software

nginx /

Resource Hash

c3c06cab11490cda8fa71c1fb7b633367a8065180a6fab532500f647bf248e29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jrodakake.xpkzqpcwif.top/one.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 15:11:56 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Wed, 02 Mar 2022 16:03:50 GMT
server: nginx
etag: W/"621f9566-1e065"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Mon, 14 Aug 2023 03:11:56 GMT

GET
H2 200 module.css
www.jrodakake.xpkzqpcwif.top/style/css/ Frame 7AB2 74 KB
13 KB 401ms
399ms Stylesheet
text/css 155.94.138.49
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://www.jrodakake.xpkzqpcwif.top/style/css/module.css

Requested by

Host: www.jrodakake.xpkzqpcwif.top
URL: https://www.jrodakake.xpkzqpcwif.top/one.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

155.94.138.49 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),

Reverse DNS

155.94.138.49.static.quadranet.com

Software

nginx /

Resource Hash

f32ac72b33743b0a8fcf63463ab1859bc72d25ebe3c02e8249c10420b8ed2a06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jrodakake.xpkzqpcwif.top/one.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 15:11:56 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Wed, 02 Mar 2022 16:03:50 GMT
server: nginx
etag: W/"621f9566-12779"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Mon, 14 Aug 2023 03:11:56 GMT

GET
H2 200 member.css
www.jrodakake.xpkzqpcwif.top/style/css/ Frame 7AB2 20 KB
4 KB 402ms
400ms Stylesheet
text/css 155.94.138.49
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://www.jrodakake.xpkzqpcwif.top/style/css/member.css

Requested by

Host: www.jrodakake.xpkzqpcwif.top
URL: https://www.jrodakake.xpkzqpcwif.top/one.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

155.94.138.49 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),

Reverse DNS

155.94.138.49.static.quadranet.com

Software

nginx /

Resource Hash

8e4d01ee0450f9f5e21ea7178dd0aad676fcebf6808a1a550fddc686fba02542

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jrodakake.xpkzqpcwif.top/one.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 15:11:56 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Wed, 02 Mar 2022 16:03:50 GMT
server: nginx
etag: W/"621f9566-4fe7"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Mon, 14 Aug 2023 03:11:56 GMT

GET
H2 200 style.css
www.jrodakake.xpkzqpcwif.top/style/css/ Frame 7AB2 39 KB
8 KB 477ms
476ms Stylesheet
text/css 155.94.138.49
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://www.jrodakake.xpkzqpcwif.top/style/css/style.css

Requested by

Host: www.jrodakake.xpkzqpcwif.top
URL: https://www.jrodakake.xpkzqpcwif.top/one.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

155.94.138.49 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),

Reverse DNS

155.94.138.49.static.quadranet.com

Software

nginx /

Resource Hash

c6c23411a9fa7eb2bc546e6269c8243b2efc179dbe9dcedafc141d03057375ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jrodakake.xpkzqpcwif.top/one.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 15:11:56 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Wed, 02 Mar 2022 16:03:50 GMT
server: nginx
etag: W/"621f9566-9a27"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Mon, 14 Aug 2023 03:11:56 GMT

GET
H2 200 top_searchparts.css
www.jrodakake.xpkzqpcwif.top/style/css/ Frame 7AB2 119 KB
16 KB 479ms
478ms Stylesheet
text/css 155.94.138.49
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://www.jrodakake.xpkzqpcwif.top/style/css/top_searchparts.css

Requested by

Host: www.jrodakake.xpkzqpcwif.top
URL: https://www.jrodakake.xpkzqpcwif.top/one.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

155.94.138.49 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),

Reverse DNS

155.94.138.49.static.quadranet.com

Software

nginx /

Resource Hash

6b6805e990d1063ebbf30e49162bf04f8ec247ffa96e1872e4b0d8d3f7e3a02f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jrodakake.xpkzqpcwif.top/one.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 15:11:56 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Wed, 02 Mar 2022 16:03:50 GMT
server: nginx
etag: W/"621f9566-1db4d"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Mon, 14 Aug 2023 03:11:56 GMT

GET
H2 200 load_font.css
www.jrodakake.xpkzqpcwif.top/style/css/ Frame 7AB2 786 B
989 B 480ms
479ms Stylesheet
text/css 155.94.138.49
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://www.jrodakake.xpkzqpcwif.top/style/css/load_font.css

Requested by

Host: www.jrodakake.xpkzqpcwif.top
URL: https://www.jrodakake.xpkzqpcwif.top/one.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

155.94.138.49 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),

Reverse DNS

155.94.138.49.static.quadranet.com

Software

nginx /

Resource Hash

bdd84e5ef5aa059a934dc05de1d463e3d1d875727859f301a940426c16e805d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jrodakake.xpkzqpcwif.top/one.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 15:11:56 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 02 Mar 2022 16:03:50 GMT
server: nginx
etag: "621f9566-312"
content-type: text/css
cache-control: max-age=43200
accept-ranges: bytes
content-length: 786
expires: Mon, 14 Aug 2023 03:11:56 GMT

GET
H2 200 logo_ekinet.png
www.jrodakake.xpkzqpcwif.top/style/img/ Frame 7AB2 7 KB
8 KB 480ms
478ms Image
image/png 155.94.138.49
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.jrodakake.xpkzqpcwif.top/style/img/logo_ekinet.png

Requested by

Host: www.jrodakake.xpkzqpcwif.top
URL: https://www.jrodakake.xpkzqpcwif.top/one.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

155.94.138.49 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),

Reverse DNS

155.94.138.49.static.quadranet.com

Software

nginx /

Resource Hash

3f7c549cfacde11c4129c09b1908d106126d823682cc758f70fc046638d7746b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jrodakake.xpkzqpcwif.top/one.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 15:11:56 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 02 Mar 2022 16:03:50 GMT
server: nginx
etag: "621f9566-1d38"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 7480
expires: Tue, 12 Sep 2023 15:11:56 GMT

GET
H2 200 logo_jreast.png
www.jrodakake.xpkzqpcwif.top/style/img/ Frame 7AB2 3 KB
3 KB 480ms
479ms Image
image/png 155.94.138.49
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.jrodakake.xpkzqpcwif.top/style/img/logo_jreast.png

Requested by

Host: www.jrodakake.xpkzqpcwif.top
URL: https://www.jrodakake.xpkzqpcwif.top/one.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

155.94.138.49 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),

Reverse DNS

155.94.138.49.static.quadranet.com

Software

nginx /

Resource Hash

ba4924716ed0580ae30f974eebb97421a2c10c1e2cf61e8ad60fcd39d8fbca30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jrodakake.xpkzqpcwif.top/one.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 15:11:56 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 02 Mar 2022 16:03:50 GMT
server: nginx
etag: "621f9566-b5d"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 2909
expires: Tue, 12 Sep 2023 15:11:56 GMT

GET
H2 200 icon_input_ok.png
www.jrodakake.xpkzqpcwif.top/style/img/ Frame 7AB2 3 KB
3 KB 480ms
479ms Image
image/png 155.94.138.49
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.jrodakake.xpkzqpcwif.top/style/img/icon_input_ok.png

Requested by

Host: www.jrodakake.xpkzqpcwif.top
URL: https://www.jrodakake.xpkzqpcwif.top/one.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

155.94.138.49 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),

Reverse DNS

155.94.138.49.static.quadranet.com

Software

nginx /

Resource Hash

d4d96a513c50320d375f5cb8c1c4f52d6ba868b6ffafec5f451deb8dc9ef05f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jrodakake.xpkzqpcwif.top/one.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 15:11:56 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 02 Mar 2022 16:03:52 GMT
server: nginx
etag: "621f9568-c9d"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 3229
expires: Tue, 12 Sep 2023 15:11:56 GMT

GET
H2 200 icon_linkblank.png
www.jrodakake.xpkzqpcwif.top/style/img/ Frame 7AB2 166 B
371 B 480ms
479ms Image
image/png 155.94.138.49
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.jrodakake.xpkzqpcwif.top/style/img/icon_linkblank.png

Requested by

Host: www.jrodakake.xpkzqpcwif.top
URL: https://www.jrodakake.xpkzqpcwif.top/one.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

155.94.138.49 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),

Reverse DNS

155.94.138.49.static.quadranet.com

Software

nginx /

Resource Hash

e918e110b6e7e8c5ada678baab1d10bcf4f24d149943804b0b31363ccd976b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jrodakake.xpkzqpcwif.top/one.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 15:11:56 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 02 Mar 2022 16:03:52 GMT
server: nginx
etag: "621f9568-a6"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 166
expires: Tue, 12 Sep 2023 15:11:56 GMT

GET
H2 200 icon_linkblank-1.png
www.jrodakake.xpkzqpcwif.top/style/img/ Frame 7AB2 166 B
371 B 480ms
480ms Image
image/png 155.94.138.49
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.jrodakake.xpkzqpcwif.top/style/img/icon_linkblank-1.png

Requested by

Host: www.jrodakake.xpkzqpcwif.top
URL: https://www.jrodakake.xpkzqpcwif.top/one.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

155.94.138.49 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),

Reverse DNS

155.94.138.49.static.quadranet.com

Software

nginx /

Resource Hash

e918e110b6e7e8c5ada678baab1d10bcf4f24d149943804b0b31363ccd976b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jrodakake.xpkzqpcwif.top/one.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 15:11:56 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 02 Mar 2022 16:03:52 GMT
server: nginx
etag: "621f9568-a6"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 166
expires: Tue, 12 Sep 2023 15:11:56 GMT

GET
H2 200 index_1.html Show response
www.jrodakake.xpkzqpcwif.top/style/xml/ Frame B70C 437 B
590 B 476ms
475ms Document
text/html 155.94.138.49
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://www.jrodakake.xpkzqpcwif.top/style/xml/index_1.html

Requested by

Host: www.jrodakake.xpkzqpcwif.top
URL: https://www.jrodakake.xpkzqpcwif.top/one.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

155.94.138.49 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),

Reverse DNS

155.94.138.49.static.quadranet.com

Software

nginx /

Resource Hash

24d8df0f367eb762e82f042c908a31e297b24f58152828ecd9e663fb29b0fa47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.jrodakake.xpkzqpcwif.top/one.php
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
content-length: 437
content-type: text/html
date: Sun, 13 Aug 2023 15:11:56 GMT
etag: "621f9568-1b5"
last-modified: Wed, 02 Mar 2022 16:03:52 GMT
server: nginx
strict-transport-security: max-age=31536000

GET
H2 200 choice.js Show response
cmp.quantcast.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/ 3 KB
2 KB 193ms
46ms Script
application/javascript 2600:9000:2305:9000:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js
Requested by: Host: urlz.fr
URL: https://urlz.fr/ncPV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2305:9000:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 46e88e046c7b0280977db49b01afb130893a58e4be04ecbbdf641b71c479076c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://urlz.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 15:11:38 GMT
content-encoding: br
via: 1.1 8aaf07807b640d113c47df1d50eca064.cloudfront.net (CloudFront)
last-modified: Thu, 10 Aug 2023 23:42:39 GMT
server: AmazonS3
x-amz-cf-pop: IAD89-P2
age: 19
x-amz-server-side-encryption: AES256
etag: W/"01b6c6a58ccc382e297b2a5b1aecdf2b"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
cross-origin-resource-policy: cross-origin
x-amz-cf-id: PSGDQZpAGaxVFQ624d8kWHwdfaty2YoEz1c_cVaAjFxzAG_c9ep4qw==

GET
H/1.1 200
OK / Show response
c.tmyzer.com/c/ 0
281 B 417ms
149ms XHR
text/html 54.38.64.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tmyzer.com/c/?s=15056&f=1&fi=99
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://urlz.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 15:11:57 GMT
server: nginx
x-iplb-request-id: A75807A3:DC4E_36264064:01BB_64D8F2BD_5206065:1580B
x-iplb-instance: 38438
transfer-encoding: chunked
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
geo: rbx

GET
H2 200 requestform3.js Show response
ads.themoneytizer.com/s/ 107 KB
17 KB 68ms
67ms Script
text/html 2a02:6ea0:c400::12
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/requestform3.js?siteId=15056&formatId=1
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::12 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 1b3779937ef663c0ae9e8aefad3e853115d01af64df5fba316dbe8ce4552b52e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://urlz.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-77-nzt: AVm7sQ8/yTr/AjIDAA
x-accel-expires: @1692334906
date: Sun, 13 Aug 2023 15:11:56 GMT
x-77-pop: newyorkUSNY
content-encoding: gzip
server: CDN77-Turbo
x-77-nzt-ray: 49be1408759e130bbcf2d864af39f131
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
x-77-cache: HIT
cache-control: max-age=604800
x-age: 209410
x-accel-date: 1691730106

GET
H/1.1 200
OK / Show response
c.tmyzer.com/c/ 0
281 B 389ms
122ms XHR
text/html 54.38.64.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tmyzer.com/c/?s=15056&f=28&fi=99
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://urlz.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 15:11:57 GMT
server: nginx
x-iplb-request-id: A75807A3:DC52_36264064:01BB_64D8F2BD_520AEE9:24647
x-iplb-instance: 41595
transfer-encoding: chunked
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
geo: rbx

GET
H2 200 requestform3.js Show response
ads.themoneytizer.com/s/ 106 KB
17 KB 95ms
95ms Script
text/html 2a02:6ea0:c400::12
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/requestform3.js?siteId=15056&formatId=28
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::12 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 6a235134240f74c0188e2537f077b8b9c6884cade82ff5bd83cc887f4e007401

Request headers

accept-language: en-US,en;q=0.9
Referer: https://urlz.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-77-nzt: AVm7sQ+N4Ez/AjIDAA
x-accel-expires: @1692334906
date: Sun, 13 Aug 2023 15:11:56 GMT
x-77-pop: newyorkUSNY
content-encoding: gzip
server: CDN77-Turbo
x-77-nzt-ray: 49be1408759e130bbcf2d86441e00832
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
x-77-cache: HIT
cache-control: max-age=604800
x-age: 209410
x-accel-date: 1691730106

GET
H/1.1 200
OK / Show response
c.tmyzer.com/c/ 0
281 B 461ms
162ms XHR
text/html 54.38.64.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tmyzer.com/c/?s=15056&f=6&fi=99
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=6
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://urlz.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 15:11:57 GMT
server: nginx
x-iplb-request-id: A75807A3:DC50_36264064:01BB_64D8F2BD_51FFD58:2F897
x-iplb-instance: 38437
transfer-encoding: chunked
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
geo: rbx

GET
H2 200 requestform3.js Show response
ads.themoneytizer.com/s/ 106 KB
17 KB 116ms
116ms Script
text/html 2a02:6ea0:c400::12
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/requestform3.js?siteId=15056&formatId=6
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::12 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 014edf76c87a8bc4405649863eef93661f1170047e9e4251e2943a5c39830052

Request headers

accept-language: en-US,en;q=0.9
Referer: https://urlz.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-77-nzt: AVm7sQ/GOLb/AjIDAA
x-accel-expires: @1692334906
date: Sun, 13 Aug 2023 15:11:56 GMT
x-77-pop: newyorkUSNY
content-encoding: gzip
server: CDN77-Turbo
x-77-nzt-ray: 49be1408759e130bbcf2d864b9242a32
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
x-77-cache: HIT
cache-control: max-age=604800
x-age: 209410
x-accel-date: 1691730106

GET
H2

200

one.php Show response
www.jrodakake.xpkzqpcwif.top/ Frame 057C
Redirect Chain

https://www.jrodakake.xpkzqpcwif.top/
https://www.jrodakake.xpkzqpcwif.top/one.php

20 KB
5 KB

567ms
566ms

Document
text/html

155.94.138.49
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://www.jrodakake.xpkzqpcwif.top/one.php

Requested by

Host: urlz.fr
URL: https://urlz.fr/ncPV

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

155.94.138.49 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),

Reverse DNS

155.94.138.49.static.quadranet.com

Software

nginx /

Resource Hash

a8988a04ec995488af6d03356fcab0bc3d5c14296a3bd62513dd7b5a59bc0ad8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://urlz.fr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 13 Aug 2023 15:11:57 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: text/html;charset=utf-8
date: Sun, 13 Aug 2023 15:11:57 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: ./one.php
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 218 KB
77 KB 80ms
79ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-YETLCG4WNK&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-162669458-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2f0a5a712904a1cd2cedad5ffba9e7fd1e93109313ca1ed0858cb33bed91e0ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://urlz.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 15:11:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78671
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 13 Aug 2023 15:11:56 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 143ms
42ms Script
text/javascript 2607:f8b0:4006:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-162669458-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::200e Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://urlz.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 13 Aug 2023 14:27:56 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 2640
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 13 Aug 2023 16:27:56 GMT

GET
H/1.1 200
OK smart.js Show response
ced.sascdn.com/tag/1097/ 110 KB
37 KB 230ms
46ms Script
application/javascript 104.117.182.17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ced.sascdn.com/tag/1097/smart.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform3.js?siteId=15056&formatId=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.117.182.17 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-117-182-17.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c0df6138992189efffefdbe9173df743253fecb3f07ffeae59a5296597680667

Request headers

accept-language: en-US,en;q=0.9
Referer: https://urlz.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 13 Aug 2023 15:11:57 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=7200
Connection: keep-alive
Content-Length: 37188
Expires: Sun, 13 Aug 2023 17:11:57 GMT

GET
H2 200 sync Show response
gum.criteo.com/ 49 B
291 B 175ms
70ms Script
text/javascript 2620:100:a001::c
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform3.js?siteId=15056&formatId=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://urlz.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 15:11:56 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 208270
expires: 60

GET
H2 200 mapper.js Show response
spl.zeotap.com/ 61 KB
20 KB 126ms
44ms Script
application/javascript 2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spl.zeotap.com/mapper.js?env=mWeb&eventType=pageview&zdid=1258

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform3.js?siteId=15056&formatId=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

69cd3575e99cc3ae3b5f8b94ec35620146c342126204aadf1586c5deabac1fad

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://urlz.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 15:11:57 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=2592000; includeSubDomains; preload
age: 16366
cf-polished: origSize=62056
cf-bgj: minify
server: cloudflare
vary: Origin, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://www.collegiat.net
cache-control: public, max-age=21600
access-control-allow-credentials: true
cf-ray: 7f61e4bd3d6ae124-ORD
access-control-allow-headers: *
expires: Sun, 13 Aug 2023 16:39:11 GMT

GET
H/1.1 200
OK libJsLP.js Show response
tag.leadplace.fr/ 5 KB
6 KB 760ms
134ms Script
application/javascript 145.239.192.166
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.leadplace.fr/libJsLP.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform3.js?siteId=15056&formatId=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 145.239.192.166 Valence, France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 80fccb00db57a177d26368cda09f8a540cf1aa641b8b6837047e86d3bd8d6333

