urlscan.io logo urlscan.io
SecurityTrails logo

thepoorlittle.dosuchathing.icu Open in urlscan Pro
2606:4700:30::6812:2c85  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://klx.ro/O
Effective URL: http://thepoorlittle.dosuchathing.icu/
Submission: On October 18 via manual from RU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 27 IPs in 8 countries across 33 domains to perform 62 HTTP transactions. The main IP is 2606:4700:30::6812:2c85, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is thepoorlittle.dosuchathing.icu.
This is the only time thepoorlittle.dosuchathing.icu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
9 188.215.2.122 205275 (ROMARG)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2 2606:4700:31:... 13335 (CLOUDFLAR...)
12 2606:4700:30:... 13335 (CLOUDFLAR...)
5 151.139.241.23 33438 (HIGHWINDS2)
1 145.239.193.145 16276 (OVH)
1 74.214.194.132 59940 (PULSEPOIN...)
1 13.225.78.4 16509 (AMAZON-02)
1 1 185.86.137.17 201081 (SMARTADSE...)
1 68.232.35.16 15133 (EDGECAST)
2 145.239.193.51 16276 (OVH)
1 91.228.74.252 27281 (QUANTCAST)
1 13.224.197.208 16509 (AMAZON-02)
3 5.179.192.20 34235 (ASPSERVEU...)
1 94.23.196.203 16276 (OVH)
4 34.246.169.240 16509 (AMAZON-02)
1 2 2600:9000:20e... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 91.228.74.236 27281 (QUANTCAST)
1 54.247.83.136 16509 (AMAZON-02)
2 2 172.217.18.162 15169 (GOOGLE)
2 2 185.64.189.110 62713 (AS-PUBMATIC)
2 2 185.33.223.100 29990 (ASN-APPNEXUS)
1 104.16.92.60 13335 (CLOUDFLAR...)
1 3.122.79.124 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 178.79.227.76 22822 (LLNW)
1 143.204.101.52 16509 (AMAZON-02)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 13.224.196.110 16509 (AMAZON-02)
62 27
9    188.215.2.122 (Romania)

ASN205275 (ROMARG, RO)
klx.ro
bogdantudose.com
3    2606:4700::6813:c397 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdnjs.cloudflare.com
ajax.cloudflare.com
2    2606:4700:31::681f:ab2 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
urlz.fr
12    2606:4700:30::6812:2c85 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
thepoorlittle.dosuchathing.icu
5    151.139.241.23 (Dallas, United States)

ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US)
ads.themoneytizer.com
1    145.239.193.145 (France)

ASN16276 (OVH, FR)
g.tmyzer.com
1    74.214.194.132 (Amsterdam, Netherlands)

ASN59940 (PULSEPOINT-EU, NL)
tag.contextweb.com
1    13.225.78.4 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-225-78-4.fra2.r.cloudfront.net
p.cpx.to
1    185.86.137.17 (France)

ASN201081 (SMARTADSERVER, FR)
ww1097.smartadserver.com
1    68.232.35.16 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
ced-ns.sascdn.com
2    145.239.193.51 (France)

ASN16276 (OVH, FR)
tag.leadplace.fr
1    91.228.74.252 (United Kingdom)

ASN27281 (QUANTCAST - Quantcast Corporation, US)
edge.quantserve.com
1    13.224.197.208 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-224-197-208.fra2.r.cloudfront.net
d2zur9cc2gf1tx.cloudfront.net
3    5.179.192.20 (Paris, France)

ASN34235 (ASPSERVEUR-AS, FR)
PTR: 5-179-192-20.dynamixhost.net
player.pepsia.com
1    94.23.196.203 (France)

ASN16276 (OVH, FR)
PTR: serveur8.wilsoftech.com
www.noowho.com
4    34.246.169.240 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-246-169-240.eu-west-1.compute.amazonaws.com
s.cpx.to
2    2600:9000:20eb:6a00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
rules.quantcount.com
1    2a00:1450:4001:81a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
ajax.googleapis.com
1    91.228.74.236 (United Kingdom)

ASN27281 (QUANTCAST - Quantcast Corporation, US)
pixel.quantserve.com
1    54.247.83.136 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-247-83-136.eu-west-1.compute.amazonaws.com
adtrack.adleadevent.com
2    172.217.18.162 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s29-in-f2.1e100.net
cm.g.doubleclick.net
2    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC - PubMatic, Inc., US)
image2.pubmatic.com
2    185.33.223.100 (Netherlands)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 373.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com
1    104.16.92.60 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
dmp.truoptik.com
1    3.122.79.124 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-3-122-79-124.eu-central-1.compute.amazonaws.com
pool.grid-data.bidswitch.net
1    2a00:1450:4001:815::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
1    178.79.227.76 (Italy)

ASN22822 (LLNW - Limelight Networks, Inc., US)
PTR: https-178-79-227-76.vie.llnw.net
api.dmcdn.net
1    143.204.101.52 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-101-52.fra50.r.cloudfront.net
hv-contents.adpaths.com
1    2001:4de0:ac19::1:b:1b (Netherlands)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
maxcdn.bootstrapcdn.com
1    13.224.196.110 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-224-196-110.fra2.r.cloudfront.net
www.adwstats.com
Apex Domain
Subdomains		 Transfer
12 dosuchathing.icu
thepoorlittle.dosuchathing.icu
64 KB
8 klx.ro
klx.ro
53 KB
5 cpx.to
p.cpx.to
s.cpx.to
6 KB
5 themoneytizer.com
ads.themoneytizer.com
142 KB
3 pepsia.com
player.pepsia.com
54 KB
3 cloudflare.com
cdnjs.cloudflare.com
ajax.cloudflare.com
8 KB
2 adnxs.com
secure.adnxs.com
2 KB
2 pubmatic.com
image2.pubmatic.com
1 KB
2 doubleclick.net
cm.g.doubleclick.net
592 B
2 quantcount.com
rules.quantcount.com
1 KB
2 quantserve.com
edge.quantserve.com
pixel.quantserve.com
6 KB
2 leadplace.fr
tag.leadplace.fr
3 KB
2 urlz.fr
urlz.fr
2 KB
1 adwstats.com
www.adwstats.com
2 KB
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com
18 KB
1 adpaths.com
hv-contents.adpaths.com
65 KB
1 dmcdn.net
api.dmcdn.net
10 KB
1 google-analytics.com
www.google-analytics.com
17 KB
1 bidswitch.net
pool.grid-data.bidswitch.net
300 B
1 truoptik.com
dmp.truoptik.com
1 adleadevent.com
adtrack.adleadevent.com
517 B
1 googleapis.com
ajax.googleapis.com
30 KB
1 noowho.com
www.noowho.com
2 KB
1 cloudfront.net
d2zur9cc2gf1tx.cloudfront.net
26 KB
1 sascdn.com
ced-ns.sascdn.com
8 KB
1 smartadserver.com
ww1097.smartadserver.com
197 B
1 contextweb.com
tag.contextweb.com
11 KB
1 tmyzer.com
g.tmyzer.com
200 B
1 bogdantudose.com
bogdantudose.com
0 dailymotion.com Failed
www.dailymotion.com Failed
0 avocet.io Failed
ads.avocet.io Failed
0 adform.net Failed
c1.adform.net Failed
0 criteo.com Failed
gum.criteo.com Failed
62 33
Domain Requested by
12 thepoorlittle.dosuchathing.icu urlz.fr
klx.ro
thepoorlittle.dosuchathing.icu
8 klx.ro klx.ro
5 ads.themoneytizer.com ajax.cloudflare.com
ads.themoneytizer.com
4 s.cpx.to p.cpx.to
3 player.pepsia.com klx.ro
player.pepsia.com
2 secure.adnxs.com 2 redirects
2 image2.pubmatic.com 2 redirects
2 cm.g.doubleclick.net 2 redirects
2 rules.quantcount.com 1 redirects
2 tag.leadplace.fr ads.themoneytizer.com
tag.leadplace.fr
2 urlz.fr 1 redirects klx.ro
2 cdnjs.cloudflare.com
1 www.adwstats.com hv-contents.adpaths.com
urlz.fr
1 maxcdn.bootstrapcdn.com player.pepsia.com
1 hv-contents.adpaths.com player.pepsia.com
1 api.dmcdn.net player.pepsia.com
1 www.google-analytics.com klx.ro
1 pool.grid-data.bidswitch.net
1 dmp.truoptik.com
1 adtrack.adleadevent.com ajax.googleapis.com
1 pixel.quantserve.com
1 ajax.googleapis.com d2zur9cc2gf1tx.cloudfront.net
1 www.noowho.com
1 d2zur9cc2gf1tx.cloudfront.net ads.themoneytizer.com
1 edge.quantserve.com ads.themoneytizer.com
1 ced-ns.sascdn.com
1 ww1097.smartadserver.com 1 redirects
1 p.cpx.to ads.themoneytizer.com
1 tag.contextweb.com ads.themoneytizer.com
1 g.tmyzer.com ads.themoneytizer.com
1 ajax.cloudflare.com urlz.fr
1 bogdantudose.com klx.ro
0 www.dailymotion.com Failed api.dmcdn.net
0 ads.avocet.io Failed
0 c1.adform.net Failed
0 gum.criteo.com Failed
62 36

This site contains no links.

