Submitted URL: http://urlz.fr/8JxR
Effective URL: http://89.203.249.179/dl.php
Submission: On February 03 via manual from NL

Summary

This website contacted 12 IPs in 6 countries across 18 domains to perform 28 HTTP transactions. The main IP is 89.203.249.179, located in Czech Republic and belongs to CDT-AS The Czech Republic, CZ. The main domain is 89.203.249.179.
This is the only time 89.203.249.179 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2606:4700:31:... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 3 2600:9000:200... 16509 (AMAZON-02)
3 89.203.249.179 25512 (CDT-AS Th...)
5 151.139.241.23 33438 (HIGHWINDS2)
1 145.239.193.145 16276 (OVH)
1 74.214.194.132 59940 (PULSEPOIN...)
1 54.230.93.253 16509 (AMAZON-02)
1 2a02:2638:1::13 44788 (ASN-CRITE...)
2 147.135.143.43 16276 (OVH)
1 3.120.63.71 16509 (AMAZON-02)
1 5.179.192.20 34235 (ASPSERVEU...)
28 12
Domain Requested by
5 ads.themoneytizer.com ajax.cloudflare.com
ads.themoneytizer.com
3 b-ooms-1950.shortcm.li 3 redirects
2 tag.leadplace.fr ads.themoneytizer.com
tag.leadplace.fr
1 player.pepsia.com urlz.fr
1 edge.quantserve.com ads.themoneytizer.com
1 gum.criteo.com ads.themoneytizer.com
1 p.cpx.to ads.themoneytizer.com
1 tag.contextweb.com ads.themoneytizer.com
1 g.tmyzer.com ads.themoneytizer.com
1 ajax.cloudflare.com urlz.fr
1 urlz.fr
0 rules.quantcount.com Failed
0 ad.360yield.com Failed ads.themoneytizer.com
0 ads.stickyadstv.com Failed ads.themoneytizer.com
0 fastlane.rubiconproject.com Failed ads.themoneytizer.com
0 s.cpx.to Failed p.cpx.to
0 www.noowho.com Failed
0 ib.adnxs.com Failed ads.themoneytizer.com
0 ced-ns.sascdn.com Failed
28 19

This site contains links to these domains. Also see Links.

Domain
urlz.fr
Subject Issuer Validity Valid
ssl412106.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2018-09-22 -
2019-03-31
6 months crt.sh
*.themoneytizer.com
RapidSSL RSA CA 2018
2018-06-14 -
2019-02-28
9 months crt.sh

This page contains 4 frames:

Primary Page: http://89.203.249.179/dl.php
Frame ID: C67ADC46FE53F41C9A2901479B50CE8B
Requests: 25 HTTP requests in this frame

Frame: http://89.203.249.179/dl.php
Frame ID: 3E435DBE4372E40D6E1DA30E0130CF3A
Requests: 1 HTTP requests in this frame

Frame: http://89.203.249.179/dl.php
Frame ID: F44EDEA6756BD6E946C9F4E4D3761B0A
Requests: 1 HTTP requests in this frame

Frame: http://tag.leadplace.fr/wckr.php?nogdpr&id=MTIZ
Frame ID: F0FA403357E3EC0DB3783CACB617A4B8
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://urlz.fr/8JxR Page URL
  2. https://b-ooms-1950.shortcm.li/jUyQxw HTTP 302
    http://89.203.249.179/dl.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /cloudflare/i

Page Statistics

28
Requests

14 %
HTTPS

33 %
IPv6

18
Domains

19
Subdomains

12
IPs

6
Countries

143 kB
Transfer

458 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://urlz.fr/8JxR Page URL
  2. https://b-ooms-1950.shortcm.li/jUyQxw HTTP 302
    http://89.203.249.179/dl.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://b-ooms-1950.shortcm.li/jUyQxw HTTP 302
  • http://89.203.249.179/dl.php
Request Chain 10
  • http://ww1097.smartadserver.com/config.js?nwid=1097 HTTP 302
  • http://ced-ns.sascdn.com/diff/js/smart.js
Request Chain 13
  • http://id5-sync.com/i/12/9.gif HTTP 302
  • http://id5-sync.com/c/12/0/9/1.gif HTTP 302
  • http://ib.adnxs.com/getuid?http://id5-sync.com/c/12/2/8/2.gif?puid=$UID HTTP 302
  • http://ib.adnxs.com/bounce?%2Fgetuid%3Fhttp%3A%2F%2Fid5-sync.com%2Fc%2F12%2F2%2F8%2F2.gif%3Fpuid%3D%24UID
Request Chain 17
  • https://b-ooms-1950.shortcm.li/jUyQxw HTTP 302
  • http://89.203.249.179/dl.php
Request Chain 26
  • http://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js HTTP 301
  • https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js

