urlscan.io logo urlscan.io
SecurityTrails logo

line-seguro-com.umbler.net Open in urlscan Pro
177.55.116.74  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://urlz.fr/bGAO
Effective URL: https://line-seguro-com.umbler.net/
Submission: On February 14 via api from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 37 IPs in 9 countries across 33 domains to perform 62 HTTP transactions. The main IP is 177.55.116.74, located in Brazil and belongs to RedeHost Internet Ltda., BR. The main domain is line-seguro-com.umbler.net.
TLS certificate: Issued by RapidSSL TLS RSA CA G1 on April 18th 2018. Valid for: 2 years.
This is the only time line-seguro-com.umbler.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Banco Itau (Banking)

Domain & IP information

IP Address AS Autonomous System
1 2 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
9 177.55.116.74 53057 (RedeHost ...)
8 151.139.241.23 33438 (HIGHWINDS2)
1 145.239.193.145 16276 (OVH)
2 51.89.9.252 16276 (OVH)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 74.214.194.132 59940 (PULSEPOIN...)
1 13.224.196.86 16509 (AMAZON-02)
1 2 185.86.137.17 201081 (SMARTADSE...)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2a02:2638::1c 44788 (ASN-CRITE...)
2 145.239.192.166 16276 (OVH)
1 91.228.74.251 27281 (QUANTCAST)
1 143.204.98.13 16509 (AMAZON-02)
3 5.179.192.20 34235 (ASPSERVEU...)
1 94.23.196.203 16276 (OVH)
3 52.214.1.180 16509 (AMAZON-02)
1 2600:9000:215... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 91.228.74.244 27281 (QUANTCAST)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 178.250.2.152 44788 (ASN-CRITE...)
1 3 52.58.57.174 16509 (AMAZON-02)
1 69.173.144.143 26667 (RUBICONPR...)
1 185.33.223.197 29990 (ASN-APPNEX)
1 1 172.217.22.2 15169 (GOOGLE)
1 104.16.92.60 13335 (CLOUDFLAR...)
2 2 185.33.223.100 29990 (ASN-APPNEX)
1 2600:9000:21f... 16509 (AMAZON-02)
1 54.246.118.35 16509 (AMAZON-02)
1 54.38.64.100 16276 (OVH)
1 151.101.13.194 54113 (FASTLY)
1 37.157.6.246 198622 (ADFORM)
1 69.173.144.155 26667 (RUBICONPR...)
1 37.157.2.247 198622 (ADFORM)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
62 37
2    2606:4700:3038::681f:bb2 (United States)

ASN13335 (CLOUDFLARENET, US)
urlz.fr
1    2606:4700::6811:4104 (United States)

ASN13335 (CLOUDFLARENET, US)
ajax.cloudflare.com
9    177.55.116.74 (Brazil)

ASN53057 (RedeHost Internet Ltda., BR)
line-seguro-com.umbler.net
8    151.139.241.23 (Dallas, United States)

ASN33438 (HIGHWINDS2, US)
ads.themoneytizer.com
1    145.239.193.145 (France)

ASN16276 (OVH, FR)
g.themoneytizer.net
2    51.89.9.252 (Germany)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu
onetag-sys.com
1    2606:4700:10::6814:8238 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
1    74.214.194.132 (Amsterdam, Netherlands)

ASN59940 (PULSEPOINT-EU, NL)
tag.contextweb.com
1    13.224.196.86 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-196-86.fra2.r.cloudfront.net
p.cpx.to
2    185.86.137.17 (France)

ASN201081 (SMARTADSERVER, FR)
ww1097.smartadserver.com
1    2a02:26f0:6c00::210:ba29 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
ced-ns.sascdn.com
1    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    145.239.192.166 (France)

ASN16276 (OVH, FR)
tag.leadplace.fr
1    91.228.74.251 (United Kingdom)

ASN27281 (QUANTCAST, US)
secure.quantserve.com
1    143.204.98.13 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-13.fra50.r.cloudfront.net
d2zur9cc2gf1tx.cloudfront.net
3    5.179.192.20 (Paris, France)

ASN34235 (ASPSERVEUR-AS, FR)
PTR: 5-179-192-20.dynamixhost.net
player.pepsia.com
1    94.23.196.203 (France)

ASN16276 (OVH, FR)
PTR: serveur8.wilsoftech.com
www.noowho.com
3    52.214.1.180 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-1-180.eu-west-1.compute.amazonaws.com
s.cpx.to
1    2600:9000:2156:5800:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    91.228.74.244 (United Kingdom)

ASN27281 (QUANTCAST, US)
pixel.quantserve.com
2    2606:4700:3037::681c:102a (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
1    178.250.2.152 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
3    52.58.57.174 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-57-174.eu-central-1.compute.amazonaws.com
ice.360yield.com
1    69.173.144.143 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    185.33.223.197 (Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 302.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
1    172.217.22.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s14-in-f2.1e100.net
cm.g.doubleclick.net
1    104.16.92.60 (United States)

ASN13335 (CLOUDFLARENET, US)
dmp.truoptik.com
2    185.33.223.100 (Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 373.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com
1    2600:9000:21f3:6000:c:a9b7:ddc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
c.sharethis.mgr.consensu.org
1    54.246.118.35 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-246-118-35.eu-west-1.compute.amazonaws.com
adtrack.adleadevent.com
1    54.38.64.100 (France)

ASN16276 (OVH, FR)
c.tmyzer.com
1    151.101.13.194 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
clarium.global.ssl.fastly.net
1    37.157.6.246 (Denmark)

ASN198622 (ADFORM, DK)
track.adform.net
1    69.173.144.155 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
beacon-eu2.rubiconproject.com
1    37.157.2.247 (Denmark)

ASN198622 (ADFORM, DK)
s1.adform.net
1    2a00:1450:4001:820::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:819::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
9 umbler.net
line-seguro-com.umbler.net
72 KB
8 themoneytizer.com
ads.themoneytizer.com
190 KB
4 cpx.to
p.cpx.to
s.cpx.to
5 KB
3 adnxs.com
ib.adnxs.com
secure.adnxs.com
3 KB
3 360yield.com
ice.360yield.com
4 KB
3 pepsia.com
player.pepsia.com
40 KB
2 adform.net
track.adform.net
s1.adform.net
24 KB
2 rubiconproject.com
fastlane.rubiconproject.com
beacon-eu2.rubiconproject.com
3 KB
2 4dex.io
script.4dex.io
18 KB
2 googleapis.com
ajax.googleapis.com
fonts.googleapis.com
30 KB
2 quantserve.com
secure.quantserve.com
pixel.quantserve.com
7 KB
2 leadplace.fr
tag.leadplace.fr
3 KB
2 criteo.com
gum.criteo.com
bidder.criteo.com
486 B
2 smartadserver.com
ww1097.smartadserver.com
2 KB
2 onetag-sys.com
onetag-sys.com
604 B
2 urlz.fr
urlz.fr
1 KB
1 gstatic.com
fonts.gstatic.com
9 KB
1 fastly.net
clarium.global.ssl.fastly.net
14 KB
1 tmyzer.com
c.tmyzer.com
200 B
1 adleadevent.com
adtrack.adleadevent.com
518 B
1 consensu.org
c.sharethis.mgr.consensu.org
404 B
1 truoptik.com
dmp.truoptik.com
1 doubleclick.net
cm.g.doubleclick.net
151 B
1 quantcount.com
rules.quantcount.com
967 B
1 noowho.com
www.noowho.com
1 KB
1 cloudfront.net
d2zur9cc2gf1tx.cloudfront.net
26 KB
1 sascdn.com
ced-ns.sascdn.com
8 KB
1 contextweb.com
tag.contextweb.com
11 KB
1 zeotap.com
spl.zeotap.com
1 themoneytizer.net
g.themoneytizer.net
200 B
1 cloudflare.com
ajax.cloudflare.com
4 KB
0 clarium.io Failed
protected-by.clarium.io Failed
0 semasio.net Failed
uipglob.semasio.net Failed
62 33
Domain Requested by
9 line-seguro-com.umbler.net urlz.fr
line-seguro-com.umbler.net
8 ads.themoneytizer.com ajax.cloudflare.com
ads.themoneytizer.com
3 ice.360yield.com 1 redirects
3 s.cpx.to p.cpx.to
3 player.pepsia.com urlz.fr
player.pepsia.com
2 secure.adnxs.com 2 redirects
2 script.4dex.io ads.themoneytizer.com
script.4dex.io
2 tag.leadplace.fr ads.themoneytizer.com
2 ww1097.smartadserver.com 1 redirects ads.themoneytizer.com
2 onetag-sys.com ads.themoneytizer.com
2 urlz.fr 1 redirects
1 fonts.gstatic.com line-seguro-com.umbler.net
1 fonts.googleapis.com line-seguro-com.umbler.net
1 s1.adform.net clarium.global.ssl.fastly.net
1 beacon-eu2.rubiconproject.com urlz.fr
1 track.adform.net clarium.global.ssl.fastly.net
1 clarium.global.ssl.fastly.net ads.themoneytizer.com
1 c.tmyzer.com ads.themoneytizer.com
1 adtrack.adleadevent.com ajax.googleapis.com
1 c.sharethis.mgr.consensu.org player.pepsia.com
1 dmp.truoptik.com
1 cm.g.doubleclick.net 1 redirects
1 ib.adnxs.com ads.themoneytizer.com
1 fastlane.rubiconproject.com ads.themoneytizer.com
1 bidder.criteo.com ads.themoneytizer.com
1 pixel.quantserve.com
1 ajax.googleapis.com d2zur9cc2gf1tx.cloudfront.net
1 rules.quantcount.com secure.quantserve.com
1 www.noowho.com
1 d2zur9cc2gf1tx.cloudfront.net ads.themoneytizer.com
1 secure.quantserve.com ads.themoneytizer.com
1 gum.criteo.com ads.themoneytizer.com
1 ced-ns.sascdn.com
1 p.cpx.to ads.themoneytizer.com
1 tag.contextweb.com ads.themoneytizer.com
1 spl.zeotap.com ads.themoneytizer.com
1 g.themoneytizer.net ads.themoneytizer.com
1 ajax.cloudflare.com urlz.fr
0 protected-by.clarium.io Failed urlz.fr
0 uipglob.semasio.net Failed
62 40

