urlscan.io logo urlscan.io
SecurityTrails logo

apoyo-supporte-logiin-moujtabid60474585.codeanyapp.com Open in urlscan Pro
45.55.112.74  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://urlz.fr/qcwX
Effective URL: https://apoyo-supporte-logiin-moujtabid60474585.codeanyapp.com/wp-content/plugins/ubh/Gjensidige/welcome.html
Submission: On April 10 via api from HU — Scanned from NO
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 21 IPs in 7 countries across 18 domains to perform 47 HTTP transactions. The main IP is 45.55.112.74, located in San Francisco, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is apoyo-supporte-logiin-moujtabid60474585.codeanyapp.com.
TLS certificate: Issued by R3 on January 17th 2024. Valid for: 3 months.
This is the only time apoyo-supporte-logiin-moujtabid60474585.codeanyapp.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Gjensidige (Insurance)

Domain & IP information

IP Address AS Autonomous System
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 10 45.55.112.74 14061 (DIGITALOC...)
1 104.21.234.214 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
11 2606:4700:10:... 13335 (CLOUDFLAR...)
1 1 18.245.86.24 16509 (AMAZON-02)
7 2600:9000:255... 16509 (AMAZON-02)
1 108.156.60.17 16509 (AMAZON-02)
1 2.16.202.64 20940 (AKAMAI-ASN1)
1 2a02:2638:3::c 44788 (ASN-CRITE...)
1 145.239.192.166 16276 (OVH)
1 51.89.9.253 16276 (OVH)
1 2620:116:800d... 16509 (AMAZON-02)
1 54.72.166.195 16509 (AMAZON-02)
1 108.129.61.95 16509 (AMAZON-02)
1 188.114.96.3 13335 (CLOUDFLAR...)
1 2001:4860:480... 15169 (GOOGLE)
1 2600:9000:20a... 16509 (AMAZON-02)
2 99.80.34.159 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 162.19.138.120 16276 (OVH)
47 21
1    2606:4700:3038::6815:ead7 (United States)

ASN13335 (CLOUDFLARENET, US)
urlz.fr
10    45.55.112.74 (San Francisco, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
apoyo-supporte-logiin-moujtabid60474585.codeanyapp.com
1    104.21.234.214 (None, )

ASN13335 (CLOUDFLARENET, US)
urlz.fr
2    2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
11    2606:4700:10::6816:3fe3 (United States)

ASN13335 (CLOUDFLARENET, US)
ads.themoneytizer.com
1    18.245.86.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-86-24.fra60.r.cloudfront.net
cmp.quantcast.com
7    2600:9000:2550:e800:1b:cadc:ef40:93a1 (United States)

ASN16509 (AMAZON-02, US)
cmp.inmobi.com
1    108.156.60.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-60-17.ams1.r.cloudfront.net
sdk.amazonaws.com
1    2.16.202.64 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-202-64.deploy.static.akamaitechnologies.com
ced.sascdn.com
1    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    145.239.192.166 (France)

ASN16276 (OVH, FR)
tag.leadplace.fr
1    51.89.9.253 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu
onetag-sys.com
1    2620:116:800d:21:ef75:8280:f209:5ba1 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
1    54.72.166.195 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-166-195.eu-west-1.compute.amazonaws.com
p.cpx.to
1    108.129.61.95 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-129-61-95.eu-west-1.compute.amazonaws.com
adtrack.adleadevent.com
1    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
tmzr.themoneytizer.fr
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2600:9000:20ab:2200:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
2    99.80.34.159 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-34-159.eu-west-1.compute.amazonaws.com
kinesis.eu-west-1.amazonaws.com
2    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    162.19.138.120 (Amsterdam, Netherlands)

ASN16276 (OVH, FR)
PTR: ns31533571.ip-162-19-138.eu
id5-sync.com
Apex Domain
Subdomains		 Transfer
11 themoneytizer.com
ads.themoneytizer.com — Cisco Umbrella Rank: 56658
61 KB
10 codeanyapp.com
apoyo-supporte-logiin-moujtabid60474585.codeanyapp.com
25 KB
7 inmobi.com
cmp.inmobi.com — Cisco Umbrella Rank: 4705
api.cmp.inmobi.com Failed
226 KB
3 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 1879
www.google-analytics.com — Cisco Umbrella Rank: 99
21 KB
3 amazonaws.com
sdk.amazonaws.com — Cisco Umbrella Rank: 31324
kinesis.eu-west-1.amazonaws.com — Cisco Umbrella Rank: 16012
430 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
160 KB
2 urlz.fr
urlz.fr — Cisco Umbrella Rank: 986917
7 KB
1 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 732
1 KB
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 2012
1 KB
1 themoneytizer.fr
tmzr.themoneytizer.fr — Cisco Umbrella Rank: 65803
152 KB
1 adleadevent.com
adtrack.adleadevent.com — Cisco Umbrella Rank: 52919
859 B
1 cpx.to
p.cpx.to — Cisco Umbrella Rank: 13154
4 KB
1 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 2181
9 KB
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1075
1 leadplace.fr
tag.leadplace.fr — Cisco Umbrella Rank: 54187
4 KB
1 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 646
11 KB
1 sascdn.com
ced.sascdn.com — Cisco Umbrella Rank: 11152
38 KB
1 quantcast.com
cmp.quantcast.com — Cisco Umbrella Rank: 8574
603 B
47 18
Domain Requested by
11 ads.themoneytizer.com urlz.fr
ads.themoneytizer.com
10 apoyo-supporte-logiin-moujtabid60474585.codeanyapp.com 2 redirects urlz.fr
apoyo-supporte-logiin-moujtabid60474585.codeanyapp.com
7 cmp.inmobi.com cmp.quantcast.com
cmp.inmobi.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 kinesis.eu-west-1.amazonaws.com sdk.amazonaws.com
2 www.googletagmanager.com urlz.fr
www.googletagmanager.com
2 urlz.fr urlz.fr
1 id5-sync.com
1 rules.quantcount.com secure.quantserve.com
1 region1.google-analytics.com www.googletagmanager.com
1 tmzr.themoneytizer.fr ads.themoneytizer.com
1 adtrack.adleadevent.com ads.themoneytizer.com
1 p.cpx.to ads.themoneytizer.com
1 secure.quantserve.com ads.themoneytizer.com
1 onetag-sys.com ads.themoneytizer.com
1 tag.leadplace.fr ads.themoneytizer.com
1 gum.criteo.com ads.themoneytizer.com
1 ced.sascdn.com ads.themoneytizer.com
1 sdk.amazonaws.com ads.themoneytizer.com
1 cmp.quantcast.com 1 redirects
0 api.cmp.inmobi.com Failed cmp.inmobi.com
47 21

This site contains no links.