Request headers

accept-language: en-US,en;q=0.9
Referer: https://urlz.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 13 Aug 2023 15:11:57 GMT
Last-Modified: Thu, 14 Oct 2021 07:27:52 GMT
Server: nginx/1.20.1
X-IPLB-Request-ID: A75807A3:8AD6_91EFC0A6:01BB_64D8F2BD_29E0A643:1A291
ETag: "6167dbf8-15ab"
X-IPLB-Instance: 30196
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 5547

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame AF74 4 KB
2 KB 169ms
68ms Document
text/html 51.222.39.184
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1691939516897

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform3.js?siteId=15056&formatId=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.222.39.184 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip184.ip-51-222-39.net

Software

Resource Hash

5fe45a5294d176649ee3ed20e1d775c3c3195dfbf1f46f9eb743d4f52819e691

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://urlz.fr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 1489
content-type: text/html
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security: max-age=15552000

GET
H2 200 quant.js Show response
secure.quantserve.com/ 22 KB
9 KB 174ms
55ms Script
application/javascript 2620:116:800b:21:c1e8:5385:5098:6bf0
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform3.js?siteId=15056&formatId=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800b:21:c1e8:5385:5098:6bf0 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://urlz.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 15:11:57 GMT
content-encoding: gzip
etag: "sLp6xTjO7svFVaOemhLWUQ=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Sun, 20 Aug 2023 15:11:57 GMT

GET
H2 200 px.js Show response
p.cpx.to/p/12773/ 4 KB
2 KB 466ms
147ms Script
application/javascript 54.229.255.191
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.cpx.to/p/12773/px.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform3.js?siteId=15056&formatId=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.229.255.191 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-255-191.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: fb97da93c75a648f12e8517fb7cf5f6624b5181f375f0ae610018b99b0afb3c1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://urlz.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 15:11:57 GMT
content-encoding: gzip
cache-control: max-age=2419200, public
content-type: application/javascript; charset=UTF-8

GET
H/1.1 200
OK notifyme.js Show response
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/ 25 KB
26 KB 172ms
58ms Script
text/javascript 54.192.100.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform3.js?siteId=15056&formatId=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.100.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-100-71.ewr53.r.cloudfront.net
Software: Apache /
Resource Hash: b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213

Request headers

accept-language: en-US,en;q=0.9
Referer: https://urlz.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 13 Aug 2023 12:13:08 GMT
Via: 1.1 8c40cd64e3a9ae0289558e97b8b3ef08.cloudfront.net (CloudFront)
Last-Modified: Mon, 18 Feb 2019 16:54:28 GMT
Server: Apache
X-Amz-Cf-Pop: EWR53-C3
Age: 10729
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 25704
X-Amz-Cf-Id: 37TPD90gqWOlDo1NUvtADxmK73zq-L9KKZ4l_hu97vvGnO9DdZgOFw==

GET
H2 200 prebid.js Show response
ads.themoneytizer.com/moneybid8_6/build/dist/ 554 KB
180 KB 60ms
59ms Script
application/javascript 2a02:6ea0:c400::12
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneybid8_6/build/dist/prebid.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform3.js?siteId=15056&formatId=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::12 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: a61e7d1e8802479df737a19888beab540ba1985cb8ae548472bfc5c68057d495

Request headers

accept-language: en-US,en;q=0.9
Referer: https://urlz.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-77-pop: newyorkUSNY
date: Sun, 13 Aug 2023 15:11:56 GMT
content-encoding: gzip
x-cache: HIT
x-77-cache: HIT
x-age: 40211
x-accel-date: 1691899305
x-77-nzt: AVm7sQ9kUuP/E50AAA
pragma: public
x-accel-expires: @1691985705
last-modified: Wed, 02 Aug 2023 20:11:46 GMT
server: CDN77-Turbo
x-77-nzt-ray: 49be1408759e130bbcf2d86481b0fc36
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400, public, no-transform
expires: Sat, 12 Aug 2023 04:01:42 GMT

GET
H2 200 lib_fs_close.js Show response
ads.themoneytizer.com/ 667 B
798 B 65ms
64ms Script
application/javascript 2a02:6ea0:c400::12
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/lib_fs_close.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform3.js?siteId=15056&formatId=6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::12 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: e5014bac0fa3e49a6eab8b146d9d57d5ef82b624aa3593900ce1cac72cb97882

Request headers

accept-language: en-US,en;q=0.9
Referer: https://urlz.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-77-pop: newyorkUSNY
date: Sun, 13 Aug 2023 15:11:56 GMT
content-encoding: gzip
x-cache: HIT
x-77-cache: HIT
x-age: 40203
x-accel-date: 1691899313
x-77-nzt: AVm7sQ9t+mj/C50AAA
pragma: public
x-accel-expires: @1691985713
last-modified: Thu, 19 Jan 2023 15:05:03 GMT
server: CDN77-Turbo
x-77-nzt-ray: 49be1408759e130bbcf2d864438fb839
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400, public, no-transform
expires: Sat, 12 Aug 2023 04:01:43 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
166 B 61ms
60ms Ping
text/plain 2607:f8b0:4006:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-YETLCG4WNK&gtm=45je3890&_p=1681774792&cid=1362931011.1691939517&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAI&_s=1&sid=1691939517&sct=1&seg=0&dl=https%3A%2F%2Furlz.fr%2FncPV&dt=%E3%81%88%E3%81%8D%E3%81%AD%E3%81%A3%E3%81%A8%EF%BC%88JR%E6%9D%B1%E6%97%A5%E6%9C%AC%EF%BC%89%EF%BD%9C%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YETLCG4WNK&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:80c::200e Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://urlz.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Aug 2023 15:11:57 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://urlz.fr
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cmp2.js Show response
cmp.quantcast.com/tcfv2/ 178 KB
43 KB 55ms
53ms Script
text/javascript 2600:9000:2305:9000:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/tcfv2/cmp2.js?referer=www.themoneytizer.com
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2305:9000:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 253dbb7cdf8b323dd7701b955a3557228e07163d34c34a09844928005b2107dd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://urlz.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 14:50:39 GMT
content-encoding: br
via: 1.1 8aaf07807b640d113c47df1d50eca064.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-P2
age: 1279
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
last-modified: Wed, 19 Jul 2023 15:20:42 GMT
server: AmazonS3
etag: W/"44b9dae010477f4d1d41d5d25cbbc7af"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=3600
vary: Accept-Encoding
x-amz-cf-id: 1eQxHw5e3L-oU30m5l-1itBXOmkwWVxI0bvCuj1EZ9TdrVkbP56Gbw==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
91 B 59ms
59ms XHR
text/plain 2607:f8b0:4006:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1681774792&t=pageview&_s=1&dl=https%3A%2F%2Furlz.fr%2FncPV&ul=en-us&de=UTF-8&dt=%E3%81%88%E3%81%8D%E3%81%AD%E3%81%A3%E3%81%A8%EF%BC%88JR%E6%9D%B1%E6%97%A5%E6%9C%AC%EF%BC%89%EF%BD%9C%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=268842106&gjid=2007990876&cid=1362931011.1691939517&tid=UA-162669458-1&_gid=1195506758.1691939517&_r=1&gtm=457e3890&jsscut=1&z=138050356

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::200e Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://urlz.fr/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 13 Aug 2023 15:11:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://urlz.fr
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
onetag-sys.com/match/ Frame AF74
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
https://onetag-sys.com/match/?int_id=1&uid=41a564d8-f2bd-4c00-a401-0f077cb00cea&gdpr=1&gdpr_consent=

0
291 B

48ms
47ms

Image
text/plain

51.222.39.184
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=1&uid=41a564d8-f2bd-4c00-a401-0f077cb00cea&gdpr=1&gdpr_consent=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1691939516897

Protocol

Server

51.222.39.184 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip184.ip-51-222-39.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date: Sun, 13 Aug 2023 15:11:57 GMT
Server: MT3 1031 59fd23a master iad iad-pixel-x22 config_version:"1969"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://onetag-sys.com/match/?int_id=1&uid=41a564d8-f2bd-4c00-a401-0f077cb00cea&gdpr=1&gdpr_consent=
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 13 Aug 2023 15:11:56 GMT

GET
H/1.1 204
No Content sync.php
pixel-eu.rubiconproject.com/exchange/ Frame AF74 0
239 B 479ms
116ms Image
image/gif 213.19.162.90
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1691939516897
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 213.19.162.90 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 7c5d24517ee193cc868994bc18883d1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

/
onetag-sys.com/match/ Frame AF74
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fonetag-sys.com%252Fmatch%252F%253Fint_id%253D98%2526gdpr%253D1%2526gdpr_consent%253D%2526uid%253D%24UID
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=1976874031801194826

0
291 B

47ms
45ms

Image
text/plain

51.222.39.184
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=1976874031801194826

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1691939516897

Protocol

Server

51.222.39.184 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip184.ip-51-222-39.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Sun, 13 Aug 2023 15:11:57 GMT
an-x-request-uuid: 07116472-8212-4636-abd4-2636334b5bac
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=1976874031801194826
x-proxy-origin: 167.88.7.163; 167.88.7.163; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame AF74 42 B
774 B 187ms
45ms Image
image/gif 69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=q69fFF_kmEwsVRLlYUjomm8HzuhvKGGySbkEYGdZ-zg
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1691939516897
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: e1bddfc34a927e97bda010c0d8a62b62
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame AF74
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABie90MxwX4RfidBLhE7ej11Rd7F5Kexawfg
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABie90MxwX4RfidBLhE7ej11Rd7F5Kexawfg&google_tc=

170 B
243 B

69ms
69ms

Image
image/png

142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABie90MxwX4RfidBLhE7ej11Rd7F5Kexawfg&google_tc=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1691939516897

Protocol

Server

142.251.35.162 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Aug 2023 15:11:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 13 Aug 2023 15:11:57 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABie90MxwX4RfidBLhE7ej11Rd7F5Kexawfg&google_tc=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 318
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sync
ssbsync-global.smartadserver.com/api/ Frame AF74 0
45 B 382ms
49ms Image
text/plain 23.105.12.171
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1691939516897
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.105.12.171 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 15:11:56 GMT
content-length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame AF74
Redirect Chain

https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=q69fFF_kmEwsVRLlYUjomm8HzuhvKGGySbkEYGdZ-zg

43 B
479 B

222ms
50ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=q69fFF_kmEwsVRLlYUjomm8HzuhvKGGySbkEYGdZ-zg

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1691939516897

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 13 Aug 2023 15:11:57 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 4FN3Z28CRRGBKPRS1YKG
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=q69fFF_kmEwsVRLlYUjomm8HzuhvKGGySbkEYGdZ-zg
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2 200 ImgSync
image8.pubmatic.com/AdServer/ Frame AF74 0
42 B 181ms
53ms Image
text/plain 162.248.18.32
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1691939516897
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.248.18.32 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 15:11:56 GMT
content-length: 0

GET
H2

200

/
onetag-sys.com/match/ Frame AF74
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm=&google_tc=
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEEJCGdaXxprh03aNmh_6y90&google_cver=1

0
291 B

46ms
46ms

Image
text/plain

51.222.39.184
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=106&google_gid=CAESEEJCGdaXxprh03aNmh_6y90&google_cver=1

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1691939516897

Protocol

Server

51.222.39.184 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip184.ip-51-222-39.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Sun, 13 Aug 2023 15:11:57 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=106&google_gid=CAESEEJCGdaXxprh03aNmh_6y90&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 298
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
onetag-sys.com/match/ Frame AF74
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=562985&ev=1&us_privacy=&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D149%26gdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%24%7BGDPR_STRING%7D%26uid%3D%25%2...
https://onetag-sys.com/match/?int_id=149&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=kN1ac0XCrBNf&ev=1&us_privacy=&pid=562985

0
291 B

49ms
49ms

Image
text/plain

51.222.39.184
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=149&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=kN1ac0XCrBNf&ev=1&us_privacy=&pid=562985

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1691939516897

Protocol

Server

51.222.39.184 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip184.ip-51-222-39.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

strict-transport-security: max-age=15768000
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server: Jetty(10.0.14)
content-language: en-US
location: https://onetag-sys.com/match/?int_id=149&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=kN1ac0XCrBNf&ev=1&us_privacy=&pid=562985
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-6f79b8d6bf-6bn79
expires: -1

GET
H2

200

/
onetag-sys.com/match/ Frame AF74
Redirect Chain

https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
https://prebid-match.dotomi.com/match/bounce/current?DotomiTest=6733fe87651020e3&is_secure=true&version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdp...
https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAAMAuYwlyztsANZBHcHAAAAAAA&expiration=1692025917

0
291 B

48ms
46ms

Image
text/plain

51.222.39.184
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAAMAuYwlyztsANZBHcHAAAAAAA&expiration=1692025917

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1691939516897

Protocol

Server

51.222.39.184 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip184.ip-51-222-39.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Sun, 13 Aug 2023 15:11:57 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAAMAuYwlyztsANZBHcHAAAAAAA&expiration=1692025917
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H2 204 occ
ups.analytics.yahoo.com/ups/58488/ Frame AF74 0
125 B 155ms
52ms Image
text/plain 3.225.218.10
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1691939516897

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.225.218.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-225-218-10.compute-1.amazonaws.com

Software

ATS/9.1.10.75 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 15:11:57 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

/
onetag-sys.com/match/ Frame AF74
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
https://onetag-sys.com/match/?int_id=29&uid=da3ab128-f94b-43f1-82e9-f56755dda26c&gdpr=0&gdpr_consent=

0
291 B

46ms
46ms

Image
text/plain

51.222.39.184
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=29&uid=da3ab128-f94b-43f1-82e9-f56755dda26c&gdpr=0&gdpr_consent=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1691939516897

Protocol

Server

51.222.39.184 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip184.ip-51-222-39.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Sun, 13 Aug 2023 15:11:57 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://onetag-sys.com/match/?int_id=29&uid=da3ab128-f94b-43f1-82e9-f56755dda26c&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 233

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame AF74 43 B
235 B 160ms
51ms Image
image/gif 35.211.178.172
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1691939516897
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.211.178.172 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 172.178.211.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 13 Aug 2023 15:11:57 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 / Show response
spl.zeotap.com/ 298 B
617 B 135ms
134ms XHR
text/html 2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://spl.zeotap.com/?env=mWeb&eventType=pageview&zdid=1258

Requested by

Host: spl.zeotap.com
URL: https://spl.zeotap.com/mapper.js?env=mWeb&eventType=pageview&zdid=1258

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ac326567f7dfc52fa51036998578def642d6fab1a56dab6c43aee79a1fdae30

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://urlz.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 15:11:57 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: text/html
access-control-allow-origin: https://urlz.fr
access-control-allow-credentials: true
cf-ray: 7f61e4be9faee124-ORD
access-control-allow-headers: *

GET
H2 200 rules-p-6Fv0cGNfc_bw8.js Show response
rules.quantcount.com/ 1 KB
1 KB 156ms
43ms Script
application/javascript 2600:9000:21dd:2200:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21dd:2200:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1cc6de1a4f6a561a6aa75d08bae33388b2e8905d01753aa41e4886a466d7c28c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://urlz.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 14:24:58 GMT
content-encoding: gzip
via: 1.1 556ef92964692e27cf8626ac501230e4.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C2
age: 2819
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Thu, 13 Oct 2022 22:35:53 GMT
server: AmazonS3
etag: W/"1f431dc94c1f033d6666f0fe637e2d7b"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-id: 1jvCLfQziL5Yo_JfgUsOpljIYUl4O0xOOThYX-xe4hqerxg5xe8-qA==

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 124ms
42ms Preflight
application/json 2620:100:a001::c
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Furlz.fr%2F&domain=urlz.fr&cw=1&lsw=1&gdpr=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://urlz.fr
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://urlz.fr
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sun, 13 Aug 2023 15:11:56 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 510195
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Furlz.fr%2F&domain=urlz.fr&cw=1&lsw=1&gdpr=0
https://mug.criteo.com/sid?cpp=KJZQFnwxZ1RjUVZLSFFxVXJtNmhPWTVTWkltcUVsQ0VEenhGa3BYUWw3WnVyV29xZWdLU0wwa3JDRm1LWDQ5VDdpNnZlUzhrTnBxWmU0WHJoQk1GKzF0ZTlKMlJDUWd2cWVuWHRFaGhIdGp6YWtBTlJyUmxaR05SZG9neH...