Subject Issuer Validity Valid
bogdantudose.com
Let's Encrypt Authority X3		 2019-10-07 -
2020-01-05		 3 months crt.sh
ssl412106.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-08-10 -
2020-02-16		 6 months crt.sh
*.themoneytizer.com
Sectigo RSA Domain Validation Secure Server CA		 2019-02-15 -
2021-02-14		 2 years crt.sh
www.noowho.com
Gandi Standard SSL CA 2		 2017-02-07 -
2020-02-07		 3 years crt.sh
s.cpx.to
COMODO RSA Domain Validation Secure Server CA		 2015-02-10 -
2020-02-09		 5 years crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2018-10-16 -
2019-10-21		 a year crt.sh
adtrack.adleadevent.com
Amazon		 2019-06-30 -
2020-07-30		 a year crt.sh
*.truoptik.com
Go Daddy Secure Certificate Authority - G2		 2018-11-13 -
2020-11-13		 2 years crt.sh
pool.grid-data.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2019-03-13 -
2020-03-12		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2019-10-03 -
2019-12-26		 3 months crt.sh
*.dmcdn.net
Let's Encrypt Authority X3		 2019-09-01 -
2019-11-30		 3 months crt.sh
*.bootstrapcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2019-09-14 -
2020-10-13		 a year crt.sh
*.adwstats.com
Amazon		 2019-04-23 -
2020-05-23		 a year crt.sh

This page contains 7 frames:

Primary Page: http://thepoorlittle.dosuchathing.icu/
Frame ID: CC4D142C0015115BBA6C150EDBC854F1
Requests: 50 HTTP requests in this frame

Frame: https://bogdantudose.com/
Frame ID: F056927776005472EF99B6D64263BD93
Requests: 1 HTTP requests in this frame

Frame: http://thepoorlittle.dosuchathing.icu/
Frame ID: A97DB821E593ACF4BB1BEA6A3BBB0095
Requests: 1 HTTP requests in this frame

Frame: http://thepoorlittle.dosuchathing.icu/
Frame ID: 9CD5635A73DF27BD8F78D7828E79DF8B
Requests: 1 HTTP requests in this frame

Frame: http://tag.leadplace.fr/wckr.php?nogdpr&id=MTIZ
Frame ID: D0D7101CB3F54EAD5D5FD53EB5A00CF4
Requests: 1 HTTP requests in this frame

Frame: https://www.google-analytics.com/analytics.js
Frame ID: 428A212CFD53FF5D1F564C6F3E262897
Requests: 8 HTTP requests in this frame

Frame: http://www.dailymotion.com/embed?api=postMessage&autoplay-mute=true&autoplay=true&controls=false&endscreen-enable=false&id=player_screen_video&mute=true&origin=http%3A%2F%2Furlz.fr&sharing-enable=false&syndication=273739&ui-logo=false&ui-start-screen-info=false
Frame ID: 4E476C26D8BDFE8E06A125C6DD174C4D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://klx.ro/O Page URL
  2. https://urlz.fr/aOyZ HTTP 301
    http://urlz.fr/aOyZ Page URL
  3. http://thepoorlittle.dosuchathing.icu/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^LiteSpeed$/i

Page Statistics

62
Requests

32 %
HTTPS

23 %
IPv6

33
Domains

36
Subdomains

27
IPs

8
Countries

528 kB
Transfer

1394 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://klx.ro/O Page URL
  2. https://urlz.fr/aOyZ HTTP 301
    http://urlz.fr/aOyZ Page URL
  3. http://thepoorlittle.dosuchathing.icu/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • http://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/light-floating.css HTTP 307
  • https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/light-floating.css
Request Chain 11
  • https://urlz.fr/aOyZ HTTP 301
  • http://urlz.fr/aOyZ
Request Chain 21
  • http://ww1097.smartadserver.com/config.js?nwid=1097 HTTP 302
  • http://ced-ns.sascdn.com/diff/js/smart.js
Request Chain 22
  • http://gum.criteo.com/sync?c=147&r=2&j=criteoCallback HTTP 302
  • https://gum.criteo.com:80/sync?c=147&r=2&j=criteoCallback
Request Chain 30
  • https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/12/0/9/1.gif?gdpr=1&gdpr_consent= HTTP 302
  • https://secure.adnxs.com/getuid?https://id5-sync.com/c/12/2/8/2.gif?puid=$UID&gdpr=1&gdpr_consent= HTTP 302
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fid5-sync.com%2Fc%2F12%2F2%2F8%2F2.gif%3Fpuid%3D%24UID%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/12/2/8/2.gif?puid=2976808230168133047&gdpr=1&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F10%2F7%2F3.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D1%26gdpr_consent%3D
Request Chain 32
  • http://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js HTTP 301
  • https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Request Chain 39
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=5990f7da-edf4-4a6b-8b1b-578cf0c2e2c1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm=&dsp=dbm&fid=5990f7da-edf4-4a6b-8b1b-578cf0c2e2c1&google_tc= HTTP 302
  • https://s.cpx.to/ca.png?dsp=dbm&fid=5990f7da-edf4-4a6b-8b1b-578cf0c2e2c1&google_gid=CAESEFZbc_qyjvPnt4zLxwqIQb4&google_cver=1
Request Chain 40
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D5990f7da-edf4-4a6b-8b1b-578cf0c2e2c1 HTTP 302
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D5990f7da-edf4-4a6b-8b1b-578cf0c2e2c1 HTTP 302
  • https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=3E993386-1A58-4C26-8708-D8D0C1220B52&fid=5990f7da-edf4-4a6b-8b1b-578cf0c2e2c1
Request Chain 41
  • https://ads.avocet.io/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Davocet%26dsp_uid%3D%7B%7BUUID%7D%7D%26fid%3D5990f7da-edf4-4a6b-8b1b-578cf0c2e2c1 HTTP 302
  • https://ads.avocet.io/getuid?bounce=true&url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Davocet%26dsp_uid%3D%7B%7BUUID%7D%7D%26fid%3D5990f7da-edf4-4a6b-8b1b-578cf0c2e2c1
Request Chain 42
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D11528%26ref%3Dhttp%253A%252F%252Fklx.ro%252FO%26hn_ver%3D10%26fid%3D5990f7da-edf4-4a6b-8b1b-578cf0c2e2c1 HTTP 302
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.cpx.to%252Fan_fire%253Fapp_nexus_uid%253D%2524UID%2526pid%253D11528%2526ref%253Dhttp%25253A%25252F%25252Fklx.ro%25252FO%2526hn_ver%253D10%2526fid%253D5990f7da-edf4-4a6b-8b1b-578cf0c2e2c1 HTTP 302
  • https://s.cpx.to/an_fire?app_nexus_uid=2240978956950857081&pid=11528&ref=http%3A%2F%2Fklx.ro%2FO&hn_ver=10&fid=5990f7da-edf4-4a6b-8b1b-578cf0c2e2c1