Subject Issuer Validity Valid
urlz.fr
GTS CA 1P5		 2024-03-02 -
2024-05-31		 3 months crt.sh
codeanyapp.com
R3		 2024-01-17 -
2024-04-16		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
ads.themoneytizer.com
GTS CA 1P5		 2024-03-12 -
2024-06-10		 3 months crt.sh
sdk.amazonaws.com
Amazon RSA 2048 M03		 2023-10-24 -
2024-11-21		 a year crt.sh
*.sascdn.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-07-14 -
2024-07-17		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-02-08 -
2024-05-07		 3 months crt.sh
*.leadplace.fr
Gandi Standard SSL CA 2		 2023-08-30 -
2024-09-11		 a year crt.sh
*.onetag-sys.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1		 2024-01-23 -
2025-01-29		 a year crt.sh
quantserve.com
R3		 2024-02-25 -
2024-05-25		 3 months crt.sh
p.cpx.to
Sectigo RSA Domain Validation Secure Server CA		 2024-01-09 -
2025-01-13		 a year crt.sh
*.adleadevent.com
Amazon RSA 2048 M01		 2023-06-27 -
2024-07-25		 a year crt.sh
themoneytizer.fr
GTS CA 1P5		 2024-03-27 -
2024-06-25		 3 months crt.sh
cmp.inmobi.com
Sectigo ECC Organization Validation Secure Server CA		 2023-08-18 -
2024-08-17		 a year crt.sh
kinesis.eu-west-1.amazonaws.com
Amazon RSA 2048 M01		 2024-01-18 -
2024-12-19		 a year crt.sh
*.id5-sync.com
R3		 2024-03-01 -
2024-05-30		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://apoyo-supporte-logiin-moujtabid60474585.codeanyapp.com/wp-content/plugins/ubh/Gjensidige/welcome.html
Frame ID: 345099209791099879F2DD9F50AB7784
Requests: 43 HTTP requests in this frame

Frame: https://apoyo-supporte-logiin-moujtabid60474585.codeanyapp.com/wp-content/plugins/ubh/Gjensidige/welcome.html
Frame ID: 9B8410EAEC37140C5B0520D85447A25A
Requests: 1 HTTP requests in this frame

Frame: https://apoyo-supporte-logiin-moujtabid60474585.codeanyapp.com/wp-content/plugins/ubh/Gjensidige/welcome.html
Frame ID: E7C70F831156B72B980B5FA715042822
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1712785938560
Frame ID: 714BB137ECA5D4F565B14E49D3E4AC59
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Client

Page URL History Show full URLs

  1. https://urlz.fr/qcwX Page URL
  2. https://apoyo-supporte-logiin-moujtabid60474585.codeanyapp.com/wp-content/plugins/ubh/Gjensidige/welcome.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /prebid\.js
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js

Page Statistics

47
Requests

91 %
HTTPS

43 %
IPv6

18
Domains

21
Subdomains

21
IPs

7
Countries

1150 kB
Transfer

6026 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://urlz.fr/qcwX Page URL
  2. https://apoyo-supporte-logiin-moujtabid60474585.codeanyapp.com/wp-content/plugins/ubh/Gjensidige/welcome.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10
  • https://cmp.quantcast.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js HTTP 301
  • https://cmp.inmobi.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js?tag_version=V2
Request Chain 13
  • https://apoyo-supporte-logiin-moujtabid60474585.codeanyapp.com/favicon.ico HTTP 302
  • https://apoyo-supporte-logiin-moujtabid60474585.codeanyapp.com/wp-includes/images/w-logo-blue-white-bg.png
Request Chain 45
  • https://apoyo-supporte-logiin-moujtabid60474585.codeanyapp.com/favicon.ico HTTP 302
  • https://apoyo-supporte-logiin-moujtabid60474585.codeanyapp.com/wp-includes/images/w-logo-blue-white-bg.png

47 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
qcwX
urlz.fr/ 		9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://urlz.fr/qcwX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:ead7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b786d2e8f834fe5a96fb5ee403cdb1a0e31e140f7890b64910fb5c8fc6e821e1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language
no-NO,no;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=60
cf-cache-status
DYNAMIC
cf-ray
8725f68bea2f5690-OSL
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 10 Apr 2024 21:52:17 GMT
expires
Wed, 10 Apr 2024 21:53:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xJNhJysw1GsUQVmWBD2ic3tcN1EgDDAaPMiCiboL1FILH6g%2BWTYWAmAJMobMUt7uLBNIVIQTwHeJMPXJ2n5QAhe3sBXncwtb8vhKpoZ3DqsM%2BGmGsgBkF8dU8jSXWB97ltjv1%2F2N"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-fastcgi-cache
MISS
welcome.html
apoyo-supporte-logiin-moujtabid60474585.codeanyapp.com/wp-content/plugins/ubh/Gjensidige/ Frame 9B84 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://apoyo-supporte-logiin-moujtabid60474585.codeanyapp.com/wp-content/plugins/ubh/Gjensidige/welcome.html
Requested by
Host: urlz.fr
URL: https://urlz.fr/qcwX
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
45.55.112.74 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
openresty /
Resource Hash

