urlscan.io logo urlscan.io
SecurityTrails logo

u515272l2h.ha003.t.justns.ru Open in urlscan Pro
2a00:b700::1c  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://u515392l2z.ha003.t.justns.ru/anes.php
Effective URL: http://u515272l2h.ha003.t.justns.ru/arub/
Submission: On November 12 via manual from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 32 IPs in 10 countries across 34 domains to perform 105 HTTP transactions. The main IP is 2a00:b700::1c, located in Russian Federation and belongs to ASBAXET, RU. The main domain is u515272l2h.ha003.t.justns.ru.
This is the only time u515272l2h.ha003.t.justns.ru was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Aruba (Online)

Domain & IP information

IP Address AS Autonomous System
4 2a00:b700::29 51659 (ASBAXET)
2 4 2606:4700:31:... 13335 (CLOUDFLAR...)
2 2606:4700:300... 13335 (CLOUDFLAR...)
10 151.139.241.23 33438 (HIGHWINDS2)
2 145.239.193.145 16276 (OVH)
3 51.89.9.253 16276 (OVH)
2 74.214.194.132 59940 (PULSEPOIN...)
2 143.204.101.85 16509 (AMAZON-02)
2 2 185.86.137.17 201081 (SMARTADSE...)
2 68.232.35.16 15133 (EDGECAST)
4 145.239.193.51 16276 (OVH)
2 91.228.74.248 27281 (QUANTCAST)
2 13.224.197.103 16509 (AMAZON-02)
5 5.179.192.20 34235 (ASPSERVEU...)
2 94.23.196.203 16276 (OVH)
7 54.154.104.74 16509 (AMAZON-02)
2 2 2600:9000:215... 16509 (AMAZON-02)
2 2600:9000:20e... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:30:... 13335 (CLOUDFLAR...)
1 37.252.173.27 29990 (ASN-APPNEXUS)
1 69.173.144.141 26667 (RUBICONPR...)
1 2.18.234.233 16625 (AKAMAI-AS)
1 2 52.29.14.143 16509 (AMAZON-02)
2 91.228.74.135 27281 (QUANTCAST)
2 2600:9000:215... 16509 (AMAZON-02)
3 11 2a00:b700::1c 51659 (ASBAXET)
1 1 178.250.0.157 44788 (ASN-CRITE...)
1 2a02:2638::1c 44788 (ASN-CRITE...)
1 54.228.240.24 16509 (AMAZON-02)
1 1 185.33.223.204 29990 (ASN-APPNEXUS)
1 104.16.92.60 13335 (CLOUDFLAR...)
2 2 52.214.122.164 16509 (AMAZON-02)
1 1 172.217.21.194 15169 (GOOGLE)
1 1 185.64.189.110 62713 (AS-PUBMATIC)
1 1 18.185.45.212 16509 (AMAZON-02)
12 62.149.188.175 31034 (ARUBA-ASN)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
105 32
4    2a00:b700::29 (Russian Federation)

ASN51659 (ASBAXET, RU)
u515392l2z.ha003.t.justns.ru
u515372l2w.ha003.t.justns.ru
4    2606:4700:31::681f:bb2 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
urlz.fr
2    2606:4700:300a::6813:c397 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
ajax.cloudflare.com
10    151.139.241.23 (Dallas, United States)

ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US)
ads.themoneytizer.com
2    145.239.193.145 (France)

ASN16276 (OVH, FR)
g.themoneytizer.net
3    51.89.9.253 (Germany)

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu
onetag-sys.com
2    74.214.194.132 (Amsterdam, Netherlands)

ASN59940 (PULSEPOINT-EU, NL)
tag.contextweb.com
2    143.204.101.85 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-101-85.fra50.r.cloudfront.net
p.cpx.to
2    185.86.137.17 (France)

ASN201081 (SMARTADSERVER, FR)
ww1097.smartadserver.com
2    68.232.35.16 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
ced-ns.sascdn.com
4    145.239.193.51 (France)

ASN16276 (OVH, FR)
tag.leadplace.fr
2    91.228.74.248 (United Kingdom)

ASN27281 (QUANTCAST - Quantcast Corporation, US)
edge.quantserve.com
2    13.224.197.103 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-224-197-103.fra2.r.cloudfront.net
d2zur9cc2gf1tx.cloudfront.net
5    5.179.192.20 (Paris, France)

ASN34235 (ASPSERVEUR-AS, FR)
PTR: 5-179-192-20.dynamixhost.net
player.pepsia.com
2    94.23.196.203 (France)

ASN16276 (OVH, FR)
PTR: serveur8.wilsoftech.com
www.noowho.com
7    54.154.104.74 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-154-104-74.eu-west-1.compute.amazonaws.com
s.cpx.to
2    2600:9000:2156:dc00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
rules.quantcount.com
2    2600:9000:20eb:7e00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
rules.quantcount.com
2    2a00:1450:4001:817::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
ajax.googleapis.com
1    2606:4700:30::681c:102a (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
script.4dex.io
1    37.252.173.27 (Ascension Island)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
1    69.173.144.141 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)
fastlane.rubiconproject.com
1    2.18.234.233 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-234-233.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
2    52.29.14.143 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-29-14-143.eu-central-1.compute.amazonaws.com
ice.360yield.com
2    91.228.74.135 (United Kingdom)

ASN27281 (QUANTCAST - Quantcast Corporation, US)
pixel.quantserve.com
2    2600:9000:2156:ee00:c:a9b7:ddc0:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
c.sharethis.mgr.consensu.org
11    2a00:b700::1c (Russian Federation)

ASN51659 (ASBAXET, RU)
u515272l2h.ha003.t.justns.ru
1    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    54.228.240.24 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-228-240-24.eu-west-1.compute.amazonaws.com
adtrack.adleadevent.com
1    185.33.223.204 (Netherlands)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 319.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com
1    104.16.92.60 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
dmp.truoptik.com
2    52.214.122.164 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-214-122-164.eu-west-1.compute.amazonaws.com
ads.avocet.io
1    172.217.21.194 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s12-in-f2.1e100.net
cm.g.doubleclick.net
1    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC - PubMatic, Inc., US)
image2.pubmatic.com
1    18.185.45.212 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-185-45-212.eu-central-1.compute.amazonaws.com
pool.grid-data.bidswitch.net
12    62.149.188.175 (Arezzo, Italy)

ASN31034 (ARUBA-ASN, IT)
managehosting.aruba.it
2    2a00:1450:4001:820::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
2    2a00:1450:4001:821::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
15 justns.ru
u515392l2z.ha003.t.justns.ru
u515372l2w.ha003.t.justns.ru
u515272l2h.ha003.t.justns.ru
9 KB
12 aruba.it
managehosting.aruba.it
109 KB
10 themoneytizer.com
ads.themoneytizer.com
193 KB
9 cpx.to
p.cpx.to
s.cpx.to
11 KB
5 pepsia.com
player.pepsia.com
80 KB
4 googleapis.com
ajax.googleapis.com
fonts.googleapis.com
61 KB
4 quantcount.com
rules.quantcount.com
3 KB
4 quantserve.com
edge.quantserve.com
pixel.quantserve.com
12 KB
4 leadplace.fr
tag.leadplace.fr
6 KB
4 urlz.fr
urlz.fr
3 KB
3 onetag-sys.com
onetag-sys.com
508 B
2 gstatic.com
fonts.gstatic.com
28 KB
2 avocet.io
ads.avocet.io Failed
1 KB
2 consensu.org
c.sharethis.mgr.consensu.org
808 B
2 360yield.com
ice.360yield.com
3 KB
2 adnxs.com
ib.adnxs.com
secure.adnxs.com
2 KB
2 noowho.com
www.noowho.com
3 KB
2 cloudfront.net
d2zur9cc2gf1tx.cloudfront.net
51 KB
2 criteo.com
gum.criteo.com Failed
497 B
2 sascdn.com
ced-ns.sascdn.com
16 KB
2 smartadserver.com
ww1097.smartadserver.com
394 B
2 contextweb.com
tag.contextweb.com
23 KB
2 themoneytizer.net
g.themoneytizer.net
400 B
2 cloudflare.com
ajax.cloudflare.com
8 KB
1 bidswitch.net
pool.grid-data.bidswitch.net
338 B
1 pubmatic.com
image2.pubmatic.com
359 B
1 doubleclick.net
cm.g.doubleclick.net
152 B
1 truoptik.com
dmp.truoptik.com Failed
1 adleadevent.com
adtrack.adleadevent.com Failed
517 B
1 stickyadstv.com
ads.stickyadstv.com
732 B
1 rubiconproject.com
fastlane.rubiconproject.com
3 KB
1 4dex.io
script.4dex.io
923 B
0 id5-sync.com Failed
id5-sync.com Failed
0 adform.net Failed
c1.adform.net Failed
105 34
Domain Requested by
12 managehosting.aruba.it u515272l2h.ha003.t.justns.ru
11 u515272l2h.ha003.t.justns.ru 3 redirects urlz.fr
u515392l2z.ha003.t.justns.ru
u515272l2h.ha003.t.justns.ru
10 ads.themoneytizer.com ajax.cloudflare.com
ads.themoneytizer.com
7 s.cpx.to p.cpx.to
5 player.pepsia.com u515392l2z.ha003.t.justns.ru
player.pepsia.com
4 rules.quantcount.com 2 redirects
4 tag.leadplace.fr ads.themoneytizer.com
tag.leadplace.fr
4 urlz.fr 2 redirects
3 onetag-sys.com ads.themoneytizer.com
3 u515372l2w.ha003.t.justns.ru urlz.fr
u515392l2z.ha003.t.justns.ru
2 fonts.gstatic.com u515272l2h.ha003.t.justns.ru
2 fonts.googleapis.com u515272l2h.ha003.t.justns.ru
2 ads.avocet.io
2 c.sharethis.mgr.consensu.org player.pepsia.com
2 pixel.quantserve.com
2 ice.360yield.com 1 redirects
2 ajax.googleapis.com d2zur9cc2gf1tx.cloudfront.net
2 www.noowho.com
2 d2zur9cc2gf1tx.cloudfront.net ads.themoneytizer.com
2 edge.quantserve.com ads.themoneytizer.com
2 gum.criteo.com ads.themoneytizer.com
2 ced-ns.sascdn.com
2 ww1097.smartadserver.com 2 redirects
2 p.cpx.to ads.themoneytizer.com
2 tag.contextweb.com ads.themoneytizer.com
2 g.themoneytizer.net ads.themoneytizer.com
2 ajax.cloudflare.com urlz.fr
1 pool.grid-data.bidswitch.net 1 redirects
1 image2.pubmatic.com 1 redirects
1 cm.g.doubleclick.net 1 redirects
1 secure.adnxs.com 1 redirects
1 dmp.truoptik.com
1 adtrack.adleadevent.com ajax.googleapis.com
1 ads.stickyadstv.com ads.themoneytizer.com
1 fastlane.rubiconproject.com ads.themoneytizer.com
1 ib.adnxs.com ads.themoneytizer.com
1 script.4dex.io ads.themoneytizer.com
script.4dex.io
1 u515392l2z.ha003.t.justns.ru
0 id5-sync.com Failed
0 c1.adform.net Failed
105 40
Subject Issuer Validity Valid
ssl412106.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-08-10 -
2020-02-16		 6 months crt.sh
*.themoneytizer.com
Sectigo RSA Domain Validation Secure Server CA		 2019-02-15 -
2021-02-14		 2 years crt.sh
onetag-sys.com
Let's Encrypt Authority X3		 2019-10-10 -
2020-01-08		 3 months crt.sh
www.noowho.com
Gandi Standard SSL CA 2		 2017-02-07 -
2020-02-07		 3 years crt.sh
s.cpx.to
COMODO RSA Domain Validation Secure Server CA		 2015-02-10 -
2020-02-09		 5 years crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2019-10-04 -
2020-10-07		 a year crt.sh
*.360yield.com
Amazon		 2019-09-24 -
2020-10-24		 a year crt.sh
*.sharethis.mgr.consensu.org
Go Daddy Secure Certificate Authority - G2		 2018-05-21 -
2020-05-21		 2 years crt.sh
*.criteo.com
DigiCert ECC Secure Server CA		 2019-03-28 -
2020-04-01		 a year crt.sh
adtrack.adleadevent.com
Amazon		 2019-06-30 -
2020-07-30		 a year crt.sh
*.truoptik.com
Go Daddy Secure Certificate Authority - G2		 2018-11-13 -
2020-11-13		 2 years crt.sh
managehosting.aruba.it
Actalis Extended Validation Server CA G2		 2019-03-21 -
2021-03-21		 2 years crt.sh
*.googleapis.com
GTS CA 1O1		 2019-10-16 -
2020-01-08		 3 months crt.sh
*.google.com
GTS CA 1O1		 2019-10-16 -
2020-01-08		 3 months crt.sh

This page contains 9 frames:

Primary Page: http://u515272l2h.ha003.t.justns.ru/arub/
Frame ID: CA1B8DDDD0497CD399B87E67064AB5FA
Requests: 97 HTTP requests in this frame