28 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Cookie set 8JxR
urlz.fr/
3 KB
1 KB
Document
General
Full URL
http://urlz.fr/8JxR
Protocol
HTTP/1.1
Server
2606:4700:31::681f:ab2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a2c52006c9b2a9f591a23f6b90f954dd8ed62973c903a59807ba311cd31392f

Request headers

Host
urlz.fr
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sun, 03 Feb 2019 19:25:04 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d47f9fb0bd926fc01de30c28213cd18111549221904; expires=Mon, 03-Feb-20 19:25:04 GMT; path=/; domain=.urlz.fr; HttpOnly
Server
cloudflare
CF-RAY
4a37480474e82c06-AMS
Content-Encoding
gzip
rocket-loader.min.js
ajax.cloudflare.com/cdn-cgi/scripts/cb7744ae/cloudflare-static/
11 KB
4 KB
Script
General
Full URL
https://ajax.cloudflare.com/cdn-cgi/scripts/cb7744ae/cloudflare-static/rocket-loader.min.js
Requested by
Host: urlz.fr
URL: http://urlz.fr/8JxR
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6813:c697 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3349f7ebfafd1cf105f9f4a41a1be792db6dfc5d754de2fbce192a2185486b73
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://urlz.fr/8JxR
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 03 Feb 2019 19:25:04 GMT
content-encoding
gzip
last-modified
Thu, 31 Jan 2019 11:15:04 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5c52d8b8-2d8b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=172800, public
strict-transport-security
max-age=15780000; includeSubDomains
cf-ray
4a3748052d6f6457-FRA
expires
Tue, 05 Feb 2019 19:25:04 GMT
dl.php
89.203.249.179/ Frame 3E43
Redirect Chain
  • https://b-ooms-1950.shortcm.li/jUyQxw
  • http://89.203.249.179/dl.php
0
0
Document
General
Full URL
http://89.203.249.179/dl.php
Requested by
Host: urlz.fr
URL: http://urlz.fr/8JxR
Protocol
HTTP/1.1
Server
89.203.249.179 , Czech Republic, ASN25512 (CDT-AS The Czech Republic, CZ),
Reverse DNS
179-249-203-89.hicoria.com
Software
Apache/2.4.37 (Win32) OpenSSL/1.1.1a PHP/7.3.1 /
Resource Hash

Request headers

Host
89.203.249.179
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://urlz.fr/8JxR
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://urlz.fr/8JxR

Response headers

Date
Sun, 03 Feb 2019 19:25:06 GMT
Server
Apache/2.4.37 (Win32) OpenSSL/1.1.1a PHP/7.3.1
Vary
accept-language,accept-charset
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=utf-8
Content-Language
en

Redirect headers

status
302
content-type
text/html; charset=utf-8
content-length
87
location
http://89.203.249.179/dl.php
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
date
Sun, 03 Feb 2019 19:25:04 GMT
x-cache
Miss from cloudfront
via
1.1 7e6ac12144acebd1fc302708f2ecfad6.cloudfront.net (CloudFront)
x-amz-cf-id
T7Kkp2IkPVjTGgCZYiegSVGBjbI_TLrr91_swqXMZFXOHAVx4QgR_A==
requestform.js
ads.themoneytizer.com/s/
43 KB
9 KB
Script
General
Full URL
http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/cb7744ae/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
NetDNA-cache/2.2 / PHP/5.4.45
Resource Hash
336e9a5ea0e47cf5871196d99f736360019a685939a849c3691eb1056b81504d

Request headers

Referer
http://urlz.fr/8JxR
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sun, 03 Feb 2019 19:25:00 GMT
Content-Encoding
gzip
Server
NetDNA-cache/2.2
X-Powered-By
PHP/5.4.45
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
text/html; charset=UTF-8
Cache-control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9118
Expires
Mon, 04 Feb 2019 19:25:00 GMT
gen.js
ads.themoneytizer.com/s/
5 KB
2 KB
Script
General
Full URL
http://ads.themoneytizer.com/s/gen.js?type=28
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/cb7744ae/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
NetDNA-cache/2.2 / PHP/5.4.45
Resource Hash
f3042307a08b2fbccd43b71c9e9c28eeec24fe56a7bdbb0a92a29e3f75021b65