62 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
O
klx.ro/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://klx.ro/O
Protocol
HTTP/1.1
Server
188.215.2.122 , Romania, ASN205275 (ROMARG, RO),
Reverse DNS
Software
LiteSpeed /
Resource Hash
8d7e31ba767478940e739fbdf52fcdf4746a8a81ffd4bf112e10309078d649d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
klx.ro
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Content-Length
1271
Content-Encoding
gzip
Vary
Accept-Encoding
Date
Fri, 18 Oct 2019 10:06:46 GMT
Server
LiteSpeed
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
frontend.css
klx.ro/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://klx.ro/css/frontend.css
Requested by
Host: klx.ro
URL: http://klx.ro/O
Protocol
HTTP/1.1
Server
188.215.2.122 , Romania, ASN205275 (ROMARG, RO),
Reverse DNS
Software
LiteSpeed /
Resource Hash
8f32680cfb742e5616c0ec4aa2e37372cf953b45eab0e15403bc505e16ebf0d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://klx.ro/O
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 18 Oct 2019 10:06:46 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Sun, 06 Jan 2013 09:31:32 GMT
Server
LiteSpeed
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
1821
X-XSS-Protection
1; mode=block
Expires
Fri, 25 Oct 2019 10:06:46 GMT
jquery.min.js
klx.ro/assets/8104532d/ 		93 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://klx.ro/assets/8104532d/jquery.min.js
Requested by
Host: klx.ro
URL: http://klx.ro/O
Protocol
HTTP/1.1
Server
188.215.2.122 , Romania, ASN205275 (ROMARG, RO),
Reverse DNS
Software
LiteSpeed /
Resource Hash
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://klx.ro/O
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 18 Oct 2019 10:06:46 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 12 Mar 2019 21:54:29 GMT
Server
LiteSpeed
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
37778
X-XSS-Protection
1; mode=block
Expires
Fri, 25 Oct 2019 10:06:46 GMT
frontend.js
klx.ro/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://klx.ro/js/frontend.js?v=0.1
Requested by
Host: klx.ro
URL: http://klx.ro/O
Protocol
HTTP/1.1
Server
188.215.2.122 , Romania, ASN205275 (ROMARG, RO),
Reverse DNS
Software
LiteSpeed /
Resource Hash
186a97c6e86dfe00138bf544cd9dd76c93fd6c78e1605d5c3d87744ea3f7b98b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://klx.ro/O
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 18 Oct 2019 10:06:46 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Sat, 10 Feb 2018 11:32:48 GMT
Server
LiteSpeed
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
1528
X-XSS-Protection
1; mode=block
Expires
Fri, 25 Oct 2019 10:06:46 GMT
clipboard.min.js
klx.ro/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://klx.ro/js/clipboard.min.js
Requested by
Host: klx.ro
URL: http://klx.ro/O
Protocol
HTTP/1.1
Server
188.215.2.122 , Romania, ASN205275 (ROMARG, RO),
Reverse DNS
Software
LiteSpeed /
Resource Hash
0da7fc1ae23678b2872653962d147fcd1cbd0a5a9c8f84d44ae99bc581fd9062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://klx.ro/O
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 18 Oct 2019 10:06:46 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Sat, 10 Feb 2018 11:00:08 GMT
Server
LiteSpeed
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
3717
X-XSS-Protection
1; mode=block
Expires
Fri, 25 Oct 2019 10:06:46 GMT
share42.js
klx.ro/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://klx.ro/js/share42.js
Requested by
Host: klx.ro
URL: http://klx.ro/O
Protocol
HTTP/1.1
Server
188.215.2.122 , Romania, ASN205275 (ROMARG, RO),
Reverse DNS
Software
LiteSpeed /
Resource Hash
29f6ef13daa8d8813f043b0a368762a7b950ffb195cea4d01f46d334fb6fcb27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://klx.ro/O
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 18 Oct 2019 10:06:46 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 24 Dec 2012 16:22:48 GMT
Server
LiteSpeed
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
1429
X-XSS-Protection
1; mode=block
Expires
Fri, 25 Oct 2019 10:06:46 GMT
cookieconsent.latest.min.js
klx.ro/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://klx.ro/js/cookieconsent.latest.min.js
Requested by
Host: klx.ro
URL: http://klx.ro/O
Protocol
HTTP/1.1
Server
188.215.2.122 , Romania, ASN205275 (ROMARG, RO),
Reverse DNS
Software
LiteSpeed /
Resource Hash
190fc02d8e8f1dd5acc40f48d0d6203e6115eb31e3f47f55db0c3f07797d68f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://klx.ro/O
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 18 Oct 2019 10:06:46 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Sat, 09 Jan 2016 14:31:46 GMT
Server
LiteSpeed
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
2028
X-XSS-Protection
1; mode=block
Expires
Fri, 25 Oct 2019 10:06:46 GMT
/
bogdantudose.com/ Frame F056 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://bogdantudose.com/
Requested by
Host: klx.ro
URL: http://klx.ro/O
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.215.2.122 , Romania, ASN205275 (ROMARG, RO),
Reverse DNS
Software
LiteSpeed /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
bogdantudose.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
http://klx.ro/O
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
http://klx.ro/O

Response headers

status
200
content-type
text/html; charset=UTF-8
link
<https://bogdantudose.com/wp-json/>; rel="https://api.w.org/"
content-encoding
br
vary
Accept-Encoding
date
Fri, 18 Oct 2019 10:06:48 GMT
server
LiteSpeed
x-xss-protection
1; mode=block
x-content-type-options
nosniff
alt-svc
quic=":443"; ma=2592000; v="39,43,46", h3-22=":443"; ma=2592000
bg.png
klx.ro/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://klx.ro/images/bg.png
Requested by
Host: klx.ro
URL: http://klx.ro/assets/8104532d/jquery.min.js
Protocol
HTTP/1.1
Server
188.215.2.122 , Romania, ASN205275 (ROMARG, RO),
Reverse DNS
Software
LiteSpeed /
Resource Hash
d611c68aa02e4cee400a1e6a34bb27628d53a5329a3b249ff6c022799071f535
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://klx.ro/css/frontend.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 18 Oct 2019 10:06:46 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sat, 15 Dec 2012 19:51:36 GMT
Server
LiteSpeed
Content-Type
image/png
Cache-Control
public, max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
1575
X-XSS-Protection
1; mode=block
Expires
Fri, 25 Oct 2019 10:06:46 GMT
light-floating.css
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/
Redirect Chain
  • http://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/light-floating.css
  • https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/light-floating.css
3 KB
1003 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/light-floating.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:c397 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2092ebd1f047497d83275b8d386fa1e6085a691004ed65c7810c332551393109
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
http://klx.ro/O
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 10:06:49 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
16027147
status
200
served-in-seconds
0.013
timing-allow-origin
*
last-modified
Thu, 17 May 2018 09:18:32 GMT
server
cloudflare
etag
W/"5afd48e8-d10"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
5279b3a61f57596a-VIE
expires
Wed, 07 Oct 2020 10:06:49 GMT

Redirect headers

Location
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/light-floating.css
Non-Authoritative-Reason
HSTS
logo.png
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/logo.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:c397 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
9dae62151120e18b465ffc5c8e9e342ecc28a6efe1a0d71c9766d677a5ddc389
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/light-floating.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 10:06:49 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
16027150
status
200
content-length
3083
served-in-seconds
0.011
timing-allow-origin
*
last-modified
Thu, 17 May 2018 09:18:36 GMT
server
cloudflare
etag
"5afd48ec-c0b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
5279b3a63f64596a-VIE
expires
Wed, 07 Oct 2020 10:06:49 GMT
aOyZ
urlz.fr/
Redirect Chain
  • https://urlz.fr/aOyZ
  • http://urlz.fr/aOyZ
3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://urlz.fr/aOyZ
Requested by
Host: klx.ro
URL: http://klx.ro/O
Protocol
HTTP/1.1
Server
2606:4700:31::681f:ab2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a52742c7e9faa09dbf18fa18f80f74615e3bbcd790026bc32cb426f81da55381

Request headers

Host
urlz.fr
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://klx.ro/O
Accept-Encoding
gzip, deflate
Cookie
__cfduid=d4631b020d31fca9cf370de0fd06671141571393213
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Referer
http://klx.ro/O

Response headers

Date
Fri, 18 Oct 2019 10:06:53 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
CF-Cache-Status
DYNAMIC
Server
cloudflare
CF-RAY
5279b3be4fae59a6-VIE
Content-Encoding
gzip

Redirect headers

status
301
date
Fri, 18 Oct 2019 10:06:53 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d4631b020d31fca9cf370de0fd06671141571393213; expires=Sat, 17-Oct-20 10:06:53 GMT; path=/; domain=.urlz.fr; HttpOnly
location
http://urlz.fr/aOyZ
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5279b3bd8aae5a00-VIE
rocket-loader.min.js
ajax.cloudflare.com/cdn-cgi/scripts/95c75768/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.cloudflare.com/cdn-cgi/scripts/95c75768/cloudflare-static/rocket-loader.min.js
Requested by
Host: urlz.fr
URL: http://urlz.fr/aOyZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:c397 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ebb1042972496d60bb6555b9622f7e23201bbfe5d25b33d1096f1b61d659045
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://urlz.fr/aOyZ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 10:06:53 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Tue, 15 Oct 2019 11:36:08 GMT
server
cloudflare
etag
W/"5da5af28-2fb5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
application/javascript
status
200
cache-control
max-age=172800, public
strict-transport-security
max-age=15780000; includeSubDomains
cf-ray
5279b3bf2cb6596a-VIE
expires
Sun, 20 Oct 2019 10:06:53 GMT
Cookie set /
thepoorlittle.dosuchathing.icu/ Frame A97D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://thepoorlittle.dosuchathing.icu/
Requested by
Host: urlz.fr
URL: http://urlz.fr/aOyZ
Protocol
HTTP/1.1
Server
2606:4700:30::6812:2c85 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / PHP/5.4.45
Resource Hash

Request headers

Host
thepoorlittle.dosuchathing.icu
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://urlz.fr/aOyZ
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://urlz.fr/aOyZ

