urlz.fr Open in urlscan Pro
2606:4700:3038::6815:ead6  Malicious Activity! Public Scan

URL: https://urlz.fr/iMRN
Submission: On July 13 via manual from ES — Scanned from GB

Summary

This website contacted 94 IPs in 9 countries across 71 domains to perform 230 HTTP transactions. The main IP is 2606:4700:3038::6815:ead6, located in United States and belongs to CLOUDFLARENET, US. The main domain is urlz.fr. The Cisco Umbrella rank of the primary domain is 731366.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 11th 2022. Valid for: a year.
This is the only time urlz.fr was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Santander (Banking)

Domain & IP information

IP Address AS Autonomous System
2 2606:4700:303... 13335 (CLOUDFLAR...)
16 162.222.225.250 46606 (UNIFIEDLA...)
1 2a00:1450:400... 15169 (GOOGLE)
12 2a02:6ea0:c70... 60068 (CDN77 ^_^)
1 2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 2001:4de0:ac1... 20446 (STACKPATH...)
1 2600:9000:206... 16509 (AMAZON-02)
6 2a00:1450:400... 15169 (GOOGLE)
6 54.38.64.100 16276 (OVH)
1 193.108.153.18 20940 (AKAMAI-ASN1)
2 5 2a02:2638:1::13 44788 (ASN-CRITE...)
7 2606:4700:10:... 13335 (CLOUDFLAR...)
1 145.239.192.166 16276 (OVH)
2 51.89.9.251 16276 (OVH)
2 2620:116:800d... 16509 (AMAZON-02)
1 18.200.85.0 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 65.9.58.78 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 65.9.71.118 16509 (AMAZON-02)
4 5.39.39.157 16276 (OVH)
1 2600:9000:206... 16509 (AMAZON-02)
4 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2600:9000:206... 16509 (AMAZON-02)
2 151.101.129.194 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
2 8 185.89.211.12 29990 (ASN-APPNEX)
4 6 142.250.184.194 15169 (GOOGLE)
2 35.71.131.137 16509 (AMAZON-02)
2 2 52.30.130.246 16509 (AMAZON-02)
1 1 18.156.126.13 16509 (AMAZON-02)
1 1 2.18.233.201 16625 (AKAMAI-AS)
2 2a00:1450:400... 15169 (GOOGLE)
1 54.246.7.169 16509 (AMAZON-02)
1 2600:9000:215... 16509 (AMAZON-02)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
3 63.33.125.230 16509 (AMAZON-02)
3 141.95.98.69 16276 (OVH)
3 178.250.0.157 44788 (ASN-CRITE...)
1 54.228.188.96 16509 (AMAZON-02)
1 142.250.185.98 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 8 54.155.174.150 16509 (AMAZON-02)
1 65.9.66.93 16509 (AMAZON-02)
1 1 185.89.210.141 29990 (ASN-APPNEX)
2 3 185.86.137.133 201081 (SMARTADSE...)
1 185.64.189.110 62713 (AS-PUBMATIC)
1 3 52.18.239.113 16509 (AMAZON-02)
8 52.28.203.152 16509 (AMAZON-02)
1 185.255.84.151 200271 (IGUANE-)
1 54.217.246.116 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 147.75.85.234 54825 (PACKET)
1 185.184.10.30 203690 (RTB-HOUSE...)
1 188.42.191.196 7979 (SERVERS-COM)
1 135.125.180.63 16276 (OVH)
1 50.31.142.159 23352 (SERVERCEN...)
1 52.212.135.106 16509 (AMAZON-02)
4 157.90.3.144 24940 (HETZNER-AS)
1 37.157.4.29 198622 (ADFORM)
2 35.156.213.239 16509 (AMAZON-02)
1 2602:803:c004... 26667 (RUBICONPR...)
3 178.250.0.165 44788 (ASN-CRITE...)
1 2 5.178.65.246 50673 (SERVERIUS-AS)
4 3.127.126.125 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:206... 16509 (AMAZON-02)
2 2a02:2638:1::3 44788 (ASN-CRITE...)
1 2a00:1450:400... 15169 (GOOGLE)
1 185.255.84.153 200271 (IGUANE-)
3 178.250.2.83 44788 (ASN-CRITE...)
1 2a00:1450:400... 15169 (GOOGLE)
2 178.250.0.139 44788 (ASN-CRITE...)
1 178.250.0.160 44788 (ASN-CRITE...)
1 2600:9000:223... 16509 (AMAZON-02)
8 185.86.137.17 201081 (SMARTADSE...)
1 2a00:1450:400... 15169 (GOOGLE)
1 52.19.186.186 16509 (AMAZON-02)
3 3 18.194.211.85 16509 (AMAZON-02)
2 2 18.197.160.167 16509 (AMAZON-02)
1 1 141.226.228.48 200478 (TABOOLA-AS)
1 116.202.37.36 24940 (HETZNER-AS)
3 151.101.65.108 54113 (FASTLY)
9 185.89.210.180 29990 (ASN-APPNEX)
3 3.68.4.6 16509 (AMAZON-02)
3 151.101.1.108 54113 (FASTLY)
2 88.221.168.189 16625 (AKAMAI-AS)
1 1 104.92.74.8 16625 (AKAMAI-AS)
2 104.89.20.125 16625 (AKAMAI-AS)
2 2a02:26f0:ef:... 20940 (AKAMAI-ASN1)
2 6 144.76.104.53 24940 (HETZNER-AS)
5 6 69.173.144.165 ()
2 4 69.173.144.139 ()
1 2620:1ec:21::14 ()
2 3 52.95.118.179 ()
1 1 2a05:d018:d29... ()
1 2a00:1288:80:... ()
2 3 209.54.182.161 ()
2 88.99.65.215 ()
1 2 104.111.239.217 ()
1 185.85.15.23 ()
230 94
Apex Domain
Subdomains
Transfer
26 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 257
secure.adnxs.com — Cisco Umbrella Rank: 436
cdn.adnxs.com — Cisco Umbrella Rank: 1475
ams3-ib.adnxs.com — Cisco Umbrella Rank: 6559
acdn.adnxs.com — Cisco Umbrella Rank: 623
crcdn01.adnxs.com — Cisco Umbrella Rank: 8964
346 KB
16 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 1179
fastlane.rubiconproject.com — Cisco Umbrella Rank: 549
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1165
eus.rubiconproject.com — Cisco Umbrella Rank: 630
pixel-eu.rubiconproject.com
token.rubiconproject.com
pixel.rubiconproject.com
17 KB
16 aohospitality.in
aohospitality.in
875 KB
15 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 410
mug.criteo.com — Cisco Umbrella Rank: 2434
bidder.criteo.com — Cisco Umbrella Rank: 757
ssp-sync.criteo.com — Cisco Umbrella Rank: 1546
cat.fr.eu.criteo.com — Cisco Umbrella Rank: 8655
14 KB
13 missena.io
ad.missena.io — Cisco Umbrella Rank: 218060
events.missena.io — Cisco Umbrella Rank: 255875
chat.missena.io — Cisco Umbrella Rank: 290862
sync.missena.io — Cisco Umbrella Rank: 261400
bid.missena.io — Cisco Umbrella Rank: 299699
77 KB
12 themoneytizer.com
ads.themoneytizer.com — Cisco Umbrella Rank: 28692
232 KB
11 smartadserver.com
sync.smartadserver.com — Cisco Umbrella Rank: 1640
ww1097.smartadserver.com — Cisco Umbrella Rank: 28596
eqx.smartadserver.com — Cisco Umbrella Rank: 21919
7 KB
10 yahoo.com
c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 1040
pr-bh.ybp.yahoo.com
ads.yahoo.com
2 KB
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 128
tpc.googlesyndication.com — Cisco Umbrella Rank: 166
210 KB
8 doubleclick.net
cm.g.doubleclick.net — Cisco Umbrella Rank: 223
googleads.g.doubleclick.net — Cisco Umbrella Rank: 67
11 KB
8 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 340
aax-eu.amazon-adsystem.com
s.amazon-adsystem.com
46 KB
7 ad-srv.net
tm.ad-srv.net — Cisco Umbrella Rank: 82202
ad.ad-srv.net — Cisco Umbrella Rank: 33058
ad22.ad-srv.net
9 KB
7 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 1822
mwzeom.zeotap.com — Cisco Umbrella Rank: 1465
22 KB
6 tmyzer.com
c.tmyzer.com — Cisco Umbrella Rank: 27379
2 KB
6 adxcore.com
ad.adxcore.com — Cisco Umbrella Rank: 358974
l.adxcore.com — Cisco Umbrella Rank: 417512
188 KB
5 pbstck.com
boot.pbstck.com — Cisco Umbrella Rank: 8990
cdn.pbstck.com — Cisco Umbrella Rank: 10548
intake.pbstck.com — Cisco Umbrella Rank: 9089
53 KB
4 criteo.net
static.criteo.net — Cisco Umbrella Rank: 649
pix.eu.criteo.net — Cisco Umbrella Rank: 6709
68 KB
4 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 1350
433 B
4 richaudience.com
shb.richaudience.com — Cisco Umbrella Rank: 5332
905 B
4 cpx.to
p.cpx.to — Cisco Umbrella Rank: 9467
s.cpx.to — Cisco Umbrella Rank: 2606
5 KB
3 clarium.io
protected-by.clarium.io — Cisco Umbrella Rank: 1913
1 KB
3 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 315
2 KB
3 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 593
2 KB
3 4dex.io
script.4dex.io — Cisco Umbrella Rank: 2724
mp.4dex.io — Cisco Umbrella Rank: 3757
24 KB
3 sascdn.com
ced.sascdn.com — Cisco Umbrella Rank: 9390
ced-ns.sascdn.com — Cisco Umbrella Rank: 3106
48 KB
2 awin1.com
www.awin1.com
1 KB
2 contentspread.net
cdn.contentspread.net
2 KB
2 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 1054