Request headers

Referer
https://urlz.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language
no-NO,no;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
2867
content-type
text/html
date
Wed, 10 Apr 2024 21:09:39 GMT
etag
"1f32-615923b34f9c0-gzip"
last-modified
Mon, 08 Apr 2024 09:14:23 GMT
server
openresty
vary
Accept-Encoding
rocket-loader.min.js
urlz.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://urlz.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: urlz.fr
URL: https://urlz.fr/qcwX
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.234.214 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://urlz.fr/qcwX
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 10 Apr 2024 21:52:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 03 Apr 2024 10:34:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"660d30bb-302c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AW40S3Ggf20iF8jXsrXpETBUB3ZStQGzOOnbs7CCwQNrdLINh2gzH47tJ0sSlmckxPqwIbjUsuq%2B313UvB1Up5DVPpQaT01e9W7ufjEs%2BJQIWPizY0XsDCAp"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
8725f68e0c74946c-LHR
expires
Fri, 12 Apr 2024 21:52:17 GMT
js
www.googletagmanager.com/gtag/ 		199 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-162669458-1
Requested by
Host: urlz.fr
URL: https://urlz.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4501714a0b7c037c021accad8be8bbe25ce3a3cb2edb1d080a6566a0a18d832a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 10 Apr 2024 21:52:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73691
x-xss-protection
0
last-modified
Wed, 10 Apr 2024 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 10 Apr 2024 21:52:17 GMT
requestform.js
ads.themoneytizer.com/s/ 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=6
Requested by
Host: urlz.fr
URL: https://urlz.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3fe3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5386f8a6afa9dbb9514a34b83929d79485e9e9550663a0ddc5996d6383379e77

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 10 Apr 2024 21:52:17 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Apr 2024 04:13:14 GMT
server
cloudflare
age
63543
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=604800
cf-ray
8725f68f2aebb4ed-OSL
gen.js
ads.themoneytizer.com/s/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/gen.js?type=6
Requested by
Host: urlz.fr
URL: https://urlz.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3fe3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa08ed3725920fefd909f8763945e103af21df309cc27a821dc9b3b5b6dd8773

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 10 Apr 2024 21:52:17 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Apr 2024 04:00:32 GMT
server
cloudflare
age
64305
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=604800
cf-ray
8725f68f2aefb4ed-OSL
requestform.js
ads.themoneytizer.com/s/ 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Requested by
Host: urlz.fr
URL: https://urlz.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3fe3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
582ac1096ac0d4fef1813550829c43ea4f2033e24f1ee7c4d59ab5cd1eb622ab

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 10 Apr 2024 21:52:17 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Apr 2024 04:13:14 GMT
server
cloudflare
age
63543
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=604800
cf-ray
8725f68f2aedb4ed-OSL
gen.js
ads.themoneytizer.com/s/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/gen.js?type=28
Requested by
Host: urlz.fr
URL: https://urlz.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3fe3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa08ed3725920fefd909f8763945e103af21df309cc27a821dc9b3b5b6dd8773

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 10 Apr 2024 21:52:17 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Apr 2024 04:01:49 GMT
server
cloudflare
age
64228
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=604800
cf-ray
8725f68f2af1b4ed-OSL
requestform.js
ads.themoneytizer.com/s/ 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1
Requested by
Host: urlz.fr
URL: https://urlz.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3fe3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ead12db177a45af35347209eea69b482e91ed0826ae7fa1df85aa9c5acdf552

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 10 Apr 2024 21:52:17 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Apr 2024 04:40:02 GMT
server
cloudflare
age
61935
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=604800
cf-ray
8725f68f2af2b4ed-OSL
gen.js
ads.themoneytizer.com/s/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/gen.js?type=1
Requested by
Host: urlz.fr
URL: https://urlz.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3fe3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa08ed3725920fefd909f8763945e103af21df309cc27a821dc9b3b5b6dd8773

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 10 Apr 2024 21:52:17 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Apr 2024 04:01:06 GMT
server
cloudflare
age
64271
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=604800
cf-ray
8725f68f2af3b4ed-OSL
choice.js
cmp.inmobi.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/
Redirect Chain
  • https://cmp.quantcast.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js
  • https://cmp.inmobi.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js?tag_version=V2
3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.inmobi.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js?tag_version=V2
Protocol
H2
Server
2600:9000:2550:e800:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 10 Apr 2024 21:51:25 GMT
content-encoding
br
via
1.1 941eeb52a9594aec5cf3464efa0a3b66.cloudfront.net (CloudFront)
last-modified
Wed, 22 Nov 2023 13:52:21 GMT
server
AmazonS3
x-amz-cf-pop
LHR50-P6
age
54
x-amz-server-side-encryption
AES256
etag
W/"ec43dec37a4eaf8ca7b754d3aee53c47"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=900
cross-origin-resource-policy
cross-origin
x-amz-cf-id
2J7ZL0lpk2MsSLMPYETW_sh1CGskkTcu7wJFZA4_FgUb65lyoKiaQA==