Response headers

Date
Fri, 18 Oct 2019 10:06:53 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=de37f281820e8113a6978b8c35baf2c101571393213; expires=Sat, 17-Oct-20 10:06:53 GMT; path=/; domain=.dosuchathing.icu; HttpOnly
Vary
Accept-Encoding
X-Powered-By
PHP/5.4.45
CF-Cache-Status
DYNAMIC
Server
cloudflare
CF-RAY
5279b3bf5d045946-VIE
Content-Encoding
gzip
requestform.js
ads.themoneytizer.com/s/ 		34 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/95c75768/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
NetDNA-cache/2.2 / PHP/5.4.45
Resource Hash
d07c2f705dd53327a61a765873c4cc30ae9f7cb0c6d7dc04b53eaa29de1aadf3

Request headers

Referer
http://urlz.fr/aOyZ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 18 Oct 2019 10:06:53 GMT
Content-Encoding
gzip
Server
NetDNA-cache/2.2
X-Powered-By
PHP/5.4.45
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
text/html; charset=UTF-8
Cache-control
max-age=86400
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
Expires
Sat, 19 Oct 2019 10:06:53 GMT
gen.js
ads.themoneytizer.com/s/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ads.themoneytizer.com/s/gen.js?type=28
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/95c75768/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
NetDNA-cache/2.2 / PHP/5.4.45
Resource Hash
2c0b1cf6965cedd6fdc86718ff298f16a50ad29397c68cb6b4de5c0954f98728

Request headers

Referer
http://urlz.fr/aOyZ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 18 Oct 2019 10:06:02 GMT
Content-Encoding
gzip
Server
NetDNA-cache/2.2
X-Powered-By
PHP/5.4.45
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
text/html; charset=UTF-8
Cache-control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2655
Expires
Sat, 19 Oct 2019 10:06:02 GMT
/
g.tmyzer.com/g/ 		26 B
200 B 		Script
General
Check archive.org
Download Go to
Full URL
http://g.tmyzer.com/g/
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol
HTTP/1.1
Server
145.239.193.145 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
8c8543047af01eee8aec752d049f35aff3abc468628af82f9585117411786d8c

Request headers

Referer
http://urlz.fr/aOyZ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 18 Oct 2019 10:06:53 GMT
Server
nginx
X-IPLB-Instance
29821
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
moneyvisibility.js
ads.themoneytizer.com/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/moneyvisibility.js
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
7665c874bc98e44bd494def2883069f2f4c14cdef48d52d517cbbfce75440f37

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://urlz.fr/aOyZ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 10:06:53 GMT
content-encoding
gzip
last-modified
Wed, 27 Feb 2019 16:57:07 GMT
server
nginx
etag
"779a-308e-582e3105a6be4"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
status
200
cache-control
max-age=86400
accept-ranges
bytes
content-length
3931
expires
Sat, 19 Oct 2019 10:05:56 GMT
moneybile.js
ads.themoneytizer.com/ 		37 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/moneybile.js
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
94666aec361fee9a9294bb32a5bc11867e479d41c199dd6ec8053122ae105a4b

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://urlz.fr/aOyZ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 10:06:53 GMT
content-encoding
gzip
last-modified
Wed, 27 Feb 2019 16:57:00 GMT
server
nginx
etag
"7ff1-9390-582e30fefbc74"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
status
200
cache-control
max-age=86400
accept-ranges
bytes
content-length
15733
expires
Sat, 19 Oct 2019 10:05:58 GMT
getjs.static.js
tag.contextweb.com/ 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://tag.contextweb.com/getjs.static.js
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol
HTTP/1.1
Server
74.214.194.132 Amsterdam, Netherlands, ASN59940 (PULSEPOINT-EU, NL),
Reverse DNS
Software
envoy /
Resource Hash
bf0e17523e8f57ccb02223b6e5adea462a5479afc4e79d9cbf80ca7f6186dc69

Request headers

Referer
http://urlz.fr/aOyZ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 10:06:53 GMT
content-encoding
gzip
server
envoy
etag
d13c8ae45565efb782b52cb7f6a3b3828e3d77a7
p3p
policyref="/TagPublish/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
max-age=432000, public
x-envoy-upstream-service-time
2
content-type
application/x-javascript
content-length
11296
px.js
p.cpx.to/p/11528/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://p.cpx.to/p/11528/px.js?r=195ee
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol
HTTP/1.1
Server
13.225.78.4 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-225-78-4.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
759d88dd7c8fa0d1e31323bd2ebf3f238156fdcbd1ed108215f69fece482d0c2

Request headers

Referer
http://urlz.fr/aOyZ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 16 Oct 2019 23:39:50 GMT
Content-Encoding
UTF-8
Connection
keep-alive
Last-Modified
Wed, 10 Oct 2018 10:49:46 GMT
Server
AmazonS3
Age
124024
ETag
"f30057c89bf67afeaf18ceba624fa4b7"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 6c9a2d99a25484f38efa27d58a726b2d.cloudfront.net (CloudFront)
Cache-Control
max-age=2419200
X-Amz-Cf-Pop
FRA2-C2
Accept-Ranges
bytes
Content-Length
1498
X-Amz-Cf-Id
kP9P6ByYW_uDG8dj-apoNOIHUZFM5kz11M-OpCEFKR-a17_5xGWcyg==
smart.js
ced-ns.sascdn.com/diff/js/
Redirect Chain
  • http://ww1097.smartadserver.com/config.js?nwid=1097
  • http://ced-ns.sascdn.com/diff/js/smart.js
24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ced-ns.sascdn.com/diff/js/smart.js
Protocol
HTTP/1.1
Server
68.232.35.16 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/40E6) /
Resource Hash
e74d4b9c447f963778d2309bf36b2c9acd06d8c7096f9a98b28643cae53f426b

Request headers

Referer
http://urlz.fr/aOyZ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 18 Oct 2019 10:06:53 GMT
Content-Encoding
gzip
Last-Modified
Thu, 05 Sep 2019 12:08:33 GMT
Server
ECS (fcn/40E6)
Cache-Control
max-age=86400
Etag
"1fc11a0f5e30485338c4562812f21662:1567685313"
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
application/x-javascript
X-N
S
Accept-Ranges
bytes
Content-Length
8004

Redirect headers

Location
http://ced-ns.sascdn.com/diff/js/smart.js
Date
Fri, 18 Oct 2019 10:06:53 GMT
Cache-Control
private
Content-Length
158
Content-Type
text/html; charset=utf-8
sync
gum.criteo.com/
Redirect Chain
  • http://gum.criteo.com/sync?c=147&r=2&j=criteoCallback
  • https://gum.criteo.com:80/sync?c=147&r=2&j=criteoCallback
0
0
libJsLP.js
tag.leadplace.fr/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://tag.leadplace.fr/libJsLP.js
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol
HTTP/1.1
Server
145.239.193.51 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
90e6f92e956b0b2b6e655f63d36cd44cef727f54c2b2a175ab5144de14ba2a31

Request headers

Referer
http://urlz.fr/aOyZ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 18 Oct 2019 10:06:53 GMT
Last-Modified
Tue, 27 Nov 2018 14:13:54 GMT
Server
nginx/1.14.2
ETag
"5bfd5122-a72"
X-IPLB-Instance
29922
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
2674
quant.js
edge.quantserve.com/ 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://edge.quantserve.com/quant.js
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol
HTTP/1.1
Server
91.228.74.252 , United Kingdom, ASN27281 (QUANTCAST - Quantcast Corporation, US),
Reverse DNS
Software
QS /
Resource Hash
404a9b0ffbcc813e8ddbb8d8510a24a69c09079282f8083ee94f4adc5d627176

Request headers

Referer
http://urlz.fr/aOyZ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 18 Oct 2019 10:06:53 GMT
Content-Encoding
gzip
Last-Modified
Fri, 18-Oct-2019 10:06:53 GMT
Server
QS
ETag
M0-e2b9884a
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=604800
Connection
keep-alive
Content-Length
5456
Expires
Fri, 25 Oct 2019 10:06:53 GMT
notifyme.js
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/ 		25 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol
HTTP/1.1
Server
13.224.197.208 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-224-197-208.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213

Request headers

Referer
http://urlz.fr/aOyZ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 18 Oct 2019 05:59:00 GMT
Via
1.1 430fc75cac3bdd04869a39405c45fba2.cloudfront.net (CloudFront)
Last-Modified
Mon, 18 Feb 2019 16:54:28 GMT
Server
Apache
Age
99853
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
X-Amz-Cf-Pop
FRA2-C1
Accept-Ranges
bytes
Content-Length
25704
X-Amz-Cf-Id
5eL_bexNUiA9m1IpZcfMw4NhE_Gq2ebX_oYMcDGLxxuMuZMVfasFDw==
prebid.js
ads.themoneytizer.com/moneybid2_31/build/dist/ 		351 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/moneybid2_31/build/dist/prebid.js
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
0d22f9b6f2b7945e7f86a028a8e38ffa8bf63d62b977b01ef4d33135217b1183