1 KB
2 e-planning.net
pbjs.e-planning.net — Cisco Umbrella Rank: 7395
1 KB
2 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 4790
visitor.omnitagjs.com — Cisco Umbrella Rank: 1382
807 B
2 google.com
adservice.google.com — Cisco Umbrella Rank: 103
www.google.com — Cisco Umbrella Rank: 17
2 KB
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 213
2 KB
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 399
529 B
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 350
fonts.googleapis.com — Cisco Umbrella Rank: 81
31 KB
2 fastly.net
confiant-integrations.global.ssl.fastly.net — Cisco Umbrella Rank: 1441
81 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 69
20 KB
2 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1149
pixel.quantserve.com — Cisco Umbrella Rank: 489
10 KB
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 849
354 B
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 695
66 KB
2 urlz.fr
urlz.fr — Cisco Umbrella Rank: 731366
7 KB
1 kaspersky.com
media.kaspersky.com
1 linkedin.com
px.ads.linkedin.com
708 B
1 taboola.com
sync.taboola.com — Cisco Umbrella Rank: 1100
227 B
1 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 540
430 B
1 gstatic.com
fonts.gstatic.com
13 KB
1 imrworldwide.com
secure-gl.imrworldwide.com — Cisco Umbrella Rank: 1513
690 B
1 qccerttest.com
pxl.qccerttest.com
541 B
1 adform.net
adx.adform.net — Cisco Umbrella Rank: 3780
404 B
1 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 2160
669 B
1 zemanta.com
b1h.zemanta.com — Cisco Umbrella Rank: 4286
113 B
1 impactify.media
sonic.impactify.media — Cisco Umbrella Rank: 9067
362 B
1 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 2431
903 B
1 creativecdn.com
prebid-us.creativecdn.com — Cisco Umbrella Rank: 12988
169 B
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1345
165 B
1 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 692
365 B
1 pubmatic.com
image2.pubmatic.com — Cisco Umbrella Rank: 1037
225 B
1 google.co.uk
adservice.google.co.uk — Cisco Umbrella Rank: 4409
792 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 957
640 B
1 adleadevent.com
adtrack.adleadevent.com — Cisco Umbrella Rank: 31827
518 B
1 prebid.org
currency.prebid.org — Cisco Umbrella Rank: 27970
2 KB
1 mathtag.com
pixel.mathtag.com — Cisco Umbrella Rank: 1130
754 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 492
530 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1093
1 KB
1 quantcast.com
cmp.quantcast.com — Cisco Umbrella Rank: 4594
47 KB
1 cloudfront.net
d2zur9cc2gf1tx.cloudfront.net
26 KB
1 leadplace.fr
tag.leadplace.fr — Cisco Umbrella Rank: 29787
6 KB
1 consensu.org
quantcast.mgr.consensu.org — Cisco Umbrella Rank: 2581
2 KB
1 adaccess.fr
adaccess.fr — Cisco Umbrella Rank: 438796
2 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 101
40 KB
0 smilewanted.com Failed
prebid.smilewanted.com Failed
0 sddan.com Failed
kvt.sddan.com Failed
230 71
Domain Requested by
16 aohospitality.in urlz.fr
aohospitality.in
12 ads.themoneytizer.com urlz.fr
ads.themoneytizer.com
9 ams3-ib.adnxs.com urlz.fr
cdn.adnxs.com
8 c2shb.pubgw.yahoo.com ads.themoneytizer.com
8 ib.adnxs.com 2 redirects ads.themoneytizer.com
acdn.adnxs.com
7 ww1097.smartadserver.com ced.sascdn.com
7 events.missena.io 1 redirects ad.missena.io
chat.missena.io
6 cm.g.doubleclick.net 4 redirects eus.rubiconproject.com
6 c.tmyzer.com ads.themoneytizer.com
6 pagead2.googlesyndication.com ad.adxcore.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
5 token.rubiconproject.com 5 redirects
5 mwzeom.zeotap.com
5 gum.criteo.com 2 redirects ads.themoneytizer.com
static.criteo.net
4 pixel.rubiconproject.com 2 redirects eus.rubiconproject.com
4 ad.ad-srv.net 2 redirects urlz.fr
ad.ad-srv.net
4 btlr.sharethrough.com ads.themoneytizer.com
4 shb.richaudience.com ads.themoneytizer.com
4 l.adxcore.com
3 s.amazon-adsystem.com 2 redirects eus.rubiconproject.com
3 aax-eu.amazon-adsystem.com 2 redirects eus.rubiconproject.com
3 intake.pbstck.com urlz.fr
3 acdn.adnxs.com urlz.fr
3 protected-by.clarium.io urlz.fr
3 cdn.adnxs.com urlz.fr
3 x.bidswitch.net 3 redirects
3 ssp-sync.criteo.com static.criteo.net
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
3 bidder.criteo.com ads.themoneytizer.com
static.criteo.net
3 sync.missena.io 1 redirects
3 sync.smartadserver.com 2 redirects
3 mug.criteo.com
3 id5-sync.com ads.themoneytizer.com
ced.sascdn.com
3 s.cpx.to p.cpx.to
2 www.awin1.com 1 redirects ad.ad-srv.net
2 cdn.contentspread.net ad.ad-srv.net
2 ad22.ad-srv.net ad.ad-srv.net
2 ced-ns.sascdn.com urlz.fr
2 eus.rubiconproject.com urlz.fr
eus.rubiconproject.com
2 crcdn01.adnxs.com urlz.fr
2 rtb.mfadsrvr.com 2 redirects
2 pix.eu.criteo.net
2 static.criteo.net chat.missena.io
ads.themoneytizer.com
2 pbjs.e-planning.net 1 redirects
2 prebid-server.rubiconproject.com ads.themoneytizer.com
2 script.4dex.io ad.adxcore.com
script.4dex.io
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 dpm.demdex.net 2 redirects
2 match.adsrvr.org
2 confiant-integrations.global.ssl.fastly.net ads.themoneytizer.com
confiant-integrations.global.ssl.fastly.net
2 c.amazon-adsystem.com ad.adxcore.com
c.amazon-adsystem.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 onetag-sys.com ads.themoneytizer.com
2 spl.zeotap.com ads.themoneytizer.com
spl.zeotap.com
2 code.jquery.com aohospitality.in
2 ad.adxcore.com 1 redirects ad.adxcore.com
2 urlz.fr urlz.fr
1 media.kaspersky.com ad.ad-srv.net
1 ads.yahoo.com eus.rubiconproject.com
1 pr-bh.ybp.yahoo.com 1 redirects
1 px.ads.linkedin.com eus.rubiconproject.com
1 pixel-eu.rubiconproject.com eus.rubiconproject.com
1 eqx.smartadserver.com
1 secure-assets.rubiconproject.com 1 redirects
1 tm.ad-srv.net urlz.fr
1 sync.taboola.com 1 redirects
1 match.prod.bidr.io
1 fonts.gstatic.com fonts.googleapis.com
1 secure-gl.imrworldwide.com
1 cat.fr.eu.criteo.com
1 fonts.googleapis.com client
1 visitor.omnitagjs.com ad.missena.io
1 www.google.com tpc.googlesyndication.com
1 bid.missena.io chat.missena.io
1 pixel.quantserve.com
1 pxl.qccerttest.com
1 fastlane.rubiconproject.com ads.themoneytizer.com
1 adx.adform.net ads.themoneytizer.com
1 ads.servenobid.com ads.themoneytizer.com
1 b1h.zemanta.com ads.themoneytizer.com
1 sonic.impactify.media ads.themoneytizer.com
1 ads.betweendigital.com ads.themoneytizer.com
1 prebid-us.creativecdn.com ads.themoneytizer.com
1 prebid.a-mo.net ads.themoneytizer.com
1 mp.4dex.io ads.themoneytizer.com
1 ad.360yield.com ads.themoneytizer.com
1 hb-api.omnitagjs.com ads.themoneytizer.com
1 image2.pubmatic.com
1 secure.adnxs.com 1 redirects
1 chat.missena.io ad.missena.io
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.co.uk pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 adtrack.adleadevent.com ajax.googleapis.com
1 currency.prebid.org ad.adxcore.com
1 ad.missena.io ad.adxcore.com
1 pixel.mathtag.com 1 redirects
1 aa.agkn.com 1 redirects
1 ajax.googleapis.com d2zur9cc2gf1tx.cloudfront.net
1 rules.quantcount.com secure.quantserve.com
1 cdn.pbstck.com boot.pbstck.com
1 cmp.quantcast.com quantcast.mgr.consensu.org
1 d2zur9cc2gf1tx.cloudfront.net ads.themoneytizer.com
1 boot.pbstck.com ads.themoneytizer.com
1 p.cpx.to ads.themoneytizer.com
1 secure.quantserve.com ads.themoneytizer.com
1 tag.leadplace.fr ads.themoneytizer.com
1 ced.sascdn.com ads.themoneytizer.com
1 quantcast.mgr.consensu.org urlz.fr
1 adaccess.fr urlz.fr
1 www.googletagmanager.com urlz.fr
0 prebid.smilewanted.com Failed ads.themoneytizer.com
0 kvt.sddan.com Failed ads.themoneytizer.com
230 112