340 B
630 B

143ms
46ms

XHR
application/json

74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=KJZQFnwxZ1RjUVZLSFFxVXJtNmhPWTVTWkltcUVsQ0VEenhGa3BYUWw3WnVyV29xZWdLU0wwa3JDRm1LWDQ5VDdpNnZlUzhrTnBxWmU0WHJoQk1GKzF0ZTlKMlJDUWd2cWVuWHRFaGhIdGp6YWtBTlJyUmxaR05SZG9neHluMUpGbkFPdGVkQXFaYVpEOVBzNW5GcEdmOXhvYlBqUzAwQlBpSXdhdG1NSnRMQitNR1JHajRRZXBKVmdLVUMxcnpLdmthUCtWOUZlSlhOcEZHWkZ4S1Z1MEV4ZTFuTEM5dW16dnpTdTJCSmp0SUhFSW5zPXw&cppv=2

Protocol

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

feaf918260f09310fedd12c8080b54e183ea6a81a1e44059c1c5c25c06142b64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://urlz.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Aug 2023 15:11:57 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 862636
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 13 Aug 2023 15:11:56 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-methods: GET
access-control-allow-origin: https://urlz.fr
location: https://mug.criteo.com/sid?cpp=KJZQFnwxZ1RjUVZLSFFxVXJtNmhPWTVTWkltcUVsQ0VEenhGa3BYUWw3WnVyV29xZWdLU0wwa3JDRm1LWDQ5VDdpNnZlUzhrTnBxWmU0WHJoQk1GKzF0ZTlKMlJDUWd2cWVuWHRFaGhIdGp6YWtBTlJyUmxaR05SZG9neHluMUpGbkFPdGVkQXFaYVpEOVBzNW5GcEdmOXhvYlBqUzAwQlBpSXdhdG1NSnRMQitNR1JHajRRZXBKVmdLVUMxcnpLdmthUCtWOUZlSlhOcEZHWkZ4S1Z1MEV4ZTFuTEM5dW16dnpTdTJCSmp0SUhFSW5zPXw&cppv=2
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 215004
content-length: 0
expires: 0

POST
H/1.1 200 prebid Show response
id5-sync.com/api/config/ 134 B
535 B 392ms
129ms XHR
application/json 162.19.138.119
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build/dist/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533570.ip-162-19-138.eu

Software

Resource Hash

559ffc5fa5eadd77f8bfaaeb793648763e312a17391d8e6bbb7d8d3dec2147e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://urlz.fr/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://urlz.fr
date: Sun, 13 Aug 2023 15:11:56 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H/1.1 200
OK localstore.js Show response
script.4dex.io/ 4 KB
2 KB 108ms
34ms Script
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build/dist/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19037f548c23b16f66ac2e1cede1fe5bdc253589a37bd985334ca3adedd110dc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://urlz.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 13 Aug 2023 15:11:57 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Last-Modified: Fri, 11 Aug 2023 11:58:31 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 184361
ETag: W/"7a2ddf8932b862ed5d75aa7b27e3f8c1"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RcbTPm%2B3ULw04HXPBzZNYETuFtrah6wdq1JZD29QxOBPDZVJqG6%2BnS8bxpguBHjysoWYFXpaEO1YaaNhpKbyCgDOIEBTvKuVMraUGwFau%2BWw91%2B6i6i5eXUJ71bVOcp7CcS3O82X9eXVgdAx"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1800
Connection: keep-alive
CF-RAY: 7f61e4bf8a201139-ORD

GET

match
ps.eyeota.net/
Redirect Chain

https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent=
https://id5-sync.com/c/12/0/9/1.gif?gdpr=0&gdpr_consent=&us_privacy=
https://ib.adnxs.com/getuid?https://id5-sync.com/c/12/2/8/2.gif?puid=$UID&gdpr=0&gdpr_consent=
https://id5-sync.com/c/12/2/8/2.gif?puid=1976874031801194826&gdpr=0&gdpr_consent=
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F7%2F3.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_cons...
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F7%2F3.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdp...
https://id5-sync.com/c/12/108/7/3.gif?puid=a915023b-63d9-47b5-a665-8b4fa9007abb&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
https://id5-sync.com/k/264.gif?puid=da3ab128-f94b-43f1-82e9-f56755dda26c&ttl=%%TTL%%
https://match.prod.bidr.io/cookie-sync/id5?us_privacy=
https://match.prod.bidr.io/cookie-sync/id5?us_privacy=&_bee_ppp=1
https://id5-sync.com/k/155.gif?puid=AADPCk7JseUAACiMSzHjWw&id5AccountNum=155&numCascadesAllowed=9
https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-3510_wfcf2XDtwpBd8BE-J3uQvzmfqrMfHbbP7G-3Q&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F3%2F4%2F6.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26gd...
https://id5-sync.com/c/12/3/4/6.gif?puid=41a564d8-f2bd-4c00-a401-0f077cb00cea&gdpr=0&gdpr_consent=
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&bid=1mpr7m0&r=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F123%2F3%2F7.gif%3Fpuid%3D%7BUUID%7D%26gdpr%3D0%26gdpr_consent%3D

0
0

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.0.0/ 84 KB
30 KB 150ms
46ms Script
text/javascript 2607:f8b0:4006:816::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js

Requested by

Host: d2zur9cc2gf1tx.cloudfront.net
URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::200a Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://urlz.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 03:22:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 128951
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30186
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 11 Aug 2024 03:22:46 GMT

GET
H/1.1 200
OK s Show response
kvt.sddan.com/api/v1/public/p/29567/d/50/ 507 B
648 B 406ms
144ms XHR
application/json 51.15.145.115
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://kvt.sddan.com/api/v1/public/p/29567/d/50/s?callback=&gdpr=&gdpr_consent=&url=https%3A%2F%2Furlz.fr%2FncPV

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build/dist/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.15.145.115 , France, ASN12876 (Online SAS, FR),

Reverse DNS

kube-rr.sirdata.fr

Software

nginx/1.20.2 /

Resource Hash

8390bd7de281c9f9f71e063b6f7ef73b02297c9fa9e971fd7b1bbbdee423048e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload

Request headers

Referer: https://urlz.fr/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 13 Aug 2023 15:11:57 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Content-Encoding: gzip
Server: nginx/1.20.2
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://urlz.fr
Cache-Control: private, max-age=60
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: content-type

GET
H2

200

mw
mwzeom.zeotap.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&google_hm=ZDU2NzE4NGUtOGQ5OC00MDBkLTQxMDctM2UxM2JhYjYzMDkz&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=d567184e-8d98-400d-41...
https://mwzeom.zeotap.com/mw?google_gid=CAESEBPzXtqg4Q2VS7EvhWrIVrc&google_cver=1&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=d567184e-8d98-400d-4107-3e13bab63093&reqId=2a932328-79aa-4c85-73a...

95 B
165 B

149ms
133ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?google_gid=CAESEBPzXtqg4Q2VS7EvhWrIVrc&google_cver=1&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=d567184e-8d98-400d-4107-3e13bab63093&reqId=2a932328-79aa-4c85-73a1-d803951bac6a&zdid=1258

Protocol

Server

2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://urlz.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 15:11:57 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://urlz.fr
access-control-allow-credentials: true
cf-ray: 7f61e4c02abbe124-ORD
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Sun, 13 Aug 2023 15:11:57 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://mwzeom.zeotap.com/mw?google_gid=CAESEBPzXtqg4Q2VS7EvhWrIVrc&google_cver=1&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=d567184e-8d98-400d-4107-3e13bab63093&reqId=2a932328-79aa-4c85-73a1-d803951bac6a&zdid=1258
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 446
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 getuidj Show response
ib.adnxs.com/ 11 B
566 B 58ms
56ms XHR
application/json 68.67.160.75
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/getuidj

Requested by

Host: p.cpx.to
URL: https://p.cpx.to/p/12773/px.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.75 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://urlz.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Aug 2023 15:11:57 GMT
an-x-request-uuid: 06ace49c-c257-45c9-9507-3745c4f312db
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://urlz.fr
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 167.88.7.163; 167.88.7.163; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 11
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 rid Show response
match.adsrvr.org/track/ 109 B
539 B 129ms
54ms XHR
application/json 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=0fkciot&fmt=json
Requested by: Host: p.cpx.to
URL: https://p.cpx.to/p/12773/px.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: e12f56843fbebea202d5581fb141fe7f3ed2c82e7f5b03b9e0df95ca71a1ebf0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://urlz.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 15:11:57 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://urlz.fr
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Tue, 12 Sep 2023 15:11:57 GMT

GET
H2 200 script.js Show response
cadmus.script.ac/dahhc4ozyvjm6/ 3 B
432 B 116ms
35ms Script
application/javascript 2606:4700::6812:1691
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cadmus.script.ac/dahhc4ozyvjm6/script.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1691 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860

Request headers

accept-language: en-US,en;q=0.9
Referer: https://urlz.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 15:11:57 GMT
last-modified: Fri, 11 Aug 2023 17:26:54 GMT
server: cloudflare
age: 0
etag: W/"a83b99beb4372176103794bdfc4802686308da64"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=600,stale-while-revalidate=3600,stale-if-error=86400
cf-ray: 7f61e4c04f6110af-ORD
content-length: 3

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/ 75 KB
24 KB 97ms
39ms Fetch
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 773ef390c0650fce7fe2832f5427c428f943a630c21f166a316384937006720f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://urlz.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 13 Aug 2023 15:11:57 GMT
Content-Encoding: br
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 181413
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 11 Aug 2023 11:58:31 GMT
Server: cloudflare
ETag: W/"9d36e722f929b1726cf2a9cba00af489"
Vary: Origin, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M2UQPHZzVO%2FFAzd1j8hK%2BS6TOTOhyKeeKOeqUIMgHilvVEzt1axBraz9q3iWkYQxkfrYT%2BJwQV8pcU%2FZjOvCvT1xakcjkxx4zNK%2BWgYLGSJwHm9QyiVd1FyNbOc4lbYJKRNBzMstAxudjvsq"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers
Cache-Control: public, max-age=1800
CF-RAY: 7f61e4c0199c2d9d-ORD

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 163ms
51ms Preflight
application/json 74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sun, 13 Aug 2023 15:11:56 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 404565
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H/1.1 200
OK notifyme.php Show response
adtrack.adleadevent.com/ 0
913 B 1085ms
146ms XHR
application/x-javascript 54.77.129.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.129.231 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-129-231.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://urlz.fr/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 13 Aug 2023 15:11:58 GMT
Content-Encoding: gzip
Last-Modified: Sun, 13 Aug 2023 15:11:58 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: https://urlz.fr
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0, no-cache="set-cookie"
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 fire.js Show response
s.cpx.to/ 48 B
329 B 474ms
141ms XHR
text/plain 54.171.14.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.cpx.to/fire.js?pid=12773&url=https%3A%2F%2Furlz.fr%2FncPV&hn_ver=57&fid=fdd7e734-ca29-4121-b086-ba3de9536f33&dsp=TTD&dsp_uid=5def5224-838b-401b-8fab-f14581087974
Requested by: Host: p.cpx.to
URL: https://p.cpx.to/p/12773/px.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.14.125 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-14-125.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 51fe35f9f293d0af74764de6035eaa1d0a3f04de69998dcdbb31e93a73eafdcf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://urlz.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-origin: https://urlz.fr
date: Sun, 13 Aug 2023 15:11:57 GMT
access-control-allow-credentials: true
expires: Sun, 13 Aug 2023 15:11:57 GMT
content-length: 48
vary: Origin
p3p: CP="NOI DEV ADM"

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
394 B 676ms
413ms XHR
application/json 162.19.138.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build/dist/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

5fc10bbbcc753496c96ded68070115edc94354a2f09a05c68bed5bfd0d929ad5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://urlz.fr/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://urlz.fr
date: Sun, 13 Aug 2023 15:11:57 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H2 200 geoip Show response
apis.cmp.quantcast.com/ 53 B
174 B 254ms
75ms XHR
application/json 52.9.22.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://apis.cmp.quantcast.com/geoip
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/cmp2.js?referer=www.themoneytizer.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.9.22.152 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-9-22-152.us-west-1.compute.amazonaws.com
Software: /
Resource Hash: 4269abba537698a6c9c5b33eb352ec4e64a3d5e5895fbd396729e0fec3056479

Request headers

Accept: application/json, text/plain, */*
Referer: https://urlz.fr/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 13 Aug 2023 15:11:57 GMT
content-type: application/json; charset=utf-8
content-length: 53
x-geo-ip-version: 1.2

GET
H2 200 geoip Show response
apis.cmp.quantcast.com/ 53 B
173 B 253ms
76ms XHR
application/json 52.9.22.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://apis.cmp.quantcast.com/geoip
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/cmp2.js?referer=www.themoneytizer.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.9.22.152 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-9-22-152.us-west-1.compute.amazonaws.com
Software: /
Resource Hash: 4269abba537698a6c9c5b33eb352ec4e64a3d5e5895fbd396729e0fec3056479

Request headers

Accept: application/json, text/plain, */*
Referer: https://urlz.fr/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 13 Aug 2023 15:11:57 GMT
content-type: application/json; charset=utf-8
content-length: 53
x-geo-ip-version: 1.2

GET
H2 200 geoip Show response
apis.cmp.quantcast.com/ 53 B
173 B 251ms
77ms XHR
application/json 52.9.22.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://apis.cmp.quantcast.com/geoip
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/cmp2.js?referer=www.themoneytizer.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.9.22.152 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-9-22-152.us-west-1.compute.amazonaws.com
Software: /
Resource Hash: 4269abba537698a6c9c5b33eb352ec4e64a3d5e5895fbd396729e0fec3056479

Request headers

Accept: application/json, text/plain, */*
Referer: https://urlz.fr/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 13 Aug 2023 15:11:57 GMT
content-type: application/json; charset=utf-8
content-length: 53
x-geo-ip-version: 1.2

POST
H2 200 prebid Show response
mp.4dex.io/ 4 KB
2 KB 179ms
94ms XHR
application/json 2606:4700::6812:372
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build/dist/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64934a315109e8fbd8ddfe3050612daf5bb93eb2cb0cb87ca2d4593d0892622c

Request headers

Referer: https://urlz.fr/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

x-version: 3.0.0-gcp-las
date: Sun, 13 Aug 2023 15:11:57 GMT
content-encoding: gzip
via: 1.1 google
x-err: Shapings: no adunits with size and seat and mapping
cf-cache-status: DYNAMIC
x-warn: Process Floors. 5 inventory rules not found for mediatype: banner and adUnitCode: 26328, Process Seats Booster. unable to get the seat booster engine for organization: 1015
content-length: 1026
pragma: no-cache
server: cloudflare
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://urlz.fr
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 7f61e4c29a8fc56c-ORD
expires: 0

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
185 B 225ms
133ms XHR
text/plain 2620:100:a001::18
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.6.0&cb=71172838719&lsavail=1

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build/dist/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://urlz.fr/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://urlz.fr
date: Sun, 13 Aug 2023 15:11:57 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 200 prebid Show response
engine.bliink.io/ 2 KB
1015 B 850ms
154ms XHR
application/json 35.205.65.172
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://engine.bliink.io/prebid
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build/dist/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.205.65.172 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 172.65.205.35.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: 356bda8af8361101bd09918fee6210b128e483e783da524fa6c96532492309ab

Request headers

Referer: https://urlz.fr/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 13 Aug 2023 15:11:58 GMT
access-control-request-method: GET
content-encoding: gzip
server: istio-envoy
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://urlz.fr
access-control-allow-credentials: true
x-envoy-upstream-service-time: 38
access-control-allow-headers: ECT
content-length: 782

GET
H2 200 moneybid.js Show response
ads.themoneytizer.com/bidder1/ 0
357 B 134ms
44ms XHR
text/html 2a02:6ea0:c400::12
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=15056&adid=11&formatid=video&size=desktop
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build/dist/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::12 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://urlz.fr/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

x-77-nzt: AVm7sQ8D6c3/9hgDAA
x-accel-expires: @1692341319
date: Sun, 13 Aug 2023 15:11:57 GMT
x-77-pop: newyorkUSNY
content-encoding: gzip
server: CDN77-Turbo
x-77-nzt-ray: 49be140808a6bf3abdf2d86417e33334
vary: Accept-Encoding, Origin
x-cache: HIT
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://urlz.fr
x-77-cache: HIT
cache-control: max-age=604800
x-age: 202998
x-accel-date: 1691736519

GET
H2 200 moneybid.js Show response
ads.themoneytizer.com/bidder1/ 339 B
592 B 136ms
46ms XHR
text/html 2a02:6ea0:c400::12
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=15056&adid=6&formatid=26328&size=desktop
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build/dist/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::12 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: c2b6805cadd71458bbf7a43c24c2017bf10ceee556c2858c8c61c43e94d8b991

Request headers

Referer: https://urlz.fr/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

x-77-nzt: AVm7sQ8K8iP/9hgDAA
x-accel-expires: @1692341319
date: Sun, 13 Aug 2023 15:11:57 GMT
x-77-pop: newyorkUSNY
content-encoding: gzip
server: CDN77-Turbo
x-77-nzt-ray: 49be140808a6bf3abdf2d86420ad4934
vary: Accept-Encoding, Origin
x-cache: HIT
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://urlz.fr
x-77-cache: HIT
cache-control: max-age=604800
x-age: 202998
x-accel-date: 1691736519

GET
H2 200 moneybid.js Show response
ads.themoneytizer.com/bidder1/ 624 B
772 B 135ms
45ms XHR
text/html 2a02:6ea0:c400::12
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=15056&adid=1&formatid=26322&size=desktop
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build/dist/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::12 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 65215fa35c6eec01983fe1084e92ff08d056dae29c2fdbd5faca0cdd5dacf98a

Request headers

Referer: https://urlz.fr/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

x-77-nzt: AVm7sQ9XEsn/9hgDAA
x-accel-expires: @1692341319
date: Sun, 13 Aug 2023 15:11:57 GMT
x-77-pop: newyorkUSNY
content-encoding: gzip
server: CDN77-Turbo
x-77-nzt-ray: 49be140808a6bf3abdf2d8644e8c3d34
vary: Accept-Encoding, Origin
x-cache: HIT
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://urlz.fr
x-77-cache: HIT
cache-control: max-age=604800
x-age: 202998
x-accel-date: 1691736519

GET
H2 200 moneybid.js Show response
ads.themoneytizer.com/bidder1/ 631 B
778 B 136ms
47ms XHR
text/html 2a02:6ea0:c400::12
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=15056&adid=28&formatid=30012&size=desktop
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build/dist/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::12 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 6b6b68f34eac478d606f60c75c96be7852a1cec9c30a772becb6846a8858bb9d

Request headers

Referer: https://urlz.fr/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

x-77-nzt: AVm7sQ/+r47/9hgDAA
x-accel-expires: @1692341319
date: Sun, 13 Aug 2023 15:11:57 GMT
x-77-pop: newyorkUSNY
content-encoding: gzip
server: CDN77-Turbo
x-77-nzt-ray: 49be140808a6bf3abdf2d86457805034
vary: Accept-Encoding, Origin
x-cache: HIT
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://urlz.fr
x-77-cache: HIT
cache-control: max-age=604800
x-age: 202998
x-accel-date: 1691736519

POST
H2 200 xhr Show response
pre.ads.justpremium.com/v/2.0/t/ 53 B
752 B 230ms
89ms XHR
application/json 3.223.12.17
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pre.ads.justpremium.com/v/2.0/t/xhr?i=1691939517768
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build/dist/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.223.12.17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-223-12-17.compute-1.amazonaws.com
Software: /
Resource Hash: 090deb2711fb7ebc3bea8e07c25859e296d23b7873aee53850e929131f0a0760

Request headers

Referer: https://urlz.fr/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://urlz.fr
date: Sun, 13 Aug 2023 15:11:57 GMT
cache-control: public, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
content-type: application/json

POST
H2 200 adreq Show response
ads.servenobid.com/ 740 B
836 B 176ms
55ms XHR
application/json 52.22.181.173
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servenobid.com/adreq?cb=5410
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build/dist/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.181.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-181-173.compute-1.amazonaws.com
Software: /
Resource Hash: 77308d23089ea30865a8f8c11f1752f7b577575581a2936cb4fd63d779eeedf7

Request headers

Referer: https://urlz.fr/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 13 Aug 2023 15:11:57 GMT
content-encoding: gzip
amp-access-control-allow-source-origin: *
vary: accept-encoding
content-type: application/json
access-control-allow-origin: https://urlz.fr
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true

POST
H/1.1 204
No Content / Show response
bid.missena.io/ 0
188 B 566ms
414ms XHR
text/plain 34.202.151.41
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bid.missena.io/?t=PA-28285748
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build/dist/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.202.151.41 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-151-41.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://urlz.fr/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://urlz.fr
Date: Sun, 13 Aug 2023 15:11:58 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Vary: Origin

GET
H2

200

ROS Show response
pbjs.e-planning.net/hb/1/2a156/1/urlz.fr/
Redirect Chain

https://pbjs.e-planning.net/pbjs/1/2a156/1/urlz.fr/ROS?rnd=0.4114748371229022&e=video_640x480_0%3A640x480%3B1&ur=https%3A%2F%2Furlz.fr%2FncPV&pbv=8.6.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Furlz.fr...
https://pbjs.e-planning.net/hb/1/2a156/1/urlz.fr/ROS?ct=1&r=pbjs&rnd=0.4114748371229022&e=video_640x480_0%3A640x480%3B1&ur=https%3A%2F%2Furlz.fr%2FncPV&pbv=8.6.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F...