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://urlz.fr/aOyZ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 10:06:53 GMT
content-encoding
gzip
last-modified
Thu, 17 Oct 2019 20:30:51 GMT
server
nginx
etag
"33a7b-57c0c-5952117f11681"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
status
200
cache-control
max-age=86400
accept-ranges
bytes
content-length
113444
expires
Sat, 19 Oct 2019 10:06:20 GMT
sdk.js
player.pepsia.com/ 		38 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://player.pepsia.com/sdk.js?d=16dde559450
Requested by
Host: klx.ro
URL: http://klx.ro/O
Protocol
HTTP/1.1
Server
5.179.192.20 Paris, France, ASN34235 (ASPSERVEUR-AS, FR),
Reverse DNS
5-179-192-20.dynamixhost.net
Software
nginx /
Resource Hash
dccff4268cf23b61b45aeb89e063cb102cdf9a862e1c25bd2104aaf135a914d3

Request headers

Referer
http://urlz.fr/aOyZ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 18 Oct 2019 10:06:53 GMT
Last-Modified
Tue, 24 Sep 2019 10:24:44 GMT
Server
nginx
Accept-Ranges
bytes
ETag
"5d89eeec-96b1"
Content-Length
38577
Content-Type
application/javascript
Cookie set /
thepoorlittle.dosuchathing.icu/ Frame 9CD5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://thepoorlittle.dosuchathing.icu/
Requested by
Host: klx.ro
URL: http://klx.ro/O
Protocol
HTTP/1.1
Server
2606:4700:30::6812:2c85 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / PHP/5.4.45
Resource Hash

Request headers

Host
thepoorlittle.dosuchathing.icu
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://urlz.fr/aOyZ
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://urlz.fr/aOyZ

Response headers

Date
Fri, 18 Oct 2019 10:06:53 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d9ea85f2c1979015cc134b64301786fbc1571393213; expires=Sat, 17-Oct-20 10:06:53 GMT; path=/; domain=.dosuchathing.icu; HttpOnly
Vary
Accept-Encoding
X-Powered-By
PHP/5.4.45
CF-Cache-Status
DYNAMIC
Server
cloudflare
CF-RAY
5279b3c09ba08c86-VIE
Content-Encoding
gzip
image.php
www.noowho.com/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.noowho.com/image.php?site=23690713&ref=http://klx.ro/O
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.23.196.203 , France, ASN16276 (OVH, FR),
Reverse DNS
serveur8.wilsoftech.com
Software
Apache/2.4.7 (Ubuntu) / PHP/5.5.9-1ubuntu4.22
Resource Hash
870392eaa248a250b590ed5409f48bb4cfb4cff32f7c61b4dfd6983b3873c626

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://urlz.fr/aOyZ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 18 Oct 2019 10:16:04 GMT
Cache-Control
no-store, no-cache, must-revalidate
Server
Apache/2.4.7 (Ubuntu)
Connection
close
X-Powered-By
PHP/5.5.9-1ubuntu4.22
Content-Length
1481
Content-Type
image/gif
match
c1.adform.net/serving/cookie/
Redirect Chain
  • https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent=
  • https://id5-sync.com/c/12/0/9/1.gif?gdpr=1&gdpr_consent=
  • https://secure.adnxs.com/getuid?https://id5-sync.com/c/12/2/8/2.gif?puid=$UID&gdpr=1&gdpr_consent=
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fid5-sync.com%2Fc%2F12%2F2%2F8%2F2.gif%3Fpuid%3D%24UID%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/12/2/8/2.gif?puid=2976808230168133047&gdpr=1&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F10%2F7%2F3.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D1%26gdpr_consent%3D
0
0
fire.js
s.cpx.to/ 		973 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.cpx.to/fire.js?pid=11528&ref=http%3A%2F%2Fklx.ro%2FO&hn_ver=10&fid=5990f7da-edf4-4a6b-8b1b-578cf0c2e2c1
Requested by
Host: p.cpx.to
URL: http://p.cpx.to/p/11528/px.js?r=195ee
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.169.240 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-246-169-240.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
06c9b400ca838f46d4751681bbad57f847b157dddd9dca40fcfa08f530c80a54
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://urlz.fr/aOyZ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Fri, 18 Oct 2019 10:06:53 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/javascript; charset=UTF-8
Content-Length
973
Expires
Wed, 18 Sep 2019 12:34:47 GMT
rules-p-6Fv0cGNfc_bw8.js
rules.quantcount.com/
Redirect Chain
  • http://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
  • https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
1 KB
966 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20eb:6a00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681

Request headers

Referer
http://urlz.fr/aOyZ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 09:31:17 GMT
content-encoding
gzip
last-modified
Mon, 19 Mar 2018 22:28:36 GMT
server
AmazonS3
age
2142
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
status
200
cache-control
max-age=3600
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
1rK2Xkq-JBidrKtGqnmo6Bc2QWk4ki2tSIB3tVaUfSXEUwWYAqm0ZQ==
via
1.1 42b60ee17f7593fff72ca1cb725d6c9a.cloudfront.net (CloudFront)

Redirect headers

Date
Fri, 18 Oct 2019 10:06:53 GMT
Via
1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
Server
CloudFront
X-Amz-Cf-Pop
FRA2-C1
X-Cache
Redirect from cloudfront
Content-Type
text/html
Location
https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Connection
keep-alive
Content-Length
183
X-Amz-Cf-Id
aWJU43sIbIr9Rc2Liydkh22K6IKNA5oJRmsigZy5hNko8PSG5xTavw==
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.0.0/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Requested by
Host: d2zur9cc2gf1tx.cloudfront.net
URL: http://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://urlz.fr/aOyZ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 09 Oct 2019 09:50:11 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 20 Dec 2016 18:17:03 GMT
Server
sffe
Age
778602
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
30186
X-XSS-Protection
0
Expires
Thu, 08 Oct 2020 09:50:11 GMT
wckr.php
tag.leadplace.fr/ Frame D0D7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://tag.leadplace.fr/wckr.php?nogdpr&id=MTIZ
Requested by
Host: tag.leadplace.fr
URL: http://tag.leadplace.fr/libJsLP.js
Protocol
HTTP/1.1
Server
145.239.193.51 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash

Request headers

Host
tag.leadplace.fr
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://urlz.fr/aOyZ
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://urlz.fr/aOyZ

Response headers

Server
nginx/1.14.2
Date
Fri, 18 Oct 2019 10:06:53 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
X-IPLB-Instance
29922
pixel;r=132076253;labels=Categories.hobbiesandinterests;rf=0;a=p-6Fv0cGNfc_bw8;url=http%3A%2F%2Furlz.fr%2FaOyZ;ref=http%3A%2F%2Fklx.ro%2FO;fpan=1;fpa=P0-80934443-1571393213581;ns=0;ce=1;qjs=1;qv=4c...
pixel.quantserve.com/ 		35 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://pixel.quantserve.com/pixel;r=132076253;labels=Categories.hobbiesandinterests;rf=0;a=p-6Fv0cGNfc_bw8;url=http%3A%2F%2Furlz.fr%2FaOyZ;ref=http%3A%2F%2Fklx.ro%2FO;fpan=1;fpa=P0-80934443-1571393213581;ns=0;ce=1;qjs=1;qv=4c19192-20180628134937;cm=;je=0;sr=1600x1200x24;enc=n;dst=1;et=1571393213581;tzo=-120;ogl=
Protocol
HTTP/1.1
Server
91.228.74.236 , United Kingdom, ASN27281 (QUANTCAST - Quantcast Corporation, US),
Reverse DNS
Software
QS /
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Request headers

Referer
http://urlz.fr/aOyZ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Oct 2019 10:06:53 GMT
Server
QS
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
Cache-Control
private, no-cache, no-store, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
Fri, 04 Aug 1978 12:00:00 GMT
notifyme.php
adtrack.adleadevent.com/ 		0
517 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
Requested by
Host: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.247.83.136 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-247-83-136.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
http://urlz.fr/aOyZ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Pragma
no-cache
Date
Fri, 18 Oct 2019 10:06:53 GMT
Content-Encoding
gzip
Last-Modified
Fri, 18 Oct 2019 10:06:53 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
http://urlz.fr
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
Expires
Sat, 26 Jul 1997 05:00:00 GMT
indexv2.php
player.pepsia.com/V2/ 		43 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://player.pepsia.com/V2/indexv2.php?token=00I4&controls=1&autoplay=1&logo=true&volume=1&api=1&id=0&origin=http://urlz.fr&d=16dde5594d8
Requested by
Host: player.pepsia.com
URL: http://player.pepsia.com/sdk.js?d=16dde559450
Protocol
HTTP/1.1
Server
5.179.192.20 Paris, France, ASN34235 (ASPSERVEUR-AS, FR),
Reverse DNS
5-179-192-20.dynamixhost.net
Software
nginx /
Resource Hash