Request headers

Referer
http://urlz.fr/8JxR
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sun, 03 Feb 2019 19:24:18 GMT
Content-Encoding
gzip
Server
NetDNA-cache/2.2
X-Powered-By
PHP/5.4.45
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
text/html; charset=UTF-8
Cache-control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2085
Expires
Mon, 04 Feb 2019 19:24:18 GMT
/
g.tmyzer.com/g/
26 B
200 B
Script
General
Full URL
http://g.tmyzer.com/g/
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol
HTTP/1.1
Server
145.239.193.145 , United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
8c8543047af01eee8aec752d049f35aff3abc468628af82f9585117411786d8c

Request headers

Referer
http://urlz.fr/8JxR
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sun, 03 Feb 2019 19:25:04 GMT
Server
nginx
X-IPLB-Instance
15014
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
moneyvisibility.js
ads.themoneytizer.com/
12 KB
4 KB
Script
General
Full URL
https://ads.themoneytizer.com/moneyvisibility.js
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
7665c874bc98e44bd494def2883069f2f4c14cdef48d52d517cbbfce75440f37

Request headers

Referer
http://urlz.fr/8JxR
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 03 Feb 2019 19:25:04 GMT
content-encoding
gzip
last-modified
Tue, 03 Oct 2017 20:38:26 GMT
server
nginx
etag
"779a-308e-55aaa791f67cd"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
status
200
cache-control
max-age=86400
accept-ranges
bytes
content-length
3931
expires
Mon, 04 Feb 2019 19:24:37 GMT
moneybile.js
ads.themoneytizer.com/
37 KB
16 KB
Script
General
Full URL
https://ads.themoneytizer.com/moneybile.js
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
94666aec361fee9a9294bb32a5bc11867e479d41c199dd6ec8053122ae105a4b

Request headers

Referer
http://urlz.fr/8JxR
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 03 Feb 2019 19:25:04 GMT
content-encoding
gzip
last-modified
Tue, 26 Dec 2017 18:31:28 GMT
server
nginx
etag
"7ff1-9390-561427db3104d"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
status
200
cache-control
max-age=86400
accept-ranges
bytes
content-length
15733
expires
Mon, 04 Feb 2019 19:24:13 GMT
getjs.static.js
tag.contextweb.com/
32 KB
11 KB
Script
General
Full URL
http://tag.contextweb.com/getjs.static.js
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol
HTTP/1.1
Server
74.214.194.132 Amsterdam, Netherlands, ASN59940 (PULSEPOINT-EU, NL),
Reverse DNS
Software
nginx /
Resource Hash
2797a5a31f878305121024bf4f2271f8059dcc6c2b24efde2994c09631bed34f

Request headers

Referer
http://urlz.fr/8JxR
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sun, 03 Feb 2019 19:25:04 GMT
Content-Encoding
gzip
Server
nginx
ETag
24e3b1b6dd83b252f1213e42689762834e238463
P3P
policyref="/TagPublish/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
Cache-Control
max-age=432000, public
Connection
keep-alive
CW-FEServer
ams-prts04.pulse.prod
Content-Type
application/x-javascript
Content-Length
11149
px.js
p.cpx.to/p/11528/
1 KB
2 KB
Script
General
Full URL
http://p.cpx.to/p/11528/px.js?r=19892
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol
HTTP/1.1
Server
54.230.93.253 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-230-93-253.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
759d88dd7c8fa0d1e31323bd2ebf3f238156fdcbd1ed108215f69fece482d0c2

Request headers

Referer
http://urlz.fr/8JxR
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 02 Oct 2018 16:21:06 GMT
Content-Encoding
UTF-8
Last-Modified
Wed, 26 Sep 2018 10:53:05 GMT
Server
AmazonS3
Age
355422
ETag
"f30057c89bf67afeaf18ceba624fa4b7"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 ddd91cf4cd1b9310c0aee8953bc042e2.cloudfront.net (CloudFront)
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1498
X-Amz-Cf-Id
O-aq9GRpUx3pd1IG4KTYKLAm-IA3QXQBySBp58MbIXcN87fTowBG7A==
smart.js
ced-ns.sascdn.com/diff/js/
Redirect Chain
  • http://ww1097.smartadserver.com/config.js?nwid=1097
  • http://ced-ns.sascdn.com/diff/js/smart.js
0
0

sync
gum.criteo.com/
49 B
305 B
Script
General
Full URL
http://gum.criteo.com/sync?c=147&r=2&j=criteoCallback
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol
HTTP/1.1
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0