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2020-01-29 -
2020-10-09		 8 months crt.sh
ssl412106.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-12-05 -
2020-06-12		 6 months crt.sh
*.umbler.net
RapidSSL TLS RSA CA G1		 2018-04-18 -
2020-04-17		 2 years crt.sh
*.themoneytizer.com
Sectigo RSA Domain Validation Secure Server CA		 2019-02-15 -
2021-02-14		 2 years crt.sh
g.themoneytizer.net
GoGetSSL RSA DV CA		 2019-10-16 -
2022-01-17		 2 years crt.sh
onetag-sys.com
Let's Encrypt Authority X3		 2020-02-10 -
2020-05-10		 3 months crt.sh
ssl828800.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-09-17 -
2020-03-25		 6 months crt.sh
*.contextweb.com
DigiCert SHA2 Secure Server CA		 2018-07-07 -
2020-06-03		 2 years crt.sh
p.cpx.to
Sectigo RSA Domain Validation Secure Server CA		 2020-01-27 -
2021-02-08		 a year crt.sh
*.sascdn.com
DigiCert SHA2 Secure Server CA		 2019-10-17 -
2020-10-16		 a year crt.sh
*.criteo.com
DigiCert ECC Secure Server CA		 2019-12-05 -
2021-04-08		 a year crt.sh
*.leadplace.fr
Gandi Standard SSL CA 2		 2018-09-06 -
2020-09-12		 2 years crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2019-10-04 -
2020-10-07		 a year crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2019-07-17 -
2020-07-05		 a year crt.sh
player.pepsia.com
Let's Encrypt Authority X3		 2020-02-07 -
2020-05-07		 3 months crt.sh
www.noowho.com
Gandi Standard SSL CA 2		 2017-02-07 -
2020-02-07		 3 years crt.sh
s.cpx.to
Sectigo RSA Domain Validation Secure Server CA		 2020-01-27 -
2021-02-08		 a year crt.sh
*.storage.googleapis.com
GTS CA 1O1		 2020-01-29 -
2020-04-22		 3 months crt.sh
sni50822.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2020-01-29 -
2020-08-06		 6 months crt.sh
*.360yield.com
Amazon		 2019-09-24 -
2020-10-24		 a year crt.sh
*.rubiconproject.com
DigiCert SHA2 Secure Server CA		 2019-01-10 -
2021-01-14		 2 years crt.sh
*.adnxs.com
DigiCert ECC Secure Server CA		 2019-01-23 -
2021-03-08		 2 years crt.sh
*.truoptik.com
Go Daddy Secure Certificate Authority - G2		 2018-11-13 -
2020-11-13		 2 years crt.sh
*.sharethis.mgr.consensu.org
Go Daddy Secure Certificate Authority - G2		 2018-05-21 -
2020-05-21		 2 years crt.sh
adtrack.adleadevent.com
Amazon		 2019-06-30 -
2020-07-30		 a year crt.sh
*.smartadserver.com
DigiCert Global CA G2		 2020-02-03 -
2022-02-03		 2 years crt.sh
c.tmyzer.com
Let's Encrypt Authority X3		 2020-02-11 -
2020-05-11		 3 months crt.sh
*.freetls.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2019-12-18 -
2020-12-18		 a year crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA		 2019-09-16 -
2021-09-20		 2 years crt.sh
*.google.com
GTS CA 1O1		 2020-01-21 -
2020-04-14		 3 months crt.sh

This page contains 7 frames:

Primary Page: https://line-seguro-com.umbler.net/
Frame ID: A5F1D0175E7851AD1CA2FA270E27A45E
Requests: 51 HTTP requests in this frame

Frame: https://line-seguro-com.umbler.net/
Frame ID: D2AB3DCE4956C15A8202A51845372125
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1581651918770
Frame ID: 26B4CF236E0556C74148D8ADF2A5987C
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
Frame ID: 73A2DCFCE5D59065A633E6C088911232
Requests: 1 HTTP requests in this frame

Frame: https://line-seguro-com.umbler.net/
Frame ID: 7631C801C172AABDDC23C65668244669
Requests: 1 HTTP requests in this frame

Frame: https://tag.leadplace.fr/wckr.php?nogdpr&id=MTIZ
Frame ID: 870AF52A0FD58666EE2734CA21BB40D3
Requests: 1 HTTP requests in this frame

Frame: https://clarium.global.ssl.fastly.net/?wrapper=kvOrV736ysbL2xjqNpLELG0upfU&tpid=a3ZPclY3MzZ5c2JMMnhqcU5wTEVMRzB1cGZVL3J1Ymljb246MzAweDEwMA%3D%3D&d=eyJ3aCI6ImEzWlBjbFkzTXpaNWMySk1NbmhxY1U1d1RFVk1SekIxY0daVkwzSjFZbWxqYjI0Nk16QXdlREV3TUE9PSIsIndkIjp7ImsiOnsiaGJfYmlkZGVyIjpbInJ1Ymljb24iXSwiaGJfc2l6ZSI6WyIzMDB4MTAwIl19fSwid3IiOjB9
Frame ID: 93778401CACB7540E98E7FF187804320
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://urlz.fr/bGAO HTTP 301
    https://urlz.fr/bGAO Page URL
  2. https://line-seguro-com.umbler.net/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

62
Requests

94 %
HTTPS

29 %
IPv6

33
Domains

40
Subdomains

37
IPs

9
Countries

474 kB
Transfer

1169 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://urlz.fr/bGAO HTTP 301
    https://urlz.fr/bGAO Page URL
  2. https://line-seguro-com.umbler.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://urlz.fr/bGAO HTTP 301
  • https://urlz.fr/bGAO
Request Chain 12
  • https://ww1097.smartadserver.com/config.js?nwid=1097 HTTP 302
  • https://ced-ns.sascdn.com/diff/js/smart.js
Request Chain 21
  • https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/12/0/9/1.gif?gdpr=1&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F8%2F2.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/12/101/8/2.gif?puid=cce80f35-2685-48b3-a697-b3ecd459fd7b&gdpr=1&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=111&partneruserid=ID5-ZHMO0ShxWGx2gRR7UtHDiQPRuGBis8kXOTwBmKamyw&redirurl=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F102%2F7%2F3.gif%3Fpuid%3DSMART_USER_ID%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/12/102/7/3.gif?puid=8028413540633164517&gdpr=1&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F6%2F4.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F6%2F4.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/12/108/6/4.gif?puid=6b7eb8a1-4edc-11ea-9a90-6a22732c5bf3&gdpr=1&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/id5/1/get?_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F112%2F5%2F5.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D1%26gdpr_consent%3D
Request Chain 30
  • https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%22161fe0de8e1e2f2%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Furlz.fr%2FbGAO%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2215056%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22760577a592a217%22%2C%22pid%22%3A%2222124029%22%2C%22tid%22%3A%2237bf81a6-0169-4cf8-bb29-0d0916020d80%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A355%2C%22h%22%3A50%7D%5D%7D%7D%2C%7B%22id%22%3A%22897071e6d1366c%22%2C%22pid%22%3A%221121191%22%2C%22tid%22%3A%2292622292-5e14-45c8-9661-5ca8c067b493%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%5D%7D%7D%5D%7D%7D HTTP 302
  • https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%22161fe0de8e1e2f2%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Furlz.fr%2FbGAO%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2215056%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22760577a592a217%22%2C%22pid%22%3A%2222124029%22%2C%22tid%22%3A%2237bf81a6-0169-4cf8-bb29-0d0916020d80%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A355%2C%22h%22%3A50%7D%5D%7D%7D%2C%7B%22id%22%3A%22897071e6d1366c%22%2C%22pid%22%3A%221121191%22%2C%22tid%22%3A%2292622292-5e14-45c8-9661-5ca8c067b493%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%5D%7D%7D%5D%7D%7D
Request Chain 36
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=188c9da8-7485-48b3-8683-64b037eec2ff HTTP 302
  • https://s.cpx.to/ca.png?dsp=dbm&fid=188c9da8-7485-48b3-8683-64b037eec2ff&google_gid=CAESEL48pNEeIloRo5TDY6mMQ08&google_cver=1
Request Chain 38
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D11528%26ref%3D%26hn_ver%3D10%26fid%3D188c9da8-7485-48b3-8683-64b037eec2ff HTTP 302
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.cpx.to%252Fan_fire%253Fapp_nexus_uid%253D%2524UID%2526pid%253D11528%2526ref%253D%2526hn_ver%253D10%2526fid%253D188c9da8-7485-48b3-8683-64b037eec2ff HTTP 302
  • https://s.cpx.to/an_fire?app_nexus_uid=6894028088014655671&pid=11528&ref=&hn_ver=10&fid=188c9da8-7485-48b3-8683-64b037eec2ff

62 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
bGAO
urlz.fr/
Redirect Chain
  • http://urlz.fr/bGAO
  • https://urlz.fr/bGAO
3 KB
1014 B 		Document
General
Check archive.org
Download Go to
Full URL
https://urlz.fr/bGAO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::681f:bb2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5ad3b80d4bd1b095ca5e744c6c689679f54dfeac7413e01f7f4c6917a6b619a