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-06-11 -
2023-06-11
a year crt.sh
aohospitality.in
R3
2022-05-27 -
2022-08-25
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2022-06-27 -
2022-09-19
3 months crt.sh
1266287590.rsc.cdn77.org
R3
2022-05-24 -
2022-08-22
3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2021-07-14 -
2022-08-14
a year crt.sh
*.cmp.quantcast.com
R3
2022-06-24 -
2022-09-22
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
c.tmyzer.com
R3
2022-05-30 -
2022-08-28
3 months crt.sh
*.sascdn.com
DigiCert SHA2 Secure Server CA
2021-09-13 -
2022-09-13
a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-06-15 -
2022-09-18
3 months crt.sh
*.leadplace.fr
Gandi Standard SSL CA 2
2021-09-12 -
2022-09-12
a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-01-10 -
2023-01-03
a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1
2021-09-22 -
2022-09-21
a year crt.sh
p.cpx.to
Sectigo RSA Domain Validation Secure Server CA
2022-01-13 -
2023-01-13
a year crt.sh
pbstck.com
Cloudflare Inc ECC CA-3
2022-07-04 -
2023-07-04
a year crt.sh
*.cloudfront.net
Amazon
2022-02-01 -
2023-01-31
a year crt.sh
c.amazon-adsystem.com
Amazon
2022-05-09 -
2023-04-18
a year crt.sh
*.adxcore.com
Gandi Standard SSL CA 2
2022-01-25 -
2023-02-25
a year crt.sh
*.freetls.fastly.net
GlobalSign Atlas R3 DV TLS CA 2022 Q2
2022-05-04 -
2023-06-05
a year crt.sh
upload.video.google.com
GTS CA 1C3
2022-06-27 -
2022-09-19
3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2022-03-31 -
2023-05-02
a year crt.sh
*.missena.io
Amazon
2022-05-04 -
2023-06-02
a year crt.sh
*.prebid.org
Amazon
2021-08-28 -
2022-09-26
a year crt.sh
s.cpx.to
Sectigo RSA Domain Validation Secure Server CA
2022-01-17 -
2023-01-17
a year crt.sh
*.id5-sync.com
R3
2022-05-31 -
2022-08-29
3 months crt.sh
adtrack.adleadevent.com
Amazon
2022-06-13 -
2023-07-12
a year crt.sh
*.googleadservices.com
GTS CA 1C3
2022-06-27 -
2022-09-19
3 months crt.sh
*.google.co.uk
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
*.google.com
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1
2021-08-04 -
2022-09-04
a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2022-03-08 -
2022-08-31
6 months crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA
2022-06-21 -
2023-07-21
a year crt.sh
*.360yield.com
Amazon
2022-06-28 -
2023-07-27
a year crt.sh
*.a-mo.net
R3
2022-07-04 -
2022-10-02
3 months crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1
2022-03-17 -
2023-04-12
a year crt.sh
*.ads.betweendigital.com
Sectigo RSA Domain Validation Secure Server CA
2021-12-15 -
2023-01-15
a year crt.sh
*.impactify.media
Go Daddy Secure Certificate Authority - G2
2021-12-07 -
2022-12-05
a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2022-02-11 -
2023-03-14
a year crt.sh
*.zemanta.com
DigiCert TLS RSA SHA256 2020 CA1
2021-07-29 -
2022-08-29
a year crt.sh
ads.servenobid.com
Amazon
2022-05-29 -
2023-06-27
a year crt.sh
*.richaudience.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1
2022-03-11 -
2023-03-10
a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1
2021-09-06 -
2022-10-07
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2022-03-08 -
2023-04-04
a year crt.sh
*.sharethrough.com
Amazon
2021-08-13 -
2022-09-11
a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
qccerttest.com
Amazon
2022-04-04 -
2023-05-03
a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-06-21 -
2022-09-23
3 months crt.sh
www.google.com
GTS CA 1C3
2022-06-27 -
2022-09-19
3 months crt.sh
*.eu.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-06-12 -
2022-09-12
3 months crt.sh
*.imrworldwide.com
DigiCert TLS RSA SHA256 2020 CA1
2022-01-04 -
2023-02-03
a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-01-25 -
2023-01-25
a year crt.sh
*.gstatic.com
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
*.match.prod.bidr.io
Amazon
2022-01-27 -
2023-02-25
a year crt.sh
ad-srv.net
R3
2022-05-30 -
2022-08-28
3 months crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1
2022-03-11 -
2023-04-11
a year crt.sh
protected-by.clarium.io
Gandi Standard SSL CA 2
2022-04-10 -
2023-04-26
a year crt.sh
contentspread.net
R3
2022-06-03 -
2022-09-01
3 months crt.sh
www.awin1.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-04-18 -
2023-04-19
a year crt.sh

This page contains 20 frames:

Primary Page: https://urlz.fr/iMRN
Frame ID: 84C1FEEE1F4C0467168E132A8DB5B0F1
Requests: 147 HTTP requests in this frame