Request headers

Referer
http://urlz.fr/8JxR
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sun, 03 Feb 2019 19:25:03 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=3600
Content-Length
49
Expires
60
libJsLP.js
tag.leadplace.fr/
3 KB
3 KB
Script
General
Full URL
http://tag.leadplace.fr/libJsLP.js
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol
HTTP/1.1
Server
147.135.143.43 Waltham, United States, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
90e6f92e956b0b2b6e655f63d36cd44cef727f54c2b2a175ab5144de14ba2a31

Request headers

Referer
http://urlz.fr/8JxR
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sun, 03 Feb 2019 19:25:04 GMT
Last-Modified
Tue, 30 Oct 2018 10:00:26 GMT
Server
nginx/1.14.2
ETag
"5bd82bba-a72"
X-IPLB-Instance
13163
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
2674
bounce
ib.adnxs.com/
Redirect Chain
  • http://id5-sync.com/i/12/9.gif
  • http://id5-sync.com/c/12/0/9/1.gif
  • http://ib.adnxs.com/getuid?http://id5-sync.com/c/12/2/8/2.gif?puid=$UID
  • http://ib.adnxs.com/bounce?%2Fgetuid%3Fhttp%3A%2F%2Fid5-sync.com%2Fc%2F12%2F2%2F8%2F2.gif%3Fpuid%3D%24UID
0
0

quant.js
edge.quantserve.com/
12 KB
6 KB
Script
General
Full URL
http://edge.quantserve.com/quant.js
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol
HTTP/1.1
Server
3.120.63.71 Fairfield, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-3-120-63-71.eu-central-1.compute.amazonaws.com
Software
QS /
Resource Hash

Request headers

Referer
http://urlz.fr/8JxR
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sun, 03 Feb 2019 19:25:04 GMT
Content-Encoding
gzip
Last-Modified
Sun, 03-Feb-2019 19:25:04 GMT
Server
QS
ETag
M0-e2b9884a
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=604800
Connection
keep-alive
Content-Length
5456
Expires
Sun, 10 Feb 2019 19:25:04 GMT
prebid.js
ads.themoneytizer.com/moneybid1_39/build/dist/
260 KB
82 KB
Script
General
Full URL
https://ads.themoneytizer.com/moneybid1_39/build/dist/prebid.js
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
ba95487a7721bf9de3d5b103cc5b48ec09fe4c95db48e4cbdf84f8dbf238b96f

Request headers

Referer
http://urlz.fr/8JxR
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 03 Feb 2019 19:25:04 GMT
content-encoding
gzip
last-modified
Wed, 23 Jan 2019 23:00:11 GMT
server
nginx
etag
"1f60c-411aa-580280e5deadf"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
status
200
cache-control
max-age=86400
accept-ranges
bytes
content-length
84112
expires
Mon, 04 Feb 2019 19:24:42 GMT
sdk.js
player.pepsia.com/
36 KB
0
Script
General
Full URL
http://player.pepsia.com/sdk.js?d=168b4d2401c
Requested by
Host: urlz.fr
URL: http://urlz.fr/8JxR
Protocol
HTTP/1.1
Server
5.179.192.20 , France, ASN34235 (ASPSERVEUR-AS, FR),
Reverse DNS
5-179-192-20.dynamixhost.net
Software
nginx /
Resource Hash

Request headers

Referer
http://urlz.fr/8JxR
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sun, 03 Feb 2019 19:25:04 GMT
Last-Modified
Wed, 23 Jan 2019 09:55:22 GMT
Server
nginx
Accept-Ranges
bytes
ETag
"5c483a0a-945e"
Content-Length
37982
Content-Type
application/javascript
dl.php
89.203.249.179/ Frame F44E
Redirect Chain
  • https://b-ooms-1950.shortcm.li/jUyQxw
  • http://89.203.249.179/dl.php
0
0
Document
General
Full URL
http://89.203.249.179/dl.php
Requested by
Host: urlz.fr
URL: http://urlz.fr/8JxR
Protocol
HTTP/1.1
Server
89.203.249.179 , Czech Republic, ASN25512 (CDT-AS The Czech Republic, CZ),
Reverse DNS
179-249-203-89.hicoria.com
Software
Apache/2.4.37 (Win32) OpenSSL/1.1.1a PHP/7.3.1 /
Resource Hash