Request headers

:method
GET
:authority
urlz.fr
:scheme
https
:path
/bGAO
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cfduid=d4fd1d6737499e038ceee2351385d4ac61581651918
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Fri, 14 Feb 2020 03:45:18 GMT
content-type
text/html; charset=UTF-8
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
564c0c6a1c65c795-AMS
content-encoding
br

Redirect headers

Date
Fri, 14 Feb 2020 03:45:18 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d4fd1d6737499e038ceee2351385d4ac61581651918; expires=Sun, 15-Mar-20 03:45:18 GMT; path=/; domain=.urlz.fr; HttpOnly; SameSite=Lax
Location
https://urlz.fr/bGAO
CF-Cache-Status
DYNAMIC
Server
cloudflare
CF-RAY
564c0c69da34d8d1-AMS
rocket-loader.min.js
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Requested by
Host: urlz.fr
URL: https://urlz.fr/bGAO
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://urlz.fr/bGAO
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 14 Feb 2020 03:45:18 GMT
content-encoding
gzip
last-modified
Mon, 10 Feb 2020 15:56:43 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5e417d3b-3016"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=172800, public
strict-transport-security
max-age=15780000; includeSubDomains
cf-ray
564c0c6a9893c769-AMS
alt-svc
h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
expires
Sun, 16 Feb 2020 03:45:18 GMT
/
line-seguro-com.umbler.net/ Frame D2AB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://line-seguro-com.umbler.net/
Requested by
Host: urlz.fr
URL: https://urlz.fr/bGAO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
177.55.116.74 , Brazil, ASN53057 (RedeHost Internet Ltda., BR),
Reverse DNS
Software
Apache / PHP/5.6.30
Resource Hash

Request headers

Host
line-seguro-com.umbler.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Referer
https://urlz.fr/bGAO
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://urlz.fr/bGAO

Response headers

Date
Fri, 14 Feb 2020 03:45:18 GMT
Server
Apache
X-Powered-By
PHP/5.6.30
Cache-Control
max-age=0, no-cache, no-store, must-revalidate
Expires
Wed, 11 Jan 1984 05:00:00 GMT
Vary
Accept-Encoding
Content-Encoding
gzip
Pragma
no-cache
Content-Length
642
Keep-Alive
timeout=5, max=95
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
requestform.js
ads.themoneytizer.com/s/ 		40 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx / PHP/5.4.45
Resource Hash
84eaa82237ec35000e088a062e289442c4c6a88091a99b8febe02dadefa08a8e

Request headers

Referer
https://urlz.fr/bGAO
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 14 Feb 2020 03:45:18 GMT
content-encoding
gzip
server
nginx
x-powered-by
PHP/5.4.45
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
status
200
cache-control
max-age=86400
accept-ranges
bytes
content-length
8940
expires
Sat, 15 Feb 2020 03:45:14 GMT
gen.js
ads.themoneytizer.com/s/ 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/gen.js?type=28
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx / PHP/5.4.45
Resource Hash
cd9634916457bc81c49f64958185b0b9ffdf036068f3c70bca71b5a6e2ba8940

Request headers

Referer
https://urlz.fr/bGAO
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 14 Feb 2020 03:45:18 GMT
server
nginx
x-powered-by
PHP/5.4.45
x-cache
HIT
content-type
text/html; charset=UTF-8
status
200
cache-control
max-age=86400
accept-ranges
bytes
content-length
7695
expires
Sat, 15 Feb 2020 03:44:28 GMT
/
g.themoneytizer.net/g/ 		26 B
200 B 		Script
General
Check archive.org
Download Go to
Full URL
https://g.themoneytizer.net/g/
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=28
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.193.145 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
8c8543047af01eee8aec752d049f35aff3abc468628af82f9585117411786d8c

Request headers

Referer
https://urlz.fr/bGAO
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Fri, 14 Feb 2020 03:45:18 GMT
Server
nginx
X-IPLB-Instance
29820
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
moneyvisibility.js
ads.themoneytizer.com/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/moneyvisibility.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=28
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
22185f510bff003e8504a6bff1759a96e745cb019155405c55fd2263898c6151

Request headers

Referer
https://urlz.fr/bGAO
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 14 Feb 2020 03:45:18 GMT
content-encoding
gzip
last-modified
Wed, 08 Jan 2020 19:01:35 GMT
server
nginx
etag
"779a-30ad-59ba5857e2265"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
status
200
cache-control
max-age=86400
accept-ranges
bytes
content-length
3955
expires
Sat, 15 Feb 2020 03:44:28 GMT
moneybile.js
ads.themoneytizer.com/ 		37 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/moneybile.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=28
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
94666aec361fee9a9294bb32a5bc11867e479d41c199dd6ec8053122ae105a4b

Request headers

Referer
https://urlz.fr/bGAO
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 14 Feb 2020 03:45:18 GMT
content-encoding
gzip
last-modified
Wed, 27 Feb 2019 16:57:00 GMT
server
nginx
etag
"7ff1-9390-582e30fefbc74"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
status
200
cache-control
max-age=86400
accept-ranges
bytes
content-length
15733
expires
Sat, 15 Feb 2020 03:44:53 GMT
/
onetag-sys.com/usync/ Frame 26B4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1581651918770
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=28
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.89.9.252 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?pubId=2a897e3f18e6769&cb=1581651918770
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://urlz.fr/bGAO
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
OTP=d6ApKTip83uFP2-3e7Sf_Jzv3rC9MhF8_aIJ_bLtQKI
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://urlz.fr/bGAO

Response headers

status
200
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
set-cookie
OTP=aMRfYpuW62zds5jKod87DhuDJi8PG2ke38DNFGQ2d9Q; path=/; expires=Sun, 13 Feb 2022 03:45:18; domain=onetag-sys.com; SameSite=None; Secure;
content-type
text/html
expires
Sun, 01-Jan-2034 12:34:56 GMT
cache-control
max-age=2628000,public
content-encoding
gzip
strict-transport-security
max-age=2592000
/
spl.zeotap.com/ Frame 73A2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=28
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:8238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
spl.zeotap.com
:scheme
https
:path
/?env=mWeb&uc=2&zdid=1258&eventType=map
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://urlz.fr/bGAO
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://urlz.fr/bGAO

Response headers

status
200
date
Fri, 14 Feb 2020 03:45:18 GMT
content-type
text/html
set-cookie
__cfduid=d1a3d837e10d741e7372bb49f91efa0091581651918; expires=Sun, 15-Mar-20 03:45:18 GMT; path=/; domain=.zeotap.com; HttpOnly; SameSite=Lax zc=5a644f05-98f0-401e-4dc8-35e7de0f283d; Path=/; Domain=.zeotap.com; Max-Age=315360000; SameSite=None; Secure zc1=5a644f05-98f0-401e-4dc8-35e7de0f283d; Path=/; Domain=.zeotap.com; Max-Age=315360000 zsc=%A7~%8C%C5%04%D1%9D%05y%EC%8A%BB%02%AC%DB%A2%D8P~VT%D2%7Dy%2F%D7%A4F%8B6%19%82%CA4i%01%93%E0g%B9%D08%00%A3%03%E4%2B%95%AD%1Dc%EE%08%D4Gz6D%5D%AF%9Ap%A0%F6%C2%86%13%0C%00%3Et%009%B4%FEg%B6t%AC%D3%A7%19%E5%21e%B82%FD; Path=/; Domain=.zeotap.com; Max-Age=86400; SameSite=None; Secure
access-control-allow-headers
*
access-control-allow-origin
*
via
1.1 google
alt-svc
clear
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
564c0c6c6b23721b-AMS
content-encoding
br
getjs.static.js
tag.contextweb.com/ 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.contextweb.com/getjs.static.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=28
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.214.194.132 Amsterdam, Netherlands, ASN59940 (PULSEPOINT-EU, NL),
Reverse DNS
Software
envoy /
Resource Hash
bf0e17523e8f57ccb02223b6e5adea462a5479afc4e79d9cbf80ca7f6186dc69

Request headers

Referer
https://urlz.fr/bGAO
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 14 Feb 2020 03:45:18 GMT
content-encoding
gzip
server
envoy
etag
d13c8ae45565efb782b52cb7f6a3b3828e3d77a7
p3p
policyref="/TagPublish/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
status
200
cache-control
max-age=432000, public
x-envoy-upstream-service-time
2
content-type
application/x-javascript
content-length
11296
px.js
p.cpx.to/p/11528/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.cpx.to/p/11528/px.js?r=1b92c
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=28
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.196.86 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-196-86.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
759d88dd7c8fa0d1e31323bd2ebf3f238156fdcbd1ed108215f69fece482d0c2

Request headers

Referer
https://urlz.fr/bGAO
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Fri, 07 Feb 2020 22:01:16 GMT
Content-Encoding
UTF-8
Last-Modified
Wed, 10 Oct 2018 10:49:46 GMT
Server
AmazonS3
Age
539043
ETag
"f30057c89bf67afeaf18ceba624fa4b7"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
Cache-Control
max-age=2419200
X-Amz-Cf-Pop
FRA2-C1
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1498
X-Amz-Cf-Id
9zSkpZijFxgOAMzoDTGFjxPtdS0ey8a7yBHqgsI4Tc6DTtT7IuV21A==
smart.js
ced-ns.sascdn.com/diff/js/
Redirect Chain
  • https://ww1097.smartadserver.com/config.js?nwid=1097
  • https://ced-ns.sascdn.com/diff/js/smart.js
24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ced-ns.sascdn.com/diff/js/smart.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba29 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Apache /
Resource Hash
0214d392d4e27028b59a53de3a937de0211ca40bc070387c0d68da05a3d8cc4c