330 B
741 B

380ms
380ms

XHR
application/json

172.98.26.245
E-PLANNING-

General

Check archive.org

Show headers Download Go to

Full URL: https://pbjs.e-planning.net/hb/1/2a156/1/urlz.fr/ROS?ct=1&r=pbjs&rnd=0.4114748371229022&e=video_640x480_0%3A640x480%3B1&ur=https%3A%2F%2Furlz.fr%2FncPV&pbv=8.6.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Furlz.fr%2FncPV&gdpr=0&e_pubcid=db769eb4-0acc-4c3f-9c9c-fdd059084043&vctx=1&vv=3
Protocol: H2
Server: 172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: d00deb3cb4bd4a704f07265f83ef42c8db85db723ce9e07a53c17946c0287978

Request headers

accept-language: en-US,en;q=0.9
Referer: https://urlz.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

expires: Sun, 13 Aug 2023 15:11:58 GMT
date: Sun, 13 Aug 2023 15:11:58 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://urlz.fr
content-type: application/json
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-length: 330
x-sid: IAD-1220

Redirect headers

date: Sun, 13 Aug 2023 15:11:57 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://urlz.fr
location: /hb/1/2a156/1/urlz.fr/ROS?ct=1&r=pbjs&rnd=0.4114748371229022&e=video_640x480_0%3A640x480%3B1&ur=https%3A%2F%2Furlz.fr%2FncPV&pbv=8.6.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Furlz.fr%2FncPV&gdpr=0&e_pubcid=db769eb4-0acc-4c3f-9c9c-fdd059084043&vctx=1&vv=3
content-type: text/html; charset=iso-8859-1
access-control-allow-credentials: true
x-sid: IAD-1220

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
36 B 573ms
506ms XHR
text/plain 104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build/dist/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://urlz.fr/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 13 Aug 2023 15:11:58 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://urlz.fr
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 7f61e4c29a7b2c95-ORD
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
304 B 568ms
502ms XHR
text/plain 104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build/dist/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://urlz.fr/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 13 Aug 2023 15:11:58 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://urlz.fr
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 7f61e4c29a7d2c95-ORD
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
35 B 569ms
503ms XHR
text/plain 104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build/dist/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://urlz.fr/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 13 Aug 2023 15:11:58 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://urlz.fr
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 7f61e4c29a7f2c95-ORD
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
36 B 575ms
509ms XHR
text/plain 104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build/dist/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://urlz.fr/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 13 Aug 2023 15:11:58 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://urlz.fr
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 7f61e4c29a802c95-ORD
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 204 pb Show response
ad.360yield.com/1033/ 0
97 B 151ms
49ms XHR
text/plain 3.225.131.246
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.360yield.com/1033/pb
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build/dist/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.225.131.246 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-225-131-246.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://urlz.fr/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://urlz.fr
date: Sun, 13 Aug 2023 15:11:57 GMT
access-control-allow-credentials: true

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 606 B
810 B 558ms
427ms XHR
application/json 2602:803:c002:300::98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11740&site_id=39544&zone_id=1124628%3B1078226%3B1078310&size_id=15%3B2%3B2&alt_size_ids=2%2C55%2C58%2C221%3B19%2C43%2C44%2C117%3B19%2C43%2C44%2C117&p_pos=atf&gdpr=0&rp_schain=1.0,1!themoneytizer.com,9592,1,,,&eid_pubcid.org=db769eb4-0acc-4c3f-9c9c-fdd059084043%5E1&rf=https%3A%2F%2Furlz.fr&kw=15056&tg_i.domain=urlz.fr&tg_i.page=https%3A%2F%2Furlz.fr%2FncPV&tg_i.name=urlz.fr&tg_i.siteid=15056&tg_i.pbadslot=%2F15056%2Furlz.fr%2Fdesktop%2F26328%3B%2F15056%2Furlz.fr%2Fdesktop%2F26322%3B%2F15056%2Furlz.fr%2Fdesktop%2F30012&tk_flint=pbjs_lite_v8.6.0&l_pb_bid_id=439ac1ede47edd3%3B443c58baf3fb2f7%3B4530d4bf2c9b76f&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&rp_maxbids=1&p_gpid=%2F15056%2Furlz.fr%2Fdesktop%2F26328%3B%2F15056%2Furlz.fr%2Fdesktop%2F26322%3B%2F15056%2Furlz.fr%2Fdesktop%2F30012&slots=3&rand=0.993726870717732
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build/dist/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c002:300::98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 4308a3125e059daf51638b5349fc899abd511f066d5c94015653be84e2e1f2db

Request headers

Referer: https://urlz.fr/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 13 Aug 2023 15:11:58 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://urlz.fr
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 606
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 v1 Show response
hb-api.omnitagjs.com/hb-api/prebid/ 180 B
632 B 1329ms
1113ms XHR
application/json 195.244.31.11

General

Check archive.org

Show headers Download Go to

Full URL

https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Furlz.fr%2FncPV&PageUrl=https%3A%2F%2Furlz.fr%2FncPV&PageReferrer=https%3A%2F%2Furlz.fr%2FncPV

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build/dist/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.244.31.11 -, , ASN (),

Reverse DNS

Software

ayl-lb-usa02 /

Resource Hash

0c016367631762ed0b30769fd83a41477f42ee0a55507834e7cdec95ac57b4c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://urlz.fr/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 13 Aug 2023 15:11:58 GMT
x-content-type-options: nosniff
p3p: CP="CAO PSA OUR"
x-envoy-upstream-service-time: 765
content-length: 180
pragma: no-cache
server: ayl-lb-usa02
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://urlz.fr
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-allow-headers: Accept-Encoding, Content-Type
expires: 0

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
494 B 48ms
47ms XHR
application/json 51.222.39.184
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build/dist/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.222.39.184 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip184.ip-51-222-39.net

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://urlz.fr/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://urlz.fr
content-type: application/json
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 200 adjson Show response
ads.betweendigital.com/ 2 B
880 B 565ms
448ms XHR
application/json 96.46.183.20
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?t=prebid
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build/dist/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 96.46.183.20 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://urlz.fr/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://urlz.fr
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

POST
H2 204 bids Show response
prebid-us.creativecdn.com/bidder/prebid/ 0
170 B 174ms
57ms XHR
text/plain 185.184.10.30
RTB-HOUSE-ASH

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build/dist/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS: ip-185-184-10-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://urlz.fr/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://urlz.fr
date: Sun, 13 Aug 2023 15:11:57 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 204
No Content / Show response
b1h.zemanta.com/api/bidder/prebid/bid/ 0
113 B 206ms
47ms XHR
text/plain 70.42.32.191
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://b1h.zemanta.com/api/bidder/prebid/bid/
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build/dist/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://urlz.fr/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://urlz.fr
Access-Control-Allow-Credentials: true

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
186 B 111ms
50ms XHR
text/plain 2620:100:a001::18
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.6.0&cb=86185501069&lsavail=1

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build/dist/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://urlz.fr/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://urlz.fr
date: Sun, 13 Aug 2023 15:11:57 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2 200 common.css
www.jrodakake.xpkzqpcwif.top/style/css/ Frame 057C 120 KB
18 KB 84ms
81ms Stylesheet
text/css 155.94.138.49
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://www.jrodakake.xpkzqpcwif.top/style/css/common.css

Requested by

Host: www.jrodakake.xpkzqpcwif.top
URL: https://www.jrodakake.xpkzqpcwif.top/one.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

155.94.138.49 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),

Reverse DNS

155.94.138.49.static.quadranet.com

Software

nginx /

Resource Hash

c3c06cab11490cda8fa71c1fb7b633367a8065180a6fab532500f647bf248e29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jrodakake.xpkzqpcwif.top/one.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 15:11:57 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Wed, 02 Mar 2022 16:03:50 GMT
server: nginx
etag: W/"621f9566-1e065"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Mon, 14 Aug 2023 03:11:57 GMT

GET
H2 200 module.css
www.jrodakake.xpkzqpcwif.top/style/css/ Frame 057C 74 KB
13 KB 85ms
82ms Stylesheet
text/css 155.94.138.49
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://www.jrodakake.xpkzqpcwif.top/style/css/module.css

Requested by

Host: www.jrodakake.xpkzqpcwif.top
URL: https://www.jrodakake.xpkzqpcwif.top/one.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

155.94.138.49 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),

Reverse DNS

155.94.138.49.static.quadranet.com

Software

nginx /

Resource Hash

f32ac72b33743b0a8fcf63463ab1859bc72d25ebe3c02e8249c10420b8ed2a06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jrodakake.xpkzqpcwif.top/one.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 15:11:57 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Wed, 02 Mar 2022 16:03:50 GMT
server: nginx
etag: W/"621f9566-12779"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Mon, 14 Aug 2023 03:11:57 GMT

GET
H2 200 member.css
www.jrodakake.xpkzqpcwif.top/style/css/ Frame 057C 20 KB
4 KB 86ms
83ms Stylesheet
text/css 155.94.138.49
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://www.jrodakake.xpkzqpcwif.top/style/css/member.css

Requested by

Host: www.jrodakake.xpkzqpcwif.top
URL: https://www.jrodakake.xpkzqpcwif.top/one.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

155.94.138.49 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),

Reverse DNS

155.94.138.49.static.quadranet.com

Software

nginx /

Resource Hash

8e4d01ee0450f9f5e21ea7178dd0aad676fcebf6808a1a550fddc686fba02542

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jrodakake.xpkzqpcwif.top/one.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 15:11:57 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Wed, 02 Mar 2022 16:03:50 GMT
server: nginx
etag: W/"621f9566-4fe7"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Mon, 14 Aug 2023 03:11:57 GMT

GET
H2 200 style.css
www.jrodakake.xpkzqpcwif.top/style/css/ Frame 057C 39 KB
8 KB 86ms
84ms Stylesheet
text/css 155.94.138.49
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://www.jrodakake.xpkzqpcwif.top/style/css/style.css

Requested by

Host: www.jrodakake.xpkzqpcwif.top
URL: https://www.jrodakake.xpkzqpcwif.top/one.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

155.94.138.49 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),

Reverse DNS

155.94.138.49.static.quadranet.com

Software

nginx /

Resource Hash

c6c23411a9fa7eb2bc546e6269c8243b2efc179dbe9dcedafc141d03057375ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jrodakake.xpkzqpcwif.top/one.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 15:11:57 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Wed, 02 Mar 2022 16:03:50 GMT
server: nginx
etag: W/"621f9566-9a27"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Mon, 14 Aug 2023 03:11:57 GMT

GET
H2 200 top_searchparts.css
www.jrodakake.xpkzqpcwif.top/style/css/ Frame 057C 119 KB
16 KB 87ms
84ms Stylesheet
text/css 155.94.138.49
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://www.jrodakake.xpkzqpcwif.top/style/css/top_searchparts.css

Requested by

Host: www.jrodakake.xpkzqpcwif.top
URL: https://www.jrodakake.xpkzqpcwif.top/one.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

155.94.138.49 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),

Reverse DNS

155.94.138.49.static.quadranet.com

Software

nginx /

Resource Hash

6b6805e990d1063ebbf30e49162bf04f8ec247ffa96e1872e4b0d8d3f7e3a02f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jrodakake.xpkzqpcwif.top/one.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 15:11:57 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Wed, 02 Mar 2022 16:03:50 GMT
server: nginx
etag: W/"621f9566-1db4d"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Mon, 14 Aug 2023 03:11:57 GMT

GET
H2 200 load_font.css
www.jrodakake.xpkzqpcwif.top/style/css/ Frame 057C 786 B
989 B 89ms
86ms Stylesheet
text/css 155.94.138.49
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://www.jrodakake.xpkzqpcwif.top/style/css/load_font.css

Requested by

Host: www.jrodakake.xpkzqpcwif.top
URL: https://www.jrodakake.xpkzqpcwif.top/one.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

155.94.138.49 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),

Reverse DNS

155.94.138.49.static.quadranet.com

Software

nginx /

Resource Hash

bdd84e5ef5aa059a934dc05de1d463e3d1d875727859f301a940426c16e805d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jrodakake.xpkzqpcwif.top/one.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 15:11:57 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 02 Mar 2022 16:03:50 GMT
server: nginx
etag: "621f9566-312"
content-type: text/css
cache-control: max-age=43200
accept-ranges: bytes
content-length: 786
expires: Mon, 14 Aug 2023 03:11:57 GMT

GET
H2 200 logo_ekinet.png
www.jrodakake.xpkzqpcwif.top/style/img/ Frame 057C 7 KB
8 KB 89ms
87ms Image
image/png 155.94.138.49
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.jrodakake.xpkzqpcwif.top/style/img/logo_ekinet.png

Requested by

Host: www.jrodakake.xpkzqpcwif.top
URL: https://www.jrodakake.xpkzqpcwif.top/one.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

155.94.138.49 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),

Reverse DNS

155.94.138.49.static.quadranet.com

Software

nginx /

Resource Hash

3f7c549cfacde11c4129c09b1908d106126d823682cc758f70fc046638d7746b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jrodakake.xpkzqpcwif.top/one.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 15:11:57 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 02 Mar 2022 16:03:50 GMT
server: nginx
etag: "621f9566-1d38"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 7480
expires: Tue, 12 Sep 2023 15:11:57 GMT

GET
H2 200 logo_jreast.png
www.jrodakake.xpkzqpcwif.top/style/img/ Frame 057C 3 KB
3 KB 90ms
87ms Image
image/png 155.94.138.49
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.jrodakake.xpkzqpcwif.top/style/img/logo_jreast.png

Requested by

Host: www.jrodakake.xpkzqpcwif.top
URL: https://www.jrodakake.xpkzqpcwif.top/one.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

155.94.138.49 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),

Reverse DNS

155.94.138.49.static.quadranet.com

Software

nginx /

Resource Hash

ba4924716ed0580ae30f974eebb97421a2c10c1e2cf61e8ad60fcd39d8fbca30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jrodakake.xpkzqpcwif.top/one.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 15:11:57 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 02 Mar 2022 16:03:50 GMT
server: nginx
etag: "621f9566-b5d"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 2909
expires: Tue, 12 Sep 2023 15:11:57 GMT

GET
H2 200 icon_input_ok.png
www.jrodakake.xpkzqpcwif.top/style/img/ Frame 057C 3 KB
3 KB 447ms
445ms Image
image/png 155.94.138.49
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.jrodakake.xpkzqpcwif.top/style/img/icon_input_ok.png

Requested by

Host: www.jrodakake.xpkzqpcwif.top
URL: https://www.jrodakake.xpkzqpcwif.top/one.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

155.94.138.49 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),

Reverse DNS

155.94.138.49.static.quadranet.com

Software

nginx /

Resource Hash

d4d96a513c50320d375f5cb8c1c4f52d6ba868b6ffafec5f451deb8dc9ef05f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jrodakake.xpkzqpcwif.top/one.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 15:11:57 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 02 Mar 2022 16:03:52 GMT
server: nginx
etag: "621f9568-c9d"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 3229
expires: Tue, 12 Sep 2023 15:11:57 GMT

GET
H2 200 icon_linkblank.png
www.jrodakake.xpkzqpcwif.top/style/img/ Frame 057C 166 B
371 B 448ms
447ms Image
image/png 155.94.138.49
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.jrodakake.xpkzqpcwif.top/style/img/icon_linkblank.png

Requested by

Host: www.jrodakake.xpkzqpcwif.top
URL: https://www.jrodakake.xpkzqpcwif.top/one.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

155.94.138.49 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),

Reverse DNS

155.94.138.49.static.quadranet.com

Software

nginx /

Resource Hash

e918e110b6e7e8c5ada678baab1d10bcf4f24d149943804b0b31363ccd976b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jrodakake.xpkzqpcwif.top/one.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 15:11:57 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 02 Mar 2022 16:03:52 GMT
server: nginx
etag: "621f9568-a6"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 166
expires: Tue, 12 Sep 2023 15:11:57 GMT

GET
H2 200 icon_linkblank-1.png
www.jrodakake.xpkzqpcwif.top/style/img/ Frame 057C 166 B
371 B 449ms
447ms Image
image/png 155.94.138.49
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.jrodakake.xpkzqpcwif.top/style/img/icon_linkblank-1.png

Requested by

Host: www.jrodakake.xpkzqpcwif.top
URL: https://www.jrodakake.xpkzqpcwif.top/one.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

155.94.138.49 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),

Reverse DNS

155.94.138.49.static.quadranet.com

Software

nginx /

Resource Hash

e918e110b6e7e8c5ada678baab1d10bcf4f24d149943804b0b31363ccd976b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.jrodakake.xpkzqpcwif.top/one.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 15:11:57 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 02 Mar 2022 16:03:52 GMT
server: nginx
etag: "621f9568-a6"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 166
expires: Tue, 12 Sep 2023 15:11:57 GMT

GET
H2 200 index_1.html Show response
www.jrodakake.xpkzqpcwif.top/style/xml/ Frame BDDF 437 B
590 B 446ms
445ms Document
text/html 155.94.138.49
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL

https://www.jrodakake.xpkzqpcwif.top/style/xml/index_1.html

Requested by

Host: www.jrodakake.xpkzqpcwif.top
URL: https://www.jrodakake.xpkzqpcwif.top/one.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

155.94.138.49 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),

Reverse DNS

155.94.138.49.static.quadranet.com

Software

nginx /

Resource Hash

24d8df0f367eb762e82f042c908a31e297b24f58152828ecd9e663fb29b0fa47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.jrodakake.xpkzqpcwif.top/one.php
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
content-length: 437
content-type: text/html
date: Sun, 13 Aug 2023 15:11:57 GMT
etag: "621f9568-1b5"
last-modified: Wed, 02 Mar 2022 16:03:52 GMT
server: nginx
strict-transport-security: max-age=31536000

GET
H2 200 geoip Show response
apis.cmp.quantcast.com/ 53 B
173 B 94ms
77ms XHR
application/json 52.9.22.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://apis.cmp.quantcast.com/geoip
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/cmp2.js?referer=www.themoneytizer.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.9.22.152 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-9-22-152.us-west-1.compute.amazonaws.com
Software: /
Resource Hash: 4269abba537698a6c9c5b33eb352ec4e64a3d5e5895fbd396729e0fec3056479

Request headers

Accept: application/json, text/plain, */*
Referer: https://urlz.fr/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 13 Aug 2023 15:11:57 GMT
content-type: application/json; charset=utf-8
content-length: 53
x-geo-ip-version: 1.2