Request headers

Referer
http://urlz.fr/aOyZ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
http://urlz.fr
Date
Fri, 18 Oct 2019 10:06:53 GMT
Content-Encoding
gzip
Access-Control-Allow-Credentials
true
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
algov2.php
player.pepsia.com/V2/ 		1 KB
790 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://player.pepsia.com/V2/algov2.php?token=00I4&num=9&origin=http://urlz.fr&d=16dde5594d9
Requested by
Host: player.pepsia.com
URL: http://player.pepsia.com/sdk.js?d=16dde559450
Protocol
HTTP/1.1
Server
5.179.192.20 Paris, France, ASN34235 (ASPSERVEUR-AS, FR),
Reverse DNS
5-179-192-20.dynamixhost.net
Software
nginx /
Resource Hash

Request headers

Referer
http://urlz.fr/aOyZ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
http://urlz.fr
Date
Fri, 18 Oct 2019 10:06:53 GMT
Content-Encoding
gzip
Access-Control-Allow-Credentials
true
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
ca.png
s.cpx.to/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=5990f7da-edf4-4a6b-8b1b-578cf0c2e2c1
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm=&dsp=dbm&fid=5990f7da-edf4-4a6b-8b1b-578cf0c2e2c1&google_tc=
  • https://s.cpx.to/ca.png?dsp=dbm&fid=5990f7da-edf4-4a6b-8b1b-578cf0c2e2c1&google_gid=CAESEFZbc_qyjvPnt4zLxwqIQb4&google_cver=1
95 B
804 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/ca.png?dsp=dbm&fid=5990f7da-edf4-4a6b-8b1b-578cf0c2e2c1&google_gid=CAESEFZbc_qyjvPnt4zLxwqIQb4&google_cver=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.169.240 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-246-169-240.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
http://urlz.fr/aOyZ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Fri, 18 Oct 2019 10:06:53 GMT
X-Frame-Options
sameorigin
Content-Type
image/png
Cache-Control
no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
95

Redirect headers

pragma
no-cache
date
Fri, 18 Oct 2019 10:06:53 GMT
server
HTTP server (unknown)
status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://s.cpx.to/ca.png?dsp=dbm&fid=5990f7da-edf4-4a6b-8b1b-578cf0c2e2c1&google_gid=CAESEFZbc_qyjvPnt4zLxwqIQb4&google_cver=1
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
334
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
s.cpx.to/
Redirect Chain
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D5990f7da-edf4-4a6b-8b1b-578cf0c2e2c1
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D5990f7da-edf4-4a6b-8b1b-578cf0c2e2c1
  • https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=3E993386-1A58-4C26-8708-D8D0C1220B52&fid=5990f7da-edf4-4a6b-8b1b-578cf0c2e2c1
95 B
881 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=3E993386-1A58-4C26-8708-D8D0C1220B52&fid=5990f7da-edf4-4a6b-8b1b-578cf0c2e2c1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.169.240 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-246-169-240.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
http://urlz.fr/aOyZ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Fri, 18 Oct 2019 10:06:53 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Content-Length
95
Expires
Fri, 18 Oct 2019 10:06:53 GMT

Redirect headers

Location
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=3E993386-1A58-4C26-8708-D8D0C1220B52&fid=5990f7da-edf4-4a6b-8b1b-578cf0c2e2c1
Date
Fri, 18 Oct 2019 10:06:53 GMT
X-Cnection
close
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Content-Length
448
Content-Type
text/html; charset=iso-8859-1
getuid
ads.avocet.io/
Redirect Chain
  • https://ads.avocet.io/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Davocet%26dsp_uid%3D%7B%7BUUID%7D%7D%26fid%3D5990f7da-edf4-4a6b-8b1b-578cf0c2e2c1
  • https://ads.avocet.io/getuid?bounce=true&url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Davocet%26dsp_uid%3D%7B%7BUUID%7D%7D%26fid%3D5990f7da-edf4-4a6b-8b1b-578cf0c2e2c1
0
0
an_fire
s.cpx.to/
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D11528%26ref%3Dhttp%253A%252F%252Fklx.ro%252FO%26hn_ver%3D10%26fid%3D5990f7da-edf4-4a6b-8b1b-578cf0c...
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.cpx.to%252Fan_fire%253Fapp_nexus_uid%253D%2524UID%2526pid%253D11528%2526ref%253Dhttp%25253A%25252F%25252Fklx.ro%25252FO%2526hn_ver%...
  • https://s.cpx.to/an_fire?app_nexus_uid=2240978956950857081&pid=11528&ref=http%3A%2F%2Fklx.ro%2FO&hn_ver=10&fid=5990f7da-edf4-4a6b-8b1b-578cf0c2e2c1
95 B
865 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/an_fire?app_nexus_uid=2240978956950857081&pid=11528&ref=http%3A%2F%2Fklx.ro%2FO&hn_ver=10&fid=5990f7da-edf4-4a6b-8b1b-578cf0c2e2c1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.169.240 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-246-169-240.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
http://urlz.fr/aOyZ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Fri, 18 Oct 2019 10:06:53 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Content-Length
95
Expires
Fri, 18 Oct 2019 10:06:53 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 18 Oct 2019 10:06:55 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 373.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.45:80
AN-X-Request-Uuid
8995f707-da16-4f5a-9cf1-167e6415b598
Server
nginx/1.13.4
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://s.cpx.to/an_fire?app_nexus_uid=2240978956950857081&pid=11528&ref=http%3A%2F%2Fklx.ro%2FO&hn_ver=10&fid=5990f7da-edf4-4a6b-8b1b-578cf0c2e2c1
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync.gif
dmp.truoptik.com/0362536315099b06/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.truoptik.com/0362536315099b06/sync.gif?cbk=https%3A%2F%2Fs.cpx.to%2Fsync&dsp=TRUOPTIK&fid=5990f7da-edf4-4a6b-8b1b-578cf0c2e2c1&fck=646d70419804c859&cbp=dsp_uid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.92.60 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
/
Resource Hash

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://urlz.fr/aOyZ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
sync
pool.grid-data.bidswitch.net/ 		43 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pool.grid-data.bidswitch.net/sync?pid=42
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.79.124 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-3-122-79-124.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://urlz.fr/aOyZ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 18 Oct 2019 10:06:53 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Content-Length
43
Content-Type
image/gif
Primary Request /
thepoorlittle.dosuchathing.icu/ 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://thepoorlittle.dosuchathing.icu/
Requested by
Host: klx.ro
URL: http://klx.ro/O
Protocol
HTTP/1.1
Server
2606:4700:30::6812:2c85 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / PHP/5.4.45
Resource Hash
280118efe3c69923f7eb3f36196c7ee5e7d73961933afd8f6cab88b82b824541

Request headers

Host
thepoorlittle.dosuchathing.icu
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://urlz.fr/aOyZ
Accept-Encoding
gzip, deflate
Cookie
__cfduid=d9ea85f2c1979015cc134b64301786fbc1571393213
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://urlz.fr/aOyZ

Response headers

Date
Fri, 18 Oct 2019 10:06:53 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-Powered-By
PHP/5.4.45
CF-Cache-Status
DYNAMIC
Server
cloudflare
CF-RAY
5279b3c19bafcbac-VIE
Content-Encoding
gzip
analytics.js
www.google-analytics.com/ Frame 428A 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: klx.ro
URL: http://klx.ro/O
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://urlz.fr/aOyZ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
763
date
Fri, 18 Oct 2019 09:54:10 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17803
expires
Fri, 18 Oct 2019 11:54:10 GMT
all.js
api.dmcdn.net/ Frame 428A 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.dmcdn.net/all.js
Requested by
Host: player.pepsia.com
URL: http://player.pepsia.com/sdk.js?d=16dde559450
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.79.227.76 , Italy, ASN22822 (LLNW - Limelight Networks, Inc., US),
Reverse DNS
https-178-79-227-76.vie.llnw.net
Software
DMS/1.0.42 /
Resource Hash

