urlscan.io logo urlscan.io
SecurityTrails logo

u334891frl.ha002.t.justns.ru Open in urlscan Pro
2a00:b700::6:a  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://s.id/3pH-m
Effective URL: http://u334891frl.ha002.t.justns.ru/imex/index.html
Submission: On February 23 via manual from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 31 IPs in 10 countries across 34 domains to perform 72 HTTP transactions. The main IP is 2a00:b700::6:a, located in Russian Federation and belongs to ASBAXET, RU. The main domain is u334891frl.ha002.t.justns.ru.
This is the only time u334891frl.ha002.t.justns.ru was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Credit Agricole (Banking)

Domain & IP information

IP Address AS Autonomous System
1 203.119.112.228 56088 (PANDI-ID ...)
1 77.222.40.193 44112 (SWEB-AS)
1 1 2606:4700:31:... 13335 (CLOUDFLAR...)
1 2606:4700:31:... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
6 28 2a00:b700::6:a 51659 (ASBAXET)
5 151.139.241.23 12989 (HWNG)
1 145.239.193.145 16276 (OVH)
1 74.214.194.131 59940 (PULSEPOIN...)
1 54.230.202.22 16509 (AMAZON-02)
1 52.85.182.149 16509 (AMAZON-02)
1 2 185.86.137.43 201081 (SMARTADSE...)
4 68.232.35.16 15133 (EDGECAST)
1 2a02:2638:1::13 44788 (ASN-CRITE...)
2 147.135.143.43 16276 (OVH)
1 18.195.84.125 16509 (AMAZON-02)
3 5.179.192.20 34235 (ASPSERVEU...)
1 94.23.196.203 16276 (OVH)
1 2a00:1450:400... 15169 (GOOGLE)
6 54.229.43.73 16509 (AMAZON-02)
1 185.33.223.210 29990 (ASN-APPNEXUS)
1 2.18.234.233 16625 (AKAMAI-AS)
1 3 52.29.212.156 16509 (AMAZON-02)
2 213.19.162.61 26667 (RUBICONPR...)
1 1 2600:9000:200... 16509 (AMAZON-02)
1 2600:9000:200... 16509 (AMAZON-02)
1 54.228.203.167 16509 (AMAZON-02)
2 2 172.217.21.226 15169 (GOOGLE)
1 1 37.252.172.12 29990 (ASN-APPNEXUS)
2 2 185.64.189.110 62713 (AS-PUBMATIC)
1 1 46.228.164.13 56396 (TURN)
2 2 52.30.162.218 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 95.140.239.36 22822 (LLNW)
1 209.197.3.15 20446 (HIGHWINDS3)
1 158.191.172.76 9159 ()
1 2 195.8.215.136 41690 (DAILYMOTI...)
72 31
1    203.119.112.228 (Indonesia)

ASN56088 (PANDI-ID PANDI - Pengelola Nama Domain Internet Indonesia, ID)
PTR: s.id.112.119.203.in-addr.arpa
s.id
1    77.222.40.193 (Russian Federation)

ASN44112 (SWEB-AS, RU)
PTR: vh258.sweb.ru
christ9000.temp.swtest.ru
1    2606:4700:31::681f:ab2 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
urlz.fr
1    2606:4700:31::681f:bb2 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
urlz.fr
1    2606:4700::6813:c697 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
ajax.cloudflare.com
28    2a00:b700::6:a (Russian Federation)

ASN51659 (ASBAXET, RU)
u334891frl.ha002.t.justns.ru
5    151.139.241.23 (Dallas, United States)

ASN12989 (HWNG, NL)
ads.themoneytizer.com
1    145.239.193.145 (United Kingdom)

ASN16276 (OVH, FR)
g.tmyzer.com
1    74.214.194.131 (Amsterdam, Netherlands)

ASN59940 (PULSEPOINT-EU, NL)
tag.contextweb.com
1    54.230.202.22 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-230-202-22.fra50.r.cloudfront.net
p.cpx.to
1    52.85.182.149 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-85-182-149.fra50.r.cloudfront.net
d2zur9cc2gf1tx.cloudfront.net
2    185.86.137.43 (France)

ASN201081 (SMARTADSERVER, FR)
ww1097.smartadserver.com
4    68.232.35.16 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
ced-ns.sascdn.com
1    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    147.135.143.43 (Waltham, United States)

ASN16276 (OVH, FR)
tag.leadplace.fr
1    18.195.84.125 (Cambridge, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-195-84-125.eu-central-1.compute.amazonaws.com
edge.quantserve.com
3    5.179.192.20 (France)

ASN34235 (ASPSERVEUR-AS, FR)
PTR: 5-179-192-20.dynamixhost.net
player.pepsia.com
1    94.23.196.203 (France)

ASN16276 (OVH, FR)
PTR: serveur8.wilsoftech.com
www.noowho.com
1    2a00:1450:4001:815::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
ajax.googleapis.com
6    54.229.43.73 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-229-43-73.eu-west-1.compute.amazonaws.com
s.cpx.to
1    185.33.223.210 (European Union)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
ib.adnxs.com
1    2.18.234.233 (European Union)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-234-233.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
3    52.29.212.156 (Frankfurt, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-29-212-156.eu-central-1.compute.amazonaws.com
ad.360yield.com
2    213.19.162.61 (United Kingdom)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)
fastlane.rubiconproject.com
1    2600:9000:200d:a200:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
rules.quantcount.com
1    2600:9000:200d:b800:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
rules.quantcount.com
1    54.228.203.167 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-228-203-167.eu-west-1.compute.amazonaws.com
adtrack.adleadevent.com
2    172.217.21.226 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s13-in-f2.1e100.net
cm.g.doubleclick.net
1    37.252.172.12 (European Union)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 244.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
2    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC - PubMatic, Inc., US)
image2.pubmatic.com
1    46.228.164.13 (United Kingdom)

ASN56396 (TURN, GB)
d.turn.com
2    52.30.162.218 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-30-162-218.eu-west-1.compute.amazonaws.com
ads.avocet.io
1    2a00:1450:4001:809::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
1    95.140.239.36 (United Kingdom)

ASN22822 (LLNW - Limelight Networks, Inc., US)
PTR: https-95-140-239-36.cdg.llnw.net
api.dmcdn.net
1    209.197.3.15 (Phoenix, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: vip0x00f.map2.ssl.hwcdn.net
maxcdn.bootstrapcdn.com
1    158.191.172.76 (France)

ASN9159 (, FR)
www.ca-aquitaine.fr
2    195.8.215.136 (France)

ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR)
PTR: www.dailymotion.com
www.dailymotion.com
Apex Domain
Subdomains		 Transfer
28 justns.ru
u334891frl.ha002.t.justns.ru
101 KB
7 cpx.to
p.cpx.to
s.cpx.to
6 KB
5 themoneytizer.com
ads.themoneytizer.com
117 KB
4 sascdn.com
ced-ns.sascdn.com
13 KB
3 360yield.com
ad.360yield.com
4 KB
3 pepsia.com
player.pepsia.com
53 KB
2 dailymotion.com
www.dailymotion.com
831 B
2 avocet.io
ads.avocet.io
1 KB
2 pubmatic.com
image2.pubmatic.com
1004 B
2 doubleclick.net
cm.g.doubleclick.net
926 B
2 quantcount.com
rules.quantcount.com
1 KB
2 rubiconproject.com
fastlane.rubiconproject.com
3 KB
2 adnxs.com
ib.adnxs.com
secure.adnxs.com
2 KB
2 leadplace.fr
tag.leadplace.fr
3 KB
2 smartadserver.com
ww1097.smartadserver.com
rtb-csync.smartadserver.com Failed
5 KB
2 urlz.fr
urlz.fr
2 KB
1 ca-aquitaine.fr
www.ca-aquitaine.fr
783 B
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com
18 KB
1 dmcdn.net
api.dmcdn.net
9 KB
1 google-analytics.com
www.google-analytics.com
17 KB
1 turn.com
d.turn.com
514 B
1 adleadevent.com
adtrack.adleadevent.com
517 B
1 stickyadstv.com
ads.stickyadstv.com
548 B
1 googleapis.com
ajax.googleapis.com
30 KB
1 noowho.com
www.noowho.com
2 KB
1 quantserve.com
edge.quantserve.com
6 KB
1 criteo.com
gum.criteo.com
305 B
1 cloudfront.net
d2zur9cc2gf1tx.cloudfront.net
25 KB
1 contextweb.com
tag.contextweb.com
11 KB
1 tmyzer.com
g.tmyzer.com
c.tmyzer.com Failed
200 B
1 cloudflare.com
ajax.cloudflare.com
4 KB
1 swtest.ru
christ9000.temp.swtest.ru
337 B
1 s.id
s.id
analytics.s.id Failed
2 KB
0 webmasterplan.com Failed
banners.webmasterplan.com Failed
72 34
Domain Requested by
28 u334891frl.ha002.t.justns.ru 6 redirects urlz.fr
s.id
u334891frl.ha002.t.justns.ru
6 s.cpx.to p.cpx.to
5 ads.themoneytizer.com ajax.cloudflare.com
ads.themoneytizer.com
4 ced-ns.sascdn.com ads.themoneytizer.com
3 ad.360yield.com 1 redirects
3 player.pepsia.com s.id
player.pepsia.com
2 www.dailymotion.com 1 redirects api.dmcdn.net
2 ads.avocet.io 2 redirects
2 image2.pubmatic.com 2 redirects
2 cm.g.doubleclick.net 2 redirects
2 rules.quantcount.com 1 redirects
2 fastlane.rubiconproject.com ads.themoneytizer.com
2 tag.leadplace.fr ads.themoneytizer.com
2 ww1097.smartadserver.com 1 redirects ads.themoneytizer.com
2 urlz.fr 1 redirects
1 www.ca-aquitaine.fr urlz.fr
1 maxcdn.bootstrapcdn.com player.pepsia.com
1 api.dmcdn.net player.pepsia.com
1 www.google-analytics.com s.id
1 d.turn.com 1 redirects
1 secure.adnxs.com 1 redirects
1 adtrack.adleadevent.com ajax.googleapis.com
1 ads.stickyadstv.com ads.themoneytizer.com
1 ib.adnxs.com ads.themoneytizer.com
1 ajax.googleapis.com d2zur9cc2gf1tx.cloudfront.net
1 www.noowho.com
1 edge.quantserve.com ads.themoneytizer.com
1 gum.criteo.com ads.themoneytizer.com
1 d2zur9cc2gf1tx.cloudfront.net ads.themoneytizer.com
1 p.cpx.to ads.themoneytizer.com
1 tag.contextweb.com ads.themoneytizer.com
1 g.tmyzer.com ads.themoneytizer.com
1 ajax.cloudflare.com urlz.fr
1 christ9000.temp.swtest.ru s.id
1 s.id
0 banners.webmasterplan.com Failed ced-ns.sascdn.com
0 c.tmyzer.com Failed ads.themoneytizer.com
0 rtb-csync.smartadserver.com Failed
0 analytics.s.id Failed s.id
72 39

This site contains links to these domains. Also see Links.