Frame: https://aohospitality.in/Continuar/elnuevo/laseguridad/
Frame ID: 93BC8E89E420BADB9839E540F890DE0C
Requests: 6 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1657737455841
Frame ID: D77399B61DFFBC4E4B299019D94C0716
Requests: 1 HTTP requests in this frame

Frame: https://aohospitality.in/Continuar/elnuevo/laseguridad/
Frame ID: 497FD1A61D9469308721C18CB0B8E613
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220707/r20190131/zrt_lookup.html
Frame ID: 6CC1D6F2244D99A54E8BDDFF84654424
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7358337023487108&output=html&adk=1812271804&adf=3025194257&lmt=1657737456&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&plas=500x1080_l%7C500x1080_r&format=0x0&url=https%3A%2F%2Furlz.fr%2FiMRN&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657737456152&bpp=3&bdt=1717&idt=329&shv=r20220707&mjsv=m202207070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6345382621639&frm=20&pv=2&ga_vid=492860173.1657737456&ga_sid=1657737456&ga_hid=832506815&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C31068196%2C44766069%2C42531608&oid=2&pvsid=1556601588032590&tmod=1590345463&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=350
Frame ID: 61B0B197D74A106C6A5F1140681DD1A1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5A64C432939DBD1D73DB93C5478C6BFA
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4AB675C75EBEC352135B07D5CA022E5E
Requests: 2 HTTP requests in this frame

Frame: https://visitor.omnitagjs.com/visitor/isync?uid=9d3de46176757cb28c73de5b6692c577&name=MISSENA&visitor=cb7h1s3khgtjqjqd4jl0&gdpr=0
Frame ID: 4C7B41C3FDF57FD9EC7BB2BFE5D9F1F6
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=urlz.fr&gdpr=0&gdpr_consent=
Frame ID: 3BDE5EC213968F4F054F178E0F28988F
Requests: 2 HTTP requests in this frame

Frame: https://tm.ad-srv.net/tm/a/container/html/75d02d930b.html?liuid=fd208cb733&cguid=044454bea6&click=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3F8_43A93coT-NxQCBOBaZPwAAAKBwPeI_RsR1zSLbnD9ATS1b64ukP-UJ6brlskgehs7WZwBwemvwEM9iAAAAAEiOvwAVDgAASicAAAIAAAANft4MwPwVAAAAAABVU0QAVVNEANgCWgAMvAAAAAABAQUCAAAAAKYAVyafaAAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521ghc-mgjFiI0TEI38-WYYwPlXIAAoADF7FK5H4XqkPzoJQU1TMzo1OTk1QOQuSU1nJ4Oj5O8_UQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAAAAAaQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAPA_%2Fcca%3DMTAwNTgjQU1TMzo1OTk1%2Fbn%3D96413%2Fclickenc%3D&eVS=3605&eVR=https%3A%2F%2Furlz.fr%2FiMRN&rnd=1586510653
Frame ID: 94C97C8E002F43301E9398E2F07A887E
Requests: 6 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=3605&pub_id=1145851
Frame ID: 0812C2682E69FA756E15C6A944656413
Requests: 2 HTTP requests in this frame

Frame: https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Furlz.fr%2FiMRN&e=wqT_3QKZDfBMmQYAAAMA1gAFAQjwobyWBhD94Nrl6tL87CgYhp3bvoaAnL1rKjYJehSuR-F6hD8R1A0UeCeffj8ZAAAAIFyP0j8h1A0UeCeffj8pexQJJBAxAAAAQAEtqDCn34IHOJUcQKtaSAJQiojlY1jA-VdgAGiM-E54nfEFgAEBigEDVVNEkgEBBvBpmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQD6AQgxNDcyNTAzMYoClQF1ZignYScsIDQzODg3NzksIDE2NTc3Mzc0NTYpO3VmKCdpJywgMzg0MTE2NywgMTY1NzczNzQ1NgkdLGcnLCAxMTEwNTI1N0Y7ACxjJywgMzg4MDczMjZGHgAscicsIDIwOTI3Mzg2Oh8A9EgBkgKxBCFLR3FIREFpZXpzQVNFSXFJNVdNWUFDREEtVmN3QVRnQVFBQklxMXBRcDktQ0IxZ0FZSllIYUFCd0FIZ0FnQUVBaUFFQWtBRUJtQUVCb0FFQ3FBRUNzQUVBdVFIZmhaQUlYMm1FUDhFQjF0cGM2T0Y2aERfSkFRQUFBQUFBQVBBXzJRRk5aeWVEby1UdlAtQUJqN25xQWZVQkN0ZWpQSmdDQUtBQ0FyVUNBQUFBQUwwQ0FBQUFBTUFDQU1nQ0FOQUNBTmdDQU9BQ0FPZ0NBUGdDQVlBREFaZ0RBYUlERGdqVV92c2lFQVFZQVMzbUtLODZvZ01UQ05LVTRpQVFDaGdCTFFBQWdFQXlBM1Z1YTdvRENVRk5Vek02TlRrNU5lQUQ1QzZBQkwzY3dBT0lCSmZkd0FPUUJBQ1lCQVRCQkFBQUFBQUEBywR5URHVJEFBQU5nRUFQRUUBCwkBIENJQmVzdXFRVQkPGEFEd1A3RUYNDRRBQUFEQkIdPwB5LigAADkyKAAAWhUo8ENQQV80QVhvQl9BRjZlZWxCZmdGcS0tTEFvSUdBMFZWVW9nR0FKQUdBWmdHQUtFR2V4U3VSLUY2bEQtb0JnU3lCaVFKQQF7CQEAUgkHBQEAWgUGCQEAaAkHAQFAQzRCZ28umgKVASFOUmVlZmc2NQLQd1BsWElBQW9BREY3Rks1SDRYcVVQem9KUVUxVE16bzFPVGsxUU9RdVNVMW5KNE9qNU84X1Ud9QBXHQwAWR0MAGEdDABjHQwQZUFDSkEREMBQQV_YAvJD4ALllizqAhRodHRwczovL3VybHouZnIvaU1STvICEQoGQURWX0lEEgc0aYgc8gISCgZDUEcBFAAIcWIY8gIKCgVDUAEUOAEw8gINCghBRFZfRlJFUREQHFJFTV9VU0VSBRAADAkgGENPREUSAPIBDwFREQ8QCwoHQ1AVDhAQCgVJTwFZCAczOGXsAPIBIQRJTxUhOBMKD0NVU1RPTV9NT0RFTAErFADyAhoKFjIWABxMRUFGX05BTQVxCB4KGjYdAAhBU1QBPhBJRklFRAE-HA0KCFNQTElUAU3wsAEwgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDtJ5U4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTgyLjE5OS4xMzAuNDSoBACyBA4IABABGAAgACgAMAA4ArgEAMAEAMgEANIEDzExNTYzI0FNUzM6NTk5NdoEAggB4AQB8ASKiOVjiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAEMdAAA2AUB4AUB8AXGBfoFBAgAEACQBgCYBgC4BgDBBgkiKPA_0Aa1RNoGFgoQCREZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSAG3PDAAOLoGQADIB53xBdIHDQkROgE4CNoHBgknaOAHAOoHAggA8Afu9gOKCAIQAJUIAACAP5gIAQ..&s=e290a2cba318a808cc8b4eca277eda31ee220573&bdref=https%3A%2F%2Furlz.fr%2FiMRN&bdtop=true&bdifs=1&bstk=https%3A%2F%2Furlz.fr%2FiMRN,https%3A%2F%2Furlz.fr%2FiMRN&
Frame ID: B2EC823FBE3E29CE90DDBC651591BFEB
Requests: 6 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Frame ID: 86835804DB6F524F99574ACFDF439839
Requests: 11 HTTP requests in this frame