Request headers

Sec-Fetch-Mode
cors
Referer
http://urlz.fr/aOyZ
Origin
http://urlz.fr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 10:06:53 GMT
content-encoding
gzip
last-modified
Fri, 27 Sep 2019 13:09:39 GMT
server
DMS/1.0.42
age
1802652
etag
"5d8e0a13-72c2"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=43200, s-maxage=3600
accept-ranges
bytes
access-control-allow-origin
*
content-length
9628
expires
Fri, 27 Sep 2019 14:22:41 GMT
S8ZvnPK
hv-contents.adpaths.com/publisher/ Frame 428A 		366 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://hv-contents.adpaths.com/publisher/S8ZvnPK
Requested by
Host: player.pepsia.com
URL: http://player.pepsia.com/sdk.js?d=16dde559450
Protocol
HTTP/1.1
Server
143.204.101.52 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-101-52.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
http://urlz.fr/aOyZ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 18 Oct 2019 10:06:37 GMT
Content-Encoding
gzip
Last-Modified
Fri, 18 Oct 2019 10:04:56 GMT
Server
AmazonS3
Age
17
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript; charset=utf-8
Via
1.1 baaf38f0a0d54e4834bf934fa5189ceb.cloudfront.net (CloudFront)
Connection
keep-alive
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA50-C1
X-Amz-Cf-Id
oLUruf5I_V4fPNN38nTb1aELrNqYRy9w6mBijvuL5UX44ekEzuQ_qQ==
glyphicons-halflings-regular.woff2
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/fonts/ Frame 428A 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/fonts/glyphicons-halflings-regular.woff2
Requested by
Host: player.pepsia.com
URL: http://player.pepsia.com/sdk.js?d=16dde559450
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
/
Resource Hash

Request headers

Sec-Fetch-Mode
cors
Referer
http://urlz.fr/aOyZ
Origin
http://urlz.fr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 10:06:53 GMT
content-encoding
gzip
last-modified
Wed, 12 Dec 2018 18:36:18 GMT
status
200
etag
"1544639778"
vary
Accept-Encoding
x-cache
HIT
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-hello-human
Say hello back! @getBootstrapCDN on Twitter
accept-ranges
bytes
timing-allow-origin
*
content-length
18056
truncated
/ Frame 428A 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
http://urlz.fr/aOyZ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/gif
favicon.ico
thepoorlittle.dosuchathing.icu/ Frame 428A 		2 KB
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://thepoorlittle.dosuchathing.icu/favicon.ico
Requested by
Host: urlz.fr
URL: http://urlz.fr/aOyZ
Protocol
HTTP/1.1
Server
2606:4700:30::6812:2c85 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
http://urlz.fr/aOyZ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 18 Oct 2019 10:06:53 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Mon, 14 Oct 2019 00:37:29 GMT
Server
cloudflare
Age
17
ETag
W/"2da7b2c-6f6-594d41299e27c"
Vary
Accept-Encoding
Content-Type
image/x-icon
Cache-Control
public, max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
5279b3c1a930cba0-VIE
Expires
Fri, 18 Oct 2019 14:06:53 GMT
sdk.js
www.adwstats.com/ Frame 428A 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.adwstats.com/sdk.js
Requested by
Host: hv-contents.adpaths.com
URL: http://hv-contents.adpaths.com/publisher/S8ZvnPK
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.196.110 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-224-196-110.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://urlz.fr/aOyZ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 09:43:07 GMT
content-encoding
gzip
last-modified
Mon, 29 Jul 2019 10:07:08 GMT
server
AmazonS3
age
1768
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
pprPWuqZ8JTLhZr4tCjAPK3kFR9YERvPge180ce8kwTb5kKaR-yE3A==
via
1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
embed
www.dailymotion.com/ Frame 4E47 		0
0
generic.pixel
www.adwstats.com/ Frame 428A 		0
0
stylesheet.css
thepoorlittle.dosuchathing.icu/assets/fonts/ 		2 KB
745 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://thepoorlittle.dosuchathing.icu/assets/fonts/stylesheet.css
Requested by
Host: thepoorlittle.dosuchathing.icu
URL: http://thepoorlittle.dosuchathing.icu/
Protocol
HTTP/1.1
Server
2606:4700:30::6812:2c85 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3180e0ff1b4b9952346313a1454671e2fac765df14a957b7b920e4cdcbe8d01

Request headers

Referer
http://thepoorlittle.dosuchathing.icu/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 18 Oct 2019 10:06:53 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Mon, 14 Oct 2019 00:37:36 GMT
Server
cloudflare
Age
18
ETag
W/"2da7b46-739-594d41303db64"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public, max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
5279b3c24d3bcbac-VIE
Expires
Fri, 18 Oct 2019 14:06:53 GMT
topcoat-desktop-light.css
thepoorlittle.dosuchathing.icu/assets/css/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://thepoorlittle.dosuchathing.icu/assets/css/topcoat-desktop-light.css
Requested by
Host: thepoorlittle.dosuchathing.icu
URL: http://thepoorlittle.dosuchathing.icu/
Protocol
HTTP/1.1
Server
2606:4700:30::6812:2c85 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / PHP/5.4.45
Resource Hash

Request headers

Referer
http://thepoorlittle.dosuchathing.icu/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 18 Oct 2019 10:06:53 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Server
cloudflare
Age
18
X-Powered-By
PHP/5.4.45
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
5279b3c24ab0cba0-VIE
Expires
Fri, 18 Oct 2019 14:06:53 GMT
main.css
thepoorlittle.dosuchathing.icu/assets/css/ 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://thepoorlittle.dosuchathing.icu/assets/css/main.css
Requested by
Host: thepoorlittle.dosuchathing.icu
URL: http://thepoorlittle.dosuchathing.icu/
Protocol
HTTP/1.1
Server
2606:4700:30::6812:2c85 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eebd17d33320251e7ef3277912e4352953b39e189f552dc5aa2ea2ba7251d3c

Request headers

Referer
http://thepoorlittle.dosuchathing.icu/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 18 Oct 2019 10:06:53 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Mon, 14 Oct 2019 00:37:37 GMT
Server
cloudflare
Age
18
ETag
W/"2da7b4a-299d-594d4130b22ad"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public, max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
5279b3c24805cbc4-VIE
Expires
Fri, 18 Oct 2019 14:06:53 GMT
brackets.css
thepoorlittle.dosuchathing.icu/assets/css/ 		959 B
879 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://thepoorlittle.dosuchathing.icu/assets/css/brackets.css
Requested by
Host: thepoorlittle.dosuchathing.icu
URL: http://thepoorlittle.dosuchathing.icu/
Protocol
HTTP/1.1
Server
2606:4700:30::6812:2c85 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ff2308d079ad449c45e915df69d4bdf50ebe91acfc2dcb5d1cc89a58b02d1fc

Request headers

Referer
http://thepoorlittle.dosuchathing.icu/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 18 Oct 2019 10:06:53 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Mon, 14 Oct 2019 00:37:36 GMT
Server
cloudflare
Age
18
ETag
W/"2da7b48-3bf-594d41308732c"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public, max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
5279b3c24eb85946-VIE
Expires
Fri, 18 Oct 2019 14:06:53 GMT
rainbow-custom.min.js
thepoorlittle.dosuchathing.icu/assets/js/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://thepoorlittle.dosuchathing.icu/assets/js/rainbow-custom.min.js
Requested by
Host: thepoorlittle.dosuchathing.icu
URL: http://thepoorlittle.dosuchathing.icu/
Protocol
HTTP/1.1
Server
2606:4700:30::6812:2c85 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd4af48e89ab712b2314a0cfd13c30c10920d96654ac69140d3298f933e5e67a

Request headers

Referer
http://thepoorlittle.dosuchathing.icu/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 18 Oct 2019 10:06:53 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Mon, 14 Oct 2019 00:37:34 GMT
Server
cloudflare
Age
18
ETag
W/"2da7b32-14b0-594d412dec34c"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
public, max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
5279b3c2589fcbb4-VIE
Expires
Fri, 18 Oct 2019 14:06:53 GMT
main.js
thepoorlittle.dosuchathing.icu/assets/js/ 		1 KB
1003 B 		Script
General
Check archive.org
Download Go to
Full URL
http://thepoorlittle.dosuchathing.icu/assets/js/main.js
Requested by
Host: thepoorlittle.dosuchathing.icu
URL: http://thepoorlittle.dosuchathing.icu/
Protocol
HTTP/1.1
Server
2606:4700:30::6812:2c85 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7377f892fa8a0f807ca2b7a74e124ca0bf46c5b7684584b1d1dfd5a6fff1cba

Request headers

Referer
http://thepoorlittle.dosuchathing.icu/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 18 Oct 2019 10:06:53 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Mon, 14 Oct 2019 00:37:34 GMT
Server
cloudflare
Age
18
ETag
W/"2da7b33-578-594d412de9854"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
public, max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
5279b3c25e7a596a-VIE
Expires
Fri, 18 Oct 2019 14:06:53 GMT
sourcesanspro-semibold-webfont.woff
thepoorlittle.dosuchathing.icu/assets/fonts/ 		26 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://thepoorlittle.dosuchathing.icu/assets/fonts/sourcesanspro-semibold-webfont.woff
Requested by
Host: thepoorlittle.dosuchathing.icu
URL: http://thepoorlittle.dosuchathing.icu/
Protocol
HTTP/1.1
Server
2606:4700:30::6812:2c85 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8fd80be8cba8e0a3b2a98176fa17245e206892cc519bc7af24b184ac4b55679

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://thepoorlittle.dosuchathing.icu/assets/fonts/stylesheet.css
Origin
http://thepoorlittle.dosuchathing.icu