Request headers

Host
89.203.249.179
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://urlz.fr/8JxR
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://urlz.fr/8JxR

Response headers

Date
Sun, 03 Feb 2019 19:25:06 GMT
Server
Apache/2.4.37 (Win32) OpenSSL/1.1.1a PHP/7.3.1
Vary
accept-language,accept-charset
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=utf-8
Content-Language
en

Redirect headers

status
302
content-type
text/html; charset=utf-8
content-length
87
location
http://89.203.249.179/dl.php
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
date
Sun, 03 Feb 2019 19:25:04 GMT
x-cache
Miss from cloudfront
via
1.1 7e6ac12144acebd1fc302708f2ecfad6.cloudfront.net (CloudFront)
x-amz-cf-id
HpaKRWTb4HmQDvto4cwfxFUeLIqYWOGxpU06nm2OalSv4xFK5QEhYg==
image.php
www.noowho.com/
0
0

wckr.php
tag.leadplace.fr/ Frame F0FA
0
0
Document
General
Full URL
http://tag.leadplace.fr/wckr.php?nogdpr&id=MTIZ
Requested by
Host: tag.leadplace.fr
URL: http://tag.leadplace.fr/libJsLP.js
Protocol
HTTP/1.1
Server
147.135.143.43 Waltham, United States, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash

Request headers

Host
tag.leadplace.fr
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://urlz.fr/8JxR
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://urlz.fr/8JxR

Response headers

Server
nginx/1.14.2
Date
Sun, 03 Feb 2019 19:25:04 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
X-IPLB-Instance
13163
fire.js
s.cpx.to/
0
0

fastlane.json
fastlane.rubiconproject.com/a/api/
0
0

fastlane.json
fastlane.rubiconproject.com/a/api/
0
0

prebid
ib.adnxs.com/ut/v3/
0
0

swfIndex.php
ads.stickyadstv.com/www/delivery/
0
0

hb
ad.360yield.com/
0
0

Primary Request dl.php
89.203.249.179/
Redirect Chain
  • https://b-ooms-1950.shortcm.li/jUyQxw
  • http://89.203.249.179/dl.php
1 KB
2 KB
Document
General
Full URL
http://89.203.249.179/dl.php
Requested by
Host: urlz.fr
URL: http://urlz.fr/8JxR
Protocol
HTTP/1.1
Server
89.203.249.179 , Czech Republic, ASN25512 (CDT-AS The Czech Republic, CZ),
Reverse DNS
179-249-203-89.hicoria.com
Software
Apache/2.4.37 (Win32) OpenSSL/1.1.1a PHP/7.3.1 /
Resource Hash
d15bd64cf1246b4556d817a8c2dd1621added7d1aaacde8224cef40c1bdb8002

Request headers

Host
89.203.249.179
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://urlz.fr/8JxR
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://urlz.fr/8JxR

Response headers

Date
Sun, 03 Feb 2019 19:25:06 GMT
Server
Apache/2.4.37 (Win32) OpenSSL/1.1.1a PHP/7.3.1
Vary
accept-language,accept-charset
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=utf-8
Content-Language
en