Frame: http://u515372l2w.ha003.t.justns.ru/aru.php
Frame ID: 23A628FC5AC30A969CADA1C2F0E6C02D
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1573545756717
Frame ID: 1114168086C916A385898EC3570525DD
Requests: 1 HTTP requests in this frame

Frame: http://u515372l2w.ha003.t.justns.ru/aru.php
Frame ID: B32DB8AAC1B3F1D634B976C90EADBB07
Requests: 1 HTTP requests in this frame

Frame: http://tag.leadplace.fr/wckr.php?nogdpr&id=MTIZ
Frame ID: 4E014BCFF35B7839978FE87A418D26FE
Requests: 1 HTTP requests in this frame

Frame: http://u515272l2h.ha003.t.justns.ru/arub/
Frame ID: 1DD4BC8BC68B586B551247D97705D5C1
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1573545758110
Frame ID: 5ADB407509A47CD6F6880E498FB71796
Requests: 1 HTTP requests in this frame

Frame: http://u515272l2h.ha003.t.justns.ru/arub/
Frame ID: 56B9ABFD44DEF692F8DA4DC379FC3812
Requests: 1 HTTP requests in this frame

Frame: http://tag.leadplace.fr/wckr.php?nogdpr&id=MTIZ
Frame ID: 013962B3FA0E0967A5973F616EFAAEC6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://u515392l2z.ha003.t.justns.ru/anes.php Page URL
  2. https://urlz.fr/b25q HTTP 301
    http://urlz.fr/b25q Page URL
  3. http://u515372l2w.ha003.t.justns.ru/aru.php Page URL
  4. https://urlz.fr/b25j HTTP 301
    http://urlz.fr/b25j Page URL
  5. http://u515272l2h.ha003.t.justns.ru/arub HTTP 301
    http://u515272l2h.ha003.t.justns.ru/arub/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • headers server /^LiteSpeed$/i

Page Statistics

105
Requests

42 %
HTTPS

31 %
IPv6

34
Domains

40
Subdomains

32
IPs

10
Countries

623 kB
Transfer

1362 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://u515392l2z.ha003.t.justns.ru/anes.php Page URL
  2. https://urlz.fr/b25q HTTP 301
    http://urlz.fr/b25q Page URL
  3. http://u515372l2w.ha003.t.justns.ru/aru.php Page URL
  4. https://urlz.fr/b25j HTTP 301
    http://urlz.fr/b25j Page URL
  5. http://u515272l2h.ha003.t.justns.ru/arub HTTP 301
    http://u515272l2h.ha003.t.justns.ru/arub/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://urlz.fr/b25q HTTP 301
  • http://urlz.fr/b25q
Request Chain 12
  • http://ww1097.smartadserver.com/config.js?nwid=1097 HTTP 302
  • http://ced-ns.sascdn.com/diff/js/smart.js
Request Chain 21
  • https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/12/0/9/1.gif?gdpr=1&gdpr_consent= HTTP 302
  • https://secure.adnxs.com/getuid?https://id5-sync.com/c/12/2/8/2.gif?puid=$UID&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/12/2/8/2.gif?puid=4431029072485742255&gdpr=1&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F10%2F7%2F3.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D1%26gdpr_consent%3D
Request Chain 23
  • http://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js HTTP 301
  • https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Request Chain 32
  • https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2216f9721b5570f17%22%2C%22version%22%3A%225.2.0-JS-6.2.0%22%2C%22referrer%22%3A%22http%3A%2F%2Furlz.fr%2Fb25q%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2212aa89a602a5cbd%22%2C%22pid%22%3A%221121191%22%2C%22tid%22%3A%22d6d36354-7c3a-411e-82c7-ad4f0f0c8c42%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%5D%7D%7D%5D%7D%7D HTTP 302
  • https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2216f9721b5570f17%22%2C%22version%22%3A%225.2.0-JS-6.2.0%22%2C%22referrer%22%3A%22http%3A%2F%2Furlz.fr%2Fb25q%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2212aa89a602a5cbd%22%2C%22pid%22%3A%221121191%22%2C%22tid%22%3A%22d6d36354-7c3a-411e-82c7-ad4f0f0c8c42%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%5D%7D%7D%5D%7D%7D
Request Chain 43
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D135aa25c-e29f-4169-81d4-654b89909901 HTTP 302
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D135aa25c-e29f-4169-81d4-654b89909901 HTTP 302
  • https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=5FDCD0E7-0AB7-4EC7-85D6-B88C70CEE6F0&fid=135aa25c-e29f-4169-81d4-654b89909901
Request Chain 44
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D11528%26ref%3Dhttp%253A%252F%252Fu515392l2z.ha003.t.justns.ru%252Fanes.php%26hn_ver%3D10%26fid%3D135aa25c-e29f-4169-81d4-654b89909901 HTTP 302
  • https://s.cpx.to/an_fire?app_nexus_uid=4431029072485742255&pid=11528&ref=http%3A%2F%2Fu515392l2z.ha003.t.justns.ru%2Fanes.php&hn_ver=10&fid=135aa25c-e29f-4169-81d4-654b89909901
Request Chain 45
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=135aa25c-e29f-4169-81d4-654b89909901 HTTP 302
  • https://s.cpx.to/ca.png?dsp=dbm&fid=135aa25c-e29f-4169-81d4-654b89909901&google_gid=CAESEN3rT5rRS9PW4wDifkmjNgw&google_cver=1
Request Chain 46
  • https://pool.grid-data.bidswitch.net/sync?pid=42 HTTP 302
  • https://s.cpx.to/sync?dsp_uid=0ad07534-aa9b-4a66-b1b1-6c544eeb124f&dsp=BIDSWITCH
Request Chain 47
  • https://urlz.fr/b25j HTTP 301
  • http://urlz.fr/b25j
Request Chain 49
  • http://u515272l2h.ha003.t.justns.ru/arub HTTP 301
  • http://u515272l2h.ha003.t.justns.ru/arub/
Request Chain 58
  • http://ww1097.smartadserver.com/config.js?nwid=1097 HTTP 302
  • http://ced-ns.sascdn.com/diff/js/smart.js
Request Chain 59
  • http://gum.criteo.com/sync?c=147&r=2&j=criteoCallback HTTP 302
  • https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback
Request Chain 65
  • http://u515272l2h.ha003.t.justns.ru/arub HTTP 301
  • http://u515272l2h.ha003.t.justns.ru/arub/
Request Chain 67
  • https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F10%2F8%2F2.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/12/10/8/2.gif?puid=227510010369083964&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/12/19/7/3.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/12/19/7/3.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/12/19/7/3.gif?puid=8bbffb71375cd95e22cb83234b530e93&gdpr=1&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F6%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F6%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/12/101/6/4.gif?puid=75d41281-0afb-4dfa-9153-a60d873a5393&gdpr=1&gdpr_consent=
Request Chain 69
  • http://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js HTTP 301
  • https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Request Chain 74
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D11528%26ref%3Dhttp%253A%252F%252Fu515372l2w.ha003.t.justns.ru%252Faru.php%26hn_ver%3D10%26fid%3D4dfb2294-cef3-4bd9-864a-46e2fee18f37 HTTP 302
  • https://s.cpx.to/an_fire?app_nexus_uid=3657249567190608971&pid=11528&ref=http%3A%2F%2Fu515372l2w.ha003.t.justns.ru%2Faru.php&hn_ver=10&fid=4dfb2294-cef3-4bd9-864a-46e2fee18f37
Request Chain 76
  • https://ads.avocet.io/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Davocet%26dsp_uid%3D%7B%7BUUID%7D%7D%26fid%3D4dfb2294-cef3-4bd9-864a-46e2fee18f37 HTTP 302
  • https://ads.avocet.io/getuid?bounce=true&url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Davocet%26dsp_uid%3D%7B%7BUUID%7D%7D%26fid%3D4dfb2294-cef3-4bd9-864a-46e2fee18f37 HTTP 302
  • https://s.cpx.to/sync?dsp=avocet&dsp_uid=57864ce3-0fc2-4c13-9961-fa0eb8e1ef37&fid=4dfb2294-cef3-4bd9-864a-46e2fee18f37
Request Chain 77
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=4dfb2294-cef3-4bd9-864a-46e2fee18f37 HTTP 302
  • https://s.cpx.to/ca.png?dsp=dbm&fid=4dfb2294-cef3-4bd9-864a-46e2fee18f37&google_gid=CAESEN3rT5rRS9PW4wDifkmjNgw&google_cver=1
Request Chain 78
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D4dfb2294-cef3-4bd9-864a-46e2fee18f37 HTTP 302
  • https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=5FDCD0E7-0AB7-4EC7-85D6-B88C70CEE6F0&fid=4dfb2294-cef3-4bd9-864a-46e2fee18f37
Request Chain 79
  • https://pool.grid-data.bidswitch.net/sync?pid=42 HTTP 302
  • https://s.cpx.to/sync?dsp_uid=0ad07534-aa9b-4a66-b1b1-6c544eeb124f&dsp=BIDSWITCH
Request Chain 90
  • http://fonts.googleapis.com/css?family=Lato:400,700,300,300italic,700italic,400italic HTTP 307
  • https://fonts.googleapis.com/css?family=Lato:400,700,300,300italic,700italic,400italic

105 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
anes.php
u515392l2z.ha003.t.justns.ru/ 		65 B
295 B 		Document
General
Check archive.org
Download Go to
Full URL
http://u515392l2z.ha003.t.justns.ru/anes.php
Protocol
HTTP/1.1
Server
2a00:b700::29 , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash

Request headers

Host
u515392l2z.ha003.t.justns.ru
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Connection
close
Content-Type
text/html; charset=UTF-8
Content-Length
83
Content-Encoding
gzip
Vary
Accept-Encoding,User-Agent
Date
Tue, 12 Nov 2019 08:02:36 GMT
Server
LiteSpeed
b25q
urlz.fr/
Redirect Chain
  • https://urlz.fr/b25q
  • http://urlz.fr/b25q
3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://urlz.fr/b25q
Protocol
HTTP/1.1
Server
2606:4700:31::681f:bb2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1246b5783fa45fe5ec2a54b0884c104cca184912ec03527a4ef74bf962bd590

Request headers

Host
urlz.fr
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://u515392l2z.ha003.t.justns.ru/anes.php
Accept-Encoding
gzip, deflate
Cookie
__cfduid=d3c24840881406a63a06baf5ce9a5c0251573545756
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Referer
http://u515392l2z.ha003.t.justns.ru/anes.php

Response headers

Date
Tue, 12 Nov 2019 08:02:36 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
CF-Cache-Status
DYNAMIC
Server
cloudflare
CF-RAY
5346fc11ce0fcbb4-VIE
Content-Encoding
gzip

Redirect headers

status
301
date
Tue, 12 Nov 2019 08:02:36 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d3c24840881406a63a06baf5ce9a5c0251573545756; expires=Wed, 11-Nov-20 08:02:36 GMT; path=/; domain=.urlz.fr; HttpOnly
location
http://urlz.fr/b25q
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5346fc111921cbb8-VIE
rocket-loader.min.js
ajax.cloudflare.com/cdn-cgi/scripts/95c75768/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.cloudflare.com/cdn-cgi/scripts/95c75768/cloudflare-static/rocket-loader.min.js
Requested by
Host: urlz.fr
URL: http://urlz.fr/b25q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:300a::6813:c397 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ebb1042972496d60bb6555b9622f7e23201bbfe5d25b33d1096f1b61d659045
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://urlz.fr/b25q
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 12 Nov 2019 08:02:36 GMT
content-encoding
gzip
last-modified
Mon, 04 Nov 2019 17:30:49 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5dc06049-2fb5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=172800, public
strict-transport-security
max-age=15780000; includeSubDomains
cf-ray
5346fc124fb15a12-VIE
alt-svc
h3-23=":443"; ma=86400
expires
Thu, 14 Nov 2019 08:02:36 GMT
aru.php
u515372l2w.ha003.t.justns.ru/ Frame 23A6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://u515372l2w.ha003.t.justns.ru/aru.php
Requested by
Host: urlz.fr
URL: http://urlz.fr/b25q
Protocol
HTTP/1.1
Server
2a00:b700::29 , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash

Request headers

Host
u515372l2w.ha003.t.justns.ru
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://urlz.fr/b25q
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://urlz.fr/b25q

Response headers

Connection
close
Content-Type
text/html; charset=UTF-8
Content-Length
83
Content-Encoding
gzip
Vary
Accept-Encoding,User-Agent
Date
Tue, 12 Nov 2019 08:02:36 GMT
Server
LiteSpeed
requestform.js
ads.themoneytizer.com/s/ 		35 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/95c75768/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
NetDNA-cache/2.2 / PHP/5.4.45
Resource Hash
5d75cb22fb7ce2ed873ad964147b5b2ee585ed75096219f3082f4727444e5553

Request headers

Referer
http://urlz.fr/b25q
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 08:02:36 GMT
Content-Encoding
gzip
Server
NetDNA-cache/2.2
X-Powered-By
PHP/5.4.45
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
text/html; charset=UTF-8
Cache-control
max-age=86400
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
Expires
Wed, 13 Nov 2019 08:02:36 GMT
gen.js
ads.themoneytizer.com/s/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ads.themoneytizer.com/s/gen.js?type=28
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/95c75768/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
NetDNA-cache/2.2 / PHP/5.4.45
Resource Hash
afa9fb95b610a889e744ede0461b995ff3ab0ed1d517f1d47b3a4c797ec070c8