Domain
www.ca-normandie-seine.fr
Subject Issuer Validity Valid
*.s.id
COMODO RSA Domain Validation Secure Server CA		 2018-12-03 -
2020-12-02		 2 years crt.sh
ssl412106.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2018-09-22 -
2019-03-31		 6 months crt.sh
*.themoneytizer.com
Sectigo RSA Domain Validation Secure Server CA		 2019-02-15 -
2021-02-14		 2 years crt.sh
www.noowho.com
Gandi Standard SSL CA 2		 2017-02-07 -
2020-02-07		 3 years crt.sh
s.cpx.to
COMODO RSA Domain Validation Secure Server CA		 2015-02-10 -
2020-02-09		 5 years crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2018-10-16 -
2019-10-21		 a year crt.sh
adtrack.adleadevent.com
Amazon		 2018-07-28 -
2019-08-28		 a year crt.sh
*.google-analytics.com
Google Internet Authority G3		 2019-01-29 -
2019-04-23		 3 months crt.sh
*.dmcdn.net
DigiCert SHA2 High Assurance Server CA		 2018-04-23 -
2019-05-29		 a year crt.sh
*.bootstrapcdn.com
COMODO RSA Domain Validation Secure Server CA		 2018-10-03 -
2019-10-12		 a year crt.sh
www.ca-aquitaine.fr
COMODO RSA Organization Validation Secure Server CA		 2018-12-12 -
2019-12-12		 a year crt.sh
*.dailymotion.com
DigiCert SHA2 High Assurance Server CA		 2018-09-24 -
2019-10-23		 a year crt.sh

This page contains 7 frames:

Primary Page: http://u334891frl.ha002.t.justns.ru/imex/index.html
Frame ID: 127C74ACE7BBD1844777BE873C37D04D
Requests: 63 HTTP requests in this frame

Frame: http://u334891frl.ha002.t.justns.ru/imex/index.html
Frame ID: 1E2B64E8414109A745FF7E3410F64EF2
Requests: 1 HTTP requests in this frame

Frame: http://u334891frl.ha002.t.justns.ru/imex/index.html
Frame ID: 4D37B2905D4219E73B6B8B5B00E8DE79
Requests: 1 HTTP requests in this frame

Frame: http://tag.leadplace.fr/wckr.php?nogdpr&id=MTIZ
Frame ID: 4F3DC2E419F8A9FF412CC34E61972BD2
Requests: 1 HTTP requests in this frame

Frame: https://www.google-analytics.com/analytics.js
Frame ID: E3F3FA7B4EE497E546811E00E089C5B0
Requests: 5 HTTP requests in this frame

Frame: https://www.dailymotion.com/embed?api=postMessage&autoplay-mute=true&autoplay=true&controls=false&endscreen-enable=false&id=player_screen_video&mute=true&origin=http%3A%2F%2Furlz.fr&sharing-enable=false&syndication=273739&ui-logo=false&ui-start-screen-info=false
Frame ID: 374F35E7D8ED6E4F74607C5FAB8D49F1
Requests: 1 HTTP requests in this frame

Frame: http://banners.webmasterplan.com/view.asp?ref=794613&site=9192&type=html&hnb=1&js=1&subid=205724
Frame ID: C521D977BA48210A2090B6408184961B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://s.id/3pH-m Page URL
  2. http://christ9000.temp.swtest.ru/ Page URL
  3. https://urlz.fr/8Xbf HTTP 301
    http://urlz.fr/8Xbf Page URL
  4. http://u334891frl.ha002.t.justns.ru/imex HTTP 301
    http://u334891frl.ha002.t.justns.ru/imex/ HTTP 302
    http://u334891frl.ha002.t.justns.ru/imex/index.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /Ubuntu/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

72
Requests

26 %
HTTPS

24 %
IPv6

34
Domains

39
Subdomains

31
IPs

10
Countries

433 kB
Transfer

1059 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://s.id/3pH-m Page URL
  2. http://christ9000.temp.swtest.ru/ Page URL
  3. https://urlz.fr/8Xbf HTTP 301
    http://urlz.fr/8Xbf Page URL
  4. http://u334891frl.ha002.t.justns.ru/imex HTTP 301
    http://u334891frl.ha002.t.justns.ru/imex/ HTTP 302
    http://u334891frl.ha002.t.justns.ru/imex/index.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://urlz.fr/8Xbf HTTP 301
  • http://urlz.fr/8Xbf
Request Chain 5
  • http://u334891frl.ha002.t.justns.ru/imex HTTP 301
  • http://u334891frl.ha002.t.justns.ru/imex/ HTTP 302
  • http://u334891frl.ha002.t.justns.ru/imex/index.html
Request Chain 14
  • http://ww1097.smartadserver.com/config.js?nwid=1097 HTTP 302
  • http://ced-ns.sascdn.com/diff/js/smart.js
Request Chain 17
  • http://id5-sync.com/i/12/9.gif HTTP 302
  • http://id5-sync.com/c/12/0/9/1.gif HTTP 302
  • http://ib.adnxs.com/getuid?http://id5-sync.com/c/12/2/8/2.gif?puid=$UID HTTP 302
  • http://ib.adnxs.com/bounce?%2Fgetuid%3Fhttp%3A%2F%2Fid5-sync.com%2Fc%2F12%2F2%2F8%2F2.gif%3Fpuid%3D%24UID HTTP 302
  • http://id5-sync.com/c/12/2/8/2.gif?puid=7765773284666874037 HTTP 302
  • http://c1.adform.net/serving/cookie/match?party=1135&callback=http%3A%2F%2Fid5-sync.com%2Fc%2F12%2F10%2F7%2F3.gif%3Fpuid%3D%5Badformuid%5D HTTP 302
  • http://c1.adform.net/serving/cookie/match?CC=1&party=1135&callback=http%3A%2F%2Fid5-sync.com%2Fc%2F12%2F10%2F7%2F3.gif%3Fpuid%3D%5Badformuid%5D HTTP 302
  • http://id5-sync.com/c/12/10/7/3.gif?puid=7349143495359786273 HTTP 302
  • http://ads.creative-serving.com/id5_cm?callback=http%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F6%2F4.gif%3Fpuid%3D%5BUID%5D HTTP 302
  • http://ads.creative-serving.com/ul_cb/id5_cm?callback=http%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F6%2F4.gif%3Fpuid%3D%5BUID%5D HTTP 302
  • http://id5-sync.com/c/12/101/6/4.gif?puid=5249e641-cd28-401c-bf6c-b0578c2637c1 HTTP 302
  • http://rtb-csync.smartadserver.com/redir/?partnerid=111&partneruserid=ID5-SWe62plfawSWT75gwpjdi7Sf_vzzJfm1_0Qig3N7Kw&redirurl=http%3A%2F%2Fid5-sync.com%2Fc%2F12%2F102%2F5%2F5.gif%3Fpuid%3DSMART_USER_ID
Request Chain 21
  • http://u334891frl.ha002.t.justns.ru/imex HTTP 301
  • http://u334891frl.ha002.t.justns.ru/imex/ HTTP 302
  • http://u334891frl.ha002.t.justns.ru/imex/index.html
Request Chain 27
  • http://ad.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22id%22%3A%22154e7b630d4fb21%22%2C%22version%22%3A%225.0.0-JS-5.2.0%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2210c6af89bf160fb%22%2C%22pid%22%3A%221121190%22%2C%22tid%22%3A%22e6270728-85c9-4153-85f3-ed600a178e51%22%2C%22banner%22%3A%7B%7D%7D%2C%7B%22id%22%3A%221132b2a2718a80c%22%2C%22pid%22%3A%221121191%22%2C%22tid%22%3A%22c7554928-1edd-4144-ac75-77d396eef5aa%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D HTTP 302
  • http://ad.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22id%22%3A%22154e7b630d4fb21%22%2C%22version%22%3A%225.0.0-JS-5.2.0%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2210c6af89bf160fb%22%2C%22pid%22%3A%221121190%22%2C%22tid%22%3A%22e6270728-85c9-4153-85f3-ed600a178e51%22%2C%22banner%22%3A%7B%7D%7D%2C%7B%22id%22%3A%221132b2a2718a80c%22%2C%22pid%22%3A%221121191%22%2C%22tid%22%3A%22c7554928-1edd-4144-ac75-77d396eef5aa%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D
Request Chain 31
  • http://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js HTTP 301
  • https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Request Chain 35
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=5a08625a-3a90-4266-a2b0-9820fc8bfeb3 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm=&dsp=dbm&fid=5a08625a-3a90-4266-a2b0-9820fc8bfeb3&google_tc= HTTP 302
  • https://s.cpx.to/ca.png?dsp=dbm&fid=5a08625a-3a90-4266-a2b0-9820fc8bfeb3&google_gid=CAESEN6sZfaAfKbWfZkmFWO2_34&google_cver=1
Request Chain 36
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D11528%26ref%3Dhttp%253A%252F%252Fchrist9000.temp.swtest.ru%252F%26hn_ver%3D10%26fid%3D5a08625a-3a90-4266-a2b0-9820fc8bfeb3 HTTP 302
  • https://s.cpx.to/an_fire?app_nexus_uid=4567907578020829203&pid=11528&ref=http%3A%2F%2Fchrist9000.temp.swtest.ru%2F&hn_ver=10&fid=5a08625a-3a90-4266-a2b0-9820fc8bfeb3
Request Chain 37
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D5a08625a-3a90-4266-a2b0-9820fc8bfeb3 HTTP 302
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D5a08625a-3a90-4266-a2b0-9820fc8bfeb3 HTTP 302
  • https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=AB594511-57DE-410C-B485-4597AC142318&fid=5a08625a-3a90-4266-a2b0-9820fc8bfeb3
Request Chain 38
  • https://d.turn.com/r/dd/id/L21rdC8xMjgwL2NpZC8xNzQ4MDc2NjU4L3QvMg/url/https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Damobee%26dsp_uid%3D%24%21%7BTURN_UUID%7D%26fid%3D5a08625a-3a90-4266-a2b0-9820fc8bfeb3 HTTP 302
  • https://s.cpx.to/sync?dsp=amobee&dsp_uid=8520938729002797581&fid=5a08625a-3a90-4266-a2b0-9820fc8bfeb3
Request Chain 39
  • https://ads.avocet.io/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Davocet%26dsp_uid%3D%7B%7BUUID%7D%7D%26fid%3D5a08625a-3a90-4266-a2b0-9820fc8bfeb3 HTTP 302
  • https://ads.avocet.io/getuid?bounce=true&url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Davocet%26dsp_uid%3D%7B%7BUUID%7D%7D%26fid%3D5a08625a-3a90-4266-a2b0-9820fc8bfeb3 HTTP 302
  • https://s.cpx.to/sync?dsp=avocet&dsp_uid=4b6f72a8-565b-4962-bf15-c548204793f7&fid=5a08625a-3a90-4266-a2b0-9820fc8bfeb3
Request Chain 45
  • http://www.dailymotion.com/embed?api=postMessage&autoplay-mute=true&autoplay=true&controls=false&endscreen-enable=false&id=player_screen_video&mute=true&origin=http%3A%2F%2Furlz.fr&sharing-enable=false&syndication=273739&ui-logo=false&ui-start-screen-info=false HTTP 301
  • https://www.dailymotion.com/embed?api=postMessage&autoplay-mute=true&autoplay=true&controls=false&endscreen-enable=false&id=player_screen_video&mute=true&origin=http%3A%2F%2Furlz.fr&sharing-enable=false&syndication=273739&ui-logo=false&ui-start-screen-info=false

72 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set 3pH-m
s.id/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.id/3pH-m
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.119.112.228 , Indonesia, ASN56088 (PANDI-ID PANDI - Pengelola Nama Domain Internet Indonesia, ID),
Reverse DNS
s.id.112.119.203.in-addr.arpa
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
d2af55f8e670b2d9dad04df0677db9d1bc93500add67b7305b6cd3ecd87ff840

Request headers

Host
s.id
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Server
nginx/1.10.3 (Ubuntu)
Date
Sat, 23 Feb 2019 10:02:19 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Cache-Control
private, must-revalidate
pragma
no-cache
expires
-1
Set-Cookie
XSRF-TOKEN=eyJpdiI6ImRlNGVFMHZFR1FPejAzTG1USXRVdEE9PSIsInZhbHVlIjoiWDlZYnQ3d01xbWplMlpvdU1qRVhRbURsKzdhdjZ2ZWpnMm5tTnRtc2dJd1A0eHExblVhNVB4OWxNTCtxRlFnRHNmRmRGNUlzbzd1NStKVVllbGR4U3c9PSIsIm1hYyI6IjJlMzEyMGE4MjI4OTgzMzEzMTZiYzVkY2MxYmI0NWZlNjk3Mzc5NzE4NWIyNWZlNWJhYzMzZGIwMTk0Zjc0NGQifQ%3D%3D; expires=Sat, 23-Feb-2019 12:02:19 GMT; Max-Age=7200; path=/ major_tom=eyJpdiI6IlBBQnRWZitJdHlGemhFMFZUZ0Nkanc9PSIsInZhbHVlIjoiOEt4MERyUG85M25Od0JpdkpiVW5DRVl1V0taTFRzcW5LR21Oc0d2NVZEcExIS0hjXC9sQVpxZDVvXC93a3hPZFh4dU40cjlHZklzV2RDUDhpU3pqSFMydz09IiwibWFjIjoiYjBlM2ExNzJhZjYyMTdiMTQzMTk2YmZiNmIzMTc1OWYyODJjNDU1M2IxYTA5YzljNDRjZjE4YzllOTRjNzdlYSJ9; expires=Sat, 23-Feb-2019 12:02:19 GMT; Max-Age=7200; path=/; httponly
Content-Encoding
gzip
piwik.js
analytics.s.id/ 		0
0
/
christ9000.temp.swtest.ru/ 		64 B
337 B 		Document
General
Check archive.org
Download Go to
Full URL
http://christ9000.temp.swtest.ru/
Requested by
Host: s.id
URL: https://s.id/3pH-m
Protocol
HTTP/1.1
Server
77.222.40.193 , Russian Federation, ASN44112 (SWEB-AS, RU),
Reverse DNS
vh258.sweb.ru
Software
nginx/1.15.2 /
Resource Hash

Request headers

Host
christ9000.temp.swtest.ru
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Server
nginx/1.15.2
Date
Sat, 23 Feb 2019 10:02:19 GMT
Content-Type
text/html
Content-Length
64
Connection
keep-alive
Keep-Alive
timeout=10
Last-Modified
Tue, 19 Feb 2019 06:27:40 GMT
ETag
"19c5b1f-40-582395695f479"
Accept-Ranges
bytes
8Xbf
urlz.fr/
Redirect Chain
  • https://urlz.fr/8Xbf
  • http://urlz.fr/8Xbf
3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://urlz.fr/8Xbf
Protocol
HTTP/1.1
Server
2606:4700:31::681f:bb2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce1bffb16b9476a0d482b43793f454a0ad00bf69fe557d07aa11b5acc1bcf8f9