Redirect headers

x-amz-website-redirect-location
https://cmp.inmobi.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js?tag_version=V2
date
Wed, 10 Apr 2024 21:51:55 GMT
via
1.1 81cb77eb84eee291ebbd90b4c274c1c4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
age
24
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
0
last-modified
Wed, 15 Nov 2023 20:03:11 GMT
server
AmazonS3
etag
"408e9e32ff11d19e90e67eb67eb171dc"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
location
https://cmp.inmobi.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js?tag_version=V2
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
c22zrMjy5Vwd5kWkfdwKfUsGGUHMRw1iEEsBCf-IDApuHAqJBeemLA==
aws-sdk-2.1531.0.min.js
sdk.amazonaws.com/js/ 		3 MB
429 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.amazonaws.com/js/aws-sdk-2.1531.0.min.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.156.60.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-60-17.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
841aa9ca85d7e4bc5124187affee730a2d5d31e8e2e99dde64915d84a24e9a5d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; script-src 'self' 'unsafe-inline' *.awsstatic.com *.cdn.uis.awsstatic.com *.cdn.console.awsstatic.com docs.aws.amazon.com; object-src 'none'; frame-ancestors 'self'; base-uri 'none'
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date
Wed, 10 Apr 2024 08:39:37 GMT
Content-Encoding
gzip
Via
1.1 7b80fdb7de25e1eb41eb907750147f34.cloudfront.net (CloudFront)
Content-Security-Policy
upgrade-insecure-requests; script-src 'self' 'unsafe-inline' *.awsstatic.com *.cdn.uis.awsstatic.com *.cdn.console.awsstatic.com docs.aws.amazon.com; object-src 'none'; frame-ancestors 'self'; base-uri 'none'
Strict-Transport-Security
max-age=31536000
X-Amz-Cf-Pop
AMS1-P2
Age
47562
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 05 Jan 2024 19:29:37 GMT
Server
AmazonS3
ETag
W/"fac5cd87d4c09ab5791034bcb1b0b2a6"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
X-Amz-Cf-Id
5jdW1hb0sGu3qlJIQQtbY0J21ZuN6hAs7L2d7Tf3y0VQhi5srMjgKw==
requestform3.js
ads.themoneytizer.com/s/ 		105 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/requestform3.js?siteId=15056&formatId=1
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3fe3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a273e5a2bb48f4146f5bad89ee52aa2893c207c6989c99f584054edd9b52f368

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 10 Apr 2024 21:52:18 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Apr 2024 04:13:20 GMT
server
cloudflare
age
63538
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=604800
cf-ray
8725f693cde0b4ed-OSL
w-logo-blue-white-bg.png
apoyo-supporte-logiin-moujtabid60474585.codeanyapp.com/wp-includes/images/
Redirect Chain
  • https://apoyo-supporte-logiin-moujtabid60474585.codeanyapp.com/favicon.ico
  • https://apoyo-supporte-logiin-moujtabid60474585.codeanyapp.com/wp-includes/images/w-logo-blue-white-bg.png
4 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://apoyo-supporte-logiin-moujtabid60474585.codeanyapp.com/wp-includes/images/w-logo-blue-white-bg.png
Protocol
H2
Server
45.55.112.74 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
openresty /
Resource Hash

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 10 Apr 2024 21:09:41 GMT
last-modified
Mon, 20 Dec 2021 15:24:56 GMT
server
openresty
accept-ranges
bytes
etag
"1017-5d3957db2a200"
content-length
4119
content-type
image/png

Redirect headers

location
https://apoyo-supporte-logiin-moujtabid60474585.codeanyapp.com/wp-includes/images/w-logo-blue-white-bg.png
date
Wed, 10 Apr 2024 21:09:40 GMT
server
openresty
link
<https://apoyo-supporte-logiin-moujtabid60474585.codeanyapp.com/wp-json/>; rel="https://api.w.org/"
content-length
0
x-redirect-by
WordPress
content-type
text/html; charset=UTF-8
requestform3.js
ads.themoneytizer.com/s/ 		104 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/requestform3.js?siteId=15056&formatId=28
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3fe3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b66298bb402a2a2a52dcb8761102317a7b17095745b39aca8a61d3f325b8128

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 10 Apr 2024 21:52:18 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Apr 2024 04:13:20 GMT
server
cloudflare
age
63538
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=604800
cf-ray
8725f693cde2b4ed-OSL
requestform3.js
ads.themoneytizer.com/s/ 		105 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/requestform3.js?siteId=15056&formatId=6
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3fe3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1634134c868ab703609bf5486d9ab598795449e43bc5ed7f164d5091dbe2052c

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 10 Apr 2024 21:52:18 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Apr 2024 04:40:05 GMT
server
cloudflare
age
61933
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=604800
cf-ray
8725f693cde3b4ed-OSL
welcome.html
apoyo-supporte-logiin-moujtabid60474585.codeanyapp.com/wp-content/plugins/ubh/Gjensidige/ Frame E7C7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://apoyo-supporte-logiin-moujtabid60474585.codeanyapp.com/wp-content/plugins/ubh/Gjensidige/welcome.html
Requested by
Host: urlz.fr
URL: https://urlz.fr/qcwX
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
45.55.112.74 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
openresty /
Resource Hash

Request headers

Referer
https://urlz.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language
no-NO,no;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
2867
content-type
text/html
date
Wed, 10 Apr 2024 21:09:40 GMT
etag
"1f32-615923b34f9c0-gzip"
last-modified
Mon, 08 Apr 2024 09:14:23 GMT
server
openresty
vary
Accept-Encoding
js
www.googletagmanager.com/gtag/ 		248 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-YETLCG4WNK&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-162669458-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
14c8b262ae79bf052c794da03d4d0049acf076bc95fdcbd411efc13681c0757f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 10 Apr 2024 21:52:18 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
89363
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 10 Apr 2024 21:52:18 GMT
lib_fs_close.js
ads.themoneytizer.com/ 		669 B
843 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/lib_fs_close.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform3.js?siteId=15056&formatId=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3fe3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e149b82e9bde8226e779d50fcdcfd9c7b942abfc49cda2890af41dbd04153f6

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
public
date
Wed, 10 Apr 2024 21:52:18 GMT
cf-cache-status
HIT
last-modified
Thu, 14 Mar 2024 13:32:32 GMT
server
cloudflare
age
64301
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200, no-transform
accept-ranges
bytes
cf-ray
8725f6941e19b4ed-OSL
content-length
669
expires
Thu, 11 Apr 2024 04:00:37 GMT
smart.js
ced.sascdn.com/tag/1097/ 		111 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ced.sascdn.com/tag/1097/smart.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform3.js?siteId=15056&formatId=6
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.202.64 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-202-64.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9b4511d25e624e7884feded89dae0b9890d35bbe2f0686d2f06c8dddd5e2af64