Request headers

Referer
https://urlz.fr/bGAO
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 14 Feb 2020 03:45:18 GMT
Content-Encoding
gzip
Last-Modified
Mon, 27 Jan 2020 10:13:07 GMT
Server
Apache
ETag
"0f11d3e54b5ff26b5828eaa172f1ef2a:1580119987"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8149

Redirect headers

Location
https://ced-ns.sascdn.com/diff/js/smart.js
Date
Fri, 14 Feb 2020 03:45:17 GMT
Cache-Control
private
Content-Length
159
Content-Type
text/html; charset=utf-8
sync
gum.criteo.com/ 		49 B
349 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=28
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://urlz.fr/bGAO
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
server
Microsoft-IIS/10.0
date
Fri, 14 Feb 2020 03:45:18 GMT
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
status
200
cache-control
private, max-age=3600
content-length
165
expires
60
libJsLP.js
tag.leadplace.fr/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.leadplace.fr/libJsLP.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=28
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.192.166 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
90e6f92e956b0b2b6e655f63d36cd44cef727f54c2b2a175ab5144de14ba2a31

Request headers

Referer
https://urlz.fr/bGAO
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Fri, 14 Feb 2020 03:45:18 GMT
Last-Modified
Tue, 27 Nov 2018 14:13:54 GMT
Server
nginx/1.14.2
ETag
"5bfd5122-a72"
X-IPLB-Instance
30196
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
2674
quant.js
secure.quantserve.com/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.251 , United Kingdom, ASN27281 (QUANTCAST, US),
Reverse DNS
Software
QS /
Resource Hash
e8d7c60749c1d62942a8e0a6f901800bd14ff3094251373626cd99a8875c6391
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://urlz.fr/bGAO
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Fri, 14 Feb 2020 03:45:18 GMT
Content-Encoding
gzip
Last-Modified
Fri, 14-Feb-2020 03:45:18 GMT
Server
QS
Etag
M0-56c8c653
Vary
Accept-Encoding
Strict-Transport-Security
max-age=86400
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=604800
Connection
keep-alive
Content-Length
5651
Expires
Fri, 21 Feb 2020 03:45:18 GMT
notifyme.js
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/ 		25 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.98.13 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-13.fra50.r.cloudfront.net
Software
Apache /
Resource Hash
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213

Request headers

Referer
https://urlz.fr/bGAO
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Thu, 13 Feb 2020 19:52:23 GMT
Via
1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
Last-Modified
Mon, 18 Feb 2019 16:54:28 GMT
Server
Apache
Age
96520
X-Cache
Hit from cloudfront
Content-Type
text/javascript
X-Amz-Cf-Pop
FRA50-C1
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25704
X-Amz-Cf-Id
74_PrlvqeQ0g0OoslfP1YpnxsHuxRxvfHDj3VXwGwXWOO04ddcV2CA==
prebid.js
ads.themoneytizer.com/moneybid2_445/build/dist/ 		402 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/moneybid2_445/build/dist/prebid.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
9a399f86e55ebdae4edd1e3ba718bc82009486870a7079f6793d452ba911c2a2

Request headers

Referer
https://urlz.fr/bGAO
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 14 Feb 2020 03:45:18 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 08:55:32 GMT
server
nginx
etag
"3d881-64766-59e4904bdafb3"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
status
200
cache-control
max-age=86400
accept-ranges
bytes
content-length
130952
expires
Sat, 15 Feb 2020 03:44:20 GMT
sdk.js
player.pepsia.com/ 		39 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.pepsia.com/sdk.js?d=17041ccffbf
Requested by
Host: urlz.fr
URL: https://urlz.fr/bGAO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.179.192.20 Paris, France, ASN34235 (ASPSERVEUR-AS, FR),
Reverse DNS
5-179-192-20.dynamixhost.net
Software
nginx /
Resource Hash
83e7227079d44c2e0241e283dbc3b163b21d7ddf589b78645ec0b70e2dba9f57

Request headers

Referer
https://urlz.fr/bGAO
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Fri, 14 Feb 2020 03:45:18 GMT
Last-Modified
Wed, 15 Jan 2020 14:29:42 GMT
Server
nginx
Accept-Ranges
bytes
ETag
"5e1f21d6-9c1b"
Content-Length
39963
Content-Type
application/javascript
/
line-seguro-com.umbler.net/ Frame 7631 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://line-seguro-com.umbler.net/
Requested by
Host: urlz.fr
URL: https://urlz.fr/bGAO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
177.55.116.74 , Brazil, ASN53057 (RedeHost Internet Ltda., BR),
Reverse DNS
Software
Apache / PHP/5.6.30
Resource Hash

Request headers

Host
line-seguro-com.umbler.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Referer
https://urlz.fr/bGAO
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://urlz.fr/bGAO

Response headers

Date
Fri, 14 Feb 2020 03:45:18 GMT
Server
Apache
X-Powered-By
PHP/5.6.30
Cache-Control
max-age=0, no-cache, no-store, must-revalidate
Expires
Wed, 11 Jan 1984 05:00:00 GMT
Vary
Accept-Encoding
Content-Encoding
gzip
Pragma
no-cache
Content-Length
642
Keep-Alive
timeout=5, max=94
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
image.php
www.noowho.com/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.noowho.com/image.php?site=23690713&ref=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.23.196.203 , France, ASN16276 (OVH, FR),
Reverse DNS
serveur8.wilsoftech.com
Software
Apache/2.4.7 (Ubuntu) / PHP/5.5.9-1ubuntu4.22
Resource Hash

Request headers

Referer
https://urlz.fr/bGAO
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Fri, 14 Feb 2020 03:57:16 GMT
Cache-Control
no-store, no-cache, must-revalidate
Server
Apache/2.4.7 (Ubuntu)
Connection
close
X-Powered-By
PHP/5.5.9-1ubuntu4.22
Content-Length
1084
Content-Type
image/gif
get
uipglob.semasio.net/id5/1/
Redirect Chain
  • https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent=
  • https://id5-sync.com/c/12/0/9/1.gif?gdpr=1&gdpr_consent=
  • https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F8%2F2.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/12/101/8/2.gif?puid=cce80f35-2685-48b3-a697-b3ecd459fd7b&gdpr=1&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=111&partneruserid=ID5-ZHMO0ShxWGx2gRR7UtHDiQPRuGBis8kXOTwBmKamyw&redirurl=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F102%2F7%2F3.gif%3Fpuid%3DSMART_U...
  • https://id5-sync.com/c/12/102/7/3.gif?puid=8028413540633164517&gdpr=1&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F6%2F4.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F6%2F4.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/12/108/6/4.gif?puid=6b7eb8a1-4edc-11ea-9a90-6a22732c5bf3&gdpr=1&gdpr_consent=
  • https://uipglob.semasio.net/id5/1/get?_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F112%2F5%2F5.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D1%26gdpr_consent%3D
0
0
fire.js
s.cpx.to/ 		514 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.cpx.to/fire.js?pid=11528&ref=&hn_ver=10&fid=188c9da8-7485-48b3-8683-64b037eec2ff
Requested by
Host: p.cpx.to
URL: https://p.cpx.to/p/11528/px.js?r=1b92c
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.1.180 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-1-180.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a58ef13b7da1cda9135f4db7bb703d5be2162b0aa6335c8c402a959ec9e8e9fd
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://urlz.fr/bGAO
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Fri, 14 Feb 2020 03:45:18 GMT
X-Frame-Options
sameorigin
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Type
application/javascript; charset=UTF-8
Content-Length
514
Expires
Thu, 06 Feb 2020 10:32:53 GMT
rules-p-6Fv0cGNfc_bw8.js
rules.quantcount.com/ 		1 KB
967 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2156:5800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681

Request headers

Referer
https://urlz.fr/bGAO
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 14 Feb 2020 03:01:34 GMT
content-encoding
gzip
last-modified
Mon, 19 Mar 2018 22:28:36 GMT
server
AmazonS3
age
2641
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
status
200
cache-control
max-age=3600
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
U2fp8L-ywG-osF3Arwt8DXN9Id2yWZTMa6hUqwBM-5zXY1-DcNiocg==
via
1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.0.0/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Requested by
Host: d2zur9cc2gf1tx.cloudfront.net
URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://urlz.fr/bGAO
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sat, 01 Feb 2020 04:05:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1121961
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
30186
x-xss-protection
0
last-modified
Tue, 20 Dec 2016 18:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 31 Jan 2021 04:05:57 GMT
pixel;r=1325332119;labels=Categories.hobbiesandinterests;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Furlz.fr%2FbGAO;fpan=1;fpa=P0-1037666074-1581651918810;ns=0;ce=1;qjs=1;qv=0e9a7da-20191205140709;cm=...
pixel.quantserve.com/ 		35 B
658 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1325332119;labels=Categories.hobbiesandinterests;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Furlz.fr%2FbGAO;fpan=1;fpa=P0-1037666074-1581651918810;ns=0;ce=1;qjs=1;qv=0e9a7da-20191205140709;cm=;ref=;je=0;sr=1600x1200x24;enc=n;dst=1;et=1581651918810;tzo=-60;ogl=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.244 , United Kingdom, ASN27281 (QUANTCAST, US),
Reverse DNS
Software
QS /
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://urlz.fr/bGAO
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Pragma
no-cache
Date
Fri, 14 Feb 2020 03:45:18 GMT
Server
QS
Strict-Transport-Security
max-age=86400
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
Cache-Control
private, no-cache, no-store, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
Fri, 04 Aug 1978 12:00:00 GMT
localstore.js
script.4dex.io/ 		450 B
412 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::681c:102a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ca8e213054d163276dedede01f9eaedf3daf414063621030719d3cbde1eca51