Request headers

Host
urlz.fr
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://christ9000.temp.swtest.ru/
Accept-Encoding
gzip, deflate
Cookie
__cfduid=d027f6e23ef22be605c5cb287768a69e41550916140
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://christ9000.temp.swtest.ru/

Response headers

Date
Sat, 23 Feb 2019 10:02:20 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Server
cloudflare
CF-RAY
4ad8db34090cc2f1-FRA
Content-Encoding
gzip

Redirect headers

status
301
date
Sat, 23 Feb 2019 10:02:20 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d027f6e23ef22be605c5cb287768a69e41550916140; expires=Sun, 23-Feb-20 10:02:20 GMT; path=/; domain=.urlz.fr; HttpOnly
location
http://urlz.fr/8Xbf
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4ad8db336bbd96a0-FRA
rocket-loader.min.js
ajax.cloudflare.com/cdn-cgi/scripts/cb7744ae/cloudflare-static/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.cloudflare.com/cdn-cgi/scripts/cb7744ae/cloudflare-static/rocket-loader.min.js
Requested by
Host: urlz.fr
URL: http://urlz.fr/8Xbf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:c697 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3349f7ebfafd1cf105f9f4a41a1be792db6dfc5d754de2fbce192a2185486b73
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://urlz.fr/8Xbf
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 23 Feb 2019 10:02:20 GMT
content-encoding
gzip
last-modified
Mon, 18 Feb 2019 17:46:56 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5c6aef90-2d8b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=172800, public
strict-transport-security
max-age=15780000; includeSubDomains
cf-ray
4ad8db349df1bef3-FRA
expires
Mon, 25 Feb 2019 10:02:20 GMT
index.html
u334891frl.ha002.t.justns.ru/imex/ Frame 1E2B
Redirect Chain
  • http://u334891frl.ha002.t.justns.ru/imex
  • http://u334891frl.ha002.t.justns.ru/imex/
  • http://u334891frl.ha002.t.justns.ru/imex/index.html
0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://u334891frl.ha002.t.justns.ru/imex/index.html
Requested by
Host: urlz.fr
URL: http://urlz.fr/8Xbf
Protocol
HTTP/1.1
Server
2a00:b700::6:a , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash

Request headers

Host
u334891frl.ha002.t.justns.ru
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://urlz.fr/8Xbf
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://urlz.fr/8Xbf

Response headers

ETag
"55d5-5c6ba09b-b189bbcf36cf4d4e;gz"
Last-Modified
Tue, 19 Feb 2019 06:22:19 GMT
Content-Type
text/html
Content-Length
6653
Accept-Ranges
bytes
Content-Encoding
gzip
Vary
Accept-Encoding,User-Agent
Date
Sat, 23 Feb 2019 10:02:20 GMT
Server
LiteSpeed
Connection
close

Redirect headers

Location
index.html
Content-Type
text/html; charset=UTF-8
Content-Length
0
Date
Sat, 23 Feb 2019 10:02:20 GMT
Server
LiteSpeed
Cache-Control
no-cache, no-store, must-revalidate, max-age=0
Vary
User-Agent
Connection
close
requestform.js
ads.themoneytizer.com/s/ 		43 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/cb7744ae/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Server
151.139.241.23 Dallas, United States, ASN12989 (HWNG, NL),
Reverse DNS
Software
NetDNA-cache/2.2 / PHP/5.4.45
Resource Hash
8f435bfc1cac9de93a539a250d2d5fc423e4b6b2791d91de331113bad0e98e20

Request headers

Referer
http://urlz.fr/8Xbf
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 23 Feb 2019 10:02:20 GMT
Content-Encoding
gzip
Server
NetDNA-cache/2.2
X-Powered-By
PHP/5.4.45
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
text/html; charset=UTF-8
Cache-control
max-age=86400
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
Expires
Sun, 24 Feb 2019 10:02:20 GMT
gen.js
ads.themoneytizer.com/s/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ads.themoneytizer.com/s/gen.js?type=28
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/cb7744ae/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Server
151.139.241.23 Dallas, United States, ASN12989 (HWNG, NL),
Reverse DNS
Software
NetDNA-cache/2.2 / PHP/5.4.45
Resource Hash
dd76fdd2142192064e0af855f1b21bdad5ed9e807f053e813827e601404a83cb

Request headers

Referer
http://urlz.fr/8Xbf
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 23 Feb 2019 10:01:34 GMT
Content-Encoding
gzip
Server
NetDNA-cache/2.2
X-Powered-By
PHP/5.4.45
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
text/html; charset=UTF-8
Cache-control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2186
Expires
Sun, 24 Feb 2019 10:01:34 GMT
/
g.tmyzer.com/g/ 		26 B
200 B 		Script
General
Check archive.org
Download Go to
Full URL
http://g.tmyzer.com/g/
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol
HTTP/1.1
Server
145.239.193.145 , United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
8c8543047af01eee8aec752d049f35aff3abc468628af82f9585117411786d8c

Request headers

Referer
http://urlz.fr/8Xbf
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 23 Feb 2019 10:04:45 GMT
Server
nginx
X-IPLB-Instance
15014
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
moneyvisibility.js
ads.themoneytizer.com/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/moneyvisibility.js
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN12989 (HWNG, NL),
Reverse DNS
Software
nginx /
Resource Hash
7665c874bc98e44bd494def2883069f2f4c14cdef48d52d517cbbfce75440f37

Request headers

Referer
http://urlz.fr/8Xbf
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 23 Feb 2019 10:02:21 GMT
content-encoding
gzip
last-modified
Tue, 03 Oct 2017 20:38:26 GMT
server
nginx
etag
"779a-308e-55aaa791f67cd"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
status
200
cache-control
max-age=86400
accept-ranges
bytes
content-length
3931
expires
Sun, 24 Feb 2019 10:02:05 GMT
moneybile.js
ads.themoneytizer.com/ 		37 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/moneybile.js
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN12989 (HWNG, NL),
Reverse DNS
Software
nginx /
Resource Hash
94666aec361fee9a9294bb32a5bc11867e479d41c199dd6ec8053122ae105a4b

Request headers

Referer
http://urlz.fr/8Xbf
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 23 Feb 2019 10:02:21 GMT
content-encoding
gzip
last-modified
Tue, 26 Dec 2017 18:31:28 GMT
server
nginx
etag
"7ff1-9390-561427db3104d"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
status
200
cache-control
max-age=86400
accept-ranges
bytes
content-length
15733
expires
Sun, 24 Feb 2019 10:01:36 GMT
getjs.static.js
tag.contextweb.com/ 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://tag.contextweb.com/getjs.static.js
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol
HTTP/1.1
Server
74.214.194.131 Amsterdam, Netherlands, ASN59940 (PULSEPOINT-EU, NL),
Reverse DNS
Software
envoy /
Resource Hash
bf0e17523e8f57ccb02223b6e5adea462a5479afc4e79d9cbf80ca7f6186dc69

Request headers

Referer
http://urlz.fr/8Xbf
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 23 Feb 2019 10:02:21 GMT
content-encoding
gzip
server
envoy
etag
d13c8ae45565efb782b52cb7f6a3b3828e3d77a7
p3p
policyref="/TagPublish/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
max-age=432000, public
x-envoy-upstream-service-time
7
content-type
application/x-javascript
content-length
11296
px.js
p.cpx.to/p/11528/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://p.cpx.to/p/11528/px.js?r=1ecf4
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol
HTTP/1.1
Server
54.230.202.22 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-230-202-22.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
759d88dd7c8fa0d1e31323bd2ebf3f238156fdcbd1ed108215f69fece482d0c2

Request headers

Referer
http://urlz.fr/8Xbf
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 14 Feb 2019 08:40:18 GMT
Content-Encoding
UTF-8
Last-Modified
Wed, 10 Oct 2018 10:49:46 GMT
Server
AmazonS3
Age
782524
ETag
"f30057c89bf67afeaf18ceba624fa4b7"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 bd5652a800046ffa43683320c0e731b4.cloudfront.net (CloudFront)
Cache-Control
max-age=2419200
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1498
X-Amz-Cf-Id
7stmdJBDXfxY2KFhROsrga6a_rC0Y3QiBSgeYZhYdeCy81V5KXPwVg==
notifyme.js
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/ 		25 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol
HTTP/1.1
Server
52.85.182.149 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-85-182-149.fra50.r.cloudfront.net
Software
Apache /
Resource Hash
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213

Request headers

Referer
http://urlz.fr/8Xbf
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 22 Feb 2019 16:55:31 GMT
Via
1.1 7922e01ab53e8f36477272573223ab35.cloudfront.net (CloudFront)
Last-Modified
Mon, 18 Feb 2019 16:54:28 GMT
Server
Apache
Age
61635
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25704
X-Amz-Cf-Id
bzbfXGGjZE2Nn_g3j2jb1VdWDQQ_g6bGdT0fs_y9q869mUlyYxTzVw==
smart.js
ced-ns.sascdn.com/diff/js/
Redirect Chain
  • http://ww1097.smartadserver.com/config.js?nwid=1097
  • http://ced-ns.sascdn.com/diff/js/smart.js
23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ced-ns.sascdn.com/diff/js/smart.js
Protocol
HTTP/1.1
Server
68.232.35.16 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/40E6) /
Resource Hash
26517193e17e52b864db99512527c75112afb1290eee8b7d4548e23082f0e876

Request headers

Referer
http://urlz.fr/8Xbf
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 23 Feb 2019 10:02:21 GMT
Content-Encoding
gzip
Last-Modified
Mon, 11 Feb 2019 13:12:51 GMT
Server
ECS (fcn/40E6)
X-N
S
Etag
"18d57cd29660668e0675302a0f212fc1:1549890771"
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
application/x-javascript
Cache-Control
max-age=86400
Accept-Ranges
bytes
Content-Length
7698

Redirect headers

Location
http://ced-ns.sascdn.com/diff/js/smart.js
Date
Sat, 23 Feb 2019 10:02:21 GMT
Cache-Control
public, no-cache="Set-Cookie", max-age=3600
Content-Type
text/html; charset=utf-8
ETag
"6073DDD0967791CA18E2159BAE793A64"
Content-Length
158
Expires
Sat, 23 Feb 2019 11:02:21 GMT
sync
gum.criteo.com/ 		49 B
305 B 		Script
General
Check archive.org
Download Go to
Full URL
http://gum.criteo.com/sync?c=147&r=2&j=criteoCallback
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol
HTTP/1.1
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0

Request headers

Referer
http://urlz.fr/8Xbf
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 23 Feb 2019 10:02:20 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=3600
Content-Length
49
Expires
60
libJsLP.js
tag.leadplace.fr/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://tag.leadplace.fr/libJsLP.js
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol
HTTP/1.1
Server
147.135.143.43 Waltham, United States, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
90e6f92e956b0b2b6e655f63d36cd44cef727f54c2b2a175ab5144de14ba2a31

Request headers

Referer
http://urlz.fr/8Xbf
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 23 Feb 2019 10:02:21 GMT
Last-Modified
Wed, 28 Nov 2018 09:16:40 GMT
Server
nginx/1.14.2
ETag
"5bfe5cf8-a72"
X-IPLB-Instance
13163
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
2674
/
rtb-csync.smartadserver.com/redir/
Redirect Chain
  • http://id5-sync.com/i/12/9.gif
  • http://id5-sync.com/c/12/0/9/1.gif
  • http://ib.adnxs.com/getuid?http://id5-sync.com/c/12/2/8/2.gif?puid=$UID
  • http://ib.adnxs.com/bounce?%2Fgetuid%3Fhttp%3A%2F%2Fid5-sync.com%2Fc%2F12%2F2%2F8%2F2.gif%3Fpuid%3D%24UID
  • http://id5-sync.com/c/12/2/8/2.gif?puid=7765773284666874037
  • http://c1.adform.net/serving/cookie/match?party=1135&callback=http%3A%2F%2Fid5-sync.com%2Fc%2F12%2F10%2F7%2F3.gif%3Fpuid%3D%5Badformuid%5D
  • http://c1.adform.net/serving/cookie/match?CC=1&party=1135&callback=http%3A%2F%2Fid5-sync.com%2Fc%2F12%2F10%2F7%2F3.gif%3Fpuid%3D%5Badformuid%5D
  • http://id5-sync.com/c/12/10/7/3.gif?puid=7349143495359786273
  • http://ads.creative-serving.com/id5_cm?callback=http%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F6%2F4.gif%3Fpuid%3D%5BUID%5D
  • http://ads.creative-serving.com/ul_cb/id5_cm?callback=http%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F6%2F4.gif%3Fpuid%3D%5BUID%5D
  • http://id5-sync.com/c/12/101/6/4.gif?puid=5249e641-cd28-401c-bf6c-b0578c2637c1
  • http://rtb-csync.smartadserver.com/redir/?partnerid=111&partneruserid=ID5-SWe62plfawSWT75gwpjdi7Sf_vzzJfm1_0Qig3N7Kw&redirurl=http%3A%2F%2Fid5-sync.com%2Fc%2F12%2F102%2F5%2F5.gif%3Fpuid%3DSMART_USE...
0
0
quant.js
edge.quantserve.com/ 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://edge.quantserve.com/quant.js
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol
HTTP/1.1
Server
18.195.84.125 Cambridge, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-195-84-125.eu-central-1.compute.amazonaws.com
Software
QS /
Resource Hash
404a9b0ffbcc813e8ddbb8d8510a24a69c09079282f8083ee94f4adc5d627176