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 1C2A 15 KB
6 KB 452ms
53ms Document
text/html 23.54.68.197
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Requested by: Host: urlz.fr
URL: https://urlz.fr/ncPV
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.54.68.197 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-54-68-197.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer: https://urlz.fr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=112088
content-encoding: gzip
content-length: 5606
content-type: text/html
date: Sun, 13 Aug 2023 15:11:58 GMT
expires: Mon, 14 Aug 2023 22:20:06 GMT
last-modified: Tue, 11 Jul 2023 09:39:35 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

POST
H/1.1 200 102.json Show response
id5-sync.com/g/v2/ 630 B
1 KB 422ms
421ms XHR
application/json 162.19.138.119
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/102.json

Requested by

Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1097/smart.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533570.ip-162-19-138.eu

Software

Resource Hash

b5e82d60c071941ad46542c23572859a785c30717e99f6d39337ce4e1df68c5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://urlz.fr/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 13 Aug 2023 15:11:57 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://urlz.fr
p3p: CP="CAO PSA OUR"
access-control-allow-credentials: true

GET
H2

204

sync
s.cpx.to/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm
https://s.cpx.to/sync?dsp_uid=CAESEH1-9a9w3olg01Q09hHJGRg&dsp=dbm&google_cver=1

0
304 B

142ms
142ms

Image
text/plain

54.171.14.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.cpx.to/sync?dsp_uid=CAESEH1-9a9w3olg01Q09hHJGRg&dsp=dbm&google_cver=1
Protocol: H2
Server: 54.171.14.125 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-14-125.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://urlz.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

expires: Sun, 13 Aug 2023 15:11:58 GMT
date: Sun, 13 Aug 2023 15:11:58 GMT
p3p: CP="NOI DEV ADM"

Redirect headers

pragma: no-cache
date: Sun, 13 Aug 2023 15:11:58 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://s.cpx.to/sync?dsp_uid=CAESEH1-9a9w3olg01Q09hHJGRg&dsp=dbm&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 284
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

sync
s.cpx.to/
Redirect Chain

https://u.openx.net/w/1.0/cm?id=f0f39a70-2c21-4d5d-af4b-7350637edcd5&r=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3DOPENX%26dsp_uid%3D%7BOPENX_ID%7D
https://u.openx.net/w/1.0/cm?cc=1&id=f0f39a70-2c21-4d5d-af4b-7350637edcd5&r=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3DOPENX%26dsp_uid%3D%7BOPENX_ID%7D
https://s.cpx.to/sync?dsp=OPENX&dsp_uid=b80f76bf-f718-452e-92d2-ea3ba4d69b13

0
311 B

142ms
142ms

Image
text/plain

54.171.14.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.cpx.to/sync?dsp=OPENX&dsp_uid=b80f76bf-f718-452e-92d2-ea3ba4d69b13
Protocol: H2
Server: 54.171.14.125 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-14-125.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://urlz.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

expires: Sun, 13 Aug 2023 15:11:58 GMT
date: Sun, 13 Aug 2023 15:11:58 GMT
p3p: CP="NOI DEV ADM"

Redirect headers

date: Sun, 13 Aug 2023 15:11:58 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://s.cpx.to/sync?dsp=OPENX&dsp_uid=b80f76bf-f718-452e-92d2-ea3ba4d69b13
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

fire.js
s.cpx.to/
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Ffire.js%3Fdsp%3Dapp_nexus%26dsp_uid%3D%24UID%26pid%3D12773%26url%3Dhttps%253A%252F%252Furlz.fr%252FncPV%26hn_ver%3D57%26fid%3Dfdd7e734-ca29-...
https://s.cpx.to/fire.js?dsp=app_nexus&dsp_uid=1976874031801194826&pid=12773&url=https%3A%2F%2Furlz.fr%2FncPV&hn_ver=57&fid=fdd7e734-ca29-4121-b086-ba3de9536f33&dsp=TTD&dsp_uid=5def5224-838b-401b-8...

38 B
38 B

143ms
142ms

Image
text/plain

54.171.14.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.cpx.to/fire.js?dsp=app_nexus&dsp_uid=1976874031801194826&pid=12773&url=https%3A%2F%2Furlz.fr%2FncPV&hn_ver=57&fid=fdd7e734-ca29-4121-b086-ba3de9536f33&dsp=TTD&dsp_uid=5def5224-838b-401b-8fab-f14581087974
Protocol: H2
Server: 54.171.14.125 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-14-125.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://urlz.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

p3p: CP="NOI DEV ADM"
date: Sun, 13 Aug 2023 15:11:58 GMT
content-length: 38
expires: Sun, 13 Aug 2023 15:11:58 GMT

Redirect headers

pragma: no-cache
date: Sun, 13 Aug 2023 15:11:58 GMT
an-x-request-uuid: ec3a33b1-da72-409e-9460-3869d93d1a82
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://s.cpx.to/fire.js?dsp=app_nexus&dsp_uid=1976874031801194826&pid=12773&url=https%3A%2F%2Furlz.fr%2FncPV&hn_ver=57&fid=fdd7e734-ca29-4121-b086-ba3de9536f33&dsp=TTD&dsp_uid=5def5224-838b-401b-8fab-f14581087974
x-proxy-origin: 167.88.7.163; 167.88.7.163; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

204

sync
s.cpx.to/
Redirect Chain

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=BA12448F-1D22-4062-9B28-A1543353816D

0
313 B

142ms
142ms

Image
text/plain

54.171.14.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=BA12448F-1D22-4062-9B28-A1543353816D
Protocol: H2
Server: 54.171.14.125 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-14-125.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://urlz.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

expires: Sun, 13 Aug 2023 15:11:58 GMT
date: Sun, 13 Aug 2023 15:11:58 GMT
p3p: CP="NOI DEV ADM"

Redirect headers

location: https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=BA12448F-1D22-4062-9B28-A1543353816D
date: Sun, 13 Aug 2023 15:11:58 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 404 notosanscjkjp-regular_subset.woff
www.jrodakake.xpkzqpcwif.top/style/fonts/ Frame 057C 0
0 361ms
360ms Font
text/html 155.94.138.49
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.jrodakake.xpkzqpcwif.top/style/fonts/notosanscjkjp-regular_subset.woff
Requested by: Host: www.jrodakake.xpkzqpcwif.top
URL: https://www.jrodakake.xpkzqpcwif.top/style/css/load_font.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 155.94.138.49 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS: 155.94.138.49.static.quadranet.com
Software: nginx /
Resource Hash

Request headers

Referer: https://www.jrodakake.xpkzqpcwif.top/style/css/load_font.css
Origin: https://www.jrodakake.xpkzqpcwif.top
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 15:11:58 GMT
server: nginx
content-length: 548
content-type: text/html

GET
H2 404 notosanscjkjp-bold_subset.woff
www.jrodakake.xpkzqpcwif.top/style/fonts/ Frame 057C 0
0 360ms
359ms Font
text/html 155.94.138.49
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.jrodakake.xpkzqpcwif.top/style/fonts/notosanscjkjp-bold_subset.woff
Requested by: Host: www.jrodakake.xpkzqpcwif.top
URL: https://www.jrodakake.xpkzqpcwif.top/style/css/load_font.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 155.94.138.49 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS: 155.94.138.49.static.quadranet.com
Software: nginx /
Resource Hash

Request headers

Referer: https://www.jrodakake.xpkzqpcwif.top/style/css/load_font.css
Origin: https://www.jrodakake.xpkzqpcwif.top
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 15:11:58 GMT
server: nginx
content-length: 548
content-type: text/html

GET
H2 200 pixel;r=1415645241;labels=Categories.hobbiesandinterests;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Furlz.fr%2FncPV;uht=2;fpan=1;fpa=P0-1502847143-1691939517220;pbc=;ns=0;ce=1;qjs=1;qv=c818c8ec-202305...
pixel.quantserve.com/ 35 B
372 B 77ms
47ms Image
image/gif 2620:116:800b:21:c1e8:5385:5098:6bf0
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1415645241;labels=Categories.hobbiesandinterests;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Furlz.fr%2FncPV;uht=2;fpan=1;fpa=P0-1502847143-1691939517220;pbc=;ns=0;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gdpr=0;us_privacy=1---;ref=;d=urlz.fr;dst=0;et=1691939517381;tzo=600;ogl=;ses=7875e04f-350a-4fac-9a77-50ae68596432;mdl=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800b:21:c1e8:5385:5098:6bf0 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-US,en;q=0.9
Referer: https://urlz.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Aug 2023 15:11:58 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

POST
H/1.1 200 12.json Show response
id5-sync.com/g/v2/ 630 B
1 KB 205ms
132ms XHR
application/json 162.19.138.119
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/12.json

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build/dist/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533570.ip-162-19-138.eu

Software

Resource Hash

1ce565f0c1e44d628f7f034bcef748eee75588be549ef25aa3b4433a8c647b9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://urlz.fr/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 13 Aug 2023 15:11:57 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://urlz.fr
p3p: CP="CAO PSA OUR"
access-control-allow-credentials: true

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 1C2A 5 KB
6 KB 132ms
43ms Script
text/html 8.28.7.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=49069168&p=159110&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: a5cca0ff41f5c68f1b8e071348142ee332b8d3c237f4d5188662ce9a4bb15703

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Sun, 13 Aug 2023 15:11:57 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

b9pj45k4 Show response
sync-tm.everesttech.net/ct/upi/pid/ Frame 3AA0
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...

85 B
236 B

48ms
48ms

Document
image/png

151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZNjyvgAIRDL-mwA_
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: no-cache
content-length: 85
content-type: image/png
date: Sun, 13 Aug 2023 15:11:58 GMT
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma: no-cache
server: Jetty(9.4.35.v20201120)
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-chi-klot8100057-CHI
x-timer: S1691939519.798209,VS0,VE21

Redirect headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: no-cache
content-length: 0
date: Sun, 13 Aug 2023 15:11:58 GMT
location: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZNjyvgAIRDL-mwA_
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma: no-cache
server: Jetty(9.4.35.v20201120)
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-chi-klot8100057-CHI
x-timer: S1691939519.737874,VS0,VE22

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 2690
Redirect Chain

https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=2810035089260779033

42 B
273 B

45ms
43ms

Document
image/gif

8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=2810035089260779033
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sun, 13 Aug 2023 15:11:58 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Content-Length: 0
Date: Sun, 13 Aug 2023 15:11:58 GMT
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=2810035089260779033
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server: Jetty(9.4.51.v20230217)

GET
H/1.1

200
OK

dcm Show response
s.amazon-adsystem.com/ Frame 9D3B
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=BA12448F-1D22-4062-9B28-A1543353816D&redir=true&gdpr=0&gdpr_consent=
https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=BA12448F-1D22-4062-9B28-A1543353816D&redir=true&gdpr=0&gdpr_consent=&dcc=t

43 B
855 B

72ms
71ms

Document
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=BA12448F-1D22-4062-9B28-A1543353816D&redir=true&gdpr=0&gdpr_consent=&dcc=t

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Sun, 13 Aug 2023 15:11:58 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: SF4GSGNJAS4MN2VT5MZS

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Sun, 13 Aug 2023 15:11:58 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=BA12448F-1D22-4062-9B28-A1543353816D&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: SXM3NHRF838M5RCAKMNQ

GET

services
sync.technoratimedia.com/ Frame DE16
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEUENrN0pzZVVBQUNpTVN6SGpXdw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Csyn%2Cpp%2Cpm&bee_sync_current_partner=adx&b...
https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Csyn%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
https://rtb-csync.smartadserver.com/redir?partneruserid=AADPCk7JseUAACiMSzHjWw&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsyn%252Cpp%252C...
https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=syn%2Cpp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=8851953543440273397&gdpr=0&gdpr_consent=
https://sync.technoratimedia.com/services?uid=AADPCk7JseUAACiMSzHjWw&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D8851953543440273397%26gdpr%3D0%26gdpr_cons...

0
0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 53EB
Redirect Chain

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1976874031801194826&gdpr=0&gdpr_consent=

42 B
218 B

160ms
51ms

Document
image/gif

162.248.18.37
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1976874031801194826&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sun, 13 Aug 2023 15:11:57 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
access-control-allow-origin: *
an-x-request-uuid: 0fc493da-5a1a-4bb9-8599-f7d2e6252563
cache-control: no-store, no-cache, private
content-length: 0
content-type: text/html; charset=utf-8
date: Sun, 13 Aug 2023 15:11:58 GMT
expires: Sat, 15 Nov 2008 16:00:00 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1976874031801194826&gdpr=0&gdpr_consent=
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma: no-cache
server: nginx/1.21.3
x-proxy-origin: 167.88.7.163; 167.88.7.163; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection: 0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 7069
Redirect Chain

https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=bf8500dc-39eb-11ee-93b9-a76bb9251871

42 B
244 B

51ms
51ms

Document
image/gif

162.248.18.37
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=bf8500dc-39eb-11ee-93b9-a76bb9251871
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sun, 13 Aug 2023 15:11:58 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, proxy-revalidate
content-length: 0
content-type: image/gif
date: Sun, 13 Aug 2023 15:11:58 GMT
expires: Thu, 23 Sep 2004 17:42:04 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=bf8500dc-39eb-11ee-93b9-a76bb9251871
p3p: CP="NOI OTC OTP OUR NOR"
pragma: no-cache
server: Cowboy
x-realserver-nx: lga-delivery-2

GET
H2 200 141 Show response
match.deepintent.com/usersync/ Frame 0474 0
222 B 158ms
39ms Document
image/gif 38.91.45.7
DEEPINTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software: a /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-length: 0
content-type: image/gif
date: Sun, 13 Aug 2023 15:11:58 GMT
p3p: policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
server: a

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame F884
Redirect Chain

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Fg_7mEYJ_cUNDa_FGAqymBcI_pUNX_uUQw1FFfTR

42 B
438 B

44ms
44ms

Document
image/gif

8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Fg_7mEYJ_cUNDa_FGAqymBcI_pUNX_uUQw1FFfTR
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sun, 13 Aug 2023 15:11:57 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
date: Sun, 13 Aug 2023 15:11:58 GMT
expires: Fri, 04 Aug 1978 12:00:00 GMT
location: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=Fg_7mEYJ_cUNDa_FGAqymBcI_pUNX_uUQw1FFfTR
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
strict-transport-security: max-age=86400

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame C7F8 43 B
363 B 156ms
47ms Document
image/gif 74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-cache
content-type: image/gif
cross-origin-resource-policy: cross-origin
date: Sun, 13 Aug 2023 15:11:58 GMT
expires: Sun, 13 Aug 2023 00:00:00 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 189085
strict-transport-security: max-age=31536000; preload;
x-errorlevel: 0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 0CD9
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=RY969wYiXAZRYKnPXDIjt6dYB6M&gdpr=0&gdpr_consent=

42 B
302 B

53ms
52ms

Document
image/gif

162.248.18.37
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=RY969wYiXAZRYKnPXDIjt6dYB6M&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sun, 13 Aug 2023 15:11:58 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Content-Length: 188
Content-Type: text/html; charset=utf-8
Date: Sun, 13 Aug 2023 15:11:58 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=RY969wYiXAZRYKnPXDIjt6dYB6M&gdpr=0&gdpr_consent=

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame C80E
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:7KszehaQ1QvcL45&gdpr=0&gdpr_consent=

42 B
219 B

51ms
51ms

Document
image/gif

162.248.18.37
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:7KszehaQ1QvcL45&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sun, 13 Aug 2023 15:11:57 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Date: Sun, 13 Aug 2023 15:11:58 GMT
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:7KszehaQ1QvcL45&gdpr=0&gdpr_consent=
Pragma: no-cache
Server: PingMatch/v2.0.30-788-g55788f4#dev-temp-decrease-retargeting-updates-batch i-0da94c7f55bec3b76@us-east-1b@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains

GET
H/1.1

200
OK

pbmtc.gif Show response
beacon.lynx.cognitivlabs.com/ Frame 188F
Redirect Chain

https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=049d1044-e97b-4975-be7d-14e19f14260a&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=$...
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=BA12448F-1D22-4062-9B28-A1543353816D

42 B
495 B

48ms
47ms

Document
image/gif

54.225.185.242

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=BA12448F-1D22-4062-9B28-A1543353816D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.225.185.242 -, , ASN (),
Reverse DNS
Software: Kestrel /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Connection: keep-alive
Content-Length: 42
Content-Type: image/gif
Date: Sun, 13 Aug 2023 15:11:59 GMT
Server: Kestrel

Redirect headers

cache-control: no-store, no-cache, private
date: Sun, 13 Aug 2023 15:11:58 GMT
location: https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=BA12448F-1D22-4062-9B28-A1543353816D
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

GET
H2

200

i.match Show response
s.tribalfusion.com/z/ Frame 6F8A
Redirect Chain

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...