Request headers

Referer
https://urlz.fr/bGAO
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 14 Feb 2020 03:45:18 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 10 Feb 2020 14:46:43 GMT
server
cloudflare
age
1526
etag
W/"bfa52622781c173885812009122c3f7c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=1800
cf-ray
564c0c6cadcfd921-AMS
x-amz-request-id
C5770E18C940CAF9
x-amz-id-2
62i7vk5qL68SeSxyzSszrY3/ymxWeihGf0zAvgnVUjjYk+bcFvOxqpU7+3/TWgkv5yiIk9lHs/Y=
moneybid.js
ads.themoneytizer.com/bidder1/ 		75 B
270 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=15056&adid=11&formatid=video&size=desktop&country=undefined
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx / PHP/5.4.45
Resource Hash
649144be1fa79362df36ab951a8b94ba05f5e7f1a484224bf9dc7f333fdb60dd

Request headers

Referer
https://urlz.fr/bGAO
Origin
https://urlz.fr
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 14 Feb 2020 03:45:18 GMT
server
nginx
x-powered-by
PHP/5.4.45
status
200
x-cache
HIT
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
75
expires
Sat, 15 Feb 2020 03:45:17 GMT
moneybid.js
ads.themoneytizer.com/bidder1/ 		631 B
666 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=15056&adid=28&formatid=30012&size=desktop&country=DE
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx / PHP/5.4.45
Resource Hash
87d0504a593794695c2f77db0efde1f65e73a7086abf260f07f491482517cd07

Request headers

Referer
https://urlz.fr/bGAO
Origin
https://urlz.fr
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 14 Feb 2020 03:45:18 GMT
content-encoding
gzip
server
nginx
status
200
x-powered-by
PHP/5.4.45
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
435
expires
Sat, 15 Feb 2020 03:45:18 GMT
cdb
bidder.criteo.com/ 		0
137 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=23&wv=2.44.5&cb=31031775729
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.152 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://urlz.fr/bGAO
Origin
https://urlz.fr
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Fri, 14 Feb 2020 03:45:17 GMT
access-control-allow-credentials
true
server
Finatra
access-control-allow-origin
https://urlz.fr
timing-allow-origin
*
vary
Origin
hb
ice.360yield.com/ul_cb/
Redirect Chain
  • https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%22161fe0de8e1e2f2%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Furlz.fr%2F...
  • https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%22161fe0de8e1e2f2%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Furlz...
0
-1 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%22161fe0de8e1e2f2%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Furlz.fr%2FbGAO%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2215056%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22760577a592a217%22%2C%22pid%22%3A%2222124029%22%2C%22tid%22%3A%2237bf81a6-0169-4cf8-bb29-0d0916020d80%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A355%2C%22h%22%3A50%7D%5D%7D%7D%2C%7B%22id%22%3A%22897071e6d1366c%22%2C%22pid%22%3A%221121191%22%2C%22tid%22%3A%2292622292-5e14-45c8-9661-5ca8c067b493%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%5D%7D%7D%5D%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.57.174 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-57-174.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://urlz.fr/bGAO
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 14 Feb 2020 03:45:18 GMT
access-control-allow-origin
https://urlz.fr
location
https://ice.360yield.com:443/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%22161fe0de8e1e2f2%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Furlz.fr%2FbGAO%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2215056%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22760577a592a217%22%2C%22pid%22%3A%2222124029%22%2C%22tid%22%3A%2237bf81a6-0169-4cf8-bb29-0d0916020d80%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A355%2C%22h%22%3A50%7D%5D%7D%7D%2C%7B%22id%22%3A%22897071e6d1366c%22%2C%22pid%22%3A%221121191%22%2C%22tid%22%3A%2292622292-5e14-45c8-9661-5ca8c067b493%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%5D%7D%7D%5D%7D%7D
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
status
302
access-control-allow-credentials
true
content-type
text/plain
content-length
0

Redirect headers

date
Fri, 14 Feb 2020 03:45:18 GMT
status
302
location
https://ice.360yield.com:443/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%22161fe0de8e1e2f2%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Furlz.fr%2FbGAO%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2215056%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22760577a592a217%22%2C%22pid%22%3A%2222124029%22%2C%22tid%22%3A%2237bf81a6-0169-4cf8-bb29-0d0916020d80%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A355%2C%22h%22%3A50%7D%5D%7D%7D%2C%7B%22id%22%3A%22897071e6d1366c%22%2C%22pid%22%3A%221121191%22%2C%22tid%22%3A%2292622292-5e14-45c8-9661-5ca8c067b493%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%5D%7D%7D%5D%7D%7D
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://urlz.fr
access-control-allow-credentials
true
content-type
text/plain
content-length
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11740&site_id=39544&zone_id=1078310&size_id=2&alt_size_ids=19%2C43%2C44%2C117&p_pos=atf&rp_schain=1.0,1!themoneytizer.com,15056,1,,,&rf=https%3A%2F%2Furlz.fr&kw=15056&tg_i.siteid=15056&tk_flint=pbjs_lite_v2.44.5&x_source.tid=92622292-5e14-45c8-9661-5ca8c067b493&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.47719553113776647
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445/build/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
659415504868422f697c10f3cf280cfc8932ad120980b371932e94114413fc8c

Request headers

Referer
https://urlz.fr/bGAO
Origin
https://urlz.fr
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 14 Feb 2020 03:45:18 GMT
Content-Encoding
gzip
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://urlz.fr
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=490
Content-Length
1480
Expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid-request
onetag-sys.com/ 		15 B
604 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.89.9.252 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://urlz.fr/bGAO
Origin
https://urlz.fr
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=2592000
content-encoding
gzip
status
200
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://urlz.fr
cache-control
no-cache, no-transform
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
Content-Type, Origin, Referer, User-Agent, x-ak-clientip
prebid
ib.adnxs.com/ut/v3/ 		19 B
703 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445/build/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.197 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
302.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://urlz.fr/bGAO
Origin
https://urlz.fr
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 14 Feb 2020 03:45:20 GMT
X-Proxy-Origin
83.143.245.68; 83.143.245.68; 302.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.135:80
AN-X-Request-Uuid
e53c3bd4-02f7-461a-83aa-f37b69ff86ad
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://urlz.fr
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
hb
ice.360yield.com/ul_cb/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%22161fe0de8e1e2f2%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Furlz.fr%2FbGAO%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2215056%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22760577a592a217%22%2C%22pid%22%3A%2222124029%22%2C%22tid%22%3A%2237bf81a6-0169-4cf8-bb29-0d0916020d80%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A355%2C%22h%22%3A50%7D%5D%7D%7D%2C%7B%22id%22%3A%22897071e6d1366c%22%2C%22pid%22%3A%221121191%22%2C%22tid%22%3A%2292622292-5e14-45c8-9661-5ca8c067b493%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%5D%7D%7D%5D%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.57.174 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-57-174.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
5f40c395eb96596c14e9ee2ab6ea5289ec2aa2404c3bfc969dc35ce9781f1aaf

Request headers

Referer
https://urlz.fr/bGAO
Origin
https://urlz.fr
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 14 Feb 2020 03:45:18 GMT
content-encoding
gzip
status
200
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://urlz.fr
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
2767
wckr.php
tag.leadplace.fr/ Frame 870A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tag.leadplace.fr/wckr.php?nogdpr&id=MTIZ
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.192.166 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash

Request headers

Host
tag.leadplace.fr
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Referer
https://urlz.fr/bGAO
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://urlz.fr/bGAO

Response headers

Server
nginx/1.14.2
Date
Fri, 14 Feb 2020 03:45:18 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
X-IPLB-Instance
30196
ca.png
s.cpx.to/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=188c9da8-7485-48b3-8683-64b037eec2ff
  • https://s.cpx.to/ca.png?dsp=dbm&fid=188c9da8-7485-48b3-8683-64b037eec2ff&google_gid=CAESEL48pNEeIloRo5TDY6mMQ08&google_cver=1
95 B
803 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/ca.png?dsp=dbm&fid=188c9da8-7485-48b3-8683-64b037eec2ff&google_gid=CAESEL48pNEeIloRo5TDY6mMQ08&google_cver=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.1.180 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-1-180.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://urlz.fr/bGAO
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
X-Frame-Options
sameorigin
Date
Fri, 14 Feb 2020 03:45:18 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Cache-Control
no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
95

Redirect headers

pragma
no-cache
date
Fri, 14 Feb 2020 03:45:18 GMT
server
HTTP server (unknown)
location
https://s.cpx.to/ca.png?dsp=dbm&fid=188c9da8-7485-48b3-8683-64b037eec2ff&google_gid=CAESEL48pNEeIloRo5TDY6mMQ08&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
302
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
334
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync.gif
dmp.truoptik.com/0362536315099b06/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.truoptik.com/0362536315099b06/sync.gif?cbk=https%3A%2F%2Fs.cpx.to%2Fsync&dsp=TRUOPTIK&fid=188c9da8-7485-48b3-8683-64b037eec2ff&fck=f44e1563e34eaa8&cbp=dsp_uid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.92.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://urlz.fr/bGAO
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers
an_fire
s.cpx.to/
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D11528%26ref%3D%26hn_ver%3D10%26fid%3D188c9da8-7485-48b3-8683-64b037eec2ff
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.cpx.to%252Fan_fire%253Fapp_nexus_uid%253D%2524UID%2526pid%253D11528%2526ref%253D%2526hn_ver%253D10%2526fid%253D188c9da8-7485-48b3-8...
  • https://s.cpx.to/an_fire?app_nexus_uid=6894028088014655671&pid=11528&ref=&hn_ver=10&fid=188c9da8-7485-48b3-8683-64b037eec2ff
95 B
864 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/an_fire?app_nexus_uid=6894028088014655671&pid=11528&ref=&hn_ver=10&fid=188c9da8-7485-48b3-8683-64b037eec2ff
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.1.180 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-1-180.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://urlz.fr/bGAO
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Fri, 14 Feb 2020 03:45:18 GMT
X-Frame-Options
sameorigin
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Type
image/png
Content-Length
95
Expires
Fri, 14 Feb 2020 03:45:18 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 14 Feb 2020 03:45:20 GMT
AN-X-Request-Uuid
ac49b40a-a700-4ee3-97b0-9d1bdac9b5ce
Content-Type
text/html; charset=utf-8
Server
nginx/1.13.4
Location
https://s.cpx.to/an_fire?app_nexus_uid=6894028088014655671&pid=11528&ref=&hn_ver=10&fid=188c9da8-7485-48b3-8683-64b037eec2ff
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
83.143.245.68; 83.143.245.68; 373.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.249:80
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
adagio.js
script.4dex.io/ 		58 KB
17 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::681c:102a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e70d84d38a5bd06f731ce3eaed82cf837bc7f0c654916291391845136908b96