Request headers

Referer
http://urlz.fr/b25q
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 08:01:40 GMT
Content-Encoding
gzip
Server
NetDNA-cache/2.2
X-Powered-By
PHP/5.4.45
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
text/html; charset=UTF-8
Cache-control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2742
Expires
Wed, 13 Nov 2019 08:01:40 GMT
/
g.themoneytizer.net/g/ 		26 B
200 B 		Script
General
Check archive.org
Download Go to
Full URL
http://g.themoneytizer.net/g/
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol
HTTP/1.1
Server
145.239.193.145 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
8c8543047af01eee8aec752d049f35aff3abc468628af82f9585117411786d8c

Request headers

Referer
http://urlz.fr/b25q
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 08:02:36 GMT
Server
nginx
X-IPLB-Instance
29895
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
moneyvisibility.js
ads.themoneytizer.com/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/moneyvisibility.js
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
7665c874bc98e44bd494def2883069f2f4c14cdef48d52d517cbbfce75440f37

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://urlz.fr/b25q
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 12 Nov 2019 08:02:36 GMT
content-encoding
gzip
last-modified
Wed, 27 Feb 2019 16:57:07 GMT
server
nginx
etag
"779a-308e-582e3105a6be4"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
status
200
cache-control
max-age=86400
accept-ranges
bytes
content-length
3931
expires
Wed, 13 Nov 2019 08:02:35 GMT
moneybile.js
ads.themoneytizer.com/ 		37 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/moneybile.js
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
94666aec361fee9a9294bb32a5bc11867e479d41c199dd6ec8053122ae105a4b

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://urlz.fr/b25q
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 12 Nov 2019 08:02:36 GMT
content-encoding
gzip
last-modified
Wed, 27 Feb 2019 16:57:00 GMT
server
nginx
etag
"7ff1-9390-582e30fefbc74"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
status
200
cache-control
max-age=86400
accept-ranges
bytes
content-length
15733
expires
Wed, 13 Nov 2019 08:02:35 GMT
/
onetag-sys.com/usync/ Frame 1114 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1573545756717
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.89.9.253 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?pubId=2a897e3f18e6769&cb=1573545756717
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
http://urlz.fr/b25q
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
http://urlz.fr/b25q

Response headers

status
200
content-type
text/html
expires
Sun, 01-Jan-2034 12:34:56 GMT
cache-control
max-age=2628000,public
content-encoding
gzip
getjs.static.js
tag.contextweb.com/ 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://tag.contextweb.com/getjs.static.js
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol
HTTP/1.1
Server
74.214.194.132 Amsterdam, Netherlands, ASN59940 (PULSEPOINT-EU, NL),
Reverse DNS
Software
envoy /
Resource Hash
bf0e17523e8f57ccb02223b6e5adea462a5479afc4e79d9cbf80ca7f6186dc69

Request headers

Referer
http://urlz.fr/b25q
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 12 Nov 2019 08:02:36 GMT
content-encoding
gzip
server
envoy
etag
d13c8ae45565efb782b52cb7f6a3b3828e3d77a7
p3p
policyref="/TagPublish/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
max-age=432000, public
x-envoy-upstream-service-time
2
content-type
application/x-javascript
content-length
11296
px.js
p.cpx.to/p/11528/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://p.cpx.to/p/11528/px.js?r=1daeb
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol
HTTP/1.1
Server
143.204.101.85 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-101-85.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
759d88dd7c8fa0d1e31323bd2ebf3f238156fdcbd1ed108215f69fece482d0c2

Request headers

Referer
http://urlz.fr/b25q
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 10 Nov 2019 19:43:19 GMT
Content-Encoding
UTF-8
Connection
keep-alive
Last-Modified
Wed, 10 Oct 2018 10:49:46 GMT
Server
AmazonS3
Age
130758
ETag
"f30057c89bf67afeaf18ceba624fa4b7"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
Cache-Control
max-age=2419200
X-Amz-Cf-Pop
FRA50-C1
Accept-Ranges
bytes
Content-Length
1498
X-Amz-Cf-Id
Ne6k5XGShCoP0Uxr6VbFPJ7rgqnpng6NgfcPPtmk2b0kTX4ETQ0i0Q==
smart.js
ced-ns.sascdn.com/diff/js/
Redirect Chain
  • http://ww1097.smartadserver.com/config.js?nwid=1097
  • http://ced-ns.sascdn.com/diff/js/smart.js
24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ced-ns.sascdn.com/diff/js/smart.js
Protocol
HTTP/1.1
Server
68.232.35.16 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/40E6) /
Resource Hash

Request headers

Referer
http://urlz.fr/b25q
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 08:02:36 GMT
Content-Encoding
gzip
Last-Modified
Thu, 05 Sep 2019 12:08:33 GMT
Server
ECS (fcn/40E6)
Cache-Control
max-age=86400
Etag
"1fc11a0f5e30485338c4562812f21662:1567685313"
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
application/x-javascript
X-N
S
Accept-Ranges
bytes
Content-Length
8004

Redirect headers

Location
http://ced-ns.sascdn.com/diff/js/smart.js
Date
Tue, 12 Nov 2019 08:02:35 GMT
Cache-Control
private
Content-Length
158
Content-Type
text/html; charset=utf-8
sync
gum.criteo.com/ 		0
0
libJsLP.js
tag.leadplace.fr/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://tag.leadplace.fr/libJsLP.js
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol
HTTP/1.1
Server
145.239.193.51 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
90e6f92e956b0b2b6e655f63d36cd44cef727f54c2b2a175ab5144de14ba2a31

Request headers

Referer
http://urlz.fr/b25q
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 08:02:36 GMT
Last-Modified
Tue, 30 Oct 2018 10:00:26 GMT
Server
nginx/1.14.2
ETag
"5bd82bba-a72"
X-IPLB-Instance
29923
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
2674
quant.js
edge.quantserve.com/ 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://edge.quantserve.com/quant.js
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol
HTTP/1.1
Server
91.228.74.248 , United Kingdom, ASN27281 (QUANTCAST - Quantcast Corporation, US),
Reverse DNS
Software
QS /
Resource Hash
404a9b0ffbcc813e8ddbb8d8510a24a69c09079282f8083ee94f4adc5d627176

Request headers

Referer
http://urlz.fr/b25q
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 08:02:36 GMT
Content-Encoding
gzip
Last-Modified
Tue, 12-Nov-2019 08:02:36 GMT
Server
QS
ETag
M0-e2b9884a
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=604800
Connection
keep-alive
Content-Length
5456
Expires
Tue, 19 Nov 2019 08:02:36 GMT
notifyme.js
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/ 		25 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol
HTTP/1.1
Server
13.224.197.103 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-224-197-103.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213

Request headers

Referer
http://urlz.fr/b25q
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 11 Nov 2019 09:09:48 GMT
Via
1.1 cb33a7a4640adbb55df3e0d143601559.cloudfront.net (CloudFront)
Last-Modified
Mon, 18 Feb 2019 16:54:28 GMT
Server
Apache
Age
82754
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
X-Amz-Cf-Pop
FRA2-C1
Accept-Ranges
bytes
Content-Length
25704
X-Amz-Cf-Id
ISRxzErBtRes-FYUwsvkRAhketveZM_d3pfUNGXnWkygqTO1xHjlIw==
prebid.js
ads.themoneytizer.com/moneybid2_31/build/dist/ 		409 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/moneybid2_31/build/dist/prebid.js
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
fcbae18825d52376d32deb98bdc1a8f7bb517dce83afb11ea0335670b66eea8a

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://urlz.fr/b25q
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 12 Nov 2019 08:02:36 GMT
content-encoding
gzip
last-modified
Fri, 08 Nov 2019 17:51:51 GMT
server
nginx
etag
"3ba96-663d5-596d96fcf8651"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
status
200
cache-control
max-age=86400
accept-ranges
bytes
content-length
132349
expires
Wed, 13 Nov 2019 08:01:37 GMT
sdk.js
player.pepsia.com/ 		39 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://player.pepsia.com/sdk.js?d=16e5ea2c830
Requested by
Host: u515392l2z.ha003.t.justns.ru
URL: http://u515392l2z.ha003.t.justns.ru/anes.php
Protocol
HTTP/1.1
Server
5.179.192.20 Paris, France, ASN34235 (ASPSERVEUR-AS, FR),
Reverse DNS
5-179-192-20.dynamixhost.net
Software
nginx /
Resource Hash

Request headers

Referer
http://urlz.fr/b25q
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 08:02:36 GMT
Last-Modified
Tue, 29 Oct 2019 09:15:39 GMT
Server
nginx
Accept-Ranges
bytes
ETag
"5db8033b-9b78"
Content-Length
39800
Content-Type
application/javascript
aru.php
u515372l2w.ha003.t.justns.ru/ Frame B32D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://u515372l2w.ha003.t.justns.ru/aru.php
Requested by
Host: u515392l2z.ha003.t.justns.ru
URL: http://u515392l2z.ha003.t.justns.ru/anes.php
Protocol
HTTP/1.1
Server
2a00:b700::29 , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash

Request headers

Host
u515372l2w.ha003.t.justns.ru
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://urlz.fr/b25q
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://urlz.fr/b25q

Response headers

Connection
close
Content-Type
text/html; charset=UTF-8
Content-Length
83
Content-Encoding
gzip
Vary
Accept-Encoding,User-Agent
Date
Tue, 12 Nov 2019 08:02:36 GMT
Server
LiteSpeed
image.php
www.noowho.com/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.noowho.com/image.php?site=23690713&ref=http://u515392l2z.ha003.t.justns.ru/anes.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.23.196.203 , France, ASN16276 (OVH, FR),
Reverse DNS
serveur8.wilsoftech.com
Software
Apache/2.4.7 (Ubuntu) / PHP/5.5.9-1ubuntu4.22
Resource Hash

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://urlz.fr/b25q
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 08:12:21 GMT
Cache-Control
no-store, no-cache, must-revalidate
Server
Apache/2.4.7 (Ubuntu)
Connection
close
X-Powered-By
PHP/5.5.9-1ubuntu4.22
Content-Length
1463
Content-Type
image/gif
match
c1.adform.net/serving/cookie/
Redirect Chain
  • https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent=
  • https://id5-sync.com/c/12/0/9/1.gif?gdpr=1&gdpr_consent=
  • https://secure.adnxs.com/getuid?https://id5-sync.com/c/12/2/8/2.gif?puid=$UID&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/12/2/8/2.gif?puid=4431029072485742255&gdpr=1&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F10%2F7%2F3.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D1%26gdpr_consent%3D
0
0
fire.js
s.cpx.to/ 		1002 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.cpx.to/fire.js?pid=11528&ref=http%3A%2F%2Fu515392l2z.ha003.t.justns.ru%2Fanes.php&hn_ver=10&fid=135aa25c-e29f-4169-81d4-654b89909901
Requested by
Host: p.cpx.to
URL: http://p.cpx.to/p/11528/px.js?r=1daeb
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.104.74 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-154-104-74.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://urlz.fr/b25q
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Tue, 12 Nov 2019 08:02:36 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/javascript; charset=UTF-8
Content-Length
1002
Expires
Thu, 24 Oct 2019 10:32:15 GMT
rules-p-6Fv0cGNfc_bw8.js
rules.quantcount.com/
Redirect Chain
  • http://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
  • https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
1 KB
966 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20eb:7e00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
http://urlz.fr/b25q
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 12 Nov 2019 07:10:38 GMT
content-encoding
gzip
last-modified
Mon, 19 Mar 2018 22:28:36 GMT
server
AmazonS3
age
3131
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
status
200
cache-control
max-age=3600
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
CMMF2EBcj47YpGXbnP1Mq4-vF2k5P5xmws9cnrb4xmeQ7ClgJ5J2Qw==
via
1.1 7a3193ebce69450274ae629ce856b09d.cloudfront.net (CloudFront)

Redirect headers

Date
Tue, 12 Nov 2019 08:02:36 GMT
Via
1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
Server
CloudFront
X-Amz-Cf-Pop
FRA50-C1
X-Cache
Redirect from cloudfront
Content-Type
text/html
Location
https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Connection
keep-alive
Content-Length
183
X-Amz-Cf-Id
ZA9js-tdMizYCCOl_Yz_DBvcSs6JPi8NAguMO98tI0zKhbDuIuC0JA==
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.0.0/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Requested by
Host: d2zur9cc2gf1tx.cloudfront.net
URL: http://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:817::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://urlz.fr/b25q
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 01 Nov 2019 02:46:03 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 20 Dec 2016 18:17:03 GMT
Server
sffe
Age
969393
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
30186
X-XSS-Protection
0
Expires
Sat, 31 Oct 2020 02:46:03 GMT
wckr.php
tag.leadplace.fr/ Frame 4E01 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://tag.leadplace.fr/wckr.php?nogdpr&id=MTIZ
Requested by
Host: tag.leadplace.fr
URL: http://tag.leadplace.fr/libJsLP.js
Protocol
HTTP/1.1
Server
145.239.193.51 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash

Request headers

Host
tag.leadplace.fr
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://urlz.fr/b25q
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://urlz.fr/b25q

Response headers

Server
nginx/1.14.2
Date
Tue, 12 Nov 2019 08:02:36 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
X-IPLB-Instance
29923
localstore.js
script.4dex.io/ 		409 B
923 B 		Script
General
Check archive.org
Download Go to
Full URL
http://script.4dex.io/localstore.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_31/build/dist/prebid.js
Protocol
HTTP/1.1
Server
2606:4700:30::681c:102a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
http://urlz.fr/b25q
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 08:02:36 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Fri, 08 Nov 2019 16:41:30 GMT
Server
cloudflare
Age
641
ETag
W/"4b47be3773e54c93b4788a00c3d0324b"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=1800
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
5346fc13ecd78c6e-VIE
x-amz-request-id
4782EB9655527448
x-amz-id-2
8U4EPryBBX3vtyPSltyPaoU/X44MSRw5AUvc9J8uVeocHJKY00srryGb55rWla+Wvje9Lh6OWFU=
prebid
ib.adnxs.com/ut/v3/ 		143 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_31/build/dist/prebid.js
Protocol
HTTP/1.1
Server
37.252.173.27 , Ascension Island, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://urlz.fr/b25q
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 12 Nov 2019 08:02:38 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 539.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.110:80
AN-X-Request-Uuid
d64e2d61-429f-4a7e-983a-47c0c21e2b95
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
http://urlz.fr
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
143
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid-request
onetag-sys.com/ 		15 B
508 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_31/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.89.9.253 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash

Request headers

Sec-Fetch-Mode
cors
Referer
http://urlz.fr/b25q
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

content-encoding
gzip
status
200
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
http://urlz.fr
cache-control
no-cache, no-transform
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
Content-Type
fastlane.json
fastlane.rubiconproject.com/a/api/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11740&site_id=39544&zone_id=1078310&size_id=2&p_pos=atf&rf=https%3A%2F%2Furlz.fr&kw=15056&tg_i.siteid=15056&tk_flint=pbjs_lite_v2.31.0&x_source.tid=d6d36354-7c3a-411e-82c7-ad4f0f0c8c42&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=0&slots=1&rand=0.7604240869656567
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_31/build/dist/prebid.js
Protocol
HTTP/1.1
Server
69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash

Request headers

Referer
http://urlz.fr/b25q
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 12 Nov 2019 08:02:36 GMT
Content-Encoding
gzip
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
http://urlz.fr
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=423
Content-Length
1435
Expires
Wed, 17 Sep 1975 21:32:10 GMT
moneybid.js
ads.themoneytizer.com/bidder1/ 		631 B
666 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=15056&adid=28&formatid=30012&size=desktop&country=DE
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_31/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx / PHP/5.4.45
Resource Hash

Request headers

Sec-Fetch-Mode
cors
Referer
http://urlz.fr/b25q
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 12 Nov 2019 08:02:36 GMT
content-encoding
gzip
server
nginx
status
200
x-powered-by
PHP/5.4.45
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
435
expires
Wed, 13 Nov 2019 08:02:36 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ 		67 B
732 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=5224337&componentId=mustang&timestamp=1573545756795&pKey=1262747033&_fw_gdpr_consent=undefined&loc=http%3A%2F%2Furlz.fr%2Fb25q&playerSize=640x480&
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_31/build/dist/prebid.js
Protocol
HTTP/1.1
Server
2.18.234.233 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash

Request headers

Referer
http://urlz.fr/b25q
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 12 Nov 2019 08:02:36 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
http://urlz.fr
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1573545756760041-126
Expires
Tue, 12 Nov 2019 08:02:36 GMT
hb
ice.360yield.com/ul_cb/
Redirect Chain
  • https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2216f9721b5570f17%22%2C%22version%22%3A%225.2.0-JS-6.2.0%22%2C%22referrer%22%3A%22http%3A%2F%2Furlz.fr%2Fb...
  • https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2216f9721b5570f17%22%2C%22version%22%3A%225.2.0-JS-6.2.0%22%2C%22referrer%22%3A%22http%3A%2F%2Furlz....
3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2216f9721b5570f17%22%2C%22version%22%3A%225.2.0-JS-6.2.0%22%2C%22referrer%22%3A%22http%3A%2F%2Furlz.fr%2Fb25q%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2212aa89a602a5cbd%22%2C%22pid%22%3A%221121191%22%2C%22tid%22%3A%22d6d36354-7c3a-411e-82c7-ad4f0f0c8c42%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%5D%7D%7D%5D%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.14.143 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-29-14-143.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
http://urlz.fr/b25q
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 12 Nov 2019 08:02:36 GMT
content-encoding
gzip
status
200
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
http://urlz.fr
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
1777

Redirect headers

date
Tue, 12 Nov 2019 08:02:36 GMT
status
302
location
https://ice.360yield.com:443/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2216f9721b5570f17%22%2C%22version%22%3A%225.2.0-JS-6.2.0%22%2C%22referrer%22%3A%22http%3A%2F%2Furlz.fr%2Fb25q%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2212aa89a602a5cbd%22%2C%22pid%22%3A%221121191%22%2C%22tid%22%3A%22d6d36354-7c3a-411e-82c7-ad4f0f0c8c42%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%5D%7D%7D%5D%7D%7D
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
http://urlz.fr
access-control-allow-credentials
true
content-type
text/plain
content-length
0
prebid
ib.adnxs.com/ut/v3/ 		0
0
aru.php
u515372l2w.ha003.t.justns.ru/ 		65 B
295 B 		Document
General
Check archive.org
Download Go to
Full URL
http://u515372l2w.ha003.t.justns.ru/aru.php
Requested by
Host: u515392l2z.ha003.t.justns.ru
URL: http://u515392l2z.ha003.t.justns.ru/anes.php
Protocol
HTTP/1.1
Server
2a00:b700::29 , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash

Request headers

Host
u515372l2w.ha003.t.justns.ru
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://urlz.fr/b25q
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://urlz.fr/b25q

Response headers

Connection
close
Content-Type
text/html; charset=UTF-8
Content-Length
83
Content-Encoding
gzip
Vary
Accept-Encoding,User-Agent
Date
Tue, 12 Nov 2019 08:02:36 GMT
Server
LiteSpeed
pixel;r=625049293;labels=Categories.hobbiesandinterests;rf=0;a=p-6Fv0cGNfc_bw8;url=http%3A%2F%2Furlz.fr%2Fb25q;ref=http%3A%2F%2Fu515392l2z.ha003.t.justns.ru%2Fanes.php;fpan=1;fpa=P0-957367913-15735...
pixel.quantserve.com/ 		35 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://pixel.quantserve.com/pixel;r=625049293;labels=Categories.hobbiesandinterests;rf=0;a=p-6Fv0cGNfc_bw8;url=http%3A%2F%2Furlz.fr%2Fb25q;ref=http%3A%2F%2Fu515392l2z.ha003.t.justns.ru%2Fanes.php;fpan=1;fpa=P0-957367913-1573545756820;ns=0;ce=1;qjs=1;qv=4c19192-20180628134937;cm=;je=0;sr=1600x1200x24;enc=n;dst=1;et=1573545756820;tzo=-60;ogl=
Protocol
HTTP/1.1
Server
91.228.74.135 , United Kingdom, ASN27281 (QUANTCAST - Quantcast Corporation, US),
Reverse DNS
Software
QS /
Resource Hash

Request headers

Referer
http://urlz.fr/b25q
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Nov 2019 08:02:36 GMT
Server
QS
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
Cache-Control
private, no-cache, no-store, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
Fri, 04 Aug 1978 12:00:00 GMT
notifyme.php
adtrack.adleadevent.com/ 		0
0
adagio.js
script.4dex.io/ 		0
0
get_consent
c.sharethis.mgr.consensu.org/ 		13 B
404 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.sharethis.mgr.consensu.org/get_consent
Requested by
Host: player.pepsia.com
URL: http://player.pepsia.com/sdk.js?d=16e5ea2c830
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2156:ee00:c:a9b7:ddc0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
/
Resource Hash

Request headers

Sec-Fetch-Mode
cors
Referer
http://urlz.fr/b25q
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 12 Nov 2019 08:02:36 GMT
via
1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
status
200
etag
W/"d-+DingHfG0CPg0LypXw8zXfS4tGg"
vary
Origin,Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
http://urlz.fr
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-length
13
x-amz-cf-id
DACE10a_0rEBLxlZa54XKGj2XmdqwAgUaBq1O4k-vpOv9o1EPvWKLA==
indexv2.php
player.pepsia.com/V2/ 		170 B
412 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://player.pepsia.com/V2/indexv2.php?token=00I4&controls=1&autoplay=1&logo=true&volume=1&api=1&id=0&origin=http://urlz.fr&gdpr=1&d=16e5ea2c89e
Requested by
Host: player.pepsia.com
URL: http://player.pepsia.com/sdk.js?d=16e5ea2c830
Protocol
HTTP/1.1
Server
5.179.192.20 Paris, France, ASN34235 (ASPSERVEUR-AS, FR),
Reverse DNS
5-179-192-20.dynamixhost.net
Software
nginx /
Resource Hash

Request headers

Referer
http://urlz.fr/b25q
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
http://urlz.fr
Date
Tue, 12 Nov 2019 08:02:36 GMT
Content-Encoding
gzip
Access-Control-Allow-Credentials
true
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
algov2.php
player.pepsia.com/V2/ 		0
0
getuid
ads.avocet.io/ 		0
0
sync.gif
dmp.truoptik.com/0362536315099b06/ 		0
0
sync
s.cpx.to/
Redirect Chain
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D135aa25c-e29f-4169-81d4-654b89909901
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D135aa25c-e29f-4169-81d4-654b89909901
  • https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=5FDCD0E7-0AB7-4EC7-85D6-B88C70CEE6F0&fid=135aa25c-e29f-4169-81d4-654b89909901
0
0
an_fire
s.cpx.to/
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D11528%26ref%3Dhttp%253A%252F%252Fu515392l2z.ha003.t.justns.ru%252Fanes.php%26hn_ver%3D10%26fid%3D13...
  • https://s.cpx.to/an_fire?app_nexus_uid=4431029072485742255&pid=11528&ref=http%3A%2F%2Fu515392l2z.ha003.t.justns.ru%2Fanes.php&hn_ver=10&fid=135aa25c-e29f-4169-81d4-654b89909901
0
0
ca.png
s.cpx.to/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=135aa25c-e29f-4169-81d4-654b89909901
  • https://s.cpx.to/ca.png?dsp=dbm&fid=135aa25c-e29f-4169-81d4-654b89909901&google_gid=CAESEN3rT5rRS9PW4wDifkmjNgw&google_cver=1
0
0
sync
s.cpx.to/
Redirect Chain
  • https://pool.grid-data.bidswitch.net/sync?pid=42
  • https://s.cpx.to/sync?dsp_uid=0ad07534-aa9b-4a66-b1b1-6c544eeb124f&dsp=BIDSWITCH
0
0
b25j
urlz.fr/
Redirect Chain
  • https://urlz.fr/b25j
  • http://urlz.fr/b25j
3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://urlz.fr/b25j
Protocol
HTTP/1.1
Server
2606:4700:31::681f:bb2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
eefd2db4e7a8161a741cb93383a3e0c5b3443bb4ae02e82461d2feb5e9f43286

Request headers

Host
urlz.fr
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://u515372l2w.ha003.t.justns.ru/aru.php
Accept-Encoding
gzip, deflate
Cookie
__cfduid=d3c24840881406a63a06baf5ce9a5c0251573545756; _pubcid=3963b7b1-9dcf-4348-952f-4938de38be87; __qca=P0-957367913-1573545756820
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Referer
http://u515372l2w.ha003.t.justns.ru/aru.php

Response headers

Date
Tue, 12 Nov 2019 08:02:37 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
CF-Cache-Status
DYNAMIC
Server
cloudflare
CF-RAY
5346fc15f89dcbb4-VIE
Content-Encoding
gzip

Redirect headers

status
301
date
Tue, 12 Nov 2019 08:02:37 GMT
content-type
text/html; charset=UTF-8
location
http://urlz.fr/b25j
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5346fc14bb75cbb8-VIE
rocket-loader.min.js
ajax.cloudflare.com/cdn-cgi/scripts/95c75768/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.cloudflare.com/cdn-cgi/scripts/95c75768/cloudflare-static/rocket-loader.min.js
Requested by
Host: urlz.fr
URL: http://urlz.fr/b25j
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:300a::6813:c397 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ebb1042972496d60bb6555b9622f7e23201bbfe5d25b33d1096f1b61d659045
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://urlz.fr/b25j
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 12 Nov 2019 08:02:37 GMT
content-encoding
gzip
last-modified
Mon, 04 Nov 2019 17:30:49 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5dc06049-2fb5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=172800, public
strict-transport-security
max-age=15780000; includeSubDomains
cf-ray
5346fc16da345a12-VIE
alt-svc
h3-23=":443"; ma=86400
expires
Thu, 14 Nov 2019 08:02:37 GMT
/
u515272l2h.ha003.t.justns.ru/arub/ Frame 1DD4
Redirect Chain
  • http://u515272l2h.ha003.t.justns.ru/arub
  • http://u515272l2h.ha003.t.justns.ru/arub/
0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://u515272l2h.ha003.t.justns.ru/arub/
Requested by
Host: urlz.fr
URL: http://urlz.fr/b25j
Protocol
HTTP/1.1
Server
2a00:b700::1c , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash

Request headers

Host
u515272l2h.ha003.t.justns.ru
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://urlz.fr/b25j
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://urlz.fr/b25j

Response headers

Connection
close
Content-Type
text/html
Last-Modified
Mon, 11 Nov 2019 22:29:27 GMT
Etag
"689b-5dc9e0c7-c04a5504705dafa5;gz"
Accept-Ranges
bytes
Content-Encoding
gzip
Vary
Accept-Encoding,User-Agent
Content-Length
7467
Date
Tue, 12 Nov 2019 08:02:37 GMT
Server
LiteSpeed

Redirect headers

Connection
Keep-Alive
Content-Type
text/html
Content-Length
705
Date
Tue, 12 Nov 2019 08:02:37 GMT
Server
LiteSpeed
Location
http://u515272l2h.ha003.t.justns.ru/arub/
Vary
User-Agent
requestform.js
ads.themoneytizer.com/s/ 		35 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/95c75768/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
NetDNA-cache/2.2 / PHP/5.4.45
Resource Hash
5d75cb22fb7ce2ed873ad964147b5b2ee585ed75096219f3082f4727444e5553

Request headers

Referer
http://urlz.fr/b25j
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 08:02:36 GMT
Content-Encoding
gzip
Server
NetDNA-cache/2.2
X-Powered-By
PHP/5.4.45
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
text/html; charset=UTF-8
Cache-control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8321
Expires
Wed, 13 Nov 2019 08:02:36 GMT
gen.js
ads.themoneytizer.com/s/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ads.themoneytizer.com/s/gen.js?type=28
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/95c75768/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
NetDNA-cache/2.2 / PHP/5.4.45
Resource Hash
afa9fb95b610a889e744ede0461b995ff3ab0ed1d517f1d47b3a4c797ec070c8

Request headers

Referer
http://urlz.fr/b25j
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 08:01:40 GMT
Content-Encoding
gzip
Server
NetDNA-cache/2.2
X-Powered-By
PHP/5.4.45
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
text/html; charset=UTF-8
Cache-control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2742
Expires
Wed, 13 Nov 2019 08:01:40 GMT
/
g.themoneytizer.net/g/ 		26 B
200 B 		Script
General
Check archive.org
Download Go to
Full URL
http://g.themoneytizer.net/g/
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol
HTTP/1.1
Server
145.239.193.145 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
8c8543047af01eee8aec752d049f35aff3abc468628af82f9585117411786d8c

Request headers

Referer
http://urlz.fr/b25j
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 08:02:38 GMT
Server
nginx
X-IPLB-Instance
29895
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
moneyvisibility.js
ads.themoneytizer.com/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/moneyvisibility.js
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
7665c874bc98e44bd494def2883069f2f4c14cdef48d52d517cbbfce75440f37

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://urlz.fr/b25j
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 12 Nov 2019 08:02:38 GMT
content-encoding
gzip
last-modified
Wed, 27 Feb 2019 16:57:07 GMT
server
nginx
etag
"779a-308e-582e3105a6be4"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
status
200
cache-control
max-age=86400
accept-ranges
bytes
content-length
3931
expires
Wed, 13 Nov 2019 08:02:35 GMT
moneybile.js
ads.themoneytizer.com/ 		37 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/moneybile.js
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
94666aec361fee9a9294bb32a5bc11867e479d41c199dd6ec8053122ae105a4b

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://urlz.fr/b25j
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 12 Nov 2019 08:02:38 GMT
content-encoding
gzip
last-modified
Wed, 27 Feb 2019 16:57:00 GMT
server
nginx
etag
"7ff1-9390-582e30fefbc74"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
status
200
cache-control
max-age=86400
accept-ranges
bytes
content-length
15733
expires
Wed, 13 Nov 2019 08:02:35 GMT
/
onetag-sys.com/usync/ Frame 5ADB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1573545758110
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.89.9.253 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?pubId=2a897e3f18e6769&cb=1573545758110
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
http://urlz.fr/b25j
accept-encoding
gzip, deflate, br
cookie
OTP=1zfg8ZQ_Ahp9sBfebn5QwPFe6w0FrASqLteoRzO0m_U
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
http://urlz.fr/b25j

Response headers

status
200
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
set-cookie
OTP=hdBNw2rDjuHERPkK9Hz31DzAUlvEg8GnH4ZzGVD3SUk; path=/; expires=Thu, 11 Nov 2021 08:02:38; domain=onetag-sys.com; SameSite=None;
content-type
text/html
expires
Sun, 01-Jan-2034 12:34:56 GMT
cache-control
max-age=2628000,public
content-encoding
gzip
getjs.static.js
tag.contextweb.com/ 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://tag.contextweb.com/getjs.static.js
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol
HTTP/1.1
Server
74.214.194.132 Amsterdam, Netherlands, ASN59940 (PULSEPOINT-EU, NL),
Reverse DNS
Software
envoy /
Resource Hash
bf0e17523e8f57ccb02223b6e5adea462a5479afc4e79d9cbf80ca7f6186dc69

Request headers

Referer
http://urlz.fr/b25j
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 12 Nov 2019 08:02:37 GMT
content-encoding
gzip
server
envoy
etag
d13c8ae45565efb782b52cb7f6a3b3828e3d77a7
p3p
policyref="/TagPublish/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
max-age=432000, public
x-envoy-upstream-service-time
3
content-type
application/x-javascript
content-length
11296
px.js
p.cpx.to/p/11528/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://p.cpx.to/p/11528/px.js?r=120c6
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol
HTTP/1.1
Server
143.204.101.85 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-101-85.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
759d88dd7c8fa0d1e31323bd2ebf3f238156fdcbd1ed108215f69fece482d0c2

Request headers

Referer
http://urlz.fr/b25j
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 11 Nov 2019 00:26:52 GMT
Content-Encoding
UTF-8
Connection
keep-alive
Last-Modified
Wed, 10 Oct 2018 10:49:46 GMT
Server
AmazonS3
Age
113747
ETag
"f30057c89bf67afeaf18ceba624fa4b7"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
Cache-Control
max-age=2419200
X-Amz-Cf-Pop
FRA50-C1
Accept-Ranges
bytes
Content-Length
1498
X-Amz-Cf-Id
QxtwYUGeXtSh_fg_vTuuGe8vK0Zy7qkPWHoMyOIGfzYoidvlwomHsg==
smart.js
ced-ns.sascdn.com/diff/js/
Redirect Chain
  • http://ww1097.smartadserver.com/config.js?nwid=1097
  • http://ced-ns.sascdn.com/diff/js/smart.js
24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ced-ns.sascdn.com/diff/js/smart.js
Protocol
HTTP/1.1
Server
68.232.35.16 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/40E6) /
Resource Hash
e74d4b9c447f963778d2309bf36b2c9acd06d8c7096f9a98b28643cae53f426b

Request headers

Referer
http://urlz.fr/b25j
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 08:02:38 GMT
Content-Encoding
gzip
Last-Modified
Thu, 05 Sep 2019 12:08:33 GMT
Server
ECS (fcn/40E6)
Cache-Control
max-age=86400
Etag
"1fc11a0f5e30485338c4562812f21662:1567685313"
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
application/x-javascript
X-N
S
Accept-Ranges
bytes
Content-Length
8004

Redirect headers

Location
http://ced-ns.sascdn.com/diff/js/smart.js
Date
Tue, 12 Nov 2019 08:02:37 GMT
Cache-Control
private
Content-Length
158
Content-Type
text/html; charset=utf-8
sync
gum.criteo.com/
Redirect Chain
  • http://gum.criteo.com/sync?c=147&r=2&j=criteoCallback
  • https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback
49 B
311 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0

Request headers

Referer
http://urlz.fr/b25j
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 12 Nov 2019 08:02:37 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
status
200
cache-control
private, max-age=3600
content-length
165
expires
60

Redirect headers

location
https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback
date
Tue, 12 Nov 2019 08:02:37 GMT
content-length
179
content-type
text/html; charset=utf-8
libJsLP.js
tag.leadplace.fr/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://tag.leadplace.fr/libJsLP.js
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol
HTTP/1.1
Server
145.239.193.51 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
90e6f92e956b0b2b6e655f63d36cd44cef727f54c2b2a175ab5144de14ba2a31

Request headers

Referer
http://urlz.fr/b25j
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 08:02:38 GMT
Last-Modified
Wed, 28 Nov 2018 09:16:40 GMT
Server
nginx/1.14.2
ETag
"5bfe5cf8-a72"
X-IPLB-Instance
29923
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
2674
quant.js
edge.quantserve.com/ 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://edge.quantserve.com/quant.js
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol
HTTP/1.1
Server
91.228.74.248 , United Kingdom, ASN27281 (QUANTCAST - Quantcast Corporation, US),
Reverse DNS
Software
QS /
Resource Hash
404a9b0ffbcc813e8ddbb8d8510a24a69c09079282f8083ee94f4adc5d627176

Request headers

Referer
http://urlz.fr/b25j
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 08:02:38 GMT
Content-Encoding
gzip
Last-Modified
Tue, 12-Nov-2019 08:02:38 GMT
Server
QS
ETag
M0-e2b9884a
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=604800
Connection
keep-alive
Content-Length
5456
Expires
Tue, 19 Nov 2019 08:02:38 GMT
notifyme.js
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/ 		25 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol
HTTP/1.1
Server
13.224.197.103 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-224-197-103.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213

Request headers

Referer
http://urlz.fr/b25j
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 11 Nov 2019 09:09:48 GMT
Via
1.1 cb33a7a4640adbb55df3e0d143601559.cloudfront.net (CloudFront)
Last-Modified
Mon, 18 Feb 2019 16:54:28 GMT
Server
Apache
Age
82756
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
X-Amz-Cf-Pop
FRA2-C1
Accept-Ranges
bytes
Content-Length
25704
X-Amz-Cf-Id
eASPs_gNNczX_tb6uY2sQS9h2RSWZ2wpGj-wEDMQOsZQlJ8-U5iDIQ==
prebid.js
ads.themoneytizer.com/moneybid2_31/build/dist/ 		0
0
sdk.js
player.pepsia.com/ 		39 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://player.pepsia.com/sdk.js?d=16e5ea2cda1
Requested by
Host: u515392l2z.ha003.t.justns.ru
URL: http://u515392l2z.ha003.t.justns.ru/anes.php
Protocol
HTTP/1.1
Server
5.179.192.20 Paris, France, ASN34235 (ASPSERVEUR-AS, FR),
Reverse DNS
5-179-192-20.dynamixhost.net
Software
nginx /
Resource Hash
e210f56421f422144d56bc89278101007da57f4533e3c0788ba82a9d49170cdc

Request headers

Referer
http://urlz.fr/b25j
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 08:02:38 GMT
Last-Modified
Tue, 29 Oct 2019 09:15:39 GMT
Server
nginx
Accept-Ranges
bytes
ETag
"5db8033b-9b78"
Content-Length
39800
Content-Type
application/javascript
/
u515272l2h.ha003.t.justns.ru/arub/ Frame 56B9
Redirect Chain
  • http://u515272l2h.ha003.t.justns.ru/arub
  • http://u515272l2h.ha003.t.justns.ru/arub/
0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://u515272l2h.ha003.t.justns.ru/arub/
Requested by
Host: u515392l2z.ha003.t.justns.ru
URL: http://u515392l2z.ha003.t.justns.ru/anes.php
Protocol
HTTP/1.1
Server
2a00:b700::1c , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash

Request headers

Host
u515272l2h.ha003.t.justns.ru
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://urlz.fr/b25j
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://urlz.fr/b25j

Response headers

Connection
close
Content-Type
text/html
Last-Modified
Mon, 11 Nov 2019 22:29:27 GMT
Etag
"689b-5dc9e0c7-c04a5504705dafa5;gz"
Accept-Ranges
bytes
Content-Encoding
gzip
Vary
Accept-Encoding,User-Agent
Content-Length
7467
Date
Tue, 12 Nov 2019 08:02:38 GMT
Server
LiteSpeed

Redirect headers

Connection
Keep-Alive
Content-Type
text/html
Content-Length
705
Date
Tue, 12 Nov 2019 08:02:38 GMT
Server
LiteSpeed
Location
http://u515272l2h.ha003.t.justns.ru/arub/
Vary
User-Agent
image.php
www.noowho.com/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.noowho.com/image.php?site=23690713&ref=http://u515372l2w.ha003.t.justns.ru/aru.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.23.196.203 , France, ASN16276 (OVH, FR),
Reverse DNS
serveur8.wilsoftech.com
Software
Apache/2.4.7 (Ubuntu) / PHP/5.5.9-1ubuntu4.22
Resource Hash
b2b0a3d2004731e3aab3d2b6624f9404e66b42d30c3333de4557fe5610c5f304