43 B
424 B

83ms
81ms

Document
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache private
cf-cache-status: DYNAMIC
cf-ray: 7f61e4c8cf1f631a-ORD
content-length: 43
content-type: image/gif; charset=utf-8
date: Sun, 13 Aug 2023 15:11:58 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
x-function: 302

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache private
cf-cache-status: DYNAMIC
cf-ray: 7f61e4c84e97631a-ORD
content-type: text/html
date: Sun, 13 Aug 2023 15:11:58 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
x-function: 206
x-reuse-index: 3034

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame A866
Redirect Chain

https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=BA12448F-1D22-4062-9B28-A1543353816D&gdpr=0&gdpr_consent=

42 B
318 B

52ms
52ms

Document
image/gif

162.248.18.37
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=BA12448F-1D22-4062-9B28-A1543353816D&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sun, 13 Aug 2023 15:11:58 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 13 Aug 2023 15:11:56 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=BA12448F-1D22-4062-9B28-A1543353816D&gdpr=0&gdpr_consent=
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 5EBB
Redirect Chain

https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}

0
79 B

58ms
58ms

Document
text/html

162.248.18.37
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 13 Aug 2023 15:11:59 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
date: Sun, 13 Aug 2023 15:11:59 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server: _

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 28A6
Redirect Chain

https://ums.acuityplatform.com/tum?umid=6
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=813369252622

42 B
208 B

51ms
51ms

Document
image/gif

162.248.18.37
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=813369252622
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sun, 13 Aug 2023 15:11:57 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Access-Control-Allow-Origin: *
Content-Length: 0
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=813369252622

GET
H2 200 setuid Show response
u.4dex.io/ Frame BEA1 0
1 KB 171ms
79ms Document
text/plain 34.149.40.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.4dex.io/setuid?bidder=pubmatic&uid=(PM_UID)BA12448F-1D22-4062-9B28-A1543353816D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 38.40.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
content-length: 0
date: Sun, 13 Aug 2023 15:11:58 GMT
expires: 0
pragma: no-cache
vary: Origin Accept-Encoding
via: 1.1 google

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1C2A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=uhJEjx0iQGKbKKFUM1OBbQ%3D%3D&gdpr=0&gdpr_consent=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

15 KB
15 KB

44ms
43ms

Image
text/html

23.54.68.197
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Protocol: H2
Server: 23.54.68.197 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-54-68-197.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 15:11:58 GMT
content-encoding: gzip
last-modified: Tue, 11 Jul 2023 09:39:35 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=112088
accept-ranges: bytes
content-length: 5606
expires: Mon, 14 Aug 2023 22:20:06 GMT

Redirect headers

pragma: no-cache
date: Sun, 13 Aug 2023 15:11:58 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

receive
pixel.tapad.com/idsync/ex/ Frame 1C2A
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=BA12448F-1D22-4062-9B28-A1543353816D
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=a915023b-63d9-47b5-a665-8b4fa9007abb%252C%252C&gdpr=0&gdpr_consent=
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=da3ab128-f94b-43f1-82e9-f56755dda26c&ttd_puid=a915023b-63d9-47b5-a665-8b4fa9007abb%2C%2C

95 B
124 B

59ms
57ms

Image
image/png

34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=da3ab128-f94b-43f1-82e9-f56755dda26c&ttd_puid=a915023b-63d9-47b5-a665-8b4fa9007abb%2C%2C

Protocol

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

Jetty(11.0.13) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 15:11:58 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
content-type: image/png
access-control-allow-origin: *
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

pragma: no-cache
date: Sun, 13 Aug 2023 15:11:58 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=da3ab128-f94b-43f1-82e9-f56755dda26c&ttd_puid=a915023b-63d9-47b5-a665-8b4fa9007abb%2C%2C
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 359

GET
H/1.1 403
Forbidden FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3A...
us01.z.antigena.com/l/ Frame 1C2A 0
0 154ms
46ms Image
text/html 40.76.134.238
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%20BA12448F-1D22-4062-9B28-A1543353816D&rnd=RND
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 40.76.134.238 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

GET
H2

200

xuid
eb2.3lift.com/ Frame 1C2A
Redirect Chain

https://eb2.3lift.com/xuid?mid=7976&xuid=BA12448F-1D22-4062-9B28-A1543353816D&dongle=u6nf&gdpr=0&gdpr_consent=
https://eb2.3lift.com/xuid?ld=1&mid=7976&xuid=BA12448F-1D22-4062-9B28-A1543353816D&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy=

37 B
354 B

50ms
49ms

Image
image/gif

52.223.22.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=7976&xuid=BA12448F-1D22-4062-9B28-A1543353816D&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy=
Protocol: H2
Server: 52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type: image/gif
date: Sun, 13 Aug 2023 15:11:58 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=7976&xuid=BA12448F-1D22-4062-9B28-A1543353816D&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy=
date: Sun, 13 Aug 2023 15:11:58 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 1C2A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QkExMjQ0OEYtMUQyMi00MDYyLTlCMjgtQTE1NDMzNTM4MTZE&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
95 B

43ms
42ms

Image
image/gif

8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Protocol: H2
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sun, 13 Aug 2023 15:11:57 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sun, 13 Aug 2023 15:11:58 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 1C2A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEC4CqhwaxDA5cxFmJwwYGuI&google_cver=1

42 B
268 B

43ms
41ms

Image
image/gif

8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEC4CqhwaxDA5cxFmJwwYGuI&google_cver=1
Protocol: H2
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sun, 13 Aug 2023 15:11:57 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sun, 13 Aug 2023 15:11:58 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEC4CqhwaxDA5cxFmJwwYGuI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 1C2A
Redirect Chain

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:3BA769B9D40642FEA3A6F36CE46A5C16

42 B
248 B

42ms
41ms

Image
image/gif

8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:3BA769B9D40642FEA3A6F36CE46A5C16
Protocol: H2
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sun, 13 Aug 2023 15:11:57 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date: Sun, 13 Aug 2023 15:11:58 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:3BA769B9D40642FEA3A6F36CE46A5C16
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 12 Aug 2023 15:11:58 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 1C2A
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=da3ab128-f94b-43f1-82e9-f56755dda26c&gdpr=0&gdpr_consent=

42 B
508 B

114ms
50ms

Image
image/gif

162.248.18.37
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=da3ab128-f94b-43f1-82e9-f56755dda26c&gdpr=0&gdpr_consent=
Protocol: H2
Server: 162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sun, 13 Aug 2023 15:11:58 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sun, 13 Aug 2023 15:11:58 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=da3ab128-f94b-43f1-82e9-f56755dda26c&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 355

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 1C2A
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3951097677470504236&gdpr=0&gdpr_consent=&us_privacy=

1 B
195 B

52ms
51ms

Image
text/html

162.248.18.37
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3951097677470504236&gdpr=0&gdpr_consent=&us_privacy=
Protocol: H2
Server: 162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Sun, 13 Aug 2023 15:11:58 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3951097677470504236&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Sun, 13 Aug 2023 15:11:58 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2 200 BA12448F-1D22-4062-9B28-A1543353816D
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 1C2A 43 B
601 B 180ms
49ms Image
image/gif 2600:1f18:4e9:5a07:25d3:b867:be5a:94f0
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/BA12448F-1D22-4062-9B28-A1543353816D?gdpr=0&gdpr_consent=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:4e9:5a07:25d3:b867:be5a:94f0 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 15:11:58 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 1C2A
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=BA12448F-1D22-4062-9B28-A1543353816D&redir=true&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=BA12448F-1D22-4062-9B28-A1543353816D&redir=true&gdpr=0&gdpr_consent=&verify=true
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-1wwvVkpE2uWr8TrhQZFlhHcOUqVAJ4c-~A&gdpr=0

0
260 B

151ms
42ms

Image
text/plain

8.28.7.84

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-1wwvVkpE2uWr8TrhQZFlhHcOUqVAJ4c-~A&gdpr=0
Protocol: H2
Server: 8.28.7.84 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 15:11:58 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-1wwvVkpE2uWr8TrhQZFlhHcOUqVAJ4c-~A&gdpr=0
date: Sun, 13 Aug 2023 15:11:58 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 1C2A
Redirect Chain

https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=BA12448F-1D22-4062-9B28-A1543353816D&gdpr=0&gdpr_consent=
https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=6d2700641f621cf&is_secure=true&networkId=17100&version=1&nuid=BA12448F-1D22-4062-9B28-A1543353816D&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALrw4daJ3MyQNECN_8AAAAAAA&expiration=1692025918&nuid=BA12448F-1D22-4062-9B28-A1543353816D&...

42 B
344 B

62ms
51ms

Image
image/gif

162.248.18.37
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALrw4daJ3MyQNECN_8AAAAAAA&expiration=1692025918&nuid=BA12448F-1D22-4062-9B28-A1543353816D&is_secure=true&gdpr_consent=&gdpr=0
Protocol: H2
Server: 162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sun, 13 Aug 2023 15:11:57 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sun, 13 Aug 2023 15:11:58 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALrw4daJ3MyQNECN_8AAAAAAA&expiration=1692025918&nuid=BA12448F-1D22-4062-9B28-A1543353816D&is_secure=true&gdpr_consent=&gdpr=0
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 1C2A
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=50f2c53a-7abb-4cfa-8e85-7c39afec7468&gdpr=0&gdpr_consent=

1 B
236 B

53ms
52ms

Image
text/html

162.248.18.37
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=50f2c53a-7abb-4cfa-8e85-7c39afec7468&gdpr=0&gdpr_consent=
Protocol: H2
Server: 162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Sun, 13 Aug 2023 15:11:58 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=50f2c53a-7abb-4cfa-8e85-7c39afec7468&gdpr=0&gdpr_consent=
Date: Sun, 13 Aug 2023 15:11:58 GMT
Connection: keep-alive
X-CI-RTID: 7bd34c4e-95e1-40d3-8032-7ae72796b157
Content-Length: 205
Content-Type: text/html; charset=utf-8

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 1C2A
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://rtb2-useast.marketiq.com/sync?exchange=685&ssp=pubmatic&bsw_param=488c4b8a-6ee0-4999-9297-5c3162e6879c
https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.marketiq.com%2Fsync%3Fexchange%3D685%26ssp%3Dpubmatic%26bsw_param%3D488c4b8a-6ee0-4999-9297-5c3162e6879c
https://rtb2-useast.marketiq.com/sync?adkuid=A3412976901617556202&exchange=685&ssp=pubmatic&bsw_param=488c4b8a-6ee0-4999-9297-5c3162e6879c
https://x.bidswitch.net/sync?dsp_id=458&user_id=A3412976901617556202&expires=5&ssp=pubmatic&bsw_param=488c4b8a-6ee0-4999-9297-5c3162e6879c
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=488c4b8a-6ee0-4999-9297-5c3162e6879c&gdpr=&gdpr_consent=&gdpr_pd=

1 B
165 B

51ms
51ms

Image
text/html

162.248.18.37
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=488c4b8a-6ee0-4999-9297-5c3162e6879c&gdpr=&gdpr_consent=&gdpr_pd=
Protocol: H2
Server: 162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Sun, 13 Aug 2023 15:11:58 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=488c4b8a-6ee0-4999-9297-5c3162e6879c&gdpr=&gdpr_consent=&gdpr_pd=
Date: Sun, 13 Aug 2023 15:11:59 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2 204 CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame 1C2A 0
35 B 176ms
48ms Image
text/plain 54.159.4.118
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.159.4.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-159-4-118.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 15:11:58 GMT

GET
H/1.1

200
OK

sn.ashx
pmp.mxptint.net/ Frame 1C2A
Redirect Chain

https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R33647_10759C0CD_4F251E98&r=https://pmp.mxptint.net/sn.ashx?ak=1
https://pmp.mxptint.net/sn.ashx?ak=1

43 B
266 B

47ms
46ms

Image
image/gif

38.98.69.175
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pmp.mxptint.net/sn.ashx?ak=1

Protocol

HTTP/1.1

Server

38.98.69.175 New York, United States, ASN174 (COGENT-174, US),

Reverse DNS

Software

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=-374944297; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Expires: -1
Pragma: no-cache
Date: Sun, 13 Aug 2023 15:11:58 GMT
Cache-Control: no-cache
Strict-Transport-Security: max-age=-374944297; includeSubDomains
Content-Length: 43
Content-Type: image/gif

Redirect headers

location: https://pmp.mxptint.net/sn.ashx?ak=1
date: Sun, 13 Aug 2023 15:11:58 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 1C2A
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=5aab6776-6783-49e0-8af4-9364ead6f9c3-64d8f2be-5553&gdpr=0&gdpr_consent=

42 B
343 B

44ms
43ms

Image
image/gif

8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=5aab6776-6783-49e0-8af4-9364ead6f9c3-64d8f2be-5553&gdpr=0&gdpr_consent=
Protocol: H2
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sun, 13 Aug 2023 15:11:59 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sun, 13 Aug 2023 15:11:58 GMT
server: A
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=5aab6776-6783-49e0-8af4-9364ead6f9c3-64d8f2be-5553&gdpr=0&gdpr_consent=
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 1C2A
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3608501076045583537

42 B
322 B

52ms
51ms

Image
image/gif

162.248.18.37
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3608501076045583537
Protocol: H2
Server: 162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sun, 13 Aug 2023 15:11:59 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sun, 13 Aug 2023 15:11:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3608501076045583537
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1

200
OK

usync.html
eus.rubiconproject.com/ Frame 8C12
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=onfocus&endpoint=us-west
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west

281 B
0

156ms
48ms

Document
text/html

23.52.162.21

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
Requested by: Host: urlz.fr
URL: https://urlz.fr/ncPV
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.162.21 -, , ASN (),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Referer: https://urlz.fr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 13 Aug 2023 15:11:59 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Sun, 13 Aug 2023 15:11:59 GMT
location: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
server: AkamaiGHost

GET
H2 200 lib_watermark.js Show response
ads.themoneytizer.com/ 6 KB
2 KB 46ms
44ms Script
application/javascript 2a02:6ea0:c400::12
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/lib_watermark.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::12 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: a72baa0c1d82bdc8930d5e2698d3ef2173094bd40ef2d157e6b3e49fab07ba44

Request headers

accept-language: en-US,en;q=0.9
Referer: https://urlz.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-77-pop: newyorkUSNY
date: Sun, 13 Aug 2023 15:11:59 GMT
content-encoding: gzip
x-cache: HIT
x-77-cache: HIT
x-age: 40217
x-accel-date: 1691899302
x-77-nzt: AVm7sQ8CpXr/GZ0AAA
pragma: public
x-accel-expires: @1691985702
last-modified: Mon, 24 Apr 2023 13:12:59 GMT
server: CDN77-Turbo
x-77-nzt-ray: 49be1408759e130bbff2d864f2583709
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400, public, no-transform
expires: Sat, 12 Aug 2023 04:01:38 GMT

GET
H/1.1 200
OK / Show response
c.tmyzer.com/c/ 0
281 B 130ms
129ms XHR
text/html 54.38.64.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tmyzer.com/c/?s=15056&f=1&fi=0
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform3.js?siteId=15056&formatId=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://urlz.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 15:11:59 GMT
server: nginx
x-iplb-request-id: A75807A3:DC50_36264064:01BB_64D8F2BF_51FFE32:2F897
x-iplb-instance: 38437
transfer-encoding: chunked
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
geo: rbx

GET
H2 200 lib_footer_slidein.js Show response
ads.themoneytizer.com/ 25 KB
4 KB 44ms
44ms Script
application/javascript 2a02:6ea0:c400::12
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/lib_footer_slidein.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::12 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: ca039c9541f1a5f8eb157df578e50664f9e775b18c6a3ff4e9fca87701e93557

Request headers

accept-language: en-US,en;q=0.9
Referer: https://urlz.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-77-pop: newyorkUSNY
date: Sun, 13 Aug 2023 15:11:59 GMT
content-encoding: gzip
x-cache: HIT
x-77-cache: HIT
x-age: 40209
x-accel-date: 1691899310
x-77-nzt: AVm7sQ/mirX/EZ0AAA
pragma: public
x-accel-expires: @1691985710
last-modified: Fri, 02 Jun 2023 13:02:33 GMT
server: CDN77-Turbo
x-77-nzt-ray: 49be1408759e130bbff2d8646ed0fb09
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400, public, no-transform
expires: Sat, 12 Aug 2023 04:01:48 GMT

GET
H/1.1 200
OK /
c.tmyzer.com/c/ 0
281 B 319ms
319ms XHR
text/html 54.38.64.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tmyzer.com/c/?s=15056&f=28&fi=0
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform3.js?siteId=15056&formatId=28
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://urlz.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 15:11:59 GMT
server: nginx
x-iplb-request-id: A75807A3:DC4E_36264064:01BB_64D8F2BF_520612D:1580B
x-iplb-instance: 38438
transfer-encoding: chunked
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
geo: rbx

GET
H2 200 tbframe.js Show response
cdn.taboola.com/shared/ Frame 932A 14 KB
4 KB 129ms
29ms Script
application/x-javascript 151.101.1.44

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/shared/tbframe.js
Requested by: Host: urlz.fr
URL: https://urlz.fr/ncPV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d01d7e89b4d641722a6ee3361a74140f0271768fa9c0fb75168cc1f3dc90ad09

Request headers

accept-language: en-US,en;q=0.9
Referer: https://urlz.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: 0pDr76RrkFiLTlb_BYFV8nfS5Xv_eohq
content-encoding: gzip
via: 1.1 varnish
date: Sun, 13 Aug 2023 15:11:59 GMT
x-amz-request-id: SAQ11KAS1CDT9ACQ
age: 10206
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 3897
x-amz-id-2: 8Q/Xbvx08JiEKP4f/g2XvLQLGp5AQ/oVn2htAvaskiIJZ4wdo2nFb0bq0GW/CtgOpYgOXB11N+c=
x-served-by: cache-chi-klot8100104-CHI
last-modified: Thu, 14 Apr 2016 14:04:36 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1691939519.311155,VS0,VE0
etag: "0c6cdb6c2f89bf98124c3679a3412fb6"
vary: Accept-Encoding
content-type: application/x-javascript
abp: 36
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 15

GET
H2 200 tbframe.js Show response
cdn.taboola.com/shared/ Frame 4074 14 KB
4 KB 114ms
28ms Script
application/x-javascript 151.101.1.44

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/shared/tbframe.js
Requested by: Host: urlz.fr
URL: https://urlz.fr/ncPV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d01d7e89b4d641722a6ee3361a74140f0271768fa9c0fb75168cc1f3dc90ad09

Request headers

accept-language: en-US,en;q=0.9
Referer: https://urlz.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: 0pDr76RrkFiLTlb_BYFV8nfS5Xv_eohq
content-encoding: gzip
via: 1.1 varnish
date: Sun, 13 Aug 2023 15:11:59 GMT
x-amz-request-id: SAQ11KAS1CDT9ACQ
age: 10206
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 3897
x-amz-id-2: 8Q/Xbvx08JiEKP4f/g2XvLQLGp5AQ/oVn2htAvaskiIJZ4wdo2nFb0bq0GW/CtgOpYgOXB11N+c=
x-served-by: cache-chi-klot8100104-CHI
last-modified: Thu, 14 Apr 2016 14:04:36 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1691939519.311095,VS0,VE0
etag: "0c6cdb6c2f89bf98124c3679a3412fb6"
vary: Accept-Encoding
content-type: application/x-javascript
abp: 66
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 14

GET close-retina.png
ced-ns.sascdn.com/diff/templates/images/ 0
0

GET
H2 200 728x90.png
ads.themoneytizer.com/passback/moneytizer/ Frame 80AF 12 KB
12 KB 54ms
54ms Image
image/png 2a02:6ea0:c400::12
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.themoneytizer.com/passback/moneytizer/728x90.png
Requested by: Host: urlz.fr
URL: https://urlz.fr/ncPV
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::12 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://urlz.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-77-pop: newyorkUSNY
date: Sun, 13 Aug 2023 15:11:59 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 40207
x-accel-date: 1691899312
content-length: 11915
x-77-nzt: AVm7sQ/vUej/D50AAA
pragma: public
x-accel-expires: @1691985712
last-modified: Tue, 10 Jan 2023 10:34:51 GMT
server: CDN77-Turbo
x-77-nzt-ray: 49be1408759e130bbff2d864b232e813
content-type: image/png
cache-control: max-age=86400, public, no-transform
accept-ranges: bytes
expires: Sat, 12 Aug 2023 04:01:42 GMT

GET
H2 200 loader.js
cdn.taboola.com/libtrc/themonetizer-network/ Frame 356D 1 MB
316 KB 31ms
30ms Script
application/javascript 151.101.1.44