Request headers

Referer
https://urlz.fr/bGAO
Origin
https://urlz.fr
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 14 Feb 2020 03:45:18 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
age
1158
status
200
x-amz-request-id
356EFDCE35713159
x-amz-id-2
3zR23ntuJBiu1dhUwBvRW/yvzgodgbjciRG6A2ojx+JCkmbA36aZ07XaIqua1RP8tZ9yDlqToNo=
last-modified
Mon, 10 Feb 2020 14:46:41 GMT
server
cloudflare
etag
W/"0ebb0846a522c69f3302aa7b657e6f1b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
cf-ray
564c0c6cffd77245-AMS
get_consent
c.sharethis.mgr.consensu.org/ 		13 B
404 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.sharethis.mgr.consensu.org/get_consent
Requested by
Host: player.pepsia.com
URL: https://player.pepsia.com/sdk.js?d=17041ccffbf
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:6000:c:a9b7:ddc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
38bc0f256821a9c0a02a1c0cedf8ff70c211e637ef77ac199de2fe0cf36ba9ec

Request headers

Referer
https://urlz.fr/bGAO
Origin
https://urlz.fr
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 14 Feb 2020 03:45:18 GMT
via
1.1 7158aa4ac648947d564b98d9769b5b2b.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
status
200
etag
W/"d-+DingHfG0CPg0LypXw8zXfS4tGg"
vary
Origin,Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
https://urlz.fr
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-length
13
x-amz-cf-id
USRKevqLcGcTaNvHFYMyHUV07bY-gp4d7tfXt9bon6iP2R1D1sP-Vg==
indexv2.php
player.pepsia.com/V2/ 		170 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://player.pepsia.com/V2/indexv2.php?token=00I4&controls=1&autoplay=1&logo=true&volume=1&api=1&id=0&origin=https://urlz.fr&gdpr=1&d=17041cd001c
Requested by
Host: player.pepsia.com
URL: https://player.pepsia.com/sdk.js?d=17041ccffbf
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.179.192.20 Paris, France, ASN34235 (ASPSERVEUR-AS, FR),
Reverse DNS
5-179-192-20.dynamixhost.net
Software
nginx /
Resource Hash
89085930fdff263d643c4fa37f489efadd7d9f8361661113d67eb61aa7d6311a

Request headers

Referer
https://urlz.fr/bGAO
Origin
https://urlz.fr
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://urlz.fr
Date
Fri, 14 Feb 2020 03:45:18 GMT
Content-Encoding
gzip
Access-Control-Allow-Credentials
true
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
algov2.php
player.pepsia.com/V2/ 		1 KB
730 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://player.pepsia.com/V2/algov2.php?token=00I4&num=9&origin=https://urlz.fr&d=17041cd001c
Requested by
Host: player.pepsia.com
URL: https://player.pepsia.com/sdk.js?d=17041ccffbf
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.179.192.20 Paris, France, ASN34235 (ASPSERVEUR-AS, FR),
Reverse DNS
5-179-192-20.dynamixhost.net
Software
nginx /
Resource Hash
f89c83c5fc131b60fceebc48b264b3714195faaf8ba22db00b31a024c0ed8d05

Request headers

Referer
https://urlz.fr/bGAO
Origin
https://urlz.fr
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://urlz.fr
Date
Fri, 14 Feb 2020 03:45:18 GMT
Content-Encoding
gzip
Access-Control-Allow-Credentials
true
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
notifyme.php
adtrack.adleadevent.com/ 		0
518 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.246.118.35 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-246-118-35.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://urlz.fr/bGAO
Origin
https://urlz.fr
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 14 Feb 2020 03:45:18 GMT
Content-Encoding
gzip
Last-Modified
Fri, 14 Feb 2020 03:45:18 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
https://urlz.fr
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
Expires
Sat, 26 Jul 1997 05:00:00 GMT
ac
ww1097.smartadserver.com/ 		22 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ww1097.smartadserver.com/ac?nwid=1097&siteid=205724&pgid=890545&fmtid=30012&async=1&visit=m&tmstp=3030967656&tag=sas_30012&sh=1200&sw=1600&pgDomain=https%3A%2F%2Furlz.fr%2FbGAO&hb_bid=rubicon&hb_cpm=0.01533&hb_ccy=USD&noadcbk=sas.noad
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://urlz.fr/bGAO
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Pragma
no-cache
Date
Fri, 14 Feb 2020 03:45:18 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
X-SMRT-D
3%3b8%3b151
P3P
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Cache-Control
no-cache, no-store
Content-Type
application/javascript; charset=utf-8
Content-Length
140
Expires
-1
/
c.tmyzer.com/c/ 		0
200 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.tmyzer.com/c/?s=15056&f=28&fi=0
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://urlz.fr/bGAO
Origin
https://urlz.fr
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 14 Feb 2020 03:45:19 GMT
Server
nginx
X-IPLB-Instance
20687
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Primary Request /
line-seguro-com.umbler.net/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://line-seguro-com.umbler.net/
Requested by
Host: urlz.fr
URL: https://urlz.fr/bGAO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
177.55.116.74 , Brazil, ASN53057 (RedeHost Internet Ltda., BR),
Reverse DNS
Software
Apache / PHP/5.6.30
Resource Hash
d83cae8da7c6000bb593e9783def0c17bd5cbada8d6af70613e9ed3285cc0ca1

Request headers

Host
line-seguro-com.umbler.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Referer
https://urlz.fr/bGAO
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document
Referer
https://urlz.fr/bGAO

Response headers

Date
Fri, 14 Feb 2020 03:45:19 GMT
Server
Apache
X-Powered-By
PHP/5.6.30
Cache-Control
max-age=0, no-cache, no-store, must-revalidate
Expires
Wed, 11 Jan 1984 05:00:00 GMT
Vary
Accept-Encoding
Content-Encoding
gzip
Pragma
no-cache
Content-Length
642
Keep-Alive
timeout=5, max=93
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
/
clarium.global.ssl.fastly.net/ Frame 9377 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clarium.global.ssl.fastly.net/?wrapper=kvOrV736ysbL2xjqNpLELG0upfU&tpid=a3ZPclY3MzZ5c2JMMnhqcU5wTEVMRzB1cGZVL3J1Ymljb246MzAweDEwMA%3D%3D&d=eyJ3aCI6ImEzWlBjbFkzTXpaNWMySk1NbmhxY1U1d1RFVk1SekIxY0daVkwzSjFZbWxqYjI0Nk16QXdlREV3TUE9PSIsIndkIjp7ImsiOnsiaGJfYmlkZGVyIjpbInJ1Ymljb24iXSwiaGJfc2l6ZSI6WyIzMDB4MTAwIl19fSwid3IiOjB9
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=28
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://urlz.fr/bGAO
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Fri, 14 Feb 2020 03:45:19 GMT
Content-Encoding
gzip
Age
11
X-Cache-Status
hit
X-Cache
HIT
Connection
keep-alive
Content-Length
13592
Via
1.1 varnish
X-Served-By
cache-fra19160-FRA
Pragma
no-cache
Server
nginx
X-Timer
S1581651919.081695,VS0,VE0
ETag
4a5d202e648f7b4cca625f8e7dde977acd28b8a6
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Expires
Sat, 26 Jul 1997 04:59:59 GMT
Cache-Control
private, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
X-Cache-Hits
2
/
track.adform.net/adfscript/ Frame 9377 		20 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=35371210;rtbwp=54C9C2DCCD3A78F4;rtbdata=LWqlluBTsi3bSGV4EM6SRqxzSZZVxU1VkzPxOxSyOIm0Hy7ZJqrPAS6SwOUGnadaQ1DsZEBaVEWQO5mRbYDsl_KC9J1hyilxTCzfu_9_cWIjjQ0-_2rsygapqPxuoL0MikSyMY6XAlxEXMoFgYU56c2dbAd0z6yaQfBw4fuoOFysBS-7m81A9cJQJ7YGnoU37lu7mmwEL4HDLun58D1tJHax-Mggfc_Kb3qZJohCZYsWQkHLs7IR32QmIQ3Swn2ACt6k8LWRJQ5k9JUJFwE_MQ2;OOBClickTrack=http://beacon-nf.rubiconproject.com/beacon/v2/t/0/7e7e7878-fec2-46e1-9a93-f345ffc6022a/
Requested by
Host: clarium.global.ssl.fastly.net
URL: https://clarium.global.ssl.fastly.net/?wrapper=kvOrV736ysbL2xjqNpLELG0upfU&tpid=a3ZPclY3MzZ5c2JMMnhqcU5wTEVMRzB1cGZVL3J1Ymljb246MzAweDEwMA%3D%3D&d=eyJ3aCI6ImEzWlBjbFkzTXpaNWMySk1NbmhxY1U1d1RFVk1SekIxY0daVkwzSjFZbWxqYjI0Nk16QXdlREV3TUE9PSIsIndkIjp7ImsiOnsiaGJfYmlkZGVyIjpbInJ1Ymljb24iXSwiaGJfc2l6ZSI6WyIzMDB4MTAwIl19fSwid3IiOjB9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://urlz.fr/bGAO
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