Request headers

Referer
http://urlz.fr/8Xbf
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 23 Feb 2019 10:02:21 GMT
Content-Encoding
gzip
Last-Modified
Sat, 23-Feb-2019 10:02:21 GMT
Server
QS
ETag
M0-e2b9884a
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=604800
Connection
keep-alive
Content-Length
5456
Expires
Sat, 02 Mar 2019 10:02:21 GMT
prebid.js
ads.themoneytizer.com/moneybid1_39/build/dist/ 		271 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/moneybid1_39/build/dist/prebid.js
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN12989 (HWNG, NL),
Reverse DNS
Software
nginx /
Resource Hash
1617ade5ea3ecc2ae90f24d08b42edb9f46a30730ff606cbbd8ccbcf19a4a16a

Request headers

Referer
http://urlz.fr/8Xbf
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 23 Feb 2019 10:02:21 GMT
content-encoding
gzip
last-modified
Fri, 22 Feb 2019 20:23:17 GMT
server
nginx
etag
"1b9b6-43a55-582815c7e4cb1"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
status
200
cache-control
max-age=86400
accept-ranges
bytes
content-length
87434
expires
Sun, 24 Feb 2019 10:01:43 GMT
sdk.js
player.pepsia.com/ 		37 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://player.pepsia.com/sdk.js?d=16919ce418d
Requested by
Host: s.id
URL: https://s.id/3pH-m
Protocol
HTTP/1.1
Server
5.179.192.20 , France, ASN34235 (ASPSERVEUR-AS, FR),
Reverse DNS
5-179-192-20.dynamixhost.net
Software
nginx /
Resource Hash
66171501c2a2df0ccfb7e034730b81578492b3508f54e05b0c3847e81c8b8bb2

Request headers

Referer
http://urlz.fr/8Xbf
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 23 Feb 2019 10:02:21 GMT
Last-Modified
Tue, 19 Feb 2019 15:33:45 GMT
Server
nginx
Accept-Ranges
bytes
ETag
"5c6c21d9-9462"
Content-Length
37986
Content-Type
application/javascript
index.html
u334891frl.ha002.t.justns.ru/imex/ Frame 4D37
Redirect Chain
  • http://u334891frl.ha002.t.justns.ru/imex
  • http://u334891frl.ha002.t.justns.ru/imex/
  • http://u334891frl.ha002.t.justns.ru/imex/index.html
0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://u334891frl.ha002.t.justns.ru/imex/index.html
Requested by
Host: s.id
URL: https://s.id/3pH-m
Protocol
HTTP/1.1
Server
2a00:b700::6:a , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash

Request headers

Host
u334891frl.ha002.t.justns.ru
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://urlz.fr/8Xbf
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://urlz.fr/8Xbf

Response headers

ETag
"55d5-5c6ba09b-b189bbcf36cf4d4e;gz"
Last-Modified
Tue, 19 Feb 2019 06:22:19 GMT
Content-Type
text/html
Content-Length
6653
Accept-Ranges
bytes
Content-Encoding
gzip
Vary
Accept-Encoding,User-Agent
Date
Sat, 23 Feb 2019 10:02:21 GMT
Server
LiteSpeed
Connection
close

Redirect headers

Location
index.html
Content-Type
text/html; charset=UTF-8
Content-Length
0
Date
Sat, 23 Feb 2019 10:02:21 GMT
Server
LiteSpeed
Cache-Control
no-cache, no-store, must-revalidate, max-age=0
Vary
User-Agent
Connection
close
image.php
www.noowho.com/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.noowho.com/image.php?site=23690713&ref=http://christ9000.temp.swtest.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.23.196.203 , France, ASN16276 (OVH, FR),
Reverse DNS
serveur8.wilsoftech.com
Software
Apache/2.4.7 (Ubuntu) / PHP/5.5.9-1ubuntu4.22
Resource Hash
d2999c107429e0a9eec0ff8abad8ed21b92f720e14264deed24a4538814f6be6

Request headers

Referer
http://urlz.fr/8Xbf
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 23 Feb 2019 10:06:04 GMT
Cache-Control
no-store, no-cache, must-revalidate
Server
Apache/2.4.7 (Ubuntu)
Connection
close
X-Powered-By
PHP/5.5.9-1ubuntu4.22
Content-Length
1448
Content-Type
image/gif
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.0.0/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Requested by
Host: d2zur9cc2gf1tx.cloudfront.net
URL: http://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:815::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://urlz.fr/8Xbf
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 17 Jan 2019 18:15:08 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 20 Dec 2016 18:17:03 GMT
Server
sffe
Age
3167233
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
30186
X-XSS-Protection
1; mode=block
Expires
Fri, 17 Jan 2020 18:15:08 GMT
fire.js
s.cpx.to/ 		946 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.cpx.to/fire.js?pid=11528&ref=http%3A%2F%2Fchrist9000.temp.swtest.ru%2F&hn_ver=10&fid=5a08625a-3a90-4266-a2b0-9820fc8bfeb3
Requested by
Host: p.cpx.to
URL: http://p.cpx.to/p/11528/px.js?r=1ecf4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.43.73 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-229-43-73.eu-west-1.compute.amazonaws.com
Software
akka-http/2.4.17 /
Resource Hash
ae9cbdcfe182cfb1e10cdcf7df9f4eb2c57054e4330a22a1caca6979d57b2ca3

Request headers

Referer
http://urlz.fr/8Xbf
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Feb 2019 10:02:21 GMT
Server
akka-http/2.4.17
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Type
text/plain; charset=UTF-8
Content-Length
946
Expires
Tue, 05 Feb 2019 11:16:36 GMT
prebid
ib.adnxs.com/ut/v3/ 		373 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid1_39/build/dist/prebid.js
Protocol
HTTP/1.1
Server
185.33.223.210 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
Software
nginx/1.13.4 /
Resource Hash
b36a9589dc0bfbc6d554b7379a677a215bb19adea0b0e3fe8afecf68fa12f07f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://urlz.fr/8Xbf
Origin
http://urlz.fr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 23 Feb 2019 10:02:23 GMT
X-Proxy-Origin
185.220.70.202; 185.220.70.202; 307.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.43:80
AN-X-Request-Uuid
6fb79f6e-6aa3-4c15-8ede-793cc4437d1a
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
http://urlz.fr
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
373
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ 		67 B
548 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=5224337&componentId=mustang&timestamp=1550916141539&pKey=-2002437100&_fw_gdpr_consent=undefined&loc=http%3A%2F%2Furlz.fr%2F8Xbf&playerSize=640x480&
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid1_39/build/dist/prebid.js
Protocol
HTTP/1.1
Server
2.18.234.233 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer
http://urlz.fr/8Xbf
Origin
http://urlz.fr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 23 Feb 2019 10:02:21 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
http://urlz.fr
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1550916141689004-163
Expires
Sat, 23 Feb 2019 10:02:21 GMT
hb
ad.360yield.com/ul_cb/
Redirect Chain
  • http://ad.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22id%22%3A%22154e7b630d4fb21%22%2C%22version%22%3A%225.0.0-JS-5.2.0%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2210c6af89bf160fb%22%2C%22pid%22%3A...
  • http://ad.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22id%22%3A%22154e7b630d4fb21%22%2C%22version%22%3A%225.0.0-JS-5.2.0%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2210c6af89bf160fb%22%2C%22pid...
0
-1 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://ad.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22id%22%3A%22154e7b630d4fb21%22%2C%22version%22%3A%225.0.0-JS-5.2.0%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2210c6af89bf160fb%22%2C%22pid%22%3A%221121190%22%2C%22tid%22%3A%22e6270728-85c9-4153-85f3-ed600a178e51%22%2C%22banner%22%3A%7B%7D%7D%2C%7B%22id%22%3A%221132b2a2718a80c%22%2C%22pid%22%3A%221121191%22%2C%22tid%22%3A%22c7554928-1edd-4144-ac75-77d396eef5aa%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D
Protocol
HTTP/1.1
Server
52.29.212.156 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-29-212-156.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Referer
http://urlz.fr/8Xbf
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 23 Feb 2019 10:02:21 GMT
Server
nginx
Location
http://ad.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22id%22%3A%22154e7b630d4fb21%22%2C%22version%22%3A%225.0.0-JS-5.2.0%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2210c6af89bf160fb%22%2C%22pid%22%3A%221121190%22%2C%22tid%22%3A%22e6270728-85c9-4153-85f3-ed600a178e51%22%2C%22banner%22%3A%7B%7D%7D%2C%7B%22id%22%3A%221132b2a2718a80c%22%2C%22pid%22%3A%221121191%22%2C%22tid%22%3A%22c7554928-1edd-4144-ac75-77d396eef5aa%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
http://urlz.fr
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0

Redirect headers

Date
Sat, 23 Feb 2019 10:02:21 GMT
Server
nginx
Access-Control-Allow-Origin
http://urlz.fr
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
http://ad.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22id%22%3A%22154e7b630d4fb21%22%2C%22version%22%3A%225.0.0-JS-5.2.0%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2210c6af89bf160fb%22%2C%22pid%22%3A%221121190%22%2C%22tid%22%3A%22e6270728-85c9-4153-85f3-ed600a178e51%22%2C%22banner%22%3A%7B%7D%7D%2C%7B%22id%22%3A%221132b2a2718a80c%22%2C%22pid%22%3A%221121191%22%2C%22tid%22%3A%22c7554928-1edd-4144-ac75-77d396eef5aa%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		255 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11740&site_id=39544&zone_id=1078226&size_id=2&p_pos=unknown&rf=https%3A%2F%2Furlz.fr&kw=15056&tg_i.siteid=15056&tk_flint=pbjs_lite_v1.39.0&x_source.tid=e6270728-85c9-4153-85f3-ed600a178e51&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=0&slots=1&rand=0.11775322623498119
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid1_39/build/dist/prebid.js
Protocol
HTTP/1.1
Server
213.19.162.61 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
601fd228c5e0fc340545de5ee71737c3c77a45de8f1df49d23ded96e1f351673

Request headers

Referer
http://urlz.fr/8Xbf
Origin
http://urlz.fr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 23 Feb 2019 10:02:21 GMT
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
http://urlz.fr
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=0, max=6
Content-Length
255
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		255 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11740&site_id=39544&zone_id=1078310&size_id=2&p_pos=unknown&rf=https%3A%2F%2Furlz.fr&kw=15056&tg_i.siteid=15056&tk_flint=pbjs_lite_v1.39.0&x_source.tid=c7554928-1edd-4144-ac75-77d396eef5aa&p_screen_res=1600x1200&rp_floor=0.37&rp_secure=0&slots=1&rand=0.919903279666392
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid1_39/build/dist/prebid.js
Protocol
HTTP/1.1
Server
213.19.162.61 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
e76bb8f83a9774a20f89fa26196815ebff40814058cd382f0a930c343faa69b0

Request headers

Referer
http://urlz.fr/8Xbf
Origin
http://urlz.fr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 23 Feb 2019 10:02:21 GMT
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
http://urlz.fr
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=0, max=9
Content-Length
255
Expires
Wed, 17 Sep 1975 21:32:10 GMT
wckr.php
tag.leadplace.fr/ Frame 4F3D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://tag.leadplace.fr/wckr.php?nogdpr&id=MTIZ
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol
HTTP/1.1
Server
147.135.143.43 Waltham, United States, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash

Request headers

Host
tag.leadplace.fr
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://urlz.fr/8Xbf
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://urlz.fr/8Xbf

Response headers

Server
nginx/1.14.2
Date
Sat, 23 Feb 2019 10:02:21 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
X-IPLB-Instance
13163
rules-p-6Fv0cGNfc_bw8.js
rules.quantcount.com/
Redirect Chain
  • http://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
  • https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
1 KB
949 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200d:b800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681

Request headers

Referer
http://urlz.fr/8Xbf
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 23 Feb 2019 09:29:28 GMT
content-encoding
gzip
last-modified
Mon, 19 Mar 2018 22:28:36 GMT
server
AmazonS3
age
1974
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
status
200
cache-control
max-age=3600
x-amz-cf-id
9rZFt8TU-UFAJzYIibND_aXNjWRKrthdKHRVEyZJzJvhQ5yzqYYNeA==
via
1.1 7b48191d48ad0a2b3616c20acd7fbc1c.cloudfront.net (CloudFront)