Frame: https://ad.ad-srv.net/request.php?zone=0tb3zvbgqv0r&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x216&scrollPos=0x0&documentReferer=https%3A%2F%2Furlz.fr%2FiMRN&ancestorOrigins=https%3A%2F%2Furlz.fr&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:3605&extVar[]=XR_DOM_RTB:urlz.fr&redirectClick=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3F8_43A93coT-NxQCBOBaZPwAAAKBwPeI_RsR1zSLbnD9ATS1b64ukP-UJ6brlskgehs7WZwBwemvwEM9iAAAAAEiOvwAVDgAASicAAAIAAAANft4MwPwVAAAAAABVU0QAVVNEANgCWgAMvAAAAAABAQUCAAAAAKYAVyafaAAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521ghc-mgjFiI0TEI38-WYYwPlXIAAoADF7FK5H4XqkPzoJQU1TMzo1OTk1QOQuSU1nJ4Oj5O8_UQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAAAAAaQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAPA_%2Fcca%3DMTAwNTgjQU1TMzo1OTk1%2Fbn%3D96413%2Fclickenc%3D&uidRedirect=1
Frame ID: E3EE5438A8C67A78C0F7BA33A5B8BC1D
Requests: 4 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=3605&pub_id=1145851
Frame ID: 0DEAB99033A896F8ADCC0E94C9240860
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=3605&pub_id=1145851
Frame ID: 196AC3976E06720E7444F24A4032A868
Requests: 2 HTTP requests in this frame

Frame: https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Furlz.fr%2FiMRN&e=wqT_3QKZDfBMmQYAAAMA1gAFAQjwobyWBhD94Nrl6tL87CgYhp3bvoaAnL1rKjYJehSuR-F6hD8R1A0UeCeffj8ZAAAAIFyP0j8h1A0UeCeffj8pexQJJBAxAAAAQAEtqDCn34IHOJUcQKtaSAJQiojlY1jA-VdgAGiM-E54nfEFgAEBigEDVVNEkgEBBvBpmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQD6AQgxNDcyNTAzMYoClQF1ZignYScsIDQzODg3NzksIDE2NTc3Mzc0NTYpO3VmKCdpJywgMzg0MTE2NywgMTY1NzczNzQ1NgkdLGcnLCAxMTEwNTI1N0Y7ACxjJywgMzg4MDczMjZGHgAscicsIDIwOTI3Mzg2Oh8A9EgBkgKxBCFLR3FIREFpZXpzQVNFSXFJNVdNWUFDREEtVmN3QVRnQVFBQklxMXBRcDktQ0IxZ0FZSllIYUFCd0FIZ0FnQUVBaUFFQWtBRUJtQUVCb0FFQ3FBRUNzQUVBdVFIZmhaQUlYMm1FUDhFQjF0cGM2T0Y2aERfSkFRQUFBQUFBQVBBXzJRRk5aeWVEby1UdlAtQUJqN25xQWZVQkN0ZWpQSmdDQUtBQ0FyVUNBQUFBQUwwQ0FBQUFBTUFDQU1nQ0FOQUNBTmdDQU9BQ0FPZ0NBUGdDQVlBREFaZ0RBYUlERGdqVV92c2lFQVFZQVMzbUtLODZvZ01UQ05LVTRpQVFDaGdCTFFBQWdFQXlBM1Z1YTdvRENVRk5Vek02TlRrNU5lQUQ1QzZBQkwzY3dBT0lCSmZkd0FPUUJBQ1lCQVRCQkFBQUFBQUEBywR5URHVJEFBQU5nRUFQRUUBCwkBIENJQmVzdXFRVQkPGEFEd1A3RUYNDRRBQUFEQkIdPwB5LigAADkyKAAAWhUo8ENQQV80QVhvQl9BRjZlZWxCZmdGcS0tTEFvSUdBMFZWVW9nR0FKQUdBWmdHQUtFR2V4U3VSLUY2bEQtb0JnU3lCaVFKQQF7CQEAUgkHBQEAWgUGCQEAaAkHAQFAQzRCZ28umgKVASFOUmVlZmc2NQLQd1BsWElBQW9BREY3Rks1SDRYcVVQem9KUVUxVE16bzFPVGsxUU9RdVNVMW5KNE9qNU84X1Ud9QBXHQwAWR0MAGEdDABjHQwQZUFDSkEREMBQQV_YAvJD4ALllizqAhRodHRwczovL3VybHouZnIvaU1STvICEQoGQURWX0lEEgc0aYgc8gISCgZDUEcBFAAIcWIY8gIKCgVDUAEUOAEw8gINCghBRFZfRlJFUREQHFJFTV9VU0VSBRAADAkgGENPREUSAPIBDwFREQ8QCwoHQ1AVDhAQCgVJTwFZCAczOGXsAPIBIQRJTxUhOBMKD0NVU1RPTV9NT0RFTAErFADyAhoKFjIWABxMRUFGX05BTQVxCB4KGjYdAAhBU1QBPhBJRklFRAE-HA0KCFNQTElUAU3wsAEwgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDtJ5U4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTgyLjE5OS4xMzAuNDSoBACyBA4IABABGAAgACgAMAA4ArgEAMAEAMgEANIEDzExNTYzI0FNUzM6NTk5NdoEAggB4AQB8ASKiOVjiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAEMdAAA2AUB4AUB8AXGBfoFBAgAEACQBgCYBgC4BgDBBgkiKPA_0Aa1RNoGFgoQCREZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSAG3PDAAOLoGQADIB53xBdIHDQkROgE4CNoHBgknaOAHAOoHAggA8Afu9gOKCAIQAJUIAACAP5gIAQ..&s=e290a2cba318a808cc8b4eca277eda31ee220573&bdref=https%3A%2F%2Furlz.fr%2FiMRN&bdtop=true&bdifs=1&bstk=https%3A%2F%2Furlz.fr%2FiMRN,https%3A%2F%2Furlz.fr%2FiMRN&
Frame ID: CA1E386BC0C06CA685F04518A3B0428C
Requests: 6 HTTP requests in this frame

Frame: https://ad.ad-srv.net/request.php?zone=nmigdcx4avw9&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=c7cb32da3378tcWDhUNgV1aD-zcFyJje0pGA7lGWexdQxnfXB_ZGYmv8ib8Yg4HFBiRHFKy0YzvFGidlg4F0CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=92575400130029001467935012019022&redirectClick=https%3A%2F%2Fad22.ad-srv.net%2Fc%2Fpqky8cvl0pkogi4%3Ftprde%3D&uidRedirect=1
Frame ID: BEFFABBBAD6BC7845B23338B0AD19185
Requests: 5 HTTP requests in this frame

Frame: https://www.awin1.com/cshow.php?s=2519508&v=14098&q=379082&r=559379&pv=1&pref1=42741200130031101649445012019022
Frame ID: DEEC98D4962DFBEEDF691EEE05B7F46F
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Home Banking

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:ad\.advertstream\.com|adxcore\.com)

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • quantcast\.mgr\.consensu\.org

Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

230
Requests

87 %
HTTPS

33 %
IPv6

71
Domains

112
Subdomains

94
IPs

9
Countries

2612 kB
Transfer

6162 kB
Size

55
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • https://ad.adxcore.com/a/init/?site=23152 HTTP 302
  • https://adaccess.fr/a/init/index.php?site=23152
Request Chain 48
  • https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=pageview&id_mid_4=49bd143f-9b10-45f2-71be-8bb0aeaf79e0&reqId=787133a4-4e77-4a4e-6735-6f903db59e6a&zdid=1258 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fadnxs_uid%3D%24UID%26zpartnerid%3D2%26env%3DmWeb%26eventType%3Dpageview%26id_mid_4%3D49bd143f-9b10-45f2-71be-8bb0aeaf79e0%26reqId%3D787133a4-4e77-4a4e-6735-6f903db59e6a%26zdid%3D1258 HTTP 302
  • https://mwzeom.zeotap.com/mw?adnxs_uid=7744625656261430918&zpartnerid=2&env=mWeb&eventType=pageview&id_mid_4=49bd143f-9b10-45f2-71be-8bb0aeaf79e0&reqId=787133a4-4e77-4a4e-6735-6f903db59e6a&zdid=1258
Request Chain 49
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=49bd143f-9b10-45f2-71be-8bb0aeaf79e0&reqId=787133a4-4e77-4a4e-6735-6f903db59e6a&zdid=1258 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=49bd143f-9b10-45f2-71be-8bb0aeaf79e0&reqId=787133a4-4e77-4a4e-6735-6f903db59e6a&zdid=1258&google_tc= HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESELli8RmNUrEibWd8RIH1xVE&google_cver=1&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=49bd143f-9b10-45f2-71be-8bb0aeaf79e0&reqId=787133a4-4e77-4a4e-6735-6f903db59e6a&zdid=1258
Request Chain 51
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=49bd143f-9b10-45f2-71be-8bb0aeaf79e0&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dpageview%26id_mid_4%3D49bd143f-9b10-45f2-71be-8bb0aeaf79e0%26reqId%3D787133a4-4e77-4a4e-6735-6f903db59e6a%26zdid%3D1258 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=49bd143f-9b10-45f2-71be-8bb0aeaf79e0&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dpageview%26id_mid_4%3D49bd143f-9b10-45f2-71be-8bb0aeaf79e0%26reqId%3D787133a4-4e77-4a4e-6735-6f903db59e6a%26zdid%3D1258 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=11622089902477973823401253281420221596&zpartnerid=314&env=mWeb&eventType=pageview&id_mid_4=49bd143f-9b10-45f2-71be-8bb0aeaf79e0&reqId=787133a4-4e77-4a4e-6735-6f903db59e6a&zdid=1258
Request Chain 52
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=pageview&id_mid_4=49bd143f-9b10-45f2-71be-8bb0aeaf79e0&reqId=787133a4-4e77-4a4e-6735-6f903db59e6a&zdid=1258 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1258&cid=lwS6x6TnrYpD96q7NsHfdes767u3wGmD%2BS41iYitP1U%3D
Request Chain 53
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dpageview%26id_mid_4%3D49bd143f-9b10-45f2-71be-8bb0aeaf79e0%26reqId%3D787133a4-4e77-4a4e-6735-6f903db59e6a%26zdid%3D1258 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=f60262cf-10f0-4d00-ab9c-bbc6c0ec479d&env=mWeb&zpartnerid=979&env=mWeb&eventType=pageview&id_mid_4=49bd143f-9b10-45f2-71be-8bb0aeaf79e0&reqId=787133a4-4e77-4a4e-6735-6f903db59e6a&zdid=1258
Request Chain 69
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Furlz.fr%2F&domain=urlz.fr&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=csvHX3xsOTd0RW0zUm5IYko0YkErSG5iUzdsVnlqUy91YVBUUlVPZjAxUFNzNEErWlVSV2pwWDRvVUhOR05obW5HQ0tDQzlxRkgvdyttOUlPSW9WSlZ1RHZLSVY5eVFYRUdXV1cxa09vLzFxQkhwL2pYajJTdUlwaGI3TjBUUXBnemNQanRMRW5ONVdVWlZDdWo5TTRYZHBMbVRhaXRkYTZKdjJzQW1TK2RKanZ3Ny9CWWZjWjZOZzNsc2hDZm00UmxwbjZpSHQ2a0V0ajNaYTlCMXdWUkcwTUNBPT18&cppv=2
Request Chain 87
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12773%26ref%3D%26url%3Dhttps%253A%252F%252Furlz.fr%252FiMRN%26hn_ver%3D40%26fid%3Da9ceb8e1-a0a1-4798-a7c6-77b4541b111e HTTP 302
  • https://s.cpx.to/an_fire?app_nexus_uid=7744625656261430918&pid=12773&ref=&url=https%3A%2F%2Furlz.fr%2FiMRN&hn_ver=40&fid=a9ceb8e1-a0a1-4798-a7c6-77b4541b111e
Request Chain 88
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3Da9ceb8e1-a0a1-4798-a7c6-77b4541b111e&gdpr=0 HTTP 302
  • https://sync.smartadserver.com/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=a9ceb8e1-a0a1-4798-a7c6-77b4541b111e&gdpr=0&cklb=1
Request Chain 89
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=a9ceb8e1-a0a1-4798-a7c6-77b4541b111e HTTP 302
  • https://s.cpx.to/ca.png?dsp=dbm&fid=a9ceb8e1-a0a1-4798-a7c6-77b4541b111e&google_gid=CAESEOuu6i47tM2h2x20VcaMHiI&google_cver=1
Request Chain 131
  • https://pbjs.e-planning.net/pbjs/1/2a156/1/urlz.fr/ROS?rnd=0.33070262030319286&e=video%3A300x250%2C300x50%2C355x50%2C640x480%2B26328%3A300x250%2C728x90%2C970x90%2C1x1%2C1000x90%2C1000x30%2C990x90%2C950x90%2B26322%3A728x90%2C320x50%2C300x50%2C320x100%2C300x100%2B30012%3A728x90%2C320x50%2C300x50%2C320x100%2C300x100&ur=https%3A%2F%2Furlz.fr%2FiMRN&pbv=7.1.0&ncb=1&vs=FFFF&crs=UTF-8&fr=https%3A%2F%2Furlz.fr%2FiMRN&gdpr=0&e_id5id=%257B%2522uid%2522%253A%25220%2522%252C%2522ext%2522%253A%257B%2522linkType%2522%253A0%257D%257D&e_pubcid=8c59273e-5a9e-456c-874f-a38e6cef8785 HTTP 302
  • https://pbjs.e-planning.net/hb/1/2a156/1/urlz.fr/ROS?ct=1&r=pbjs&rnd=0.33070262030319286&e=video%3A300x250%2C300x50%2C355x50%2C640x480%2B26328%3A300x250%2C728x90%2C970x90%2C1x1%2C1000x90%2C1000x30%2C990x90%2C950x90%2B26322%3A728x90%2C320x50%2C300x50%2C320x100%2C300x100%2B30012%3A728x90%2C320x50%2C300x50%2C320x100%2C300x100&ur=https%3A%2F%2Furlz.fr%2FiMRN&pbv=7.1.0&ncb=1&vs=FFFF&crs=UTF-8&fr=https%3A%2F%2Furlz.fr%2FiMRN&gdpr=0&e_id5id=%257B%2522uid%2522%253A%25220%2522%252C%2522ext%2522%253A%257B%2522linkType%2522%253A0%257D%257D&e_pubcid=8c59273e-5a9e-456c-874f-a38e6cef8785
Request Chain 145
  • https://sync.missena.io/adyoulike?gdpr=0 HTTP 302
  • https://visitor.omnitagjs.com/visitor/isync?uid=9d3de46176757cb28c73de5b6692c577&name=MISSENA&visitor=cb7h1s3khgtjqjqd4jl0&gdpr=0
Request Chain 150
  • https://sync.smartadserver.com/getuid?gdpr=0&nwid=3927&url=https%3A%2F%2Fsync.missena.io%2Fsmart%2F%5Bsas_uid%5D HTTP 302
  • https://sync.missena.io/smart/172661856053353925
Request Chain 151
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=urlz.fr&sn=ChromeSyncframe&so=3&topUrl=urlz.fr&bundle=HztW-19oNHBzUWtreVBYV0FHRCUyQnhSbVVQQmd1TExaTCUyQlVUS1g4QUJCTDlqbnAlMkZyTkNGNVFuaVF1a1lTT1hVbyUyRm8xNCUyQlFyRlVpJTJCOHdacXRVZlB3UmdWMnhMU2lXbkJ1a2FVOURkd1VHU0FOUFRVWSUzRA&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=74uIUnxOWTBDdjNzUkViSVFIWE9ZNW9wTWdkZGFIWVJBckpQbjRrbGtCdW5WTDZZWS85eWpoK3VMYmR0MXBPMDZ0SGp3NzIxeXVObDNnNzdlR3BoR05SdkhTZGhLaXBSL0l0Q0dPbmRsUERBZkVJSkp3M2pBeTNGaHN3MFJPamg1TmZJcXJVNFY2cUU2UVRNUVhyOHo5SUQ0K1lPTTg2aC9iYlAvRXcreVVPVEQ5N0pXMmhiMnNmSVY4UWxRMUJvSWpzZk5aRjBmM1UwOTRxRjNVSkEveEJrTHNsTUZHdENTWnQyTG1vSEIrWXBVL2ZHWVRUbmNubU50VkpjNjg0ZE1zUHhVMFA1OW1NdElOVHZybXJTYTJMSHI1dz09fA&cppv=2