pragma
no-cache
date
Fri, 14 Feb 2020 03:45:19 GMT
content-encoding
gzip
server
nginx
access-control-allow-origin
*
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status
200
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
9840
expires
-1
7e7e7878-fec2-46e1-9a93-f345ffc6022a
beacon-eu2.rubiconproject.com/beacon/d/ Frame 9377 		43 B
268 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-eu2.rubiconproject.com/beacon/d/7e7e7878-fec2-46e1-9a93-f345ffc6022a?oo=0&accountId=11740&siteId=39544&zoneId=1078310&sizeId=19&e=6A1E40E384DA563BA082A2E7CDA3DC0276EAA27F35C54721DB9E2DF4DF6924EC5585607328BC639EF018E36C82B44306172DB22D3B21A9B551F2F199938E96F8FDBF56D234D3886B9124D6D22A433501D719CC9B674A80B2B862FBF5AF43E7403F15A1B4F5928D9A7E2446ACE895962941AF4B172717E2A415670F5ECC46F8A01812F3D530658B25E6FFBBE963597ED421F3746B0B42ADFE14E1CF13EF6C13C1242C5509F4028B091EC38AFF871E3F52671D4AEC60656B9184F9AB041842B868C1FCA66B99E1FFABCDA10306204D320B
Requested by
Host: urlz.fr
URL: https://urlz.fr/bGAO
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.155 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
Rubicon Project /
Resource Hash

Request headers

Referer
https://urlz.fr/bGAO
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Pragma
no-cache
Date
Fri, 14 Feb 2020 03:45:19 GMT
Cache-Control
private, max-age=0, no-cache
Expires
01 Jan 1970 10:00:00 GMT
Server
Rubicon Project
Content-Length
43
Content-Type
image/webp
pixel
protected-by.clarium.io/ Frame 9377 		0
0
bootstrap.js
s1.adform.net/stoat/620/s1.adform.net/ Frame 9377 		31 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js
Requested by
Host: clarium.global.ssl.fastly.net
URL: https://clarium.global.ssl.fastly.net/?wrapper=kvOrV736ysbL2xjqNpLELG0upfU&tpid=a3ZPclY3MzZ5c2JMMnhqcU5wTEVMRzB1cGZVL3J1Ymljb246MzAweDEwMA%3D%3D&d=eyJ3aCI6ImEzWlBjbFkzTXpaNWMySk1NbmhxY1U1d1RFVk1SekIxY0daVkwzSjFZbWxqYjI0Nk16QXdlREV3TUE9PSIsIndkIjp7ImsiOnsiaGJfYmlkZGVyIjpbInJ1Ymljb24iXSwiaGJfc2l6ZSI6WyIzMDB4MTAwIl19fSwid3IiOjB9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://urlz.fr/bGAO
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 14 Feb 2020 03:45:19 GMT
content-encoding
gzip
last-modified
Thu, 09 Jan 2020 12:46:43 GMT
server
nginx
access-control-allow-origin
*
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=100000
expires
Sat, 15 Feb 2020 07:19:44 GMT
/
track.adform.net/wpf/v2/cda44j1c.lY5BNvcKyAdMUDFBpBeA0fUm7qKFz0Xnj3wMvsD7z5meTuCUMz_WMXWMYGzXJJIneGffLMC7EZ3QHPBirTYKUowRslzRQqwSM2dFqwomevLNDrhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7s... Frame 9377 		0
0
bundle.js
ads.themoneytizer.com/cs2/dist/ 		103 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/cs2/dist/bundle.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://urlz.fr/bGAO
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 14 Feb 2020 03:45:19 GMT
content-encoding
gzip
last-modified
Mon, 10 Feb 2020 10:52:38 GMT
server
nginx
etag
"3d387-19a8c-59e3689a88147"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
status
200
cache-control
max-age=86400
accept-ranges
bytes
content-length
24569
expires
Sat, 15 Feb 2020 03:45:03 GMT
mobile.css
line-seguro-com.umbler.net/_styles/ 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://line-seguro-com.umbler.net/_styles/mobile.css
Requested by
Host: line-seguro-com.umbler.net
URL: https://line-seguro-com.umbler.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
177.55.116.74 , Brazil, ASN53057 (RedeHost Internet Ltda., BR),
Reverse DNS
Software
Apache /
Resource Hash
08da2db474ee6cdb6273b97d24ce54055a6c98724bea3f0484b4824035b15ee5

Request headers

Referer
https://line-seguro-com.umbler.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

Date
Fri, 14 Feb 2020 03:45:19 GMT
Content-Encoding
gzip
Last-Modified
Mon, 27 Jan 2020 14:48:08 GMT
Server
Apache
ETag
"268a-59d2032182f4c-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=86400
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=92
Content-Length
2390
Expires
Sat, 15 Feb 2020 03:45:19 GMT
css
fonts.googleapis.com/ 		10 KB
904 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,800
Requested by
Host: line-seguro-com.umbler.net
URL: https://line-seguro-com.umbler.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
89ac351147aec12359e5c68d4c3bb936e658fff87ce2337f04a5050fe75719c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://line-seguro-com.umbler.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 14 Feb 2020 03:45:19 GMT
server
ESF
date
Fri, 14 Feb 2020 03:45:19 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 14 Feb 2020 03:45:19 GMT
jquery.min.js
line-seguro-com.umbler.net/_jscripts/ 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://line-seguro-com.umbler.net/_jscripts/jquery.min.js
Requested by
Host: line-seguro-com.umbler.net
URL: https://line-seguro-com.umbler.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
177.55.116.74 , Brazil, ASN53057 (RedeHost Internet Ltda., BR),
Reverse DNS
Software
Apache /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Referer
https://line-seguro-com.umbler.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Fri, 14 Feb 2020 03:45:19 GMT
Content-Encoding
gzip
Last-Modified
Mon, 27 Jan 2020 14:48:56 GMT
Server
Apache
ETag
"15851-59d2034efccd4-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
30599
Expires
Sat, 15 Feb 2020 03:45:19 GMT
jquery.mask.js
line-seguro-com.umbler.net/_jscripts/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://line-seguro-com.umbler.net/_jscripts/jquery.mask.js
Requested by
Host: line-seguro-com.umbler.net
URL: https://line-seguro-com.umbler.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
177.55.116.74 , Brazil, ASN53057 (RedeHost Internet Ltda., BR),
Reverse DNS
Software
Apache /
Resource Hash
3b775d6e0b0f5cff98aca4daaa7f27a7c3678f39d1f5186776bb14b63cc2f625

Request headers

Referer
https://line-seguro-com.umbler.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Fri, 14 Feb 2020 03:45:19 GMT
Content-Encoding
gzip
Last-Modified
Mon, 27 Jan 2020 14:48:55 GMT
Server
Apache
ETag
"18ae-59d2034ea13fc-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
2669
Expires
Sat, 15 Feb 2020 03:45:19 GMT
mobile.js
line-seguro-com.umbler.net/_jscripts/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://line-seguro-com.umbler.net/_jscripts/mobile.js
Requested by
Host: line-seguro-com.umbler.net
URL: https://line-seguro-com.umbler.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
177.55.116.74 , Brazil, ASN53057 (RedeHost Internet Ltda., BR),
Reverse DNS
Software
Apache /
Resource Hash
9efcbd7971761e096c6cc864092ffae2886e231172ac49d84479bd41b0325d4a

Request headers

Referer
https://line-seguro-com.umbler.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Fri, 14 Feb 2020 03:45:19 GMT
Content-Encoding
gzip
Last-Modified
Mon, 27 Jan 2020 14:48:56 GMT
Server
Apache
ETag
"1b73-59d2034edd4ec-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
1720
Expires
Sat, 15 Feb 2020 03:45:19 GMT
id_logo.png
line-seguro-com.umbler.net/_images/mobile/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://line-seguro-com.umbler.net/_images/mobile/id_logo.png
Requested by
Host: line-seguro-com.umbler.net
URL: https://line-seguro-com.umbler.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
177.55.116.74 , Brazil, ASN53057 (RedeHost Internet Ltda., BR),
Reverse DNS
Software
Apache /
Resource Hash
ec449b90a12df224ff679dcc26fe6a075b8bee6575b7891ea55b96c5869d828c

Request headers

Referer
https://line-seguro-com.umbler.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Fri, 14 Feb 2020 03:45:19 GMT
Content-Encoding
gzip
Last-Modified
Mon, 27 Jan 2020 14:48:54 GMT
Server
Apache
ETag
"20f0-59d2034d55f34-gzip"
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
max-age=86400
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
7995
Expires
Sat, 15 Feb 2020 03:45:19 GMT
0046.jpg
line-seguro-com.umbler.net/img/ 		31 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://line-seguro-com.umbler.net/img/0046.jpg
Requested by
Host: line-seguro-com.umbler.net
URL: https://line-seguro-com.umbler.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
177.55.116.74 , Brazil, ASN53057 (RedeHost Internet Ltda., BR),
Reverse DNS
Software
Apache /
Resource Hash
19b6386f0a79c4c729f8bad5fead289120a11ec434bbf23d0a824f122c76e666