Redirect headers

Date
Sat, 23 Feb 2019 10:02:21 GMT
Via
1.1 fb7ff691963d3e3600808dccbe4422d2.cloudfront.net (CloudFront)
Server
CloudFront
X-Cache
Redirect from cloudfront
Content-Type
text/html
Location
https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Connection
keep-alive
Content-Length
183
X-Amz-Cf-Id
ifKZOjB1c3oSpHHBOfuzLqvLrTp5vmb4axLWqzFCcb59wiWz5_mhrg==
notifyme.php
adtrack.adleadevent.com/ 		0
517 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
Requested by
Host: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.203.167 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-228-203-167.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
http://urlz.fr/8Xbf
Origin
http://urlz.fr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Feb 2019 10:02:21 GMT
Content-Encoding
gzip
Last-Modified
Sat, 23 Feb 2019 10:02:21 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
http://urlz.fr
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
Expires
Sat, 26 Jul 1997 05:00:00 GMT
/
player.pepsia.com/V2/ 		42 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://player.pepsia.com/V2/?token=00I4&autoplay=1&logo=true&volume=1&api=1&id=0&origin=http://urlz.fr&d=16919ce4253
Requested by
Host: player.pepsia.com
URL: http://player.pepsia.com/sdk.js?d=16919ce418d
Protocol
HTTP/1.1
Server
5.179.192.20 , France, ASN34235 (ASPSERVEUR-AS, FR),
Reverse DNS
5-179-192-20.dynamixhost.net
Software
nginx /
Resource Hash
dd662b6e50e8121af3a3fcdb888012d0eadcefde358452e9b2f45e9980d86325

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://urlz.fr/8Xbf
Origin
http://urlz.fr

Response headers

Access-Control-Allow-Origin
http://urlz.fr
Date
Sat, 23 Feb 2019 10:02:21 GMT
Content-Encoding
gzip
Access-Control-Allow-Credentials
true
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
algo.php
player.pepsia.com/V2/ 		1 KB
638 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://player.pepsia.com/V2/algo.php?token=00I4&num=9&origin=http://urlz.fr&d=16919ce4254
Requested by
Host: player.pepsia.com
URL: http://player.pepsia.com/sdk.js?d=16919ce418d
Protocol
HTTP/1.1
Server
5.179.192.20 , France, ASN34235 (ASPSERVEUR-AS, FR),
Reverse DNS
5-179-192-20.dynamixhost.net
Software
nginx /
Resource Hash
919746e3d7edc1db8cec9e0d72bc4fa361e1951bc9f31da31b2f76734321a383

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://urlz.fr/8Xbf
Origin
http://urlz.fr

Response headers

Access-Control-Allow-Origin
http://urlz.fr
Date
Sat, 23 Feb 2019 10:02:21 GMT
Content-Encoding
gzip
Access-Control-Allow-Credentials
true
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
ca.png
s.cpx.to/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=5a08625a-3a90-4266-a2b0-9820fc8bfeb3
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm=&dsp=dbm&fid=5a08625a-3a90-4266-a2b0-9820fc8bfeb3&google_tc=
  • https://s.cpx.to/ca.png?dsp=dbm&fid=5a08625a-3a90-4266-a2b0-9820fc8bfeb3&google_gid=CAESEN6sZfaAfKbWfZkmFWO2_34&google_cver=1
95 B
492 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/ca.png?dsp=dbm&fid=5a08625a-3a90-4266-a2b0-9820fc8bfeb3&google_gid=CAESEN6sZfaAfKbWfZkmFWO2_34&google_cver=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.43.73 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-229-43-73.eu-west-1.compute.amazonaws.com
Software
akka-http/2.4.17 /
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Request headers

Referer
http://urlz.fr/8Xbf
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 23 Feb 2019 10:02:21 GMT
Server
akka-http/2.4.17
Connection
keep-alive
Content-Length
95
Content-Type
image/png

Redirect headers

pragma
no-cache
date
Sat, 23 Feb 2019 10:02:21 GMT
server
HTTP server (unknown)
location
https://s.cpx.to/ca.png?dsp=dbm&fid=5a08625a-3a90-4266-a2b0-9820fc8bfeb3&google_gid=CAESEN6sZfaAfKbWfZkmFWO2_34&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
302
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39",quic=":443"; ma=2592000; v="44,43,39"
content-length
334
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
an_fire
s.cpx.to/
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D11528%26ref%3Dhttp%253A%252F%252Fchrist9000.temp.swtest.ru%252F%26hn_ver%3D10%26fid%3D5a08625a-3a90...
  • https://s.cpx.to/an_fire?app_nexus_uid=4567907578020829203&pid=11528&ref=http%3A%2F%2Fchrist9000.temp.swtest.ru%2F&hn_ver=10&fid=5a08625a-3a90-4266-a2b0-9820fc8bfeb3
95 B
633 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/an_fire?app_nexus_uid=4567907578020829203&pid=11528&ref=http%3A%2F%2Fchrist9000.temp.swtest.ru%2F&hn_ver=10&fid=5a08625a-3a90-4266-a2b0-9820fc8bfeb3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.43.73 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-229-43-73.eu-west-1.compute.amazonaws.com
Software
akka-http/2.4.17 /
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Request headers

Referer
http://urlz.fr/8Xbf
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Feb 2019 10:02:21 GMT
Server
akka-http/2.4.17
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Type
image/png
Content-Length
95
Expires
Sat, 23 Feb 2019 10:02:21 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 23 Feb 2019 10:02:23 GMT
AN-X-Request-Uuid
5f1357de-b1eb-424b-a49f-6e1349640438
Content-Type
text/html; charset=utf-8
Server
nginx/1.13.4
Location
https://s.cpx.to/an_fire?app_nexus_uid=4567907578020829203&pid=11528&ref=http%3A%2F%2Fchrist9000.temp.swtest.ru%2F&hn_ver=10&fid=5a08625a-3a90-4266-a2b0-9820fc8bfeb3
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.220.70.202; 185.220.70.202; 244.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.68:80
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
s.cpx.to/
Redirect Chain
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D5a08625a-3a90-4266-a2b0-9820fc8bfeb3
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D5a08625a-3a90-4266-a2b0-9820fc8bfeb3
  • https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=AB594511-57DE-410C-B485-4597AC142318&fid=5a08625a-3a90-4266-a2b0-9820fc8bfeb3
95 B
649 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=AB594511-57DE-410C-B485-4597AC142318&fid=5a08625a-3a90-4266-a2b0-9820fc8bfeb3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.43.73 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-229-43-73.eu-west-1.compute.amazonaws.com
Software
akka-http/2.4.17 /
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Request headers

Referer
http://urlz.fr/8Xbf
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Feb 2019 10:02:21 GMT
Server
akka-http/2.4.17
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Type
image/png
Content-Length
95
Expires
Sat, 23 Feb 2019 10:02:21 GMT

Redirect headers

Location
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=AB594511-57DE-410C-B485-4597AC142318&fid=5a08625a-3a90-4266-a2b0-9820fc8bfeb3
Date
Sat, 23 Feb 2019 10:02:21 GMT
X-Cnection
close
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Content-Length
448
Content-Type
text/html; charset=iso-8859-1
sync
s.cpx.to/
Redirect Chain
  • https://d.turn.com/r/dd/id/L21rdC8xMjgwL2NpZC8xNzQ4MDc2NjU4L3QvMg/url/https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Damobee%26dsp_uid%3D%24%21%7BTURN_UUID%7D%26fid%3D5a08625a-3a90-4266-a2b0-9820fc8bfeb3
  • https://s.cpx.to/sync?dsp=amobee&dsp_uid=8520938729002797581&fid=5a08625a-3a90-4266-a2b0-9820fc8bfeb3
95 B
630 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/sync?dsp=amobee&dsp_uid=8520938729002797581&fid=5a08625a-3a90-4266-a2b0-9820fc8bfeb3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.43.73 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-229-43-73.eu-west-1.compute.amazonaws.com
Software
akka-http/2.4.17 /
Resource Hash

Request headers

Referer
http://urlz.fr/8Xbf
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Feb 2019 10:02:21 GMT
Server
akka-http/2.4.17
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Type
image/png
Content-Length
95
Expires
Sat, 23 Feb 2019 10:02:21 GMT

Redirect headers

Location
https://s.cpx.to/sync?dsp=amobee&dsp_uid=8520938729002797581&fid=5a08625a-3a90-4266-a2b0-9820fc8bfeb3
Pragma
no-cache
Date
Sat, 23 Feb 2019 10:02:20 GMT
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Server
Apache-Coyote/1.1
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sync
s.cpx.to/
Redirect Chain
  • https://ads.avocet.io/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Davocet%26dsp_uid%3D%7B%7BUUID%7D%7D%26fid%3D5a08625a-3a90-4266-a2b0-9820fc8bfeb3
  • https://ads.avocet.io/getuid?bounce=true&url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Davocet%26dsp_uid%3D%7B%7BUUID%7D%7D%26fid%3D5a08625a-3a90-4266-a2b0-9820fc8bfeb3
  • https://s.cpx.to/sync?dsp=avocet&dsp_uid=4b6f72a8-565b-4962-bf15-c548204793f7&fid=5a08625a-3a90-4266-a2b0-9820fc8bfeb3
95 B
647 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/sync?dsp=avocet&dsp_uid=4b6f72a8-565b-4962-bf15-c548204793f7&fid=5a08625a-3a90-4266-a2b0-9820fc8bfeb3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.43.73 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-229-43-73.eu-west-1.compute.amazonaws.com
Software
akka-http/2.4.17 /
Resource Hash

Request headers

Referer
http://urlz.fr/8Xbf
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Feb 2019 10:02:21 GMT
Server
akka-http/2.4.17
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Type
image/png
Content-Length
95
Expires
Sat, 23 Feb 2019 10:02:21 GMT

Redirect headers

Location
https://s.cpx.to/sync?dsp=avocet&dsp_uid=4b6f72a8-565b-4962-bf15-c548204793f7&fid=5a08625a-3a90-4266-a2b0-9820fc8bfeb3
Date
Sat, 23 Feb 2019 10:02:21 GMT
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
149
P3p
policyref="http://cdn.avocet.io/w3c/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
analytics.js
www.google-analytics.com/ Frame E3F3 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: s.id
URL: https://s.id/3pH-m
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:809::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://urlz.fr/8Xbf
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 16 Jan 2019 20:01:45 GMT
server
Golfe2
age
5448
date
Sat, 23 Feb 2019 08:31:33 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
17543
expires
Sat, 23 Feb 2019 10:31:33 GMT
all.js
api.dmcdn.net/ Frame E3F3 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.dmcdn.net/all.js
Requested by
Host: player.pepsia.com
URL: http://player.pepsia.com/sdk.js?d=16919ce418d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.140.239.36 , United Kingdom, ASN22822 (LLNW - Limelight Networks, Inc., US),
Reverse DNS
https-95-140-239-36.cdg.llnw.net
Software
DMS/1.0.42 /
Resource Hash
f926110fb4f29edf2d7929e75935325efb2339cc51952828b730c644c92785bf

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://urlz.fr/8Xbf
Origin
http://urlz.fr

Response headers

date
Sat, 23 Feb 2019 10:02:21 GMT
content-encoding
gzip
last-modified
Thu, 20 Sep 2018 10:48:47 GMT
server
DMS/1.0.42
age
4336533
etag
"5ba37b0f-6d98"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=43200, s-maxage=3600
accept-ranges
bytes
access-control-allow-origin
*
content-length
9279
expires
Fri, 04 Jan 2019 06:26:48 GMT
glyphicons-halflings-regular.woff2
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/fonts/ Frame E3F3 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/fonts/glyphicons-halflings-regular.woff2
Requested by
Host: player.pepsia.com
URL: http://player.pepsia.com/sdk.js?d=16919ce418d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.197.3.15 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
vip0x00f.map2.ssl.hwcdn.net
Software
/
Resource Hash
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://urlz.fr/8Xbf
Origin
http://urlz.fr

Response headers

date
Sat, 23 Feb 2019 10:02:21 GMT
content-encoding
gzip
last-modified
Wed, 12 Dec 2018 18:36:18 GMT
access-control-allow-origin
*
etag
"1544639778"
vary
Accept-Encoding
x-cache
HIT
content-type
font/woff2
status
200
cache-control
public, max-age=31536000
x-hello-human
Say hello back! @getBootstrapCDN on Twitter
accept-ranges
bytes
timing-allow-origin
*
content-length
18056
truncated
/ Frame E3F3 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Response headers