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date
Wed, 10 Apr 2024 21:52:18 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=7200
Connection
keep-alive
Content-Length
38886
Expires
Wed, 10 Apr 2024 23:52:18 GMT
sync
gum.criteo.com/ 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform3.js?siteId=15056&formatId=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
2fcb3d103aad1f0346dece11267313dd7dcdd4a76d27c5bc7592a7f83f138739
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 10 Apr 2024 21:52:17 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
514408
expires
60
libJsLP.js
tag.leadplace.fr/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.leadplace.fr/libJsLP.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform3.js?siteId=15056&formatId=6
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
145.239.192.166 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
97c32278e8275102822dd3f18f9de62b7ff1f796bb43cf04c0845114ec912d16

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 10 Apr 2024 21:52:18 GMT
last-modified
Wed, 06 Dec 2023 10:36:32 GMT
server
nginx/1.20.1
x-iplb-request-id
B2FF94A4:DAC2_91EFC0A6:01BB_66170A12_EDD4B572:27B4
etag
"65704eb0-f36"
x-iplb-instance
54293
content-type
application/javascript
accept-ranges
bytes
content-length
3894
/
onetag-sys.com/usync/ Frame 714B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1712785938560
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform3.js?siteId=15056&formatId=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://urlz.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language
no-NO,no;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-store
strict-transport-security
max-age=15552000
quant.js
secure.quantserve.com/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform3.js?siteId=15056&formatId=6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 10 Apr 2024 21:52:18 GMT
content-encoding
gzip
etag
"bvEECQq4Zy6gU9J/qv1O6Q=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Wed, 17 Apr 2024 21:52:18 GMT
px.js
p.cpx.to/p/12773/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.cpx.to/p/12773/px.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform3.js?siteId=15056&formatId=6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.166.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-166-195.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
5700996513ead25c58eff23d6ed08dec34b4884200a73743b5b4b89415e0e669

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 10 Apr 2024 21:52:18 GMT
cache-control
public, max-age=7200
content-length
4321
content-type
application/javascript; charset=UTF-8
mailNotification.php
adtrack.adleadevent.com/ 		0
859 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adtrack.adleadevent.com/mailNotification.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform3.js?siteId=15056&formatId=6
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.129.61.95 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-129-61-95.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Pragma
no-cache
Date
Wed, 10 Apr 2024 21:52:18 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Apr 2024 21:52:18 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0, no-cache="set-cookie"
Connection
keep-alive
Content-Length
20
Expires
Sat, 26 Jul 1997 05:00:00 GMT
prebid.js
tmzr.themoneytizer.fr/v8.38.0u2.0.8/3e06be10d289959c9e9e073686cd06a1/ 		487 KB
152 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tmzr.themoneytizer.fr/v8.38.0u2.0.8/3e06be10d289959c9e9e073686cd06a1/prebid.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform3.js?siteId=15056&formatId=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2308251473e545c086efde605bb725d5fbc57673c29e0ec5b1d0f12f72ea07b

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 10 Apr 2024 21:52:18 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
F7XT88VF5WJ2JY1H
age
3968
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
bXPTQqQWC3i1D5NBypumc/OX7jnx6pPTDuG1o3W0iAGgOWOBQlowahwpXZ5Kz7LDgOQ9i4jO5mM=
last-modified
Thu, 04 Apr 2024 22:50:13 GMT
server
cloudflare
etag
W/"1ed185b0de8887fcd1fb145f758cc0f0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o7qR33VxwwuDSqgKlv7uULuUR4FXSCXTjdB4Cm6I4%2BJu63613%2BypUIbWidYYqhXEV8m3kcYGeNMa83IQa5UsqIcGfe9Panb%2ByXDm8k%2BURGp9L3IIbTAI6LaTW3vmTq6G0HStGBfy4jA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
8725f694b9bf1c0e-OSL
collect
region1.google-analytics.com/g/ 		0
249 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-YETLCG4WNK&gtm=45je4480v9135308222za200&_p=1712785938503&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tcfd=10001&cid=822515857.1712785939&ul=en-us&sr=800x600&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=EAAI&_s=1&sid=1712785938&sct=1&seg=0&dl=https%3A%2F%2Furlz.fr%2FqcwX&dt=Client&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1528
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YETLCG4WNK&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Wed, 10 Apr 2024 21:52:18 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://urlz.fr
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rules-p-6Fv0cGNfc_bw8.js
rules.quantcount.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ab:2200:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 10 Apr 2024 21:18:29 GMT
content-encoding
gzip
via
1.1 73ce513d12556804240bd1d312686daa.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P3
age
2030
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Thu, 13 Oct 2022 22:35:53 GMT
server
AmazonS3
etag
W/"1f431dc94c1f033d6666f0fe637e2d7b"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-id
CZU8r3b3fGJQlHnWob1_etagMDGAEsqkGzbCXLmR2kfWoWXkZE7zfA==
lib_count.js
ads.themoneytizer.com/ 		400 B
512 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/lib_count.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3fe3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
public
date
Wed, 10 Apr 2024 21:52:18 GMT
cf-cache-status
HIT
last-modified
Wed, 07 Feb 2024 09:05:17 GMT
server
cloudflare
age
64318
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200, no-transform
accept-ranges
bytes
cf-ray
8725f6966fc4b4ed-OSL
content-length
400
expires
Thu, 11 Apr 2024 04:00:20 GMT
Primary Request welcome.html
apoyo-supporte-logiin-moujtabid60474585.codeanyapp.com/wp-content/plugins/ubh/Gjensidige/ 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://apoyo-supporte-logiin-moujtabid60474585.codeanyapp.com/wp-content/plugins/ubh/Gjensidige/welcome.html
Requested by
Host: urlz.fr
URL: https://urlz.fr/qcwX
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
45.55.112.74 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
openresty /
Resource Hash
f6122e82eba47e0400c64d4ff2ea472520829163cc9a743eaf4580f2d55b3a14