Request headers

Referer
https://line-seguro-com.umbler.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Fri, 14 Feb 2020 03:45:19 GMT
Content-Encoding
gzip
Last-Modified
Mon, 27 Jan 2020 14:48:13 GMT
Server
Apache
ETag
"7bd3-59d20325e8eec-gzip"
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
max-age=86400
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
24635
Expires
Sat, 15 Feb 2020 03:45:19 GMT
mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
Requested by
Host: line-seguro-com.umbler.net
URL: https://line-seguro-com.umbler.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,800
Origin
https://line-seguro-com.umbler.net
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 31 Jan 2020 04:10:22 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:44 GMT
server
sffe
age
1208097
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
9180
x-xss-protection
0
expires
Sat, 30 Jan 2021 04:10:22 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
uipglob.semasio.net
URL
https://uipglob.semasio.net/id5/1/get?_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F112%2F5%2F5.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D1%26gdpr_consent%3D
Domain
protected-by.clarium.io
URL
https://protected-by.clarium.io/pixel?tag=wt_a3ZPclY3MzZ5c2JMMnhqcU5wTEVMRzB1cGZVL3J1Ymljb246MHgw&v=5&s=d4c0eacc657a878e9caa2927cd2ee4279543fd86&id=eyJwcmViaWQiOnsiYWRJZCI6IjIwODhlZDY0ZTJkMmUxYSIsImNwbSI6MC4wMTUzM319&sb=1&cb=3639714&h=urlz.fr
Domain
track.adform.net
URL
https://track.adform.net/wpf/v2/cda44j1c.lY5BNvcKyAdMUDFBpBeA0fUm7qKFz0Xnj3wMvsD7z5meTuCUMz_WMXWMYGzXJJIneGffLMC7EZ3QHPBirTYKUowRslzRQqwSM2dFqwomevLNDrhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt3Q9cUVlOrXTAxw63UYOKES5jfzmkflFflczl998tp7ppfAaZ6m1CdC5MQjGejuTDRNziCvTDfWocQTPOKSfB6QqgXK_Pmtd0UbUV8afuyPBCAP9zbEqvuyPBDjaY2ftckuyPBB2SCVZXnN9QeJ0XxXxXmxf_i.uJtHoqvynx9MsFyxYM914Ve_clr1Ly.25.ea4641Re4JDvkjkaU_vU3YMJ5tFFg4K1kl1BNlY6RjJNlY52DLrV9BNorW6Tv4pA4.L9.gJ0Nc1lF4XVA4.9gJ.c4elF1eLf4.pwoRbA4.pwoRbA4.WL9.J1pNc0Qpw.7Uf/adfserve/?bn=35371210;rtbwp=54C9C2DCCD3A78F4;rtbdata=LWqlluBTsi3bSGV4EM6SRqxzSZZVxU1VkzPxOxSyOIm0Hy7ZJqrPAS6SwOUGnadaQ1DsZEBaVEWQO5mRbYDsl_KC9J1hyilxTCzfu_9_cWIjjQ0-_2rsygapqPxuoL0MikSyMY6XAlxEXMoFgYU56c2dbAd0z6yaQfBw4fuoOFysBS-7m81A9cJQJ7YGnoU37lu7mmwEL4HDLun58D1tJHax-Mggfc_Kb3qZJohCZYsWQkHLs7IR32QmIQ3Swn2ACt6k8LWRJQ5k9JUJFwE_MQ2;oobclicktrack=http%3a%2f%2fbeacon-nf.rubiconproject.com%2fbeacon%2fv2%2ft%2f0%2f7e7e7878-fec2-46e1-9a93-f345ffc6022a%2f;js=1;adfxid=1x;1008;set=en-US|en-US|1600X1200|0|0|0|24|8|3|7|0|1;fd=0|2&CREFURL=https%3A%2F%2Furlz.fr%2FbGAO

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Banco Itau (Banking)

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery function| check_enter function| check_passwd_net function| check_card function| check_cpf function| check_cpf_or_operador function| check_cvv function| check_portador function| check_pscc function| check_tk_app function| check_tk_ch function| check_tk_sms function| check_fone function| checkCard function| validarCPF function| remove function| proximoCampo function| ValidaConta

0 Cookies

2 Console Messages

Source Level URL
Text
console-api log URL: https://script.4dex.io/localstore.js(Line 1)
Message:
TypeError: Cannot read property 'getItem' of null
console-api error URL: https://player.pepsia.com/sdk.js?d=17041ccffbf(Line 4)
Message:
%c Pepsia.com Player #0 background: #ccc; color: #2176ff Site Désactivé !

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.themoneytizer.com
adtrack.adleadevent.com
ajax.cloudflare.com
ajax.googleapis.com
beacon-eu2.rubiconproject.com
bidder.criteo.com
c.sharethis.mgr.consensu.org
c.tmyzer.com
ced-ns.sascdn.com
clarium.global.ssl.fastly.net
cm.g.doubleclick.net
d2zur9cc2gf1tx.cloudfront.net
dmp.truoptik.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g.themoneytizer.net
gum.criteo.com
ib.adnxs.com
ice.360yield.com
line-seguro-com.umbler.net
onetag-sys.com
p.cpx.to
pixel.quantserve.com
player.pepsia.com
protected-by.clarium.io
rules.quantcount.com
s.cpx.to
s1.adform.net
script.4dex.io
secure.adnxs.com
secure.quantserve.com
spl.zeotap.com
tag.contextweb.com
tag.leadplace.fr
track.adform.net
uipglob.semasio.net
urlz.fr
ww1097.smartadserver.com
www.noowho.com
protected-by.clarium.io
track.adform.net
uipglob.semasio.net
104.16.92.60
13.224.196.86
143.204.98.13
145.239.192.166
145.239.193.145
151.101.13.194
151.139.241.23
172.217.22.2
177.55.116.74
178.250.2.152
185.33.223.100
185.33.223.197
185.86.137.17
2600:9000:2156:5800:6:44e3:f8c0:93a1
2600:9000:21f3:6000:c:a9b7:ddc0:93a1
2606:4700:10::6814:8238
2606:4700:3037::681c:102a
2606:4700:3038::681f:bb2
2606:4700::6811:4104
2a00:1450:4001:819::2003
2a00:1450:4001:81c::200a
2a00:1450:4001:820::200a
2a02:2638::1c
2a02:26f0:6c00::210:ba29
37.157.2.247
37.157.6.246
5.179.192.20
51.89.9.252
52.214.1.180
52.58.57.174
54.246.118.35
54.38.64.100
69.173.144.143
69.173.144.155
74.214.194.132
91.228.74.244
91.228.74.251
94.23.196.203
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
0214d392d4e27028b59a53de3a937de0211ca40bc070387c0d68da05a3d8cc4c
08da2db474ee6cdb6273b97d24ce54055a6c98724bea3f0484b4824035b15ee5
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
19b6386f0a79c4c729f8bad5fead289120a11ec434bbf23d0a824f122c76e666
22185f510bff003e8504a6bff1759a96e745cb019155405c55fd2263898c6151
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
38bc0f256821a9c0a02a1c0cedf8ff70c211e637ef77ac199de2fe0cf36ba9ec
3b775d6e0b0f5cff98aca4daaa7f27a7c3678f39d1f5186776bb14b63cc2f625
46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681
5f40c395eb96596c14e9ee2ab6ea5289ec2aa2404c3bfc969dc35ce9781f1aaf
649144be1fa79362df36ab951a8b94ba05f5e7f1a484224bf9dc7f333fdb60dd
659415504868422f697c10f3cf280cfc8932ad120980b371932e94114413fc8c
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6e70d84d38a5bd06f731ce3eaed82cf837bc7f0c654916291391845136908b96
759d88dd7c8fa0d1e31323bd2ebf3f238156fdcbd1ed108215f69fece482d0c2
83e7227079d44c2e0241e283dbc3b163b21d7ddf589b78645ec0b70e2dba9f57
84eaa82237ec35000e088a062e289442c4c6a88091a99b8febe02dadefa08a8e
87d0504a593794695c2f77db0efde1f65e73a7086abf260f07f491482517cd07
89085930fdff263d643c4fa37f489efadd7d9f8361661113d67eb61aa7d6311a
89ac351147aec12359e5c68d4c3bb936e658fff87ce2337f04a5050fe75719c1
8c8543047af01eee8aec752d049f35aff3abc468628af82f9585117411786d8c
90e6f92e956b0b2b6e655f63d36cd44cef727f54c2b2a175ab5144de14ba2a31
94666aec361fee9a9294bb32a5bc11867e479d41c199dd6ec8053122ae105a4b
9a399f86e55ebdae4edd1e3ba718bc82009486870a7079f6793d452ba911c2a2
9ca8e213054d163276dedede01f9eaedf3daf414063621030719d3cbde1eca51
9efcbd7971761e096c6cc864092ffae2886e231172ac49d84479bd41b0325d4a
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a58ef13b7da1cda9135f4db7bb703d5be2162b0aa6335c8c402a959ec9e8e9fd
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
bf0e17523e8f57ccb02223b6e5adea462a5479afc4e79d9cbf80ca7f6186dc69
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
c5ad3b80d4bd1b095ca5e744c6c689679f54dfeac7413e01f7f4c6917a6b619a
cd9634916457bc81c49f64958185b0b9ffdf036068f3c70bca71b5a6e2ba8940
d83cae8da7c6000bb593e9783def0c17bd5cbada8d6af70613e9ed3285cc0ca1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8d7c60749c1d62942a8e0a6f901800bd14ff3094251373626cd99a8875c6391
ec449b90a12df224ff679dcc26fe6a075b8bee6575b7891ea55b96c5869d828c
f89c83c5fc131b60fceebc48b264b3714195faaf8ba22db00b31a024c0ed8d05