Request Chain 160
  • https://events.missena.io/v1/pixels?cc=EUR&cn=stepstone.de&ct=cpm&cv=0.7447715401649475&redirect_url=https%3A%2F%2Fcat.fr.eu.criteo.com%2Fdelivery%2Flgn.php%3Fcppv%3D3%26cpp%3DxfNH7cE5mIXq5232zlW6Z4GtB43DlQk7AgDEuhs8x2SPumwts4WPrUMSbOeMhECOH3a_AvFuuQiC4aQrNjTn_ZfwVaoc91QlBQ6MvtT0jkG3nmw2gZX-pg_7SPy6UOsOlrfyAqTJWwTT2NjcZ4-f7jMwB49iz1Lc2FKW9DAk9X54dILPfBNCtSzg6yP5VzNflzz1NqU7PyF3Rs3FJ-T6xfes-hHy82MXpIcYv2QvnjJkp-cUyLl9M2qu4eSacLKCmgObbn3EDuwKBozEBGPsiYpHPQOgW6pOZAmZA0RaU1-k2yW2aLaFGv4pqtLoCjSuWNbuRDwo2_-Qj7UKXc0pAjjm5nN-dU3FcN0Ax48jh3aSrARCTczi6oa-RLsZkzKfHGozw0A-zU7nS57FKHKk-aOF_wEoIGZFi4LE8rojAVMrrBu2&ik=1657737456.cb7h1s5a9onp7tmgase0&p=criteo-cdb&t=PA-44335945 HTTP 301
  • https://cat.fr.eu.criteo.com/delivery/lgn.php?cppv=3&cpp=xfNH7cE5mIXq5232zlW6Z4GtB43DlQk7AgDEuhs8x2SPumwts4WPrUMSbOeMhECOH3a_AvFuuQiC4aQrNjTn_ZfwVaoc91QlBQ6MvtT0jkG3nmw2gZX-pg_7SPy6UOsOlrfyAqTJWwTT2NjcZ4-f7jMwB49iz1Lc2FKW9DAk9X54dILPfBNCtSzg6yP5VzNflzz1NqU7PyF3Rs3FJ-T6xfes-hHy82MXpIcYv2QvnjJkp-cUyLl9M2qu4eSacLKCmgObbn3EDuwKBozEBGPsiYpHPQOgW6pOZAmZA0RaU1-k2yW2aLaFGv4pqtLoCjSuWNbuRDwo2_-Qj7UKXc0pAjjm5nN-dU3FcN0Ax48jh3aSrARCTczi6oa-RLsZkzKfHGozw0A-zU7nS57FKHKk-aOF_wEoIGZFi4LE8rojAVMrrBu2
Request Chain 176
  • https://x.bidswitch.net/sync?ssp=criteo&custom_data=16wZU19FYVRRVTU0MEtHUkZkWFB2OUdjVlF0N2lzUUNtWGxHYW1YVmlLOFVXNkFNJTNE&gdpr=false&gdpr_consent=&us_privacy=1---&cr_user_id= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=criteo&custom_data=16wZU19FYVRRVTU0MEtHUkZkWFB2OUdjVlF0N2lzUUNtWGxHYW1YVmlLOFVXNkFNJTNE&gdpr=false&gdpr_consent=&us_privacy=1---&cr_user_id= HTTP 302
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=criteo&bsw_user_id=712e2887-d5d9-4195-8637-bc55625c93ec HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=criteo&bsw_user_id=712e2887-d5d9-4195-8637-bc55625c93ec HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=fbe6cac2-ed7a-4428-b212-81fa4ce7e3ba&ssp=criteo HTTP 302
  • https://ssp-sync.criteo.com/user-sync/match?p=16wZU19FYVRRVTU0MEtHUkZkWFB2OUdjVlF0N2lzUUNtWGxHYW1YVmlLOFVXNkFNJTNE&u=712e2887-d5d9-4195-8637-bc55625c93ec
Request Chain 177
  • https://sync.taboola.com/sg/criteoscod/1/cm?redirect=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fmatch%3fp%3dB4Pgc19oM3Q1a2ZVVU4lMkZxcDFyd0VuSzhlZlVEbWN5dSUyRjNnNFEyWkpLaWZFWkhDTSUzRA%26u%3d%3cTUID%3e&gdpr=false&consent=&ccpa=1--- HTTP 302
  • https://ssp-sync.criteo.com/user-sync/match?p=B4Pgc19oM3Q1a2ZVVU4lMkZxcDFyd0VuSzhlZlVEbWN5dSUyRjNnNFEyWkpLaWZFWkhDTSUzRA&u=c285552c-f591-4c9e-b25c-0cd0313d46e7-tuct9c89671
Request Chain 188
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=smartadserver&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Request Chain 194
  • https://ad.ad-srv.net/request.php?zone=0tb3zvbgqv0r&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x216&scrollPos=0x0&documentReferer=https%3A%2F%2Furlz.fr%2FiMRN&ancestorOrigins=https%3A%2F%2Furlz.fr&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:3605&extVar[]=XR_DOM_RTB:urlz.fr&redirectClick=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3F8_43A93coT-NxQCBOBaZPwAAAKBwPeI_RsR1zSLbnD9ATS1b64ukP-UJ6brlskgehs7WZwBwemvwEM9iAAAAAEiOvwAVDgAASicAAAIAAAANft4MwPwVAAAAAABVU0QAVVNEANgCWgAMvAAAAAABAQUCAAAAAKYAVyafaAAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521ghc-mgjFiI0TEI38-WYYwPlXIAAoADF7FK5H4XqkPzoJQU1TMzo1OTk1QOQuSU1nJ4Oj5O8_UQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAAAAAaQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAPA_%2Fcca%3DMTAwNTgjQU1TMzo1OTk1%2Fbn%3D96413%2Fclickenc%3D HTTP 302
  • https://ad.ad-srv.net/request.php?zone=0tb3zvbgqv0r&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x216&scrollPos=0x0&documentReferer=https%3A%2F%2Furlz.fr%2FiMRN&ancestorOrigins=https%3A%2F%2Furlz.fr&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:3605&extVar[]=XR_DOM_RTB:urlz.fr&redirectClick=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3F8_43A93coT-NxQCBOBaZPwAAAKBwPeI_RsR1zSLbnD9ATS1b64ukP-UJ6brlskgehs7WZwBwemvwEM9iAAAAAEiOvwAVDgAASicAAAIAAAANft4MwPwVAAAAAABVU0QAVVNEANgCWgAMvAAAAAABAQUCAAAAAKYAVyafaAAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521ghc-mgjFiI0TEI38-WYYwPlXIAAoADF7FK5H4XqkPzoJQU1TMzo1OTk1QOQuSU1nJ4Oj5O8_UQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAAAAAaQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAPA_%2Fcca%3DMTAwNTgjQU1TMzo1OTk1%2Fbn%3D96413%2Fclickenc%3D&uidRedirect=1
Request Chain 213
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODBhMWQ1MGU3NTEwZDBiNWZiMzhmYjBlOTczMDVhZGYyZTZkYjQ1ZA&gdpr=0
Request Chain 214
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEJy84qMxG3y7tKOMUlCb4-s&google_cver=1
Request Chain 215
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L5JY2W23-1D-2IYI&gdpr=0
Request Chain 216
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Lgj34tO-SPWNi3gvdC2qDQ&rk=usync-other&gdpr=0 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=Lgj34tO-SPWNi3gvdC2qDQ&gdpr=0
Request Chain 217
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/zs2PCwAAtvXGELnPBWictMn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5026718770894275550
Request Chain 218
  • https://token.rubiconproject.com/token?pid=26594&gdpr=0 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L5JY2W23-1D-2IYI&sigv=1&esig=2~d88c581d1f750b5131f8e154d5ca6b477102a6dd&gdpr=0
Request Chain 219
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDVKWTJXMjMtMUQtMklZSQ==&gdpr=0
Request Chain 220
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=sWJtIVeFR_SeXQNtir-X-Q&rk=usync-na&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=sWJtIVeFR_SeXQNtir-X-Q&gdpr=0
Request Chain 222
  • https://ad.ad-srv.net/request.php?zone=nmigdcx4avw9&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=c7cb32da3378tcWDhUNgV1aD-zcFyJje0pGA7lGWexdQxnfXB_ZGYmv8ib8Yg4HFBiRHFKy0YzvFGidlg4F0CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=92575400130029001467935012019022&redirectClick=https%3A%2F%2Fad22.ad-srv.net%2Fc%2Fpqky8cvl0pkogi4%3Ftprde%3D HTTP 302
  • https://ad.ad-srv.net/request.php?zone=nmigdcx4avw9&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=c7cb32da3378tcWDhUNgV1aD-zcFyJje0pGA7lGWexdQxnfXB_ZGYmv8ib8Yg4HFBiRHFKy0YzvFGidlg4F0CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=92575400130029001467935012019022&redirectClick=https%3A%2F%2Fad22.ad-srv.net%2Fc%2Fpqky8cvl0pkogi4%3Ftprde%3D&uidRedirect=1
Request Chain 225
  • https://www.awin1.com/cshow.php?s=2519508&v=14098&q=379082&r=559379&pv=0&pref1=42741200130031101649445012019022 HTTP 302
  • https://media.kaspersky.com/de/affiliates/evergreen-kis-728x90.jpg