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/themonetizer-network/loader.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/shared/tbframe.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://urlz.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: UKHdYWKgErx6lbf5VuGx2OrO5z6UMMUg
content-encoding: gzip
via: 1.1 varnish
date: Sun, 13 Aug 2023 15:11:59 GMT
x-amz-request-id: 78A20HQ0EMZHZS8P
age: 19089
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 323100
x-amz-id-2: P3qiPu4fslkrgycBY67LpkDFD2JeJuh6rEP/cqJaQDk/hzvrmTkk5Ixt/cSF8MozDcSbn17Jxr0=
x-served-by: cache-chi-klot8100104-CHI
last-modified: Sun, 13 Aug 2023 09:53:38 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1691939519.385329,VS0,VE3
etag: "7a014283c5642c8fd9eefb711f2890d3"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 54
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 loader.js
cdn.taboola.com/libtrc/themonetizer-network/ Frame 2784 1 MB
316 KB 97ms
97ms Script
application/javascript 151.101.1.44

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/themonetizer-network/loader.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/shared/tbframe.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://urlz.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: UKHdYWKgErx6lbf5VuGx2OrO5z6UMMUg
content-encoding: gzip
via: 1.1 varnish
date: Sun, 13 Aug 2023 15:11:59 GMT
x-amz-request-id: 78A20HQ0EMZHZS8P
age: 19089
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 323100
x-amz-id-2: P3qiPu4fslkrgycBY67LpkDFD2JeJuh6rEP/cqJaQDk/hzvrmTkk5Ixt/cSF8MozDcSbn17Jxr0=
x-served-by: cache-chi-klot8100104-CHI
last-modified: Sun, 13 Aug 2023 09:53:38 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1691939519.400876,VS0,VE0
etag: "7a014283c5642c8fd9eefb711f2890d3"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 46
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 2

GET impl.20230812-1-RELEASE.js
cdn.taboola.com/libtrc/ Frame 356D 0
0

GET impl.20230812-1-RELEASE.js
cdn.taboola.com/libtrc/ Frame 2784 0
0

GET usync.js
eus.rubiconproject.com/ Frame 8C12 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ps.eyeota.net
URL: https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&bid=1mpr7m0&r=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F123%2F3%2F7.gif%3Fpuid%3D%7BUUID%7D%26gdpr%3D0%26gdpr_consent%3D

Domain: sync.technoratimedia.com
URL: https://sync.technoratimedia.com/services?uid=AADPCk7JseUAACiMSzHjWw&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D8851953543440273397%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0

Domain: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/images/close-retina.png

Domain: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230812-1-RELEASE.js

Domain: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230812-1-RELEASE.js

Domain: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: JR East (Transportation)

162 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

113 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.urlz.fr/	1970-01-20 23:34:59	Name: _ga_YETLCG4WNK Value: GS1.1.1691939517.1.0.1691939517.0.0.0
.onetag-sys.com/	1970-01-20 23:28:46	Name: OTP Value: q69fFF_kmEwsVRLlYUjomm8HzuhvKGGySbkEYGdZ-zg
.urlz.fr/	1970-01-20 23:34:59	Name: _ga Value: GA1.2.1362931011.1691939517
.urlz.fr/	1970-01-20 14:00:25	Name: _gid Value: GA1.2.1195506758.1691939517
.urlz.fr/	1970-01-20 13:58:59	Name: _gat_gtag_UA_162669458_1 Value: 1
urlz.fr/	1970-01-20 14:42:11	Name: _pbjs_userid_consent_data Value: 6683316680106290
.urlz.fr/	1970-01-20 16:08:35	Name: sharedid Value: db769eb4-0acc-4c3f-9c9c-fdd059084043
.contextweb.com/	1970-01-20 22:37:23	Name: V Value: kN1ac0XCrBNf
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: 2ae2e0e697142830
.zeotap.com/	1970-01-20 22:44:35	Name: zc Value: d567184e-8d98-400d-4107-3e13bab63093
.zeotap.com/	1970-01-20 14:00:25	Name: zsc Value: %87%DB%21r%C3x%3E%06%97%84qg%F7r%ABK.%84%E0Sr%AD%5Dw%E4%95%3D%05%02%21%26%B2%9CDJ%9A%2F%BC%F8.%FF%0B%E9Mk%CD%A6%7C%E2d%F4%0CR%89%1AKU%14%A5%5Cm%EC%EE%9B%D3%CD%8E%B46%AA%A7%AE%05%F9%95%B1.%1BDH%D7R%EA
.mathtag.com/	1970-01-20 23:24:54	Name: uuid Value: 41a564d8-f2bd-4c00-a401-0f077cb00cea
.rubiconproject.com/	1970-01-20 22:44:35	Name: khaos Value: LL9L3QUA-E-H6C2
.rubiconproject.com/	1970-01-20 22:44:35	Name: audit Value: 1\|HzAfezwFOLmsQ8hZNbqwr87GXbnsVidEcg0oWILRrGvbv+B75popqvCuxG7v6cF5j4fv7EiA4heM1KxoLazIt6NWShwHx7KI6rocrMY9/A9hagWs7b3HuSjR53LBeYQF+N2aufCMhOltZyzZ6sFWKfiN+9uQgRNqa05D+DyhpQmL0xlB52ZMIs9sdGeFC9lF
.adnxs.com/	1970-01-20 16:08:35	Name: uuid2 Value: 1976874031801194826
.doubleclick.net/	1970-01-20 23:34:59	Name: IDE Value: AHWqTUnX_-G9rxCfiLlPN7z6mypOZiEoqws9z5grIgf1ajhqIEwEZU1I0Wjd-fzS7dw
.adsrvr.org/	1970-01-20 22:46:01	Name: TDID Value: da3ab128-f94b-43f1-82e9-f56755dda26c
.script.ac/	1970-01-20 13:59:01	Name: __cf_bm Value: bExerzq2jLPxlXxV3bssLl2atgbt1osQHOwCB.qcKaA-1691939517-0-Ac84NKQhyo7HMFluSOcwAk7NfCcryJZqNAScoTL49dMiLBiuNyNGDhm2HJY7yRUFWshfAK0fK8xI+DFa2kk+akw=
.id5-sync.com/	1970-01-20 13:58:59	Name: callback Value:
.urlz.fr/	1970-01-20 23:19:59	Name: cto_bundle Value: ZXt1fF9KcEgyczhyUEJKTVVwWVJlM1ZVJTJGUlM2d2YyWGhXdjAwJTJCMkpoSWUlMkJOWnhaTWlJYkwlMkJNbUFGbnI3dkklMkJ4WHJMVDk4endpUUljaW11R29KczhqZnBPTU9GMFdOcGZiMyUyRkMzbzdiU3hXQSUyQmI0JTNE
.urlz.fr/	1970-01-20 23:19:59	Name: cto_bidid Value: uMPBjF9JNUZhdEpjd0hXVkRjSEhMJTJCWkE4b0tJanRDMjRnUnhHN2tuQVViRXdNaFpYVVZIcDNoUzdYR1hYU0dKNDhFQ2s2YlN6RTk0aVR3TGtXelJSZFh0dEZ3JTNEJTNE
pbjs.e-planning.net/	1969-12-31 23:59:59	Name: CT Value: 1
.servenobid.com/	1970-01-20 14:00:25	Name: cap_908 Value: 10
.servenobid.com/	1970-01-20 14:00:25	Name: cap_1062 Value: 10
.cpx.to/	1970-01-20 22:44:35	Name: cpSess Value: 4dad91b5df37f60c
.justpremium.com/	1970-01-20 14:42:11	Name: jpxumaster Value: r-4c49671b-5a7e-41a3-9716-3db891fc4719-32626-294050918
.justpremium.com/	1969-12-31 23:59:59	Name: jpxsession Value: r-76ef400d-26d9-4cd6-8432-83515f4cfc5a-32626-294134819
.justpremium.com/	1970-01-20 14:00:25	Name: jpxuuid Value: r-19396291-a0f3-4a1c-b7ab-7eac2d3e2aa9-32626-294162082
.justpremium.com/	1969-12-31 23:59:59	Name: 152628_517072 Value: 0_0_0
.betweendigital.com/	1970-01-20 22:44:35	Name: dc Value: was1
.betweendigital.com/	1970-01-20 22:44:35	Name: tuuid Value: 48d44ffd-4b66-53e1-b1b4-4a91d56cb82f
.betweendigital.com/	1970-01-20 22:44:35	Name: ut Value: ZNjyvgAEYRgW1Q2tI--dZmG9SNUBMdguqr_GuA==
.betweendigital.com/	1970-01-20 22:44:35	Name: ss Value: 1
.betweendigital.com/	1970-01-20 22:44:35	Name: unm Value: 1
.e-planning.net/	1970-01-20 23:34:59	Name: E Value: AG3g-AizyCLJI6Dy
.quantserve.com/	1970-01-20 23:29:13	Name: mc Value: 64d8f2be-60e81-873a5-dd4c6
.urlz.fr/	1970-01-20 23:23:28	Name: __qca Value: P0-1502847143-1691939517220
.openx.net/	1970-01-20 22:44:35	Name: i Value: 2b9e65f5-6237-46d6-aa92-da7fc166b76c\|1691939518
.id5-sync.com/	1970-01-20 16:08:35	Name: id5 Value: 38e0bb83-6635-7f58-9f91-b85a01e98c80#1691939517598#3
.tapad.com/	1970-01-20 15:25:23	Name: TapAd_TS Value: 1691939518417
.tapad.com/	1970-01-20 15:25:23	Name: TapAd_DID Value: a915023b-63d9-47b5-a665-8b4fa9007abb
.pubmatic.com/	1970-01-20 22:44:35	Name: KADUSERCOOKIE Value: BA12448F-1D22-4062-9B28-A1543353816D
.ads.pubmatic.com/	1970-01-20 14:00:25	Name: KCCH Value: YES
.cpx.to/	1970-01-20 22:44:35	Name: dsp_app_nexus Value: 1976874031801194826#1691939518420
.cpx.to/	1970-01-20 22:44:35	Name: dsp_TTD Value: 5def5224-838b-401b-8fab-f14581087974#1691939518420
.cpx.to/	1970-01-20 22:44:35	Name: dsp_dbm Value: CAESEH1-9a9w3olg01Q09hHJGRg#1691939518427
adtrack.adleadevent.com/	1969-12-31 23:59:59	Name: AWSELBCORS Value: 9FC54D150466C174912E5199B1F8E822A79961F459747D218DA8067809F8238A086EE8BF67D63A2A90D1DB19587375008B81DF393E974B37DE71BA6F26DE79F63E8F5DED51
.pubmatic.com/	1970-01-20 16:08:35	Name: chkChromeAb67Sec Value: 1
.pubmatic.com/	1970-01-20 14:00:25	Name: pi Value: 159110:3
.pubmatic.com/	1970-01-20 16:08:35	Name: DPSync3 Value: 1693094400%3A201_263%7C1691971200%3A248%7C1692489600%3A265
.pubmatic.com/	1970-01-20 16:08:35	Name: SyncRTB3 Value: 1692489600%3A15_2_223%7C1693180800%3A35%7C1693094400%3A13_54_71_48_22_250_231_176_3_165_104_5_233_240_249_220_166_178_56_234_21_46_8_55%7C1694476800%3A224%7C1692748800%3A63
.cpx.to/	1970-01-20 22:44:35	Name: dsp_OPENX Value: b80f76bf-f718-452e-92d2-ea3ba4d69b13#1691939518551
.cpx.to/	1970-01-20 22:44:35	Name: dsp_pubmatic Value: BA12448F-1D22-4062-9B28-A1543353816D#1691939518553
.id5-sync.com/	1970-01-20 13:58:59	Name: cf Value: gif
.id5-sync.com/	1970-01-20 13:58:59	Name: cip Value: 12
.id5-sync.com/	1970-01-20 13:58:59	Name: gdpr Value: 0\|
.quantserve.com/	1970-01-20 16:08:35	Name: d Value: ELABCwHZKfijAA
.bidswitch.net/	1970-01-20 22:44:35	Name: tuuid Value: 488c4b8a-6ee0-4999-9297-5c3162e6879c
.bidswitch.net/	1970-01-20 22:44:35	Name: c Value: 1691939518
.bidswitch.net/	1970-01-20 22:44:35	Name: tuuid_lu Value: 1691939518
.dotomi.com/	1970-01-20 13:58:59	Name: DotomiTest Value: 6d2700641f621cf
.pubmatic.com/	1970-01-20 16:08:35	Name: KRTBCOOKIE_153 Value: 1923-Fg_7mEYJ_cUNDa_FGAqymBcI_pUNX_uUQw1FFfTR&KRTB&19420-Fg_7mEYJ_cUNDa_FGAqymBcI_pUNX_uUQw1FFfTR&KRTB&22979-Fg_7mEYJ_cUNDa_FGAqymBcI_pUNX_uUQw1FFfTR&KRTB&23403-Fg_7mEYJ_cUNDa_FGAqymBcI_pUNX_uUQw1FFfTR
.everesttech.net/	1970-01-20 22:44:35	Name: everest_g_v2 Value: g_surferid~ZNjyvgAIRDL-mwA_
.amazon-adsystem.com/	1970-01-20 19:33:04	Name: ad-id Value: A0T_Mp3si0dcjC2NS8zWQH4
.amazon-adsystem.com/	1970-01-20 23:34:59	Name: ad-privacy Value: 0
.rfihub.com/	1970-01-20 23:20:35	Name: rud Value: H4sIAAAAAAAA_-MSNrIwNDAwNjWwsDQyMzA3tzQwNhbiM9TN9vIrNM5zNk9KNfQEACLhAKclAAAA
.rfihub.com/	1970-01-20 23:20:35	Name: eud Value: H4sIAAAAAAAA_9vEyGtoZmloaWxpamhhbmEEAN1dPIoQAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNrIwNDAwNjWwsDQyMzA3tzQwNhbiM9TN9vIrNM5zNk9KNfQEACLhAKclAAAA
.analytics.yahoo.com/	1970-01-20 22:44:35	Name: IDSYNC Value: 18z8~2dbr
.adsrvr.org/	1970-01-20 22:46:01	Name: TDCPM Value: CAESFAoFdGFwYWQSCwjU6uO_tYaOPBAFGAEgASgCMgsI1OLm7MuGjjwQBTgBWgV0YXBhZGAC
.deepintent.com/	1970-01-20 23:34:59	Name: CDIUSER Value: di_f24bc6381c41446f8f93f
.pubmatic.com/	1970-01-20 16:08:35	Name: KRTBCOOKIE_80 Value: 22987-CAESEC4CqhwaxDA5cxFmJwwYGuI&KRTB&23025-CAESEC4CqhwaxDA5cxFmJwwYGuI&KRTB&23386-CAESEC4CqhwaxDA5cxFmJwwYGuI
.simpli.fi/	1970-01-20 22:46:01	Name: suid Value: 3BA769B9D40642FEA3A6F36CE46A5C16
.3lift.com/	1970-01-20 16:08:35	Name: tluid Value: 3631316727278183149536
.mxptint.net/	1970-01-20 23:34:59	Name: mxpim Value: R33647_10759C0CD_4F251E98.1.000000000000000064D8F2BE
.pubmatic.com/	1970-01-20 16:08:35	Name: KRTBCOOKIE_18 Value: 22947-2810035089260779033
.adgrx.com/	1970-01-20 23:27:47	Name: ADGRX_UID Value: bf8500dc-39eb-11ee-93b9-a76bb9251871
.4dex.io/	1970-01-20 15:25:23	Name: uids Value: eyJzeW5jcyI6eyIzM2Fjcm9zcyI6IjIwMjMtMDgtMTNUMTU6MTE6NTcuODk3NzI4MjM1WiIsImFwcG5leHVzIjoiMjAyMy0wOC0xM1QxNToxMTo1Ny44OTc3NTA1ODNaIiwiZXBsYW5uaW5nIjoiMjAyMy0wOC0xM1QxNToxMTo1Ny44OTc3Mzg5MTVaIiwiZnJlZXdoZWVsIjoiMjAyMy0wOC0xM1QxNToxMTo1Ny44OTc3NTc2MTVaIiwiaW1wcm92ZWRpZ2l0YWwiOiIyMDIzLTA4LTEzVDE1OjExOjU3Ljg5Nzc2MTM5M1oiLCJpbmRleGV4Y2hhbmdlIjoiMjAyMy0wOC0xM1QxNToxMTo1Ny44OTc3MTU5NTRaIiwib25ldGFnIjoiMjAyMy0wOC0xM1QxNToxMTo1Ny44OTc3NjcwN1oiLCJvcGVueCI6IjIwMjMtMDgtMTNUMTU6MTE6NTcuODk3NzMzOTY4WiIsInB1Ym1hdGljIjoiMjAyMy0wOC0xM1QxNToxMTo1Ny44OTc3MDY4NTFaIiwicnViaWNvbiI6IjIwMjMtMDgtMTNUMTU6MTE6NTcuODk3NzExNDM2WiIsInNtYXJ0IjoiMjAyMy0wOC0xM1QxNToxMTo1Ny44OTc3NjAxNDhaIiwic292cm4iOiIyMDIzLTA4LTEzVDE1OjExOjU3Ljg5Nzc0NTg4NVoiLCJ0cmlwbGVsaWZ0IjoiMjAyMy0wOC0xM1QxNToxMTo1Ny44OTc3NTQ3OTNaIiwidW5ydWx5IjoiMjAyMy0wOC0xM1QxNToxMTo1Ny44OTc3NDE3OTNaIiwieWFob28iOiIyMDIzLTA4LTEzVDE1OjExOjU3Ljg5NzcxMzkxM1oifSwidWlkcyI6eyJhZGFnaW8iOnsidWlkIjoiY2FhYzNlNjgtZTQ0Yi00ZTcyLTkxMDItMTgwMjNlNTAxNzkwIiwiZXhwaXJlcyI6IjIwMjMtMTAtMTJUMTU6MTE6NTcuODk3MzYyNzUzWiJ9LCJwdWJtYXRpYyI6eyJ1aWQiOiJCQTEyNDQ4Ri0xRDIyLTQwNjItOUIyOC1BMTU0MzM1MzgxNkQiLCJleHBpcmVzIjoiMjAyMy0xMC0xMlQxNToxMTo1OC44Mjk4NzIzNjlaIn19LCJiZGF5IjoiMjAyMy0wOC0xM1QxNToxMTo1Ny44OTczMDk1NzhaIn0=
.pubmatic.com/	1970-01-20 16:08:35	Name: KRTBCOOKIE_377 Value: 6810-da3ab128-f94b-43f1-82e9-f56755dda26c&KRTB&22918-da3ab128-f94b-43f1-82e9-f56755dda26c&KRTB&23031-da3ab128-f94b-43f1-82e9-f56755dda26c
.pubmatic.com/	1970-01-20 16:08:35	Name: KRTBCOOKIE_32 Value: 11175-AAALrw4daJ3MyQNECN_8AAAAAAA&KRTB&22713-AAALrw4daJ3MyQNECN_8AAAAAAA&KRTB&22715-AAALrw4daJ3MyQNECN_8AAAAAAA
.pubmatic.com/	1970-01-20 16:08:35	Name: KRTBCOOKIE_57 Value: 22776-1976874031801194826&KRTB&23339-1976874031801194826
.yahoo.com/	1970-01-20 22:44:57	Name: A3 Value: d=AQABBL7y2GQCED8tmF2yDttRST9aw4opiCEFEgEBAQFE2mTiZAAAAAAA_eMAAA&S=AQAAArOFCk29vparpI7RRw9He-k
.pubmatic.com/	1970-01-20 14:42:11	Name: KRTBCOOKIE_148 Value: 19421-uid:3BA769B9D40642FEA3A6F36CE46A5C16&KRTB&23489-uid:3BA769B9D40642FEA3A6F36CE46A5C16
.tapad.com/	1970-01-20 15:25:23	Name: TapAd_3WAY_SYNCS Value: 1!5415
sync.srv.stackadapt.com/	1970-01-20 22:44:35	Name: sa-user-id Value: s%3A0-458f7af7-0622-5c06-5160-a9cf5c3223b7.h%2BGYhbSR%2B7cGF7FyutkgxDFXDT%2FViNpY0%2F4JKsn%2BuIM
.srv.stackadapt.com/	1970-01-20 22:44:35	Name: sa-user-id Value: s%3A0-458f7af7-0622-5c06-5160-a9cf5c3223b7.h%2BGYhbSR%2B7cGF7FyutkgxDFXDT%2FViNpY0%2F4JKsn%2BuIM
sync.srv.stackadapt.com/	1970-01-20 22:44:35	Name: sa-user-id-v2 Value: s%3ARY969wYiXAZRYKnPXDIjt6dYB6M.oS%2BXmVRvQ8vLinVfSLZBYUjNPCXyk2LsWbZtgvdQQb8
.srv.stackadapt.com/	1970-01-20 22:44:35	Name: sa-user-id-v2 Value: s%3ARY969wYiXAZRYKnPXDIjt6dYB6M.oS%2BXmVRvQ8vLinVfSLZBYUjNPCXyk2LsWbZtgvdQQb8
sync.srv.stackadapt.com/	1970-01-20 22:44:35	Name: sa-user-id-v3 Value: s%3AAQAKIGeltNNeu7ZbBuxRLlNXrskzalHiqN9GjBfO5RXvAQaREHwYBCC-5eOmBjABOgShleyOQgSG7CgE.hyens2SFVIMJntPy7b%2FmGJ3Q0DKzpqprPqXGuJLKMEA
.srv.stackadapt.com/	1970-01-20 22:44:35	Name: sa-user-id-v3 Value: s%3AAQAKIGeltNNeu7ZbBuxRLlNXrskzalHiqN9GjBfO5RXvAQaREHwYBCC-5eOmBjABOgShleyOQgSG7CgE.hyens2SFVIMJntPy7b%2FmGJ3Q0DKzpqprPqXGuJLKMEA
.turn.com/	1970-01-20 18:18:11	Name: uid Value: 3951097677470504236
.id5-sync.com/	1970-01-20 16:08:35	Name: 3pi Value: 2#1691939517910#-374936503#1976874031801194826\|264#1691939518827#1385980265#da3ab128-f94b-43f1-82e9-f56755dda26c\|108#1691939518635#1352525915
.id5-sync.com/	1970-01-20 13:58:59	Name: cnac Value: 5
.id5-sync.com/	1970-01-20 13:58:59	Name: car Value: 5
.adgrx.com/	1970-01-20 14:00:25	Name: ADGRX_CM_PUBMATIC_BRIDGED Value: 1
.bidr.io/	1970-01-20 23:27:33	Name: bito Value: AADPCk7JseUAACiMSzHjWw
.bidr.io/	1970-01-20 23:27:33	Name: bitoIsSecure Value: ok
.w55c.net/	1970-01-20 23:30:40	Name: wfivefivec Value: 7KszehaQ1QvcL45
.ipredictive.com/	1970-01-20 22:44:35	Name: cu Value: 50f2c53a-7abb-4cfa-8e85-7c39afec7468\|1691939518885
.pubmatic.com/	1970-01-20 14:42:11	Name: KRTBCOOKIE_52 Value: 22772-R33647_10759C0CD_4F251E98&KRTB&23092-R33647_10759C0CD_4F251E98
.pubmatic.com/	1970-01-20 14:42:11	Name: PugT Value: 1691939518
.tribalfusion.com/	1970-01-20 16:08:35	Name: ANON_ID Value: aYntuJyKalHobWm8ZaCyPsMeXP4THaaoPxZdcZbb7yaUcwHYe0dXASsuWucJVKZam3p1UKjgRZaZby5rySrQGUgqL0vBmD
.pubmatic.com/	1970-01-20 14:42:11	Name: KRTBCOOKIE_22 Value: 14911-3951097677470504236&KRTB&23150-3951097677470504236
.pubmatic.com/	1970-01-20 16:08:35	Name: KRTBCOOKIE_860 Value: 16335-RY969wYiXAZRYKnPXDIjt6dYB6M&KRTB&23334-RY969wYiXAZRYKnPXDIjt6dYB6M&KRTB&23417-RY969wYiXAZRYKnPXDIjt6dYB6M&KRTB&23426-RY969wYiXAZRYKnPXDIjt6dYB6M
.bidr.io/	1970-01-20 13:59:00	Name: checkForPermission Value: ok
.pubmatic.com/	1970-01-20 16:08:35	Name: KRTBCOOKIE_1003 Value: 22761-bf8500dc-39eb-11ee-93b9-a76bb9251871&KRTB&23275-bf8500dc-39eb-11ee-93b9-a76bb9251871
.acuityplatform.com/	1970-01-20 22:44:35	Name: auid Value: 813369252622
.acuityplatform.com/	1970-01-20 22:44:35	Name: aum Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANvqNdXNlck1hdGNoaW5nSWTMkWxhc3REcm9wVGltZU1pbGxpcyUBRHtuQ06YmGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUR7bkNOmI90aGlyZFBhcnR5VXNlcklkIfv7hnZlcnNpb27C+w=="
.w55c.net/	1970-01-20 14:42:11	Name: matchpubmatic Value: 5
.pubmatic.com/	1970-01-20 14:42:11	Name: KRTBCOOKIE_279 Value: 22890-50f2c53a-7abb-4cfa-8e85-7c39afec7468&KRTB&23011-50f2c53a-7abb-4cfa-8e85-7c39afec7468&KRTB&23355-50f2c53a-7abb-4cfa-8e85-7c39afec7468
.pubmatic.com/	1970-01-20 14:42:11	Name: SPugT Value: 1691939518
.pubmatic.com/	1970-01-20 16:08:35	Name: KRTBCOOKIE_1278 Value: 23329-049d1044-e97b-4975-be7d-14e19f14260a&KRTB&23340-049d1044-e97b-4975-be7d-14e19f14260a&KRTB&23498-049d1044-e97b-4975-be7d-14e19f14260a
.pubmatic.com/	1970-01-20 16:08:35	Name: KRTBCOOKIE_1305 Value: 23408-BA12448F-1D22-4062-9B28-A1543353816D&KRTB&23413-BA12448F-1D22-4062-9B28-A1543353816D&KRTB&23479-BA12448F-1D22-4062-9B28-A1543353816D&KRTB&23505-BA12448F-1D22-4062-9B28-A1543353816D