Content-Type
image/gif
favicon.ico
www.ca-aquitaine.fr/ Frame E3F3 		766 B
783 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ca-aquitaine.fr/favicon.ico
Requested by
Host: urlz.fr
URL: http://urlz.fr/8Xbf
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
158.191.172.76 , France, ASN9159 (, FR),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://urlz.fr/8Xbf
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 23 Feb 2019 10:02:21 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Sat, 20 Oct 2007 10:32:50 GMT
Server
Apache
ETag
"2fe-43cea2c528303"
Vary
Accept-Encoding
P3P
CP="ALL DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Type
image/vnd.microsoft.icon
Keep-Alive
timeout=5, max=100
Content-Length
224
X-XSS-Protection
1; mode=block
Cookie set embed
www.dailymotion.com/ Frame 374F
Redirect Chain
  • http://www.dailymotion.com/embed?api=postMessage&autoplay-mute=true&autoplay=true&controls=false&endscreen-enable=false&id=player_screen_video&mute=true&origin=http%3A%2F%2Furlz.fr&sharing-enable=f...
  • https://www.dailymotion.com/embed?api=postMessage&autoplay-mute=true&autoplay=true&controls=false&endscreen-enable=false&id=player_screen_video&mute=true&origin=http%3A%2F%2Furlz.fr&sharing-enable=...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.dailymotion.com/embed?api=postMessage&autoplay-mute=true&autoplay=true&controls=false&endscreen-enable=false&id=player_screen_video&mute=true&origin=http%3A%2F%2Furlz.fr&sharing-enable=false&syndication=273739&ui-logo=false&ui-start-screen-info=false
Requested by
Host: api.dmcdn.net
URL: https://api.dmcdn.net/all.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.8.215.136 , France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
www.dailymotion.com
Software
DMS/1.0.42 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31708800; includeSubDomains

Request headers

Host
www.dailymotion.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://urlz.fr/8Xbf
Accept-Encoding
gzip, deflate, br
Cookie
v1st=410A913CE33FDEAE1F7E7F0ABE75B11B
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://urlz.fr/8Xbf

Response headers

Content-Security-Policy-Report-Only
default-src https: blob: wss: data: android-webview-video-poster: android-webview: chrome-extension: safari-extension: 'unsafe-eval' 'unsafe-inline'; report-uri https://www.dailymotion.com/content_security_policy_report_uri
Server
DMS/1.0.42
X-DM-BackNode
web-525.adm.dc3.dailymotion.com:80
Vary
X-DM-SSL,Accept-Encoding
Cache-Control
no-cache, no-store
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Content-Security-Policy
upgrade-insecure-requests
Access-Control-Expose-Headers
X-DM-BackNode-Response-Time
Strict-Transport-Security
max-age=31708800; includeSubDomains
Date
Sat, 23 Feb 2019 10:02:21 GMT
Keep-Alive
timeout=60, max=4989
X-DM-LB-IP
195.8.215.136
X-DM-LB-Name
lb-09
X-DM-BackNode-Response-Time
24
Connection
Keep-Alive
Set-Cookie
ts=482952; expires=Mon, 23-Mar-2020 10:02:21 GMT; Max-Age=34041600; path=/; domain=.dailymotion.com dmvk=5c711a2de52ea; path=/; domain=.dailymotion.com
X-Dm-Page
de.embed.embed_player
Content-Length
12222

Redirect headers

Server
DMS/1.0.42
X-DM-BackNode
web-708.adm.dc3.dailymotion.com:80
Vary
X-DM-SSL
Content-Type
text/html; charset=UTF-8
Access-Control-Expose-Headers
X-DM-BackNode-Response-Time
Date
Sat, 23 Feb 2019 10:02:21 GMT
Location
https://www.dailymotion.com/embed?api=postMessage&autoplay-mute=true&autoplay=true&controls=false&endscreen-enable=false&id=player_screen_video&mute=true&origin=http%3A%2F%2Furlz.fr&sharing-enable=false&syndication=273739&ui-logo=false&ui-start-screen-info=false
Keep-Alive
timeout=60, max=4990
X-DM-LB-IP
195.8.215.136
X-DM-LB-Name
lb-09
X-DM-BackNode-Response-Time
29
Connection
Keep-Alive
Set-Cookie
v1st=410A913CE33FDEAE1F7E7F0ABE75B11B; expires=Tue, 24 Mar 2020 10:02:20 GMT; max-age=34128000; path=/; domain=.dailymotion.com
Content-Length
0
hb
ad.360yield.com/ul_cb/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://ad.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22id%22%3A%22154e7b630d4fb21%22%2C%22version%22%3A%225.0.0-JS-5.2.0%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2210c6af89bf160fb%22%2C%22pid%22%3A%221121190%22%2C%22tid%22%3A%22e6270728-85c9-4153-85f3-ed600a178e51%22%2C%22banner%22%3A%7B%7D%7D%2C%7B%22id%22%3A%221132b2a2718a80c%22%2C%22pid%22%3A%221121191%22%2C%22tid%22%3A%22c7554928-1edd-4144-ac75-77d396eef5aa%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D
Protocol
HTTP/1.1
Server
52.29.212.156 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-29-212-156.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Referer
http://urlz.fr/8Xbf
Origin
http://urlz.fr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 23 Feb 2019 10:02:21 GMT
Content-Encoding
gzip
Server
nginx
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
http://urlz.fr
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=UTF-8
Content-Length
2596
Primary Request index.html
u334891frl.ha002.t.justns.ru/imex/
Redirect Chain
  • http://u334891frl.ha002.t.justns.ru/imex
  • http://u334891frl.ha002.t.justns.ru/imex/
  • http://u334891frl.ha002.t.justns.ru/imex/index.html
21 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://u334891frl.ha002.t.justns.ru/imex/index.html
Requested by
Host: s.id
URL: https://s.id/3pH-m
Protocol
HTTP/1.1
Server
2a00:b700::6:a , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
513338f7ad46596ec12a717a06ccff98f54a7f4ffec67085d5b52e9ed9bf7f09

Request headers

Host
u334891frl.ha002.t.justns.ru
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://urlz.fr/8Xbf
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://urlz.fr/8Xbf

Response headers

ETag
"55d5-5c6ba09b-b189bbcf36cf4d4e;gz"
Last-Modified
Tue, 19 Feb 2019 06:22:19 GMT
Content-Type
text/html
Content-Length
6653
Accept-Ranges
bytes
Content-Encoding
gzip
Vary
Accept-Encoding,User-Agent
Date
Sat, 23 Feb 2019 10:02:21 GMT
Server
LiteSpeed
Connection
close

Redirect headers

Location
index.html
Content-Type
text/html; charset=UTF-8
Content-Length
0
Date
Sat, 23 Feb 2019 10:02:21 GMT
Server
LiteSpeed
Cache-Control
no-cache, no-store, must-revalidate, max-age=0
Vary
User-Agent
Connection
close
ac
ww1097.smartadserver.com/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ww1097.smartadserver.com/ac?nwid=1097&siteid=205724&pgid=890545&fmtid=30012&async=1&visit=m&tmstp=6232565349&tag=sas_30012&sh=1200&sw=1600&pgDomain=http%3A%2F%2Furlz.fr%2F8Xbf&noadcbk=sas.noad
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol
HTTP/1.1
Server
185.86.137.43 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
http://urlz.fr/8Xbf
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 23 Feb 2019 10:02:21 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
X-SMRT-D
3%3b20%3b111
P3P
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-SMRT-I
6361286
Cache-Control
no-cache, no-store
Content-Type
application/javascript; charset=utf-8
Content-Length
3024
Expires
-1
/
c.tmyzer.com/c/ 		0
0
sas-browser.js
ced-ns.sascdn.com/diff/templates/js/sas/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ced-ns.sascdn.com/diff/templates/js/sas/sas-browser.js
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol
HTTP/1.1
Server
68.232.35.16 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/40EB) /
Resource Hash

Request headers

Referer
http://urlz.fr/8Xbf
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 23 Feb 2019 10:02:22 GMT
Content-Encoding
gzip
Last-Modified
Mon, 27 Jul 2015 14:55:29 GMT
Server
ECS (fcn/40EB)
X-N
S
Etag
"f6e7332722340be0f535a70192991c6d:1438008929"
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
application/x-javascript
Cache-Control
max-age=86400
Accept-Ranges
bytes
Content-Length
945
sas-dom.js
ced-ns.sascdn.com/diff/templates/js/sas/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ced-ns.sascdn.com/diff/templates/js/sas/sas-dom.js
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol
HTTP/1.1
Server
68.232.35.16 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/4192) /
Resource Hash

Request headers

Referer
http://urlz.fr/8Xbf
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 23 Feb 2019 10:02:22 GMT
Content-Encoding
gzip
Last-Modified
Wed, 20 Aug 2014 13:05:03 GMT
Server
ECS (fcn/4192)
X-N
S
Etag
"6bf614f460a08462cb3319a924c9c36a:1408539903"
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
application/x-javascript
Cache-Control
max-age=86400
Accept-Ranges
bytes
Content-Length
1013
sas-banner-2.4.js
ced-ns.sascdn.com/diff/templates/js/banner/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ced-ns.sascdn.com/diff/templates/js/banner/sas-banner-2.4.js
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol
HTTP/1.1
Server
68.232.35.16 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/40AE) /
Resource Hash

Request headers

Referer
http://urlz.fr/8Xbf
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 23 Feb 2019 10:02:22 GMT
Content-Encoding
gzip
Last-Modified
Mon, 05 Dec 2016 13:14:52 GMT
Server
ECS (fcn/40AE)
X-N
S
Etag
"83d60385b6d9184ea8ee4b4ce681d960:1480943692"
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
application/x-javascript
Cache-Control
max-age=86400
Accept-Ranges
bytes
Content-Length
2211
view.asp
banners.webmasterplan.com/ Frame C521 		0
0
antiquus_002.css
u334891frl.ha002.t.justns.ru/imex/entreeBam_fichiers/ 		26 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://u334891frl.ha002.t.justns.ru/imex/entreeBam_fichiers/antiquus_002.css
Requested by
Host: u334891frl.ha002.t.justns.ru
URL: http://u334891frl.ha002.t.justns.ru/imex/index.html
Protocol
HTTP/1.1
Server
2a00:b700::6:a , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
a307d1f6262aaa120d2d8d18603e6b0eb9a7f58c2865d689a5a7c2d6b707fbbb

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
u334891frl.ha002.t.justns.ru
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://u334891frl.ha002.t.justns.ru/imex/index.html
Connection
keep-alive
Cache-Control
no-cache
Referer
http://u334891frl.ha002.t.justns.ru/imex/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 23 Feb 2019 10:02:22 GMT
Content-Encoding
gzip
Last-Modified
Tue, 19 Feb 2019 06:22:32 GMT
Server
LiteSpeed
ETag
"66a1-5c6ba0a8-18ef18df1cd9ab13;gz"
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
3823
Expires
Sat, 02 Mar 2019 10:02:22 GMT
antiquus.css
u334891frl.ha002.t.justns.ru/imex/entreeBam_fichiers/ 		26 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://u334891frl.ha002.t.justns.ru/imex/entreeBam_fichiers/antiquus.css
Requested by
Host: u334891frl.ha002.t.justns.ru
URL: http://u334891frl.ha002.t.justns.ru/imex/index.html
Protocol
HTTP/1.1
Server
2a00:b700::6:a , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
a307d1f6262aaa120d2d8d18603e6b0eb9a7f58c2865d689a5a7c2d6b707fbbb

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
u334891frl.ha002.t.justns.ru
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://u334891frl.ha002.t.justns.ru/imex/index.html
Connection
keep-alive
Cache-Control
no-cache
Referer
http://u334891frl.ha002.t.justns.ru/imex/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 23 Feb 2019 10:02:22 GMT
Content-Encoding
gzip
Last-Modified
Tue, 19 Feb 2019 06:22:32 GMT
Server
LiteSpeed
ETag
"66a1-5c6ba0a8-5730c2963e2671ee;gz"
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
3823
Expires
Sat, 02 Mar 2019 10:02:22 GMT
styles_002.css
u334891frl.ha002.t.justns.ru/imex/entreeBam_fichiers/ 		78 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://u334891frl.ha002.t.justns.ru/imex/entreeBam_fichiers/styles_002.css
Requested by
Host: u334891frl.ha002.t.justns.ru
URL: http://u334891frl.ha002.t.justns.ru/imex/index.html
Protocol
HTTP/1.1
Server
2a00:b700::6:a , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
f6b6ebd962eb5771760ecfd687419341e5cc2ae2275f27ec8ee18d238fe17b1f