Request headers

Referer
https://urlz.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language
no-NO,no;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
2867
content-type
text/html
date
Wed, 10 Apr 2024 21:09:41 GMT
etag
"1f32-615923b34f9c0-gzip"
last-modified
Mon, 08 Apr 2024 09:14:23 GMT
server
openresty
vary
Accept-Encoding
cmp2.js
cmp.inmobi.com/tcfv2/ 		164 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.inmobi.com/tcfv2/cmp2.js?referer=www.themoneytizer.com
Requested by
Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2550:e800:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 10 Apr 2024 21:20:18 GMT
content-encoding
br
via
1.1 941eeb52a9594aec5cf3464efa0a3b66.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR50-P6
age
1927
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Mon, 08 Apr 2024 05:55:44 GMT
server
AmazonS3
etag
W/"0c68dd584ff370af61aaded5d3f2be99"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-meta-qc-ineu
True
vary
Accept-Encoding
x-amz-cf-id
SlPutRNTGzoe-qW9mvuI7Wy4U43BUSX0vY34gnQBVmnAx5K0vBWBUA==
/
kinesis.eu-west-1.amazonaws.com/ 		110 B
582 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kinesis.eu-west-1.amazonaws.com/
Requested by
Host: sdk.amazonaws.com
URL: https://sdk.amazonaws.com/js/aws-sdk-2.1531.0.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.80.34.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-34-159.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
no-NO,no;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=AKIARUA7VXOMLXRYLGG7/20240410/eu-west-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=f8625a2ae6e37f227ce7b8967986f85253d888331bba460fac99ae226782d3b7
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type
application/x-amz-json-1.1
X-Amz-Content-Sha256
cedaff9b4368572286b44c8b655fa4868e1ffd75048f468d5aa64a880840f4d2
Referer
https://urlz.fr/
X-Amz-Target
Kinesis_20131202.PutRecord
X-Amz-User-Agent
aws-sdk-js/2.1531.0 callback
X-Amz-Date
20240410T215218Z

Response headers

Date
Wed, 10 Apr 2024 21:52:19 GMT
x-amzn-RequestId
eec93929-b6ac-7999-b058-357a0d1197ba
Content-Type
application/x-amz-json-1.1
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
connection
keep-alive
Content-Length
110
x-amz-id-2
glBeo7L7FGWluhnRZUoQo3N77x6UqOt8nbRUXY1LlccYch3g86eBEVqzjwuegM/Cro+1jyIs8YTt3IwzQSDNawRdWqTDdb5lmc3FzM/VYY4=
/
kinesis.eu-west-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kinesis.eu-west-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.80.34.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-34-159.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://urlz.fr
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Access-Control-Allow-Headers
authorization,content-type,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Length
0
Date
Wed, 10 Apr 2024 21:52:19 GMT
connection
keep-alive
x-amzn-RequestId
c2df8ca7-0492-963f-9c4e-80f4bf2f781c
cmp-list.json
cmp.inmobi.com/GVL-v2/ 		18 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp.inmobi.com/GVL-v2/cmp-list.json
Requested by
Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=www.themoneytizer.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2550:e800:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Accept
application/json, text/plain, */*
Referer
https://urlz.fr/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 10 Apr 2024 03:00:44 GMT
content-encoding
br
via
1.1 83cc81dbfcd85df460d554e504f8a160.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR50-P6
age
67896
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Wed, 10 Apr 2024 03:00:42 GMT
server
AmazonS3
etag
W/"93383fb7bbf43ea5bbf5b3261e82c3cf"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=172800
access-control-allow-credentials
true
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
V847CR1Hq3D1kHuIMkZepMUL2E85Al6R0Is39Lu0tXizRxmZ4KUr-A==
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-162669458-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 10 Apr 2024 21:38:42 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
817
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 10 Apr 2024 23:38:42 GMT
cmp2ui-en.js
cmp.inmobi.com/tcfv2/52/ 		296 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.inmobi.com/tcfv2/52/cmp2ui-en.js
Requested by
Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=www.themoneytizer.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2550:e800:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 10 Apr 2024 05:56:08 GMT
content-encoding
br
via
1.1 941eeb52a9594aec5cf3464efa0a3b66.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR50-P6
age
57372
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Mon, 08 Apr 2024 05:55:37 GMT
server
AmazonS3
etag
W/"9c564132396970ef282cd03113b4e575"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=172800
vary
Accept-Encoding
x-amz-cf-id
b0-04S5JG4oQkO8XKdOWB6HIPOSuaH4jWoayL4CHPT1bX5t0YqaRug==
vendor-list-trimmed-v1.json
cmp.inmobi.com/GVL-v3/ 		576 KB
72 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp.inmobi.com/GVL-v3/vendor-list-trimmed-v1.json
Requested by
Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=www.themoneytizer.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2550:e800:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 09 Apr 2024 23:59:34 GMT
content-encoding
gzip
via
1.1 83cc81dbfcd85df460d554e504f8a160.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR50-P6
age
78776
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
last-modified
Thu, 04 Apr 2024 23:59:20 GMT
server
AmazonS3
etag
W/"d1ccc8bf1345a617c2b59eaf59cd729f"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
access-control-allow-credentials
true
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
awYKvzfL6OjURy-HyC9X8grJRVsD137GEpeVldyLNyF7Rsn0V5Rl_Q==
9.gif
id5-sync.com/i/12/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/12/9.gif?gdpr=true&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 Amsterdam, Netherlands, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

content-type
image/gif;charset=UTF-8
date
Wed, 10 Apr 2024 21:52:18 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
google-atp-list.json
cmp.inmobi.com/tcfv2/ 		142 KB
33 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp.inmobi.com/tcfv2/google-atp-list.json
Requested by
Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=www.themoneytizer.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2550:e800:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Accept
application/json, text/plain, */*
Referer
https://urlz.fr/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 10 Apr 2024 03:00:27 GMT
content-encoding
br
via
1.1 83cc81dbfcd85df460d554e504f8a160.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR50-P6
age
67913
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Wed, 10 Apr 2024 03:00:25 GMT
server
AmazonS3
etag
W/"0f8fc598c926314be5519b28317ea589"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=172800
access-control-allow-credentials
true
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
wL_X3jY_-hLcnSYoHDAbBZWLeWmS00Rqs5TMDmrA4t69GTckiGv_kQ==
/
api.cmp.inmobi.com/ 		0
0
geoip
cmp.inmobi.com/ 		39 B
322 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp.inmobi.com/geoip
Requested by
Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/52/cmp2ui-en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2550:e800:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash

Request headers

Accept
application/json, text/plain, */*
Referer
https://urlz.fr/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 10 Apr 2024 21:52:19 GMT
via
1.1 83cc81dbfcd85df460d554e504f8a160.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
LHR50-P6
x-cache
FunctionGeneratedResponse from cloudfront
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
*
content-length
39
x-amz-cf-id
RaMiATbVM07cqRMOLebgMT8pFrjeMMt7YVsUNyPtzTKhfZ0wpFaCsg==
collect
www.google-analytics.com/j/ 		1 B
201 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=327468456&t=pageview&_s=1&dl=https%3A%2F%2Furlz.fr%2FqcwX&ul=en-us&de=UTF-8&dt=Client&sd=24-bit&sr=800x600&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=365073914&gjid=959095678&cid=822515857.1712785939&tid=UA-162669458-1&_gid=1900513332.1712785939&_r=1&gtm=457e4480za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tcfd=1000h&jsscut=1&npa=1&z=923639980
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://urlz.fr/
accept-language
no-NO,no;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Apr 2024 21:52:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://urlz.fr
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
oidc-client.min.js
apoyo-supporte-logiin-moujtabid60474585.codeanyapp.com/static/bifrost/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://apoyo-supporte-logiin-moujtabid60474585.codeanyapp.com/static/bifrost/js/oidc-client.min.js?1.3.3+1f3089e9
Requested by
Host: apoyo-supporte-logiin-moujtabid60474585.codeanyapp.com
URL: https://apoyo-supporte-logiin-moujtabid60474585.codeanyapp.com/wp-content/plugins/ubh/Gjensidige/welcome.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
45.55.112.74 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
openresty /
Resource Hash

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://apoyo-supporte-logiin-moujtabid60474585.codeanyapp.com/wp-content/plugins/ubh/Gjensidige/welcome.html
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

content-type
text/html; charset=UTF-8
date
Wed, 10 Apr 2024 21:09:41 GMT
cache-control
no-cache, must-revalidate, max-age=0
server
openresty
link
<https://apoyo-supporte-logiin-moujtabid60474585.codeanyapp.com/wp-json/>; rel="https://api.w.org/"
expires
Wed, 11 Jan 1984 05:00:00 GMT
oidc-client.min.css
apoyo-supporte-logiin-moujtabid60474585.codeanyapp.com/wp-content/plugins/ubh/Gjensidige/style/ 		30 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://apoyo-supporte-logiin-moujtabid60474585.codeanyapp.com/wp-content/plugins/ubh/Gjensidige/style/oidc-client.min.css
Requested by
Host: apoyo-supporte-logiin-moujtabid60474585.codeanyapp.com
URL: https://apoyo-supporte-logiin-moujtabid60474585.codeanyapp.com/wp-content/plugins/ubh/Gjensidige/welcome.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
45.55.112.74 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
openresty /
Resource Hash
1ca91c942cc88a5d535a391160e66cfd3499239fd0bdb42f72ee23ffd7df7d0f

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://apoyo-supporte-logiin-moujtabid60474585.codeanyapp.com/wp-content/plugins/ubh/Gjensidige/welcome.html
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 10 Apr 2024 21:09:41 GMT
content-encoding
gzip
last-modified
Mon, 08 Apr 2024 09:14:23 GMT
server
openresty
etag
"7613-615923b34f9c0-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
6095
logo.svg
apoyo-supporte-logiin-moujtabid60474585.codeanyapp.com/wp-content/plugins/ubh/Gjensidige/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apoyo-supporte-logiin-moujtabid60474585.codeanyapp.com/wp-content/plugins/ubh/Gjensidige/logo.svg
Requested by
Host: apoyo-supporte-logiin-moujtabid60474585.codeanyapp.com
URL: https://apoyo-supporte-logiin-moujtabid60474585.codeanyapp.com/wp-content/plugins/ubh/Gjensidige/welcome.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
45.55.112.74 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
openresty /
Resource Hash
ecb0e38b4c2be3cb2ea228f88118824735de98ce8fa38167be92faa84a744931

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://apoyo-supporte-logiin-moujtabid60474585.codeanyapp.com/wp-content/plugins/ubh/Gjensidige/welcome.html
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 10 Apr 2024 21:09:41 GMT
last-modified
Mon, 08 Apr 2024 09:14:23 GMT
server
openresty
accept-ranges
bytes
etag
"19e6-615923b34f9c0"
content-length
6630
content-type
image/svg+xml
w-logo-blue-white-bg.png
apoyo-supporte-logiin-moujtabid60474585.codeanyapp.com/wp-includes/images/
Redirect Chain
  • https://apoyo-supporte-logiin-moujtabid60474585.codeanyapp.com/favicon.ico
  • https://apoyo-supporte-logiin-moujtabid60474585.codeanyapp.com/wp-includes/images/w-logo-blue-white-bg.png
4 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://apoyo-supporte-logiin-moujtabid60474585.codeanyapp.com/wp-includes/images/w-logo-blue-white-bg.png
Protocol
H2
Server
45.55.112.74 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
openresty /
Resource Hash
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0

Request headers

accept-language
no-NO,no;q=0.9
Referer
https://apoyo-supporte-logiin-moujtabid60474585.codeanyapp.com/wp-content/plugins/ubh/Gjensidige/welcome.html
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 10 Apr 2024 21:09:42 GMT
last-modified
Mon, 20 Dec 2021 15:24:56 GMT
server
openresty
accept-ranges
bytes
etag
"1017-5d3957db2a200"
content-length
4119
content-type
image/png