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
deprecation	warning	URL: https://urlz.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Message: Listener added for a synchronous 'DOMNodeRemoved' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
network	error	URL: https://www.jrodakake.xpkzqpcwif.top/style/fonts/notosanscjkjp-regular_subset.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.jrodakake.xpkzqpcwif.top/style/fonts/notosanscjkjp-bold_subset.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%20BA12448F-1D22-4062-9B28-A1543353816D&rnd=RND Message: Failed to load resource: the server responded with a status of 403 (Forbidden)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ad.360yield.com
ad.mrtnsvr.com
ad.turn.com
ads.betweendigital.com
ads.pubmatic.com
ads.servenobid.com
ads.themoneytizer.com
adtrack.adleadevent.com
ajax.googleapis.com
apis.cmp.quantcast.com
b1h.zemanta.com
beacon.lynx.cognitivlabs.com
bh.contextweb.com
bid.missena.io
bidder.criteo.com
c.tmyzer.com
c1.adform.net
cadmus.script.ac
cdn.taboola.com
ced-ns.sascdn.com
ced.sascdn.com
cm.adgrx.com
cm.g.doubleclick.net
cmp.quantcast.com
cms.quantserve.com
csync.loopme.me
d2zur9cc2gf1tx.cloudfront.net
dis.criteo.com
dsp.adkernel.com
eb2.3lift.com
engine.bliink.io
eus.rubiconproject.com
fastlane.rubiconproject.com
gum.criteo.com
hb-api.omnitagjs.com
ib.adnxs.com
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
kvt.sddan.com
lb.eu-1-id5-sync.com
match.adsrvr.org
match.deepintent.com
mp.4dex.io
mug.criteo.com
mwzeom.zeotap.com
onetag-sys.com
p.cpx.to
p.rfihub.com
pbjs.e-planning.net
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pmp.mxptint.net
pr-bh.ybp.yahoo.com
pre.ads.justpremium.com
prebid-match.dotomi.com
prebid-us.creativecdn.com
prebid.smilewanted.com
ps.eyeota.net
pubmatic-match.dotomi.com
rtb.adentifi.com
rtb2-useast.marketiq.com
rules.quantcount.com
s.amazon-adsystem.com
s.cpx.to
s.tribalfusion.com
script.4dex.io
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
simage2.pubmatic.com
spl.zeotap.com
ssbsync-global.smartadserver.com
sync-tm.everesttech.net
sync.ipredictive.com
sync.mathtag.com
sync.srv.stackadapt.com
sync.technoratimedia.com
tag.leadplace.fr
u.4dex.io
u.openx.net
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
urlz.fr
us01.z.antigena.com
www.google-analytics.com
www.googletagmanager.com
www.jrodakake.xpkzqpcwif.top
x.bidswitch.net
cdn.taboola.com
ced-ns.sascdn.com
eus.rubiconproject.com
ps.eyeota.net
sync.technoratimedia.com
104.117.182.17
104.22.68.131
142.251.35.162
145.239.192.166
151.101.1.44
151.101.66.49
155.94.138.49
162.19.138.117
162.19.138.119
162.248.18.32
162.248.18.37
172.98.26.245
173.231.178.77
174.137.133.49
185.167.164.49
185.184.10.30
195.244.31.11
198.148.27.131
199.38.167.131
207.198.113.89
213.19.162.90
23.105.12.171
23.52.162.21
23.54.68.197
2600:1f18:4e9:5a07:25d3:b867:be5a:94f0
2600:9000:21dd:2200:6:44e3:f8c0:93a1
2600:9000:2305:9000:9:46dc:4700:93a1
2602:803:c002:300::98
2604:9e00:1:129::2:a01
2606:4700:10::6816:1857
2606:4700:20::ac43:4bf1
2606:4700:3038::6815:ead6
2606:4700::6812:1691
2606:4700::6812:19ad
2606:4700::6812:372
2606:ae80:1451:14::1080
2607:f8b0:4006:80c::200e
2607:f8b0:4006:816::200a
2607:f8b0:4006:821::2008
2620:100:a001::18
2620:100:a001::c
2620:112:f002:bbbb::21
2620:116:800b:21:c1e8:5385:5098:6bf0
2a02:6ea0:c400::12
3.223.12.17
3.225.131.246
3.225.218.10
34.102.163.6
34.111.113.62
34.149.40.38
34.202.151.41
34.98.64.218
35.205.65.172
35.211.178.172
35.214.128.248
35.236.220.17
38.91.45.7
38.98.69.175
40.76.134.238
51.15.145.115
51.222.39.184
52.206.114.15
52.22.181.173
52.223.22.214
52.223.40.198
52.46.128.147
52.5.225.244
52.9.22.152
54.156.100.188
54.159.4.118
54.171.14.125
54.192.100.71
54.225.185.242
54.229.255.191
54.38.64.100
54.77.129.231
68.67.160.75
69.173.151.100
69.90.254.78
70.42.32.191
72.247.65.83
74.119.119.139
74.119.119.150
74.121.140.211
8.28.7.81
8.28.7.83
8.28.7.84
96.46.183.20
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
014edf76c87a8bc4405649863eef93661f1170047e9e4251e2943a5c39830052
090deb2711fb7ebc3bea8e07c25859e296d23b7873aee53850e929131f0a0760
09d7340bfb3af7a5cd9534b30a47cd211ea4e84fc68445362b192266bfd11cb4
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c016367631762ed0b30769fd83a41477f42ee0a55507834e7cdec95ac57b4c6
101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
19037f548c23b16f66ac2e1cede1fe5bdc253589a37bd985334ca3adedd110dc
1b3779937ef663c0ae9e8aefad3e853115d01af64df5fba316dbe8ce4552b52e
1cc6de1a4f6a561a6aa75d08bae33388b2e8905d01753aa41e4886a466d7c28c
1ce565f0c1e44d628f7f034bcef748eee75588be549ef25aa3b4433a8c647b9a
24d8df0f367eb762e82f042c908a31e297b24f58152828ecd9e663fb29b0fa47
253dbb7cdf8b323dd7701b955a3557228e07163d34c34a09844928005b2107dd
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
2f0a5a712904a1cd2cedad5ffba9e7fd1e93109313ca1ed0858cb33bed91e0ee
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
356bda8af8361101bd09918fee6210b128e483e783da524fa6c96532492309ab
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f7c549cfacde11c4129c09b1908d106126d823682cc758f70fc046638d7746b
4269abba537698a6c9c5b33eb352ec4e64a3d5e5895fbd396729e0fec3056479
4308a3125e059daf51638b5349fc899abd511f066d5c94015653be84e2e1f2db
46e88e046c7b0280977db49b01afb130893a58e4be04ecbbdf641b71c479076c
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
51fe35f9f293d0af74764de6035eaa1d0a3f04de69998dcdbb31e93a73eafdcf
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
559ffc5fa5eadd77f8bfaaeb793648763e312a17391d8e6bbb7d8d3dec2147e1
5d2faa51bcb0191ca5517403a2503f22ab76fedfb72f97ba13b3dfd8a5e443b2
5fc10bbbcc753496c96ded68070115edc94354a2f09a05c68bed5bfd0d929ad5
5fe45a5294d176649ee3ed20e1d775c3c3195dfbf1f46f9eb743d4f52819e691
64934a315109e8fbd8ddfe3050612daf5bb93eb2cb0cb87ca2d4593d0892622c
65215fa35c6eec01983fe1084e92ff08d056dae29c2fdbd5faca0cdd5dacf98a
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
69cd3575e99cc3ae3b5f8b94ec35620146c342126204aadf1586c5deabac1fad
6a235134240f74c0188e2537f077b8b9c6884cade82ff5bd83cc887f4e007401
6b6805e990d1063ebbf30e49162bf04f8ec247ffa96e1872e4b0d8d3f7e3a02f
6b6b68f34eac478d606f60c75c96be7852a1cec9c30a772becb6846a8858bb9d
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
77308d23089ea30865a8f8c11f1752f7b577575581a2936cb4fd63d779eeedf7
773ef390c0650fce7fe2832f5427c428f943a630c21f166a316384937006720f
80fccb00db57a177d26368cda09f8a540cf1aa641b8b6837047e86d3bd8d6333
8390bd7de281c9f9f71e063b6f7ef73b02297c9fa9e971fd7b1bbbdee423048e
8e4d01ee0450f9f5e21ea7178dd0aad676fcebf6808a1a550fddc686fba02542
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9ac326567f7dfc52fa51036998578def642d6fab1a56dab6c43aee79a1fdae30
9ad0bc30b41dd6ad00fe80dec7dd49ebe4518cb3902da37343eb972652d63727
9d6941be30ffc5f9a8b0d95dd5dd823e408519818d8df064d24bada85593dba2
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a5cca0ff41f5c68f1b8e071348142ee332b8d3c237f4d5188662ce9a4bb15703
a61e7d1e8802479df737a19888beab540ba1985cb8ae548472bfc5c68057d495
a72baa0c1d82bdc8930d5e2698d3ef2173094bd40ef2d157e6b3e49fab07ba44
a8988a04ec995488af6d03356fcab0bc3d5c14296a3bd62513dd7b5a59bc0ad8
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213
b5e82d60c071941ad46542c23572859a785c30717e99f6d39337ce4e1df68c5c
ba4924716ed0580ae30f974eebb97421a2c10c1e2cf61e8ad60fcd39d8fbca30
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bdd84e5ef5aa059a934dc05de1d463e3d1d875727859f301a940426c16e805d8
c0df6138992189efffefdbe9173df743253fecb3f07ffeae59a5296597680667
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2b6805cadd71458bbf7a43c24c2017bf10ceee556c2858c8c61c43e94d8b991
c3c06cab11490cda8fa71c1fb7b633367a8065180a6fab532500f647bf248e29
c6c23411a9fa7eb2bc546e6269c8243b2efc179dbe9dcedafc141d03057375ec
ca039c9541f1a5f8eb157df578e50664f9e775b18c6a3ff4e9fca87701e93557
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d00deb3cb4bd4a704f07265f83ef42c8db85db723ce9e07a53c17946c0287978
d01d7e89b4d641722a6ee3361a74140f0271768fa9c0fb75168cc1f3dc90ad09
d4d96a513c50320d375f5cb8c1c4f52d6ba868b6ffafec5f451deb8dc9ef05f4
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e12f56843fbebea202d5581fb141fe7f3ed2c82e7f5b03b9e0df95ca71a1ebf0
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5014bac0fa3e49a6eab8b146d9d57d5ef82b624aa3593900ce1cac72cb97882
e918e110b6e7e8c5ada678baab1d10bcf4f24d149943804b0b31363ccd976b7a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f252234692e20fc59f19c15d98dfe7dca13a04437e8c1edbabf9f023118518f6
f32ac72b33743b0a8fcf63463ab1859bc72d25ebe3c02e8249c10420b8ed2a06
f6563ac04ade0d9f3a00521865e0be2931c810eece342b69746a85ac68624536
fb97da93c75a648f12e8517fb7cf5f6624b5181f375f0ae610018b99b0afb3c1
feaf918260f09310fedd12c8080b54e183ea6a81a1e44059c1c5c25c06142b64

urlz.fr Open in urlscan Pro 2606:4700:3038::6815:ead6 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

176 Requests

80 %HTTPS

23 %IPv6

73 Domains

97 Subdomains

70 IPs

9 Countries

1499 kBTransfer

5378 kBSize

113 Cookies

0 Outgoing links

Redirected requests

176 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

urlz.fr Open in urlscan Pro
2606:4700:3038::6815:ead6 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

176
Requests

80 %
HTTPS

23 %
IPv6

73
Domains

97
Subdomains

70
IPs

9
Countries

1499 kB
Transfer

5378 kB
Size

113
Cookies

176 HTTP transactions
0 data transactions