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://urlz.fr/b25j
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 08:12:22 GMT
Cache-Control
no-store, no-cache, must-revalidate
Server
Apache/2.4.7 (Ubuntu)
Connection
close
X-Powered-By
PHP/5.5.9-1ubuntu4.22
Content-Length
1463
Content-Type
image/gif
4.gif
id5-sync.com/c/12/101/6/
Redirect Chain
  • https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F10%2F8%2F2.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/12/10/8/2.gif?puid=227510010369083964&gdpr=1&gdpr_consent=
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/12/19/7/3.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
  • https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/12/19/7/3.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/12/19/7/3.gif?puid=8bbffb71375cd95e22cb83234b530e93&gdpr=1&gdpr_consent=
  • https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F6%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F6%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/12/101/6/4.gif?puid=75d41281-0afb-4dfa-9153-a60d873a5393&gdpr=1&gdpr_consent=
0
0
fire.js
s.cpx.to/ 		1001 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.cpx.to/fire.js?pid=11528&ref=http%3A%2F%2Fu515372l2w.ha003.t.justns.ru%2Faru.php&hn_ver=10&fid=4dfb2294-cef3-4bd9-864a-46e2fee18f37
Requested by
Host: p.cpx.to
URL: http://p.cpx.to/p/11528/px.js?r=120c6
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.104.74 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-154-104-74.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
0f8d87d2e1e09cfc35b52acfd4f145a48151ab766cb81dc23e604244490766cd
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://urlz.fr/b25j
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Tue, 12 Nov 2019 08:02:38 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/javascript; charset=UTF-8
Content-Length
1001
Expires
Thu, 24 Oct 2019 10:30:30 GMT
rules-p-6Fv0cGNfc_bw8.js
rules.quantcount.com/
Redirect Chain
  • http://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
  • https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
1 KB
966 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20eb:7e00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681

Request headers

Referer
http://urlz.fr/b25j
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 12 Nov 2019 07:10:38 GMT
content-encoding
gzip
last-modified
Mon, 19 Mar 2018 22:28:36 GMT
server
AmazonS3
age
3133
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
status
200
cache-control
max-age=3600
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
waKzEuuz96OTshC5ViVQfhxGSseSrBsw2PFBjexej8TSuX-k1QY9Ag==
via
1.1 7a3193ebce69450274ae629ce856b09d.cloudfront.net (CloudFront)

Redirect headers

Date
Tue, 12 Nov 2019 08:02:38 GMT
Via
1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
Server
CloudFront
X-Amz-Cf-Pop
FRA50-C1
X-Cache
Redirect from cloudfront
Content-Type
text/html
Location
https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Connection
keep-alive
Content-Length
183
X-Amz-Cf-Id
9gQwaNFojXEkC8_FOnD1Z2M-5-YKcVr6Zxaq4Jbvu3Sb2SLQatOC6w==
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.0.0/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Requested by
Host: d2zur9cc2gf1tx.cloudfront.net
URL: http://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:817::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://urlz.fr/b25j
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 01 Nov 2019 02:46:03 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 20 Dec 2016 18:17:03 GMT
Server
sffe
Age
969395
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
30186
X-XSS-Protection
0
Expires
Sat, 31 Oct 2020 02:46:03 GMT
wckr.php
tag.leadplace.fr/ Frame 0139 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://tag.leadplace.fr/wckr.php?nogdpr&id=MTIZ
Requested by
Host: tag.leadplace.fr
URL: http://tag.leadplace.fr/libJsLP.js
Protocol
HTTP/1.1
Server
145.239.193.51 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash

Request headers

Host
tag.leadplace.fr
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://urlz.fr/b25j
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://urlz.fr/b25j

Response headers

Server
nginx/1.14.2
Date
Tue, 12 Nov 2019 08:02:38 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
X-IPLB-Instance
29923
pixel;r=1999390475;labels=Categories.hobbiesandinterests;rf=0;a=p-6Fv0cGNfc_bw8;url=http%3A%2F%2Furlz.fr%2Fb25j;ref=http%3A%2F%2Fu515372l2w.ha003.t.justns.ru%2Faru.php;fpan=0;fpa=P0-957367913-15735...
pixel.quantserve.com/ 		35 B
292 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://pixel.quantserve.com/pixel;r=1999390475;labels=Categories.hobbiesandinterests;rf=0;a=p-6Fv0cGNfc_bw8;url=http%3A%2F%2Furlz.fr%2Fb25j;ref=http%3A%2F%2Fu515372l2w.ha003.t.justns.ru%2Faru.php;fpan=0;fpa=P0-957367913-1573545756820;ns=0;ce=1;qjs=1;qv=4c19192-20180628134937;cm=;je=0;sr=1600x1200x24;enc=n;dst=1;et=1573545758149;tzo=-60;ogl=
Protocol
HTTP/1.1
Server
91.228.74.135 , United Kingdom, ASN27281 (QUANTCAST - Quantcast Corporation, US),
Reverse DNS
Software
QS /
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Request headers

Referer
http://urlz.fr/b25j
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Nov 2019 08:02:38 GMT
Server
QS
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
35
Expires
Fri, 04 Aug 1978 12:00:00 GMT
notifyme.php
adtrack.adleadevent.com/ 		0
517 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
Requested by
Host: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.240.24 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-228-240-24.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
http://urlz.fr/b25j
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Pragma
no-cache
Date
Tue, 12 Nov 2019 08:02:38 GMT
Content-Encoding
gzip
Last-Modified
Tue, 12 Nov 2019 08:02:38 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
http://urlz.fr
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
Expires
Sat, 26 Jul 1997 05:00:00 GMT
an_fire
s.cpx.to/
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D11528%26ref%3Dhttp%253A%252F%252Fu515372l2w.ha003.t.justns.ru%252Faru.php%26hn_ver%3D10%26fid%3D4df...
  • https://s.cpx.to/an_fire?app_nexus_uid=3657249567190608971&pid=11528&ref=http%3A%2F%2Fu515372l2w.ha003.t.justns.ru%2Faru.php&hn_ver=10&fid=4dfb2294-cef3-4bd9-864a-46e2fee18f37
95 B
865 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/an_fire?app_nexus_uid=3657249567190608971&pid=11528&ref=http%3A%2F%2Fu515372l2w.ha003.t.justns.ru%2Faru.php&hn_ver=10&fid=4dfb2294-cef3-4bd9-864a-46e2fee18f37
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.104.74 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-154-104-74.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
http://urlz.fr/b25j
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Tue, 12 Nov 2019 08:02:38 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Content-Length
95
Expires
Tue, 12 Nov 2019 08:02:38 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 12 Nov 2019 08:02:40 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 319.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.137:80
AN-X-Request-Uuid
7be43212-bbf6-4c61-86c7-d8cee6fa5378
Server
nginx/1.13.4
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://s.cpx.to/an_fire?app_nexus_uid=3657249567190608971&pid=11528&ref=http%3A%2F%2Fu515372l2w.ha003.t.justns.ru%2Faru.php&hn_ver=10&fid=4dfb2294-cef3-4bd9-864a-46e2fee18f37
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync.gif
dmp.truoptik.com/0362536315099b06/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.truoptik.com/0362536315099b06/sync.gif?cbk=https%3A%2F%2Fs.cpx.to%2Fsync&dsp=TRUOPTIK&fid=4dfb2294-cef3-4bd9-864a-46e2fee18f37&fck=6d0ae36f94ca411c&cbp=dsp_uid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.92.60 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://urlz.fr/b25j
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
sync
s.cpx.to/
Redirect Chain
  • https://ads.avocet.io/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Davocet%26dsp_uid%3D%7B%7BUUID%7D%7D%26fid%3D4dfb2294-cef3-4bd9-864a-46e2fee18f37
  • https://ads.avocet.io/getuid?bounce=true&url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Davocet%26dsp_uid%3D%7B%7BUUID%7D%7D%26fid%3D4dfb2294-cef3-4bd9-864a-46e2fee18f37
  • https://s.cpx.to/sync?dsp=avocet&dsp_uid=57864ce3-0fc2-4c13-9961-fa0eb8e1ef37&fid=4dfb2294-cef3-4bd9-864a-46e2fee18f37
95 B
879 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/sync?dsp=avocet&dsp_uid=57864ce3-0fc2-4c13-9961-fa0eb8e1ef37&fid=4dfb2294-cef3-4bd9-864a-46e2fee18f37
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.104.74 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-154-104-74.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
http://urlz.fr/b25j
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Tue, 12 Nov 2019 08:02:38 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Content-Length
95
Expires
Tue, 12 Nov 2019 08:02:38 GMT

Redirect headers

Location
https://s.cpx.to/sync?dsp=avocet&dsp_uid=57864ce3-0fc2-4c13-9961-fa0eb8e1ef37&fid=4dfb2294-cef3-4bd9-864a-46e2fee18f37
Date
Tue, 12 Nov 2019 08:02:38 GMT
Connection
keep-alive
P3p
policyref="http://cdn.avocet.io/w3c/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Content-Length
149
Content-Type
text/html; charset=utf-8
ca.png
s.cpx.to/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=4dfb2294-cef3-4bd9-864a-46e2fee18f37
  • https://s.cpx.to/ca.png?dsp=dbm&fid=4dfb2294-cef3-4bd9-864a-46e2fee18f37&google_gid=CAESEN3rT5rRS9PW4wDifkmjNgw&google_cver=1
95 B
804 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/ca.png?dsp=dbm&fid=4dfb2294-cef3-4bd9-864a-46e2fee18f37&google_gid=CAESEN3rT5rRS9PW4wDifkmjNgw&google_cver=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.104.74 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-154-104-74.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
http://urlz.fr/b25j
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Tue, 12 Nov 2019 08:02:38 GMT
X-Frame-Options
sameorigin
Content-Type
image/png
Cache-Control
no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
95

Redirect headers

pragma
no-cache
date
Tue, 12 Nov 2019 08:02:38 GMT
server
HTTP server (unknown)
status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://s.cpx.to/ca.png?dsp=dbm&fid=4dfb2294-cef3-4bd9-864a-46e2fee18f37&google_gid=CAESEN3rT5rRS9PW4wDifkmjNgw&google_cver=1
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
334
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
s.cpx.to/
Redirect Chain
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D4dfb2294-cef3-4bd9-864a-46e2fee18f37
  • https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=5FDCD0E7-0AB7-4EC7-85D6-B88C70CEE6F0&fid=4dfb2294-cef3-4bd9-864a-46e2fee18f37
95 B
881 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=5FDCD0E7-0AB7-4EC7-85D6-B88C70CEE6F0&fid=4dfb2294-cef3-4bd9-864a-46e2fee18f37
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.104.74 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-154-104-74.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
http://urlz.fr/b25j
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Tue, 12 Nov 2019 08:02:38 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Content-Length
95
Expires
Tue, 12 Nov 2019 08:02:38 GMT

Redirect headers

Location
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=5FDCD0E7-0AB7-4EC7-85D6-B88C70CEE6F0&fid=4dfb2294-cef3-4bd9-864a-46e2fee18f37
Date
Tue, 12 Nov 2019 08:02:38 GMT
X-Cnection
close
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Content-Length
448
Content-Type
text/html; charset=iso-8859-1
sync
s.cpx.to/
Redirect Chain
  • https://pool.grid-data.bidswitch.net/sync?pid=42
  • https://s.cpx.to/sync?dsp_uid=0ad07534-aa9b-4a66-b1b1-6c544eeb124f&dsp=BIDSWITCH
95 B
882 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/sync?dsp_uid=0ad07534-aa9b-4a66-b1b1-6c544eeb124f&dsp=BIDSWITCH
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.104.74 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-154-104-74.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
http://urlz.fr/b25j
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Tue, 12 Nov 2019 08:02:38 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Content-Length
95
Expires
Tue, 12 Nov 2019 08:02:38 GMT

Redirect headers

Location
https://s.cpx.to/sync?dsp_uid=0ad07534-aa9b-4a66-b1b1-6c544eeb124f&dsp=BIDSWITCH
Date
Tue, 12 Nov 2019 08:02:38 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
get_consent
c.sharethis.mgr.consensu.org/ 		13 B
404 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.sharethis.mgr.consensu.org/get_consent
Requested by
Host: player.pepsia.com
URL: http://player.pepsia.com/sdk.js?d=16e5ea2cda1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2156:ee00:c:a9b7:ddc0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
/
Resource Hash
38bc0f256821a9c0a02a1c0cedf8ff70c211e637ef77ac199de2fe0cf36ba9ec

Request headers

Sec-Fetch-Mode
cors
Referer
http://urlz.fr/b25j
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 12 Nov 2019 08:02:38 GMT
via
1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
status
200
etag
W/"d-+DingHfG0CPg0LypXw8zXfS4tGg"
vary
Origin,Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
http://urlz.fr
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-length
13
x-amz-cf-id
UwIqGDgKFHaaQU_oyhOXnpVxkoE9nLx0cld2KxzVAxWCtmmw3ECOeA==
indexv2.php
player.pepsia.com/V2/ 		170 B
412 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://player.pepsia.com/V2/indexv2.php?token=00I4&controls=1&autoplay=1&logo=true&volume=1&api=1&id=0&origin=http://urlz.fr&gdpr=1&d=16e5ea2cde0
Requested by
Host: player.pepsia.com
URL: http://player.pepsia.com/sdk.js?d=16e5ea2cda1
Protocol
HTTP/1.1
Server
5.179.192.20 Paris, France, ASN34235 (ASPSERVEUR-AS, FR),
Reverse DNS
5-179-192-20.dynamixhost.net
Software
nginx /
Resource Hash
89085930fdff263d643c4fa37f489efadd7d9f8361661113d67eb61aa7d6311a