Redirect headers

location
https://apoyo-supporte-logiin-moujtabid60474585.codeanyapp.com/wp-includes/images/w-logo-blue-white-bg.png
date
Wed, 10 Apr 2024 21:09:41 GMT
server
openresty
link
<https://apoyo-supporte-logiin-moujtabid60474585.codeanyapp.com/wp-json/>; rel="https://api.w.org/"
content-length
0
x-redirect-by
WordPress
content-type
text/html; charset=UTF-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
api.cmp.inmobi.com
URL
https://api.cmp.inmobi.com/?log=%7B%22accountId%22%3A%226Fv0cGNfc_bw8%22%2C%22domain%22%3A%22urlz.fr%22%2C%22publisher%22%3A%22themoneytizer.com%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.52%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22JdpIh1wN33NiXwc3%2Fem6FQ%22%2C%22tagVersion%22%3A%22V2%22%2C%22gvlVersion%22%3A3%2C%22clientTimestamp%22%3A1712785939401%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-9drd2dl2aj9c79g7atgk%22%7D

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Gjensidige (Insurance)

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

number| watchDogTime number| watchDogTimer

6 Cookies

Domain/Path Name / Value
.urlz.fr/ Name: _ga_YETLCG4WNK
Value: GS1.1.1712785938.1.0.1712785938.0.0.0
adtrack.adleadevent.com/ Name: AWSELBCORS
Value: 9FC54D150466C174912E5199B1F8E822A79961F459222A4796B3BC5A624746187924E5A9D85256CD101C7B5617B87EC222DB6810D5FA7F2601127727C3997A195B0D3022C0
.urlz.fr/ Name: usprivacy
Value: 1Y--
.urlz.fr/ Name: _ga
Value: GA1.2.822515857.1712785939
.urlz.fr/ Name: _gid
Value: GA1.2.1900513332.1712785939
.urlz.fr/ Name: _gat_gtag_UA_162669458_1
Value: 1

11 Console Messages

Source Level URL
Text
other warning URL: https://urlz.fr/qcwX
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://urlz.fr/qcwX
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://urlz.fr/qcwX
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://urlz.fr/qcwX
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://urlz.fr/qcwX
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://urlz.fr/qcwX
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://urlz.fr/qcwX
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://urlz.fr/qcwX
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://apoyo-supporte-logiin-moujtabid60474585.codeanyapp.com/static/bifrost/js/oidc-client.min.js?1.3.3+1f3089e9
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://apoyo-supporte-logiin-moujtabid60474585.codeanyapp.com/static/bifrost/js/oidc-client.min.js?1.3.3+1f3089e9
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://apoyo-supporte-logiin-moujtabid60474585.codeanyapp.com/static/bifrost/js/oidc-client.min.js?1.3.3+1f3089e9
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.themoneytizer.com
adtrack.adleadevent.com
api.cmp.inmobi.com
apoyo-supporte-logiin-moujtabid60474585.codeanyapp.com
ced.sascdn.com
cmp.inmobi.com
cmp.quantcast.com
gum.criteo.com
id5-sync.com
kinesis.eu-west-1.amazonaws.com
onetag-sys.com
p.cpx.to
region1.google-analytics.com
rules.quantcount.com
sdk.amazonaws.com
secure.quantserve.com
tag.leadplace.fr
tmzr.themoneytizer.fr
urlz.fr
www.google-analytics.com
www.googletagmanager.com
api.cmp.inmobi.com
104.21.234.214
108.129.61.95
108.156.60.17
145.239.192.166
162.19.138.120
18.245.86.24
188.114.96.3
2.16.202.64
2001:4860:4802:32::36
2600:9000:20ab:2200:6:44e3:f8c0:93a1
2600:9000:2550:e800:1b:cadc:ef40:93a1
2606:4700:10::6816:3fe3
2606:4700:3038::6815:ead7
2620:116:800d:21:ef75:8280:f209:5ba1
2a00:1450:4001:80e::200e
2a00:1450:4001:81c::2008
2a02:2638:3::c
45.55.112.74
51.89.9.253
54.72.166.195
99.80.34.159
14c8b262ae79bf052c794da03d4d0049acf076bc95fdcbd411efc13681c0757f
1634134c868ab703609bf5486d9ab598795449e43bc5ed7f164d5091dbe2052c
1ca91c942cc88a5d535a391160e66cfd3499239fd0bdb42f72ee23ffd7df7d0f
2fcb3d103aad1f0346dece11267313dd7dcdd4a76d27c5bc7592a7f83f138739
4501714a0b7c037c021accad8be8bbe25ce3a3cb2edb1d080a6566a0a18d832a
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d
5386f8a6afa9dbb9514a34b83929d79485e9e9550663a0ddc5996d6383379e77
5700996513ead25c58eff23d6ed08dec34b4884200a73743b5b4b89415e0e669
582ac1096ac0d4fef1813550829c43ea4f2033e24f1ee7c4d59ab5cd1eb622ab
5ead12db177a45af35347209eea69b482e91ed0826ae7fa1df85aa9c5acdf552
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0
6e149b82e9bde8226e779d50fcdcfd9c7b942abfc49cda2890af41dbd04153f6
841aa9ca85d7e4bc5124187affee730a2d5d31e8e2e99dde64915d84a24e9a5d
97c32278e8275102822dd3f18f9de62b7ff1f796bb43cf04c0845114ec912d16
9b4511d25e624e7884feded89dae0b9890d35bbe2f0686d2f06c8dddd5e2af64
9b66298bb402a2a2a52dcb8761102317a7b17095745b39aca8a61d3f325b8128
a273e5a2bb48f4146f5bad89ee52aa2893c207c6989c99f584054edd9b52f368
aa08ed3725920fefd909f8763945e103af21df309cc27a821dc9b3b5b6dd8773
b786d2e8f834fe5a96fb5ee403cdb1a0e31e140f7890b64910fb5c8fc6e821e1
c2308251473e545c086efde605bb725d5fbc57673c29e0ec5b1d0f12f72ea07b
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecb0e38b4c2be3cb2ea228f88118824735de98ce8fa38167be92faa84a744931
f6122e82eba47e0400c64d4ff2ea472520829163cc9a743eaf4580f2d55b3a14