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
u334891frl.ha002.t.justns.ru
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://u334891frl.ha002.t.justns.ru/imex/index.html
Connection
keep-alive
Cache-Control
no-cache
Referer
http://u334891frl.ha002.t.justns.ru/imex/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 23 Feb 2019 10:02:22 GMT
Content-Encoding
gzip
Last-Modified
Tue, 19 Feb 2019 06:22:43 GMT
Server
LiteSpeed
ETag
"1372f-5c6ba0b3-6ecb0a075069a31e;gz"
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
15243
Expires
Sat, 02 Mar 2019 10:02:22 GMT
styles.css
u334891frl.ha002.t.justns.ru/imex/entreeBam_fichiers/ 		78 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://u334891frl.ha002.t.justns.ru/imex/entreeBam_fichiers/styles.css
Requested by
Host: u334891frl.ha002.t.justns.ru
URL: http://u334891frl.ha002.t.justns.ru/imex/index.html
Protocol
HTTP/1.1
Server
2a00:b700::6:a , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
6355d2f569635d7ed7c4fa9286e79a5eb5ecc6b17d64f97e64687195a1d4e7c3

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
u334891frl.ha002.t.justns.ru
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://u334891frl.ha002.t.justns.ru/imex/index.html
Connection
keep-alive
Cache-Control
no-cache
Referer
http://u334891frl.ha002.t.justns.ru/imex/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 23 Feb 2019 10:02:22 GMT
Content-Encoding
gzip
Last-Modified
Tue, 19 Feb 2019 06:22:43 GMT
Server
LiteSpeed
ETag
"13738-5c6ba0b3-619f13cc8618ff77;gz"
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
15254
Expires
Sat, 02 Mar 2019 10:02:22 GMT
styles-mod_002.css
u334891frl.ha002.t.justns.ru/imex/entreeBam_fichiers/ 		12 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://u334891frl.ha002.t.justns.ru/imex/entreeBam_fichiers/styles-mod_002.css
Requested by
Host: u334891frl.ha002.t.justns.ru
URL: http://u334891frl.ha002.t.justns.ru/imex/index.html
Protocol
HTTP/1.1
Server
2a00:b700::6:a , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
be75bd4ece74fdb044d991fed3ebe153c99009970c90a171b24d2d8949e28bd8

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
u334891frl.ha002.t.justns.ru
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://u334891frl.ha002.t.justns.ru/imex/index.html
Connection
keep-alive
Cache-Control
no-cache
Referer
http://u334891frl.ha002.t.justns.ru/imex/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 23 Feb 2019 10:02:22 GMT
Content-Encoding
gzip
Last-Modified
Tue, 19 Feb 2019 06:22:41 GMT
Server
LiteSpeed
ETag
"2f03-5c6ba0b1-ad1983dcc8c70ca2;gz"
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
3400
Expires
Sat, 02 Mar 2019 10:02:22 GMT
styles-mod.css
u334891frl.ha002.t.justns.ru/imex/entreeBam_fichiers/ 		12 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://u334891frl.ha002.t.justns.ru/imex/entreeBam_fichiers/styles-mod.css
Requested by
Host: u334891frl.ha002.t.justns.ru
URL: http://u334891frl.ha002.t.justns.ru/imex/index.html
Protocol
HTTP/1.1
Server
2a00:b700::6:a , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
5a812b6d079563d5007a74f2e8a6fb3cb465b65e5199dc8976d9306e664e6fee

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
u334891frl.ha002.t.justns.ru
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://u334891frl.ha002.t.justns.ru/imex/index.html
Connection
keep-alive
Cache-Control
no-cache
Referer
http://u334891frl.ha002.t.justns.ru/imex/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 23 Feb 2019 10:02:22 GMT
Content-Encoding
gzip
Last-Modified
Tue, 19 Feb 2019 06:22:41 GMT
Server
LiteSpeed
ETag
"2f0a-5c6ba0b1-b58505114a9b3daf;gz"
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
3404
Expires
Sat, 02 Mar 2019 10:02:22 GMT
stb.css
u334891frl.ha002.t.justns.ru/imex/entreeBam_fichiers/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://u334891frl.ha002.t.justns.ru/imex/entreeBam_fichiers/stb.css
Requested by
Host: u334891frl.ha002.t.justns.ru
URL: http://u334891frl.ha002.t.justns.ru/imex/index.html
Protocol
HTTP/1.1
Server
2a00:b700::6:a , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
82bb557cf480b5f06d375306fdf9fb8bdfd9c3139250eeac4c56e65435cdddb3

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
u334891frl.ha002.t.justns.ru
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://u334891frl.ha002.t.justns.ru/imex/index.html
Connection
keep-alive
Cache-Control
no-cache
Referer
http://u334891frl.ha002.t.justns.ru/imex/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 23 Feb 2019 10:02:22 GMT
Content-Encoding
gzip
Last-Modified
Tue, 19 Feb 2019 06:22:40 GMT
Server
LiteSpeed
ETag
"a56-5c6ba0b0-df2dd43a63febc51;gz"
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
885
Expires
Sat, 02 Mar 2019 10:02:22 GMT
infosbulle.js
u334891frl.ha002.t.justns.ru/imex/entreeBam_fichiers/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://u334891frl.ha002.t.justns.ru/imex/entreeBam_fichiers/infosbulle.js
Requested by
Host: u334891frl.ha002.t.justns.ru
URL: http://u334891frl.ha002.t.justns.ru/imex/index.html
Protocol
HTTP/1.1
Server
2a00:b700::6:a , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
u334891frl.ha002.t.justns.ru
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://u334891frl.ha002.t.justns.ru/imex/index.html
Connection
keep-alive
Cache-Control
no-cache
Referer
http://u334891frl.ha002.t.justns.ru/imex/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 23 Feb 2019 10:02:22 GMT
Content-Encoding
gzip
Server
LiteSpeed
Connection
close
Content-Length
487
Vary
Accept-Encoding,User-Agent
Content-Type
text/html
siteon0.gif
u334891frl.ha002.t.justns.ru/imex/entreeBam_fichiers/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://u334891frl.ha002.t.justns.ru/imex/entreeBam_fichiers/siteon0.gif
Requested by
Host: u334891frl.ha002.t.justns.ru
URL: http://u334891frl.ha002.t.justns.ru/imex/index.html
Protocol
HTTP/1.1
Server
2a00:b700::6:a , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
5e6e4b59e776656c913d4f6fa9e5c586678c9954a2b75fc287752ee9b6e976d2

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
u334891frl.ha002.t.justns.ru
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://u334891frl.ha002.t.justns.ru/imex/index.html
Connection
keep-alive
Cache-Control
no-cache
Referer
http://u334891frl.ha002.t.justns.ru/imex/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 23 Feb 2019 10:02:22 GMT
Last-Modified
Tue, 19 Feb 2019 06:22:40 GMT
Server
LiteSpeed
ETag
"1fc0-5c6ba0b0-faf484b03d118339;;;"
Vary
User-Agent
Content-Type
image/gif
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
8128
Expires
Sat, 02 Mar 2019 10:02:22 GMT
a.jpeg
u334891frl.ha002.t.justns.ru/imex/entreeBam_fichiers/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://u334891frl.ha002.t.justns.ru/imex/entreeBam_fichiers/a.jpeg
Requested by
Host: u334891frl.ha002.t.justns.ru
URL: http://u334891frl.ha002.t.justns.ru/imex/index.html
Protocol
HTTP/1.1
Server
2a00:b700::6:a , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
4400157cffc868a23c307b80c36d8b849473c3a8905661496c6ed3de54470d20

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
u334891frl.ha002.t.justns.ru
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://u334891frl.ha002.t.justns.ru/imex/index.html
Connection
keep-alive
Cache-Control
no-cache
Referer
http://u334891frl.ha002.t.justns.ru/imex/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 23 Feb 2019 10:02:22 GMT
Last-Modified
Tue, 19 Feb 2019 06:22:31 GMT
Server
LiteSpeed
ETag
"7e81-5c6ba0a7-db773ebf2999c6;;;"
Vary
User-Agent
Content-Type
image/jpeg
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
32385
Expires
Sat, 02 Mar 2019 10:02:22 GMT
point_transp.gif
u334891frl.ha002.t.justns.ru/imex/entreeBam_fichiers/ 		87 B
437 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://u334891frl.ha002.t.justns.ru/imex/entreeBam_fichiers/point_transp.gif
Requested by
Host: u334891frl.ha002.t.justns.ru
URL: http://u334891frl.ha002.t.justns.ru/imex/index.html
Protocol
HTTP/1.1
Server
2a00:b700::6:a , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
7a1a0dc539a9129f3ce1a26e7598a54217d8c8c0291f1a267976dcdad89bbe57

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
u334891frl.ha002.t.justns.ru
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://u334891frl.ha002.t.justns.ru/imex/index.html
Connection
keep-alive
Cache-Control
no-cache
Referer
http://u334891frl.ha002.t.justns.ru/imex/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 23 Feb 2019 10:02:22 GMT
Last-Modified
Tue, 19 Feb 2019 06:22:38 GMT
Server
LiteSpeed
ETag
"57-5c6ba0ae-833a130dcbd028de;;;"
Vary
User-Agent
Content-Type
image/gif
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
87
Expires
Sat, 02 Mar 2019 10:02:22 GMT
hit.gif
u334891frl.ha002.t.justns.ru/imex/entreeBam_fichiers/ 		43 B
393 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://u334891frl.ha002.t.justns.ru/imex/entreeBam_fichiers/hit.gif
Requested by
Host: u334891frl.ha002.t.justns.ru
URL: http://u334891frl.ha002.t.justns.ru/imex/index.html
Protocol
HTTP/1.1
Server
2a00:b700::6:a , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
u334891frl.ha002.t.justns.ru
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://u334891frl.ha002.t.justns.ru/imex/index.html
Connection
keep-alive
Cache-Control
no-cache
Referer
http://u334891frl.ha002.t.justns.ru/imex/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 23 Feb 2019 10:02:22 GMT
Last-Modified
Tue, 19 Feb 2019 06:22:35 GMT
Server
LiteSpeed
ETag
"2b-5c6ba0ab-decbe796b5c6ea90;;;"
Vary
User-Agent
Content-Type
image/gif
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
43
Expires
Sat, 02 Mar 2019 10:02:22 GMT
main_repeat.png
u334891frl.ha002.t.justns.ru/imex/img/ 		660 B
660 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://u334891frl.ha002.t.justns.ru/imex/img/main_repeat.png
Requested by
Host: u334891frl.ha002.t.justns.ru
URL: http://u334891frl.ha002.t.justns.ru/imex/index.html
Protocol
HTTP/1.1
Server
2a00:b700::6:a , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
76f534a693b9d1f95ead733b434455ec1110230e713cddd57ee1026cb61fc892

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
u334891frl.ha002.t.justns.ru
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://u334891frl.ha002.t.justns.ru/imex/entreeBam_fichiers/styles.css
Connection
keep-alive
Cache-Control
no-cache
Referer
http://u334891frl.ha002.t.justns.ru/imex/entreeBam_fichiers/styles.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 23 Feb 2019 10:02:22 GMT
Content-Encoding
gzip
Server
LiteSpeed
Connection
close
Content-Length
474
Vary
Accept-Encoding,User-Agent
Content-Type
text/html
entete_light.png
u334891frl.ha002.t.justns.ru/imex/entreeBam_fichiers/ 		411 B
763 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://u334891frl.ha002.t.justns.ru/imex/entreeBam_fichiers/entete_light.png
Requested by
Host: u334891frl.ha002.t.justns.ru
URL: http://u334891frl.ha002.t.justns.ru/imex/index.html
Protocol
HTTP/1.1
Server
2a00:b700::6:a , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
9fcab327f6ceaf3b22cde395516929fa4a054ce134c67d0c0788b07a240e38ff

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
u334891frl.ha002.t.justns.ru
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://u334891frl.ha002.t.justns.ru/imex/entreeBam_fichiers/styles-mod.css
Connection
keep-alive
Cache-Control
no-cache
Referer
http://u334891frl.ha002.t.justns.ru/imex/entreeBam_fichiers/styles-mod.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 23 Feb 2019 10:02:22 GMT
Last-Modified
Tue, 19 Feb 2019 06:22:34 GMT
Server
LiteSpeed
ETag
"19b-5c6ba0aa-c871b370e4d7dce0;;;"
Vary
User-Agent
Content-Type
image/png
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
411
Expires
Sat, 02 Mar 2019 10:02:22 GMT
main_haut.png
u334891frl.ha002.t.justns.ru/imex/entreeBam_fichiers/ 		143 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://u334891frl.ha002.t.justns.ru/imex/entreeBam_fichiers/main_haut.png
Requested by
Host: u334891frl.ha002.t.justns.ru
URL: http://u334891frl.ha002.t.justns.ru/imex/index.html
Protocol
HTTP/1.1
Server
2a00:b700::6:a , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
c2eb575af2dd8cbf678afc27903c39d00e4083a82f2f340e6e7eaebb2c6b7131