Request headers

Referer
http://urlz.fr/b25j
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
http://urlz.fr
Date
Tue, 12 Nov 2019 08:02:38 GMT
Content-Encoding
gzip
Access-Control-Allow-Credentials
true
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
algov2.php
player.pepsia.com/V2/ 		1 KB
764 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://player.pepsia.com/V2/algov2.php?token=00I4&num=9&origin=http://urlz.fr&d=16e5ea2cde1
Requested by
Host: player.pepsia.com
URL: http://player.pepsia.com/sdk.js?d=16e5ea2cda1
Protocol
HTTP/1.1
Server
5.179.192.20 Paris, France, ASN34235 (ASPSERVEUR-AS, FR),
Reverse DNS
5-179-192-20.dynamixhost.net
Software
nginx /
Resource Hash
8171fc9e78678c5acbc7fe1003119b22e96303e8a1ddafc8b8c85c9708e50d43

Request headers

Referer
http://urlz.fr/b25j
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
http://urlz.fr
Date
Tue, 12 Nov 2019 08:02:38 GMT
Content-Encoding
gzip
Access-Control-Allow-Credentials
true
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Primary Request /
u515272l2h.ha003.t.justns.ru/arub/
Redirect Chain
  • http://u515272l2h.ha003.t.justns.ru/arub
  • http://u515272l2h.ha003.t.justns.ru/arub/
26 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://u515272l2h.ha003.t.justns.ru/arub/
Requested by
Host: u515392l2z.ha003.t.justns.ru
URL: http://u515392l2z.ha003.t.justns.ru/anes.php
Protocol
HTTP/1.1
Server
2a00:b700::1c , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
2ff1bdf30e44c54c12846a6a1c0e3adec55d958ee863cfc632eaca17bb7fd53d

Request headers

Host
u515272l2h.ha003.t.justns.ru
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://urlz.fr/b25j
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://urlz.fr/b25j

Response headers

Connection
close
Content-Type
text/html
Last-Modified
Mon, 11 Nov 2019 22:29:27 GMT
Etag
"689b-5dc9e0c7-c04a5504705dafa5;gz"
Accept-Ranges
bytes
Content-Encoding
gzip
Vary
Accept-Encoding,User-Agent
Content-Length
7467
Date
Tue, 12 Nov 2019 08:02:38 GMT
Server
LiteSpeed

Redirect headers

Connection
Keep-Alive
Content-Type
text/html
Content-Length
705
Date
Tue, 12 Nov 2019 08:02:38 GMT
Server
LiteSpeed
Location
http://u515272l2h.ha003.t.justns.ru/arub/
Vary
User-Agent
style.css
managehosting.aruba.it/ 		107 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://managehosting.aruba.it/style.css?v=30
Requested by
Host: u515272l2h.ha003.t.justns.ru
URL: http://u515272l2h.ha003.t.justns.ru/arub/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
62.149.188.175 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
da4fac6cbb3e9c910598b2b589f8f096e7ca40ceb0c67c877aef1943440489ed

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://u515272l2h.ha003.t.justns.ru/arub/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 08:02:37 GMT
Content-Encoding
gzip
Last-Modified
Thu, 03 Oct 2019 07:03:10 GMT
Server
Microsoft-IIS/8.5
ETag
"0b769db879d51:0"
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
18823
jquery-ui.css
managehosting.aruba.it/FullOrder/styles/ 		28 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://managehosting.aruba.it/FullOrder/styles/jquery-ui.css?v=10
Requested by
Host: u515272l2h.ha003.t.justns.ru
URL: http://u515272l2h.ha003.t.justns.ru/arub/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
62.149.188.175 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
f3950a0095e23d53c987e8b87e6a0e19fb4ddf366d17955485d7bc3a0dd31171

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://u515272l2h.ha003.t.justns.ru/arub/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 08:02:37 GMT
Content-Encoding
gzip
Last-Modified
Thu, 03 Oct 2019 07:02:56 GMT
Server
Microsoft-IIS/8.5
ETag
"0d01d95b879d51:0"
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
4794
top.css
managehosting.aruba.it/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://managehosting.aruba.it/top.css?v=19
Requested by
Host: u515272l2h.ha003.t.justns.ru
URL: http://u515272l2h.ha003.t.justns.ru/arub/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
62.149.188.175 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
61f3ab5cb6323e5b07b3d8607276eafbfd3dc3d79e5eff3f010eafb255c2a34d

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://u515272l2h.ha003.t.justns.ru/arub/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 08:02:37 GMT
Last-Modified
Thu, 03 Oct 2019 07:03:18 GMT
Server
Microsoft-IIS/8.5
Accept-Ranges
bytes
ETag
"0bf3aa2b879d51:0"
Content-Length
2167
Content-Type
text/css
Header.css
managehosting.aruba.it/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://managehosting.aruba.it/Header.css?v=11
Requested by
Host: u515272l2h.ha003.t.justns.ru
URL: http://u515272l2h.ha003.t.justns.ru/arub/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
62.149.188.175 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
62df96f95a40c8949188b078e2f2e735042b925310d55da80d4b729adbfb30f2

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://u515272l2h.ha003.t.justns.ru/arub/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 08:02:37 GMT
Content-Encoding
gzip
Last-Modified
Thu, 03 Oct 2019 07:03:12 GMT
Server
Microsoft-IIS/8.5
ETag
"038a79eb879d51:0"
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
1139
logo-aruba-hosting-domini_IT.png
managehosting.aruba.it/Images/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://managehosting.aruba.it/Images/logo-aruba-hosting-domini_IT.png
Requested by
Host: u515272l2h.ha003.t.justns.ru
URL: http://u515272l2h.ha003.t.justns.ru/arub/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
62.149.188.175 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
e35511e5b73bf18e0ac0199546aa298f8491bb66ef0069f973f4014e6370b78f

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://u515272l2h.ha003.t.justns.ru/arub/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 08:02:37 GMT
Last-Modified
Thu, 03 Oct 2019 07:03:12 GMT
Server
Microsoft-IIS/8.5
Accept-Ranges
bytes
ETag
"038a79eb879d51:0"
Content-Length
28973
Content-Type
image/png
Left.min.js
u515272l2h.ha003.t.justns.ru/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://u515272l2h.ha003.t.justns.ru/js/Left.min.js?v=13
Requested by
Host: u515272l2h.ha003.t.justns.ru
URL: http://u515272l2h.ha003.t.justns.ru/arub/
Protocol
HTTP/1.1
Server
2a00:b700::1c , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash

Request headers

Referer
http://u515272l2h.ha003.t.justns.ru/arub/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 08:02:38 GMT
Content-Encoding
gzip
Server
LiteSpeed
Connection
Keep-Alive
Content-Length
470
Vary
Accept-Encoding,User-Agent
Content-Type
text/html
main_separatore_5_5.gif
managehosting.aruba.it/image_main/ 		45 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://managehosting.aruba.it/image_main/main_separatore_5_5.gif
Requested by
Host: u515272l2h.ha003.t.justns.ru
URL: http://u515272l2h.ha003.t.justns.ru/arub/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
62.149.188.175 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
d9ad9ccafbc7696d83a75b36483dc07f3a1465c7d4443047f7d2803045435dcd

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://u515272l2h.ha003.t.justns.ru/arub/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 08:02:37 GMT
Last-Modified
Thu, 03 Oct 2019 07:03:10 GMT
Server
Microsoft-IIS/8.5
Accept-Ranges
bytes
ETag
"0b769db879d51:0"
Content-Length
45
Content-Type
image/gif
css
fonts.googleapis.com/
Redirect Chain
  • http://fonts.googleapis.com/css?family=Lato:400,700,300,300italic,700italic,400italic
  • https://fonts.googleapis.com/css?family=Lato:400,700,300,300italic,700italic,400italic
5 KB
613 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400,700,300,300italic,700italic,400italic
Requested by
Host: u515272l2h.ha003.t.justns.ru
URL: http://u515272l2h.ha003.t.justns.ru/arub/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
a862c88cd1979b64624f3b64f83c155ce868f0fd4280ebd445fc1d2ef4a02d39
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://u515272l2h.ha003.t.justns.ru/arub/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Tue, 12 Nov 2019 08:02:38 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Tue, 12 Nov 2019 08:02:38 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
expires
Tue, 12 Nov 2019 08:02:38 GMT

Redirect headers

Location
https://fonts.googleapis.com/css?family=Lato:400,700,300,300italic,700italic,400italic
Non-Authoritative-Reason
HSTS
jquery-ui.min.js
u515272l2h.ha003.t.justns.ru/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://u515272l2h.ha003.t.justns.ru/js/jquery-ui.min.js
Requested by
Host: u515272l2h.ha003.t.justns.ru
URL: http://u515272l2h.ha003.t.justns.ru/arub/
Protocol
HTTP/1.1
Server
2a00:b700::1c , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash

Request headers

Referer
http://u515272l2h.ha003.t.justns.ru/arub/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 08:02:38 GMT
Content-Encoding
gzip
Server
LiteSpeed
Connection
Keep-Alive
Content-Length
470
Vary
Accept-Encoding,User-Agent
Content-Type
text/html
jquery_blockUI.js
u515272l2h.ha003.t.justns.ru/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://u515272l2h.ha003.t.justns.ru/js/jquery_blockUI.js
Requested by
Host: u515272l2h.ha003.t.justns.ru
URL: http://u515272l2h.ha003.t.justns.ru/arub/
Protocol
HTTP/1.1
Server
2a00:b700::1c , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash

Request headers

Referer
http://u515272l2h.ha003.t.justns.ru/arub/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 08:02:38 GMT
Content-Encoding
gzip
Server
LiteSpeed
Connection
Keep-Alive
Content-Length
471
Vary
Accept-Encoding,User-Agent
Content-Type
text/html
grayLineFull.png
managehosting.aruba.it/Images/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://managehosting.aruba.it/Images/grayLineFull.png
Requested by
Host: u515272l2h.ha003.t.justns.ru
URL: http://u515272l2h.ha003.t.justns.ru/arub/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
62.149.188.175 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
f7d4f46e5b853727d9fe49f79faadb7c77d3235992542e1229b5c3f9cc1184a2

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://u515272l2h.ha003.t.justns.ru/arub/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 08:02:37 GMT
Last-Modified
Thu, 03 Oct 2019 07:03:12 GMT
Server
Microsoft-IIS/8.5
Accept-Ranges
bytes
ETag
"038a79eb879d51:0"
Content-Length
15030
Content-Type
image/png
logo-aruba-group.png
managehosting.aruba.it/Images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://managehosting.aruba.it/Images/logo-aruba-group.png
Requested by
Host: u515272l2h.ha003.t.justns.ru
URL: http://u515272l2h.ha003.t.justns.ru/arub/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
62.149.188.175 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
248e9cde92ebcc6a23a162784324e223736136514e580b06087deb58afa70696

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://u515272l2h.ha003.t.justns.ru/arub/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 08:02:37 GMT
Last-Modified
Thu, 03 Oct 2019 07:03:12 GMT
Server
Microsoft-IIS/8.5
Accept-Ranges
bytes
ETag
"038a79eb879d51:0"
Content-Length
2125
Content-Type
image/png
css
fonts.googleapis.com/ 		3 KB
482 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:300,400,700,900
Requested by
Host: u515272l2h.ha003.t.justns.ru
URL: http://u515272l2h.ha003.t.justns.ru/arub/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
3ba110c59f4fdd97a91d83fb41f2acfa25928f830382f45c3e0b8bb1082fc06a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://u515272l2h.ha003.t.justns.ru/arub/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Tue, 12 Nov 2019 08:02:38 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Tue, 12 Nov 2019 08:02:38 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
expires
Tue, 12 Nov 2019 08:02:38 GMT
icon-user.png
managehosting.aruba.it/image_top/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://managehosting.aruba.it/image_top/icon-user.png
Requested by
Host: u515272l2h.ha003.t.justns.ru
URL: http://u515272l2h.ha003.t.justns.ru/arub/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
62.149.188.175 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
a525f163e73542be1b82c5ae4e4beed74d137d56161ac5b02833a279ef6d9b61

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://managehosting.aruba.it/style.css?v=30
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 08:02:37 GMT
Last-Modified
Thu, 03 Oct 2019 07:03:16 GMT
Server
Microsoft-IIS/8.5
Accept-Ranges
bytes
ETag
"0929a1b879d51:0"
Content-Length
17393
Content-Type
image/png
icon-headset.png
managehosting.aruba.it/image_top/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://managehosting.aruba.it/image_top/icon-headset.png
Requested by
Host: u515272l2h.ha003.t.justns.ru
URL: http://u515272l2h.ha003.t.justns.ru/arub/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
62.149.188.175 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
bcedcafd81248b08cb428b22618a38866d0cee85b4e9ecd27ef734d0533e2792