Redirect headers

status
302
content-type
text/html; charset=utf-8
content-length
87
location
http://89.203.249.179/dl.php
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
date
Sun, 03 Feb 2019 19:25:04 GMT
x-cache
Miss from cloudfront
via
1.1 7e6ac12144acebd1fc302708f2ecfad6.cloudfront.net (CloudFront)
x-amz-cf-id
KHouHImDuoRVjNn4GYSnzc-ur4DV3RYFWqkLzu8GWcRJN3BSG2voQw==
rules-p-6Fv0cGNfc_bw8.js
rules.quantcount.com/
Redirect Chain
  • http://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
  • https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ced-ns.sascdn.com
URL
http://ced-ns.sascdn.com/diff/js/smart.js
Domain
ib.adnxs.com
URL
http://ib.adnxs.com/bounce?%2Fgetuid%3Fhttp%3A%2F%2Fid5-sync.com%2Fc%2F12%2F2%2F8%2F2.gif%3Fpuid%3D%24UID
Domain
www.noowho.com
URL
https://www.noowho.com/image.php?site=23690713&ref=
Domain
s.cpx.to
URL
https://s.cpx.to/fire.js?pid=11528&ref=&hn_ver=10&fid=5dbca474-2ef8-4b4d-b276-68e813e9ab7a
Domain
fastlane.rubiconproject.com
URL
http://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11740&site_id=39544&zone_id=1078226&size_id=2&p_pos=unknown&rf=https%3A%2F%2Furlz.fr&kw=15056&tg_i.siteid=15056&tk_flint=pbjs_lite_v1.39.0&x_source.tid=708040f9-a1de-4563-9f7e-f4f6ac3e71dd&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=0&slots=1&rand=0.6381322625353087
Domain
fastlane.rubiconproject.com
URL
http://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11740&site_id=39544&zone_id=1078310&size_id=2&p_pos=unknown&rf=https%3A%2F%2Furlz.fr&kw=15056&tg_i.siteid=15056&tk_flint=pbjs_lite_v1.39.0&x_source.tid=cb5b19c8-a3e9-4550-bbea-6859a929e3f5&p_screen_res=1600x1200&rp_floor=0.37&rp_secure=0&slots=1&rand=0.833622402023515
Domain
ib.adnxs.com
URL
http://ib.adnxs.com/ut/v3/prebid
Domain
ads.stickyadstv.com
URL
http://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=5224337&componentId=mustang&timestamp=1549221904534&pKey=-381140215&_fw_gdpr_consent=undefined&loc=http%3A%2F%2Furlz.fr%2F8JxR&playerSize=640x480&
Domain
ad.360yield.com
URL
http://ad.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22id%22%3A%2215f0f3d70d8e13e%22%2C%22version%22%3A%225.0.0-JS-5.2.0%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22133e95f6ced464a%22%2C%22pid%22%3A%221121190%22%2C%22tid%22%3A%22708040f9-a1de-4563-9f7e-f4f6ac3e71dd%22%2C%22banner%22%3A%7B%7D%7D%2C%7B%22id%22%3A%2214fac77c33065ae%22%2C%22pid%22%3A%221121191%22%2C%22tid%22%3A%22cb5b19c8-a3e9-4550-bbea-6859a929e3f5%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D
Domain
rules.quantcount.com
URL
https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.360yield.com
ads.stickyadstv.com
ads.themoneytizer.com
ajax.cloudflare.com
b-ooms-1950.shortcm.li
ced-ns.sascdn.com
edge.quantserve.com
fastlane.rubiconproject.com
g.tmyzer.com
gum.criteo.com
ib.adnxs.com
p.cpx.to
player.pepsia.com
rules.quantcount.com
s.cpx.to
tag.contextweb.com
tag.leadplace.fr
urlz.fr
www.noowho.com
ad.360yield.com
ads.stickyadstv.com
ced-ns.sascdn.com
fastlane.rubiconproject.com
ib.adnxs.com
rules.quantcount.com
s.cpx.to
www.noowho.com
145.239.193.145
147.135.143.43
151.139.241.23
2600:9000:200c:2000:15:f434:4640:93a1
2606:4700:31::681f:ab2
2606:4700::6813:c697
2a02:2638:1::13
3.120.63.71
5.179.192.20
54.230.93.253
74.214.194.132
89.203.249.179
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
2797a5a31f878305121024bf4f2271f8059dcc6c2b24efde2994c09631bed34f
3349f7ebfafd1cf105f9f4a41a1be792db6dfc5d754de2fbce192a2185486b73
336e9a5ea0e47cf5871196d99f736360019a685939a849c3691eb1056b81504d
759d88dd7c8fa0d1e31323bd2ebf3f238156fdcbd1ed108215f69fece482d0c2
7665c874bc98e44bd494def2883069f2f4c14cdef48d52d517cbbfce75440f37
8c8543047af01eee8aec752d049f35aff3abc468628af82f9585117411786d8c
90e6f92e956b0b2b6e655f63d36cd44cef727f54c2b2a175ab5144de14ba2a31
94666aec361fee9a9294bb32a5bc11867e479d41c199dd6ec8053122ae105a4b
9a2c52006c9b2a9f591a23f6b90f954dd8ed62973c903a59807ba311cd31392f
ba95487a7721bf9de3d5b103cc5b48ec09fe4c95db48e4cbdf84f8dbf238b96f
d15bd64cf1246b4556d817a8c2dd1621added7d1aaacde8224cef40c1bdb8002
f3042307a08b2fbccd43b71c9e9c28eeec24fe56a7bdbb0a92a29e3f75021b65