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
u334891frl.ha002.t.justns.ru
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://u334891frl.ha002.t.justns.ru/imex/entreeBam_fichiers/styles.css
Connection
keep-alive
Cache-Control
no-cache
Referer
http://u334891frl.ha002.t.justns.ru/imex/entreeBam_fichiers/styles.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 23 Feb 2019 10:02:22 GMT
Last-Modified
Tue, 19 Feb 2019 06:22:38 GMT
Server
LiteSpeed
ETag
"8f-5c6ba0ae-6e7b9ce429293b20;;;"
Vary
User-Agent
Content-Type
image/png
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
143
Expires
Sat, 02 Mar 2019 10:02:22 GMT
bloc_arrond_bas.png
u334891frl.ha002.t.justns.ru/imex/img/ 		664 B
664 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://u334891frl.ha002.t.justns.ru/imex/img/bloc_arrond_bas.png
Requested by
Host: u334891frl.ha002.t.justns.ru
URL: http://u334891frl.ha002.t.justns.ru/imex/index.html
Protocol
HTTP/1.1
Server
2a00:b700::6:a , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
4be3a0e28541a12bc182e5f7f255a06cd42daa7201c571f2c3a1056b021abac1

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
u334891frl.ha002.t.justns.ru
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://u334891frl.ha002.t.justns.ru/imex/entreeBam_fichiers/styles.css
Connection
keep-alive
Cache-Control
no-cache
Referer
http://u334891frl.ha002.t.justns.ru/imex/entreeBam_fichiers/styles.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 23 Feb 2019 10:02:22 GMT
Content-Encoding
gzip
Server
LiteSpeed
Connection
close
Content-Length
478
Vary
Accept-Encoding,User-Agent
Content-Type
text/html
bloc_arrond_haut.png
u334891frl.ha002.t.justns.ru/imex/img/ 		665 B
665 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://u334891frl.ha002.t.justns.ru/imex/img/bloc_arrond_haut.png
Requested by
Host: u334891frl.ha002.t.justns.ru
URL: http://u334891frl.ha002.t.justns.ru/imex/index.html
Protocol
HTTP/1.1
Server
2a00:b700::6:a , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
0dbf3a40284573dbe7065a325c968b565cdbeab2ccda0db00ab8674365c3d021

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
u334891frl.ha002.t.justns.ru
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://u334891frl.ha002.t.justns.ru/imex/entreeBam_fichiers/styles.css
Connection
keep-alive
Cache-Control
no-cache
Referer
http://u334891frl.ha002.t.justns.ru/imex/entreeBam_fichiers/styles.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 23 Feb 2019 10:02:22 GMT
Content-Encoding
gzip
Server
LiteSpeed
Connection
close
Content-Length
479
Vary
Accept-Encoding,User-Agent
Content-Type
text/html
thead.png
u334891frl.ha002.t.justns.ru/imex/img/ 		654 B
654 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://u334891frl.ha002.t.justns.ru/imex/img/thead.png
Requested by
Host: u334891frl.ha002.t.justns.ru
URL: http://u334891frl.ha002.t.justns.ru/imex/index.html
Protocol
HTTP/1.1
Server
2a00:b700::6:a , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
9e2135d49bc47103f57c4f576e7dfded7f64f81324f59d8d5ef7098e02ca97a3

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
u334891frl.ha002.t.justns.ru
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://u334891frl.ha002.t.justns.ru/imex/entreeBam_fichiers/styles-mod.css
Connection
keep-alive
Cache-Control
no-cache
Referer
http://u334891frl.ha002.t.justns.ru/imex/entreeBam_fichiers/styles-mod.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 23 Feb 2019 10:02:22 GMT
Content-Encoding
gzip
Server
LiteSpeed
Connection
close
Content-Length
468
Vary
Accept-Encoding,User-Agent
Content-Type
text/html
bg_form.png
u334891frl.ha002.t.justns.ru/imex/img/ 		656 B
656 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://u334891frl.ha002.t.justns.ru/imex/img/bg_form.png
Requested by
Host: u334891frl.ha002.t.justns.ru
URL: http://u334891frl.ha002.t.justns.ru/imex/index.html
Protocol
HTTP/1.1
Server
2a00:b700::6:a , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
960ee036518e246d8add0f7c5cb28259483c818ff09ef95f2265bd3edda9164b

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
u334891frl.ha002.t.justns.ru
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://u334891frl.ha002.t.justns.ru/imex/entreeBam_fichiers/styles.css
Connection
keep-alive
Cache-Control
no-cache
Referer
http://u334891frl.ha002.t.justns.ru/imex/entreeBam_fichiers/styles.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 23 Feb 2019 10:02:22 GMT
Content-Encoding
gzip
Server
LiteSpeed
Connection
close
Content-Length
470
Vary
Accept-Encoding,User-Agent
Content-Type
text/html

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
analytics.s.id
URL
https://analytics.s.id/piwik.js
Domain
rtb-csync.smartadserver.com
URL
http://rtb-csync.smartadserver.com/redir/?partnerid=111&partneruserid=ID5-SWe62plfawSWT75gwpjdi7Sf_vzzJfm1_0Qig3N7Kw&redirurl=http%3A%2F%2Fid5-sync.com%2Fc%2F12%2F102%2F5%2F5.gif%3Fpuid%3DSMART_USER_ID
Domain
c.tmyzer.com
URL
http://c.tmyzer.com/c/?s=15056&f=28&fi=0
Domain
banners.webmasterplan.com
URL
http://banners.webmasterplan.com/view.asp?ref=794613&site=9192&type=html&hnb=1&js=1&subid=205724

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Credit Agricole (Banking)

83 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask string| OS string| Version number| posOS number| posOS2 object| d object| na string| nua string| nav string| nan function| dom undefined| ie undefined| ienu boolean| ie4 undefined| ie5 undefined| ie5x undefined| ie6 boolean| moz undefined| moznu undefined| ns62 boolean| mac boolean| win boolean| old boolean| lin undefined| ie5mac boolean| ie5xwin boolean| op undefined| opnu undefined| op4 undefined| op5 undefined| op6 undefined| op7 boolean| konq boolean| saf undefined| saf_num function| Init function| pressKey function| setSize function| clicPosition undefined| code undefined| pos_der_code undefined| affiche_code function| effacer function| cocherCase function| corriger string| path_static string| path_dynamic string| caisse function| raf string| urlappli string| urlapplisecu function| ValidCertif function| ValidCertifSecu string| statusconfirmer string| statusannuler string| statusaide string| statuscondjur string| statusdemo string| statuscompte string| statuscode string| statuscorriger string| statusclavnum string| statusrecom string| App number| Nav_sup boolean| browserOK boolean| browserOK1 boolean| browserOK2 string| nsvers string| ievers undefined| isIE55 number| saf_pos string| saf_nu boolean| ns4 function| ouvrePOPUP function| ouvreassistance function| ouvreFenetre function| ouvrirPopupBntVisible function| validation function| isNumerique function| isAlphaNum

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.360yield.com
ads.avocet.io
ads.stickyadstv.com
ads.themoneytizer.com
adtrack.adleadevent.com
ajax.cloudflare.com
ajax.googleapis.com
analytics.s.id
api.dmcdn.net
banners.webmasterplan.com
c.tmyzer.com
ced-ns.sascdn.com
christ9000.temp.swtest.ru
cm.g.doubleclick.net
d.turn.com
d2zur9cc2gf1tx.cloudfront.net
edge.quantserve.com
fastlane.rubiconproject.com
g.tmyzer.com
gum.criteo.com
ib.adnxs.com
image2.pubmatic.com
maxcdn.bootstrapcdn.com
p.cpx.to
player.pepsia.com
rtb-csync.smartadserver.com
rules.quantcount.com
s.cpx.to
s.id
secure.adnxs.com
tag.contextweb.com
tag.leadplace.fr
u334891frl.ha002.t.justns.ru
urlz.fr
ww1097.smartadserver.com
www.ca-aquitaine.fr
www.dailymotion.com
www.google-analytics.com
www.noowho.com
analytics.s.id
banners.webmasterplan.com
c.tmyzer.com
rtb-csync.smartadserver.com
145.239.193.145
147.135.143.43
151.139.241.23
158.191.172.76
172.217.21.226
18.195.84.125
185.33.223.210
185.64.189.110
185.86.137.43
195.8.215.136
2.18.234.233
203.119.112.228
209.197.3.15
213.19.162.61
2600:9000:200d:a200:6:44e3:f8c0:93a1
2600:9000:200d:b800:6:44e3:f8c0:93a1
2606:4700:31::681f:ab2
2606:4700:31::681f:bb2
2606:4700::6813:c697
2a00:1450:4001:809::200e
2a00:1450:4001:815::200a
2a00:b700::6:a
2a02:2638:1::13
37.252.172.12
46.228.164.13
5.179.192.20
52.29.212.156
52.30.162.218
52.85.182.149
54.228.203.167
54.229.43.73
54.230.202.22
68.232.35.16
74.214.194.131
77.222.40.193
94.23.196.203
95.140.239.36
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
0dbf3a40284573dbe7065a325c968b565cdbeab2ccda0db00ab8674365c3d021
1617ade5ea3ecc2ae90f24d08b42edb9f46a30730ff606cbbd8ccbcf19a4a16a
26517193e17e52b864db99512527c75112afb1290eee8b7d4548e23082f0e876
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3349f7ebfafd1cf105f9f4a41a1be792db6dfc5d754de2fbce192a2185486b73
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
404a9b0ffbcc813e8ddbb8d8510a24a69c09079282f8083ee94f4adc5d627176
4400157cffc868a23c307b80c36d8b849473c3a8905661496c6ed3de54470d20
46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681
4be3a0e28541a12bc182e5f7f255a06cd42daa7201c571f2c3a1056b021abac1
513338f7ad46596ec12a717a06ccff98f54a7f4ffec67085d5b52e9ed9bf7f09
5a812b6d079563d5007a74f2e8a6fb3cb465b65e5199dc8976d9306e664e6fee
5e6e4b59e776656c913d4f6fa9e5c586678c9954a2b75fc287752ee9b6e976d2
601fd228c5e0fc340545de5ee71737c3c77a45de8f1df49d23ded96e1f351673
6355d2f569635d7ed7c4fa9286e79a5eb5ecc6b17d64f97e64687195a1d4e7c3
66171501c2a2df0ccfb7e034730b81578492b3508f54e05b0c3847e81c8b8bb2
759d88dd7c8fa0d1e31323bd2ebf3f238156fdcbd1ed108215f69fece482d0c2
7665c874bc98e44bd494def2883069f2f4c14cdef48d52d517cbbfce75440f37
76f534a693b9d1f95ead733b434455ec1110230e713cddd57ee1026cb61fc892
7a1a0dc539a9129f3ce1a26e7598a54217d8c8c0291f1a267976dcdad89bbe57
82bb557cf480b5f06d375306fdf9fb8bdfd9c3139250eeac4c56e65435cdddb3
8c8543047af01eee8aec752d049f35aff3abc468628af82f9585117411786d8c
8f435bfc1cac9de93a539a250d2d5fc423e4b6b2791d91de331113bad0e98e20
90e6f92e956b0b2b6e655f63d36cd44cef727f54c2b2a175ab5144de14ba2a31
919746e3d7edc1db8cec9e0d72bc4fa361e1951bc9f31da31b2f76734321a383
94666aec361fee9a9294bb32a5bc11867e479d41c199dd6ec8053122ae105a4b
960ee036518e246d8add0f7c5cb28259483c818ff09ef95f2265bd3edda9164b
9e2135d49bc47103f57c4f576e7dfded7f64f81324f59d8d5ef7098e02ca97a3
9fcab327f6ceaf3b22cde395516929fa4a054ce134c67d0c0788b07a240e38ff
a307d1f6262aaa120d2d8d18603e6b0eb9a7f58c2865d689a5a7c2d6b707fbbb
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ae9cbdcfe182cfb1e10cdcf7df9f4eb2c57054e4330a22a1caca6979d57b2ca3
b36a9589dc0bfbc6d554b7379a677a215bb19adea0b0e3fe8afecf68fa12f07f
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213
be75bd4ece74fdb044d991fed3ebe153c99009970c90a171b24d2d8949e28bd8
bf0e17523e8f57ccb02223b6e5adea462a5479afc4e79d9cbf80ca7f6186dc69
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
c2eb575af2dd8cbf678afc27903c39d00e4083a82f2f340e6e7eaebb2c6b7131
ce1bffb16b9476a0d482b43793f454a0ad00bf69fe557d07aa11b5acc1bcf8f9
d2999c107429e0a9eec0ff8abad8ed21b92f720e14264deed24a4538814f6be6
d2af55f8e670b2d9dad04df0677db9d1bc93500add67b7305b6cd3ecd87ff840
dd662b6e50e8121af3a3fcdb888012d0eadcefde358452e9b2f45e9980d86325
dd76fdd2142192064e0af855f1b21bdad5ed9e807f053e813827e601404a83cb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e76bb8f83a9774a20f89fa26196815ebff40814058cd382f0a930c343faa69b0
f6b6ebd962eb5771760ecfd687419341e5cc2ae2275f27ec8ee18d238fe17b1f
f926110fb4f29edf2d7929e75935325efb2339cc51952828b730c644c92785bf
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c