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://managehosting.aruba.it/style.css?v=30
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 08:02:37 GMT
Last-Modified
Thu, 03 Oct 2019 07:03:16 GMT
Server
Microsoft-IIS/8.5
Accept-Ranges
bytes
ETag
"0929a1b879d51:0"
Content-Length
15413
Content-Type
image/png
expandable.png
managehosting.aruba.it/images/ 		841 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://managehosting.aruba.it/images/expandable.png
Requested by
Host: u515272l2h.ha003.t.justns.ru
URL: http://u515272l2h.ha003.t.justns.ru/arub/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
62.149.188.175 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
50c0214cab06f02e4e1501e2edd9e707dfcb1a6c3e1c38c05235b49dae984033

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://managehosting.aruba.it/style.css?v=30
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 08:02:37 GMT
Last-Modified
Thu, 03 Oct 2019 07:03:12 GMT
Server
Microsoft-IIS/8.5
Accept-Ranges
bytes
ETag
"038a79eb879d51:0"
Content-Length
841
Content-Type
image/png
S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v16/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v16/S6uyw4BMUTPHjx4wXiWtFCc.woff2
Requested by
Host: u515272l2h.ha003.t.justns.ru
URL: http://u515272l2h.ha003.t.justns.ru/arub/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Lato:300,400,700,900
Origin
http://u515272l2h.ha003.t.justns.ru
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 29 Oct 2019 23:36:28 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:45:55 GMT
server
sffe
age
1153570
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
14044
x-xss-protection
0
expires
Wed, 28 Oct 2020 23:36:28 GMT
chat-on.png
managehosting.aruba.it/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://managehosting.aruba.it/images/chat-on.png
Requested by
Host: u515272l2h.ha003.t.justns.ru
URL: http://u515272l2h.ha003.t.justns.ru/arub/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
62.149.188.175 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
673b727a2d9157fdfb603a6f1c4a417b790af5760cb916a8826dd81d158f6712

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://managehosting.aruba.it/style.css?v=30
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 08:02:37 GMT
Last-Modified
Thu, 03 Oct 2019 07:03:12 GMT
Server
Microsoft-IIS/8.5
Accept-Ranges
bytes
ETag
"038a79eb879d51:0"
Content-Length
1563
Content-Type
image/png
S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v16/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
Requested by
Host: u515272l2h.ha003.t.justns.ru
URL: http://u515272l2h.ha003.t.justns.ru/arub/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Lato:300,400,700,900
Origin
http://u515272l2h.ha003.t.justns.ru
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 31 Oct 2019 07:04:53 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:45:54 GMT
server
sffe
age
1040265
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
14176
x-xss-protection
0
expires
Fri, 30 Oct 2020 07:04:53 GMT
jquery-ui.min.js
u515272l2h.ha003.t.justns.ru/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://u515272l2h.ha003.t.justns.ru/js/jquery-ui.min.js
Requested by
Host: u515272l2h.ha003.t.justns.ru
URL: http://u515272l2h.ha003.t.justns.ru/arub/
Protocol
HTTP/1.1
Server
2a00:b700::1c , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash

Request headers

Referer
http://u515272l2h.ha003.t.justns.ru/arub/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 08:02:38 GMT
Content-Encoding
gzip
Server
LiteSpeed
Connection
Keep-Alive
Content-Length
470
Vary
Accept-Encoding,User-Agent
Content-Type
text/html
jquery_blockUI.js
u515272l2h.ha003.t.justns.ru/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://u515272l2h.ha003.t.justns.ru/js/jquery_blockUI.js
Requested by
Host: u515272l2h.ha003.t.justns.ru
URL: http://u515272l2h.ha003.t.justns.ru/arub/
Protocol
HTTP/1.1
Server
2a00:b700::1c , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash

Request headers

Referer
http://u515272l2h.ha003.t.justns.ru/arub/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 08:02:38 GMT
Content-Encoding
gzip
Server
LiteSpeed
Connection
Keep-Alive
Content-Length
471
Vary
Accept-Encoding,User-Agent
Content-Type
text/html

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
gum.criteo.com
URL
http://gum.criteo.com/sync?c=147&r=2&j=criteoCallback
Domain
c1.adform.net
URL
https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F10%2F7%2F3.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D1%26gdpr_consent%3D
Domain
ib.adnxs.com
URL
http://ib.adnxs.com/ut/v3/prebid
Domain
adtrack.adleadevent.com
URL
https://adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
Domain
script.4dex.io
URL
https://script.4dex.io/adagio.js
Domain
player.pepsia.com
URL
http://player.pepsia.com/V2/algov2.php?token=00I4&num=9&origin=http://urlz.fr&d=16e5ea2c89f
Domain
ads.avocet.io
URL
https://ads.avocet.io/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Davocet%26dsp_uid%3D%7B%7BUUID%7D%7D%26fid%3D135aa25c-e29f-4169-81d4-654b89909901
Domain
dmp.truoptik.com
URL
https://dmp.truoptik.com/0362536315099b06/sync.gif?cbk=https%3A%2F%2Fs.cpx.to%2Fsync&dsp=TRUOPTIK&fid=135aa25c-e29f-4169-81d4-654b89909901&fck=6d0ae36f94ca411c&cbp=dsp_uid
Domain
s.cpx.to
URL
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=5FDCD0E7-0AB7-4EC7-85D6-B88C70CEE6F0&fid=135aa25c-e29f-4169-81d4-654b89909901
Domain
s.cpx.to
URL
https://s.cpx.to/an_fire?app_nexus_uid=4431029072485742255&pid=11528&ref=http%3A%2F%2Fu515392l2z.ha003.t.justns.ru%2Fanes.php&hn_ver=10&fid=135aa25c-e29f-4169-81d4-654b89909901
Domain
s.cpx.to
URL
https://s.cpx.to/ca.png?dsp=dbm&fid=135aa25c-e29f-4169-81d4-654b89909901&google_gid=CAESEN3rT5rRS9PW4wDifkmjNgw&google_cver=1
Domain
s.cpx.to
URL
https://s.cpx.to/sync?dsp_uid=0ad07534-aa9b-4a66-b1b1-6c544eeb124f&dsp=BIDSWITCH
Domain
ads.themoneytizer.com
URL
https://ads.themoneytizer.com/moneybid2_31/build/dist/prebid.js
Domain
id5-sync.com
URL
https://id5-sync.com/c/12/101/6/4.gif?puid=75d41281-0afb-4dfa-9153-a60d873a5393&gdpr=1&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Aruba (Online)

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| OnSubmitForm function| GetLinkToRedirect

0 Cookies

2 Console Messages

Source Level URL
Text
console-api error URL: http://player.pepsia.com/sdk.js?d=16e5ea2c830(Line 4)
Message:
%c Pepsia.com Player #0 background: #ccc; color: #2176ff Site Désactivé !
console-api error URL: http://player.pepsia.com/sdk.js?d=16e5ea2cda1(Line 4)
Message:
%c Pepsia.com Player #0 background: #ccc; color: #2176ff Site Désactivé !

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.avocet.io
ads.stickyadstv.com
ads.themoneytizer.com
adtrack.adleadevent.com
ajax.cloudflare.com
ajax.googleapis.com
c.sharethis.mgr.consensu.org
c1.adform.net
ced-ns.sascdn.com
cm.g.doubleclick.net
d2zur9cc2gf1tx.cloudfront.net
dmp.truoptik.com
edge.quantserve.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g.themoneytizer.net
gum.criteo.com
ib.adnxs.com
ice.360yield.com
id5-sync.com
image2.pubmatic.com
managehosting.aruba.it
onetag-sys.com
p.cpx.to
pixel.quantserve.com
player.pepsia.com
pool.grid-data.bidswitch.net
rules.quantcount.com
s.cpx.to
script.4dex.io
secure.adnxs.com
tag.contextweb.com
tag.leadplace.fr
u515272l2h.ha003.t.justns.ru
u515372l2w.ha003.t.justns.ru
u515392l2z.ha003.t.justns.ru
urlz.fr
ww1097.smartadserver.com
www.noowho.com
ads.avocet.io
ads.themoneytizer.com
adtrack.adleadevent.com
c1.adform.net
dmp.truoptik.com
gum.criteo.com
ib.adnxs.com
id5-sync.com
player.pepsia.com
s.cpx.to
script.4dex.io
104.16.92.60
13.224.197.103
143.204.101.85
145.239.193.145
145.239.193.51
151.139.241.23
172.217.21.194
178.250.0.157
18.185.45.212
185.33.223.204
185.64.189.110
185.86.137.17
2.18.234.233
2600:9000:20eb:7e00:6:44e3:f8c0:93a1
2600:9000:2156:dc00:6:44e3:f8c0:93a1
2600:9000:2156:ee00:c:a9b7:ddc0:93a1
2606:4700:300a::6813:c397
2606:4700:30::681c:102a
2606:4700:31::681f:bb2
2a00:1450:4001:817::200a
2a00:1450:4001:820::200a
2a00:1450:4001:821::2003
2a00:b700::1c
2a00:b700::29
2a02:2638::1c
37.252.173.27
5.179.192.20
51.89.9.253
52.214.122.164
52.29.14.143
54.154.104.74
54.228.240.24
62.149.188.175
68.232.35.16
69.173.144.141
74.214.194.132
91.228.74.135
91.228.74.248
94.23.196.203
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
0f8d87d2e1e09cfc35b52acfd4f145a48151ab766cb81dc23e604244490766cd
248e9cde92ebcc6a23a162784324e223736136514e580b06087deb58afa70696
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
2ff1bdf30e44c54c12846a6a1c0e3adec55d958ee863cfc632eaca17bb7fd53d
38bc0f256821a9c0a02a1c0cedf8ff70c211e637ef77ac199de2fe0cf36ba9ec
3ba110c59f4fdd97a91d83fb41f2acfa25928f830382f45c3e0b8bb1082fc06a
404a9b0ffbcc813e8ddbb8d8510a24a69c09079282f8083ee94f4adc5d627176
46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681
50c0214cab06f02e4e1501e2edd9e707dfcb1a6c3e1c38c05235b49dae984033
5d75cb22fb7ce2ed873ad964147b5b2ee585ed75096219f3082f4727444e5553
61f3ab5cb6323e5b07b3d8607276eafbfd3dc3d79e5eff3f010eafb255c2a34d
62df96f95a40c8949188b078e2f2e735042b925310d55da80d4b729adbfb30f2
673b727a2d9157fdfb603a6f1c4a417b790af5760cb916a8826dd81d158f6712
759d88dd7c8fa0d1e31323bd2ebf3f238156fdcbd1ed108215f69fece482d0c2
7665c874bc98e44bd494def2883069f2f4c14cdef48d52d517cbbfce75440f37
7ebb1042972496d60bb6555b9622f7e23201bbfe5d25b33d1096f1b61d659045
8171fc9e78678c5acbc7fe1003119b22e96303e8a1ddafc8b8c85c9708e50d43
89085930fdff263d643c4fa37f489efadd7d9f8361661113d67eb61aa7d6311a
8c8543047af01eee8aec752d049f35aff3abc468628af82f9585117411786d8c
90e6f92e956b0b2b6e655f63d36cd44cef727f54c2b2a175ab5144de14ba2a31
94666aec361fee9a9294bb32a5bc11867e479d41c199dd6ec8053122ae105a4b
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1246b5783fa45fe5ec2a54b0884c104cca184912ec03527a4ef74bf962bd590
a525f163e73542be1b82c5ae4e4beed74d137d56161ac5b02833a279ef6d9b61
a862c88cd1979b64624f3b64f83c155ce868f0fd4280ebd445fc1d2ef4a02d39
afa9fb95b610a889e744ede0461b995ff3ab0ed1d517f1d47b3a4c797ec070c8
b2b0a3d2004731e3aab3d2b6624f9404e66b42d30c3333de4557fe5610c5f304
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213
bcedcafd81248b08cb428b22618a38866d0cee85b4e9ecd27ef734d0533e2792
bf0e17523e8f57ccb02223b6e5adea462a5479afc4e79d9cbf80ca7f6186dc69
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
d9ad9ccafbc7696d83a75b36483dc07f3a1465c7d4443047f7d2803045435dcd
da4fac6cbb3e9c910598b2b589f8f096e7ca40ceb0c67c877aef1943440489ed
e210f56421f422144d56bc89278101007da57f4533e3c0788ba82a9d49170cdc
e35511e5b73bf18e0ac0199546aa298f8491bb66ef0069f973f4014e6370b78f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e74d4b9c447f963778d2309bf36b2c9acd06d8c7096f9a98b28643cae53f426b
eefd2db4e7a8161a741cb93383a3e0c5b3443bb4ae02e82461d2feb5e9f43286
f3950a0095e23d53c987e8b87e6a0e19fb4ddf366d17955485d7bc3a0dd31171
f7d4f46e5b853727d9fe49f79faadb7c77d3235992542e1229b5c3f9cc1184a2
fcbae18825d52376d32deb98bdc1a8f7bb517dce83afb11ea0335670b66eea8a