Response headers

Date
Fri, 18 Oct 2019 10:06:53 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Mon, 14 Oct 2019 00:37:35 GMT
Server
cloudflare
Age
17
ETag
W/"2da7b3f-69a8-594d412f71dac"
Vary
Accept-Encoding
Content-Type
text/plain; charset=UTF-8
Cache-Control
public, max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
5279b3c2684ccbc4-VIE
Expires
Fri, 18 Oct 2019 14:06:53 GMT
sourcesanspro-regular-webfont.woff
thepoorlittle.dosuchathing.icu/assets/fonts/ 		26 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://thepoorlittle.dosuchathing.icu/assets/fonts/sourcesanspro-regular-webfont.woff
Requested by
Host: thepoorlittle.dosuchathing.icu
URL: http://thepoorlittle.dosuchathing.icu/
Protocol
HTTP/1.1
Server
2606:4700:30::6812:2c85 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
51835701aa9a660187ded8a734113284ae7d1f0943e90753b8ccf35fda4faa55

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://thepoorlittle.dosuchathing.icu/assets/fonts/stylesheet.css
Origin
http://thepoorlittle.dosuchathing.icu

Response headers

Date
Fri, 18 Oct 2019 10:06:53 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Mon, 14 Oct 2019 00:37:36 GMT
Server
cloudflare
Age
17
ETag
W/"2da7b43-69c4-594d412ff0134"
Vary
Accept-Encoding
Content-Type
text/plain; charset=UTF-8
Cache-Control
public, max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
5279b3c26ec55946-VIE
Expires
Fri, 18 Oct 2019 14:06:53 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
gum.criteo.com
URL
https://gum.criteo.com:80/sync?c=147&r=2&j=criteoCallback
Domain
c1.adform.net
URL
https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F10%2F7%2F3.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D1%26gdpr_consent%3D
Domain
ads.avocet.io
URL
https://ads.avocet.io/getuid?bounce=true&url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Davocet%26dsp_uid%3D%7B%7BUUID%7D%7D%26fid%3D5990f7da-edf4-4a6b-8b1b-578cf0c2e2c1
Domain
www.dailymotion.com
URL
http://www.dailymotion.com/embed?api=postMessage&autoplay-mute=true&autoplay=true&controls=false&endscreen-enable=false&id=player_screen_video&mute=true&origin=http%3A%2F%2Furlz.fr&sharing-enable=false&syndication=273739&ui-logo=false&ui-start-screen-info=false
Domain
www.adwstats.com
URL
https://www.adwstats.com/generic.pixel?record_interface=generic&send_tracker_init=false&creative_format=N0YY9hj&creative_id=S8ZvnPK&random_number=0.7253115667965049&client_start_timestamp=1571393213772&client_session_id=8ef3a722-a6fb-4322-9923-ffb2bc228d53&event_type=state&event_name=impression&client_date_utc=2019-10-18%2010%3A06%3A53&client_date_utc_offset=%2B02%3A00&client_cache_buster=1f883bb8-09dc-41db-ad2b-bb8f9ad1d1e1&client_screen_width=1600&client_screen_height=1200&client_window_width=0&client_window_height=40&client_charset=UTF-8&client_time_elapsed=0&x_domain=

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| Rainbow

1 Cookies

Domain/Path Name / Value
.dosuchathing.icu/ Name: __cfduid
Value: d9ea85f2c1979015cc134b64301786fbc1571393213

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.avocet.io
ads.themoneytizer.com
adtrack.adleadevent.com
ajax.cloudflare.com
ajax.googleapis.com
api.dmcdn.net
bogdantudose.com
c1.adform.net
cdnjs.cloudflare.com
ced-ns.sascdn.com
cm.g.doubleclick.net
d2zur9cc2gf1tx.cloudfront.net
dmp.truoptik.com
edge.quantserve.com
g.tmyzer.com
gum.criteo.com
hv-contents.adpaths.com
image2.pubmatic.com
klx.ro
maxcdn.bootstrapcdn.com
p.cpx.to
pixel.quantserve.com
player.pepsia.com
pool.grid-data.bidswitch.net
rules.quantcount.com
s.cpx.to
secure.adnxs.com
tag.contextweb.com
tag.leadplace.fr
thepoorlittle.dosuchathing.icu
urlz.fr
ww1097.smartadserver.com
www.adwstats.com
www.dailymotion.com
www.google-analytics.com
www.noowho.com
ads.avocet.io
c1.adform.net
gum.criteo.com
www.adwstats.com
www.dailymotion.com
104.16.92.60
13.224.196.110
13.224.197.208
13.225.78.4
143.204.101.52
145.239.193.145
145.239.193.51
151.139.241.23
172.217.18.162
178.79.227.76
185.33.223.100
185.64.189.110
185.86.137.17
188.215.2.122
2001:4de0:ac19::1:b:1b
2600:9000:20eb:6a00:6:44e3:f8c0:93a1
2606:4700:30::6812:2c85
2606:4700:31::681f:ab2
2606:4700::6813:c397
2a00:1450:4001:815::200e
2a00:1450:4001:81a::200a
3.122.79.124
34.246.169.240
5.179.192.20
54.247.83.136
68.232.35.16
74.214.194.132
91.228.74.236
91.228.74.252
94.23.196.203
06c9b400ca838f46d4751681bbad57f847b157dddd9dca40fcfa08f530c80a54
0d22f9b6f2b7945e7f86a028a8e38ffa8bf63d62b977b01ef4d33135217b1183
0da7fc1ae23678b2872653962d147fcd1cbd0a5a9c8f84d44ae99bc581fd9062
0ff2308d079ad449c45e915df69d4bdf50ebe91acfc2dcb5d1cc89a58b02d1fc
186a97c6e86dfe00138bf544cd9dd76c93fd6c78e1605d5c3d87744ea3f7b98b
190fc02d8e8f1dd5acc40f48d0d6203e6115eb31e3f47f55db0c3f07797d68f0
2092ebd1f047497d83275b8d386fa1e6085a691004ed65c7810c332551393109
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
280118efe3c69923f7eb3f36196c7ee5e7d73961933afd8f6cab88b82b824541
29f6ef13daa8d8813f043b0a368762a7b950ffb195cea4d01f46d334fb6fcb27
2c0b1cf6965cedd6fdc86718ff298f16a50ad29397c68cb6b4de5c0954f98728
2eebd17d33320251e7ef3277912e4352953b39e189f552dc5aa2ea2ba7251d3c
404a9b0ffbcc813e8ddbb8d8510a24a69c09079282f8083ee94f4adc5d627176
46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
51835701aa9a660187ded8a734113284ae7d1f0943e90753b8ccf35fda4faa55
759d88dd7c8fa0d1e31323bd2ebf3f238156fdcbd1ed108215f69fece482d0c2
7665c874bc98e44bd494def2883069f2f4c14cdef48d52d517cbbfce75440f37
7ebb1042972496d60bb6555b9622f7e23201bbfe5d25b33d1096f1b61d659045
870392eaa248a250b590ed5409f48bb4cfb4cff32f7c61b4dfd6983b3873c626
8c8543047af01eee8aec752d049f35aff3abc468628af82f9585117411786d8c
8d7e31ba767478940e739fbdf52fcdf4746a8a81ffd4bf112e10309078d649d7
8f32680cfb742e5616c0ec4aa2e37372cf953b45eab0e15403bc505e16ebf0d6
90e6f92e956b0b2b6e655f63d36cd44cef727f54c2b2a175ab5144de14ba2a31
94666aec361fee9a9294bb32a5bc11867e479d41c199dd6ec8053122ae105a4b
9dae62151120e18b465ffc5c8e9e342ecc28a6efe1a0d71c9766d677a5ddc389
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a3180e0ff1b4b9952346313a1454671e2fac765df14a957b7b920e4cdcbe8d01
a52742c7e9faa09dbf18fa18f80f74615e3bbcd790026bc32cb426f81da55381
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213
b7377f892fa8a0f807ca2b7a74e124ca0bf46c5b7684584b1d1dfd5a6fff1cba
bf0e17523e8f57ccb02223b6e5adea462a5479afc4e79d9cbf80ca7f6186dc69
d07c2f705dd53327a61a765873c4cc30ae9f7cb0c6d7dc04b53eaa29de1aadf3
d611c68aa02e4cee400a1e6a34bb27628d53a5329a3b249ff6c022799071f535
dccff4268cf23b61b45aeb89e063cb102cdf9a862e1c25bd2104aaf135a914d3
dd4af48e89ab712b2314a0cfd13c30c10920d96654ac69140d3298f933e5e67a
e74d4b9c447f963778d2309bf36b2c9acd06d8c7096f9a98b28643cae53f426b
f8fd80be8cba8e0a3b2a98176fa17245e206892cc519bc7af24b184ac4b55679