230 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request iMRN
urlz.fr/
10 KB
3 KB
Document
General
Full URL
https://urlz.fr/iMRN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:ead6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8bff2b60cc5624dd374a6d9329ac00f9a9c40786050c5998ad6aac1efa3d88f2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=60
cf-cache-status
DYNAMIC
cf-ray
72a42171dff78867-LHR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 13 Jul 2022 18:37:34 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Wed, 13 Jul 2022 18:38:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aA183Sc0CzNrVnIg0E2kIEhVBu04TAT9YS4GhMb8HCPwxRWV6Rl09wwODW83eOgFRH5%2F5Gpt9dI%2FUaMdPj9N8CAtTEwh%2FEixETuD8xoMbyjM4KmMCCBPx9V35xAu5vU6rVwQK6ab"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-fastcgi-cache
MISS
rocket-loader.min.js
urlz.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/
12 KB
4 KB
Script
General
Full URL
https://urlz.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: urlz.fr
URL: https://urlz.fr/iMRN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:ead6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://urlz.fr/iMRN
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 18:37:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 08 Jul 2022 19:29:15 GMT
server
cloudflare
etag
W/"62c8858b-302c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UutuY2RenIj7ePFZBWlLcGtN5fj6mSmjpUZC4mSc9q5pY%2FAcWL37d936BnRwZ560OOVfnNEBXqTwdCIUFx3Vl29nloudmNfo19ob3FsM02nAwmWtdjwxk2WxJgj1C7rZO6UXKl2B"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
72a4217269238867-LHR
vary
Accept-Encoding
expires
Fri, 15 Jul 2022 18:37:34 GMT
/
aohospitality.in/Continuar/elnuevo/laseguridad/ Frame 93BC
60 KB
13 KB
Document
General
Full URL
https://aohospitality.in/Continuar/elnuevo/laseguridad/
Requested by
Host: urlz.fr
URL: https://urlz.fr/iMRN
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.222.225.250 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
Software
Apache /
Resource Hash
a8505ecc07f022c34fb869c0e55b5365ede76db3834806f84d81e71c5b42ded4

Request headers

Referer
https://urlz.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

content-encoding
gzip
content-length
13460
content-type
text/html; charset=UTF-8
date
Wed, 13 Jul 2022 18:37:35 GMT
server
Apache
vary
Accept-Encoding,User-Agent
x-server-cache
false
js
www.googletagmanager.com/gtag/
103 KB
40 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-162669458-1
Requested by
Host: urlz.fr
URL: https://urlz.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8521e587b2eb276f8ae957fd98ba8604059f6549c4d2143fb910aef1947485ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 18:37:34 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40265
x-xss-protection
0
last-modified
Wed, 13 Jul 2022 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 13 Jul 2022 18:37:34 GMT
requestform.js
ads.themoneytizer.com/s/
115 KB
15 KB
Script
General
Full URL
https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=6
Requested by
Host: urlz.fr
URL: https://urlz.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::18 , United Kingdom, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
78e9b594abb7027a294c724e63c7efd168b6687dc86b4e57aa9399d4a137c669

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-77-nzt
AZySIRnp+XX/r8QAAA
x-accel-expires
@1657773503
date
Wed, 13 Jul 2022 18:37:34 GMT
content-encoding
br
server
CDN77-Turbo
x-77-nzt-ray
GBa+ZsKT3gc
x-77-cache
HIT
content-type
text/html; charset=UTF-8
cache-control
max-age=86400
x-cache
HIT
x-age
50351
x-77-pop
frankfurtDE
gen.js
ads.themoneytizer.com/s/
5 KB
2 KB
Script
General
Full URL
https://ads.themoneytizer.com/s/gen.js?type=6
Requested by
Host: urlz.fr
URL: https://urlz.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::18 , United Kingdom, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
292e660b3ce419eb2e8dfc48e1765ea7a095d09160ad3ab7a7aaa4f164d91cf8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-77-nzt
AZySIRmoAEL/rMwAAA
x-accel-expires
@1657771458
date
Wed, 13 Jul 2022 18:37:34 GMT
content-encoding
br
server
CDN77-Turbo
x-77-nzt-ray
KsbmbIrMsEg
x-77-cache
HIT
content-type
text/html; charset=UTF-8
cache-control
max-age=86400
x-cache
HIT
x-age
52396
x-77-pop
frankfurtDE
requestform.js
ads.themoneytizer.com/s/
120 KB
16 KB
Script
General
Full URL
https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Requested by
Host: urlz.fr
URL: https://urlz.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::18 , United Kingdom, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
a0e34c1ed06ce66b293c146ab09631862bf40c497b6b0eb156dcf60e0f0fd0d4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-77-nzt
AZySIRlH9sr/r8QAAA
x-accel-expires
@1657773503
date
Wed, 13 Jul 2022 18:37:34 GMT
content-encoding
br
server
CDN77-Turbo
x-77-nzt-ray
f4I/ynL0pvg
x-77-cache
HIT
content-type
text/html; charset=UTF-8
cache-control
max-age=86400
x-cache
HIT
x-age
50351
x-77-pop
frankfurtDE
gen.js
ads.themoneytizer.com/s/
5 KB
2 KB
Script
General
Full URL
https://ads.themoneytizer.com/s/gen.js?type=28
Requested by
Host: urlz.fr
URL: https://urlz.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::18 , United Kingdom, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
292e660b3ce419eb2e8dfc48e1765ea7a095d09160ad3ab7a7aaa4f164d91cf8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-77-nzt
AZySIRkz4d7/rMwAAA
x-accel-expires
@1657771458
date
Wed, 13 Jul 2022 18:37:34 GMT
content-encoding
br
server
CDN77-Turbo
x-77-nzt-ray
LcxwjVCI3ec
x-77-cache
HIT
content-type
text/html; charset=UTF-8
cache-control
max-age=86400
x-cache
HIT
x-age
52396
x-77-pop
frankfurtDE
requestform.js
ads.themoneytizer.com/s/
120 KB
16 KB
Script
General
Full URL
https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1
Requested by
Host: urlz.fr
URL: https://urlz.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::18 , United Kingdom, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
be3a192a50b9463f66a11ff4a1ca699630ad0f703515016191e0312c5ed642d7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-77-nzt
AZySIRkbkHz/r8QAAA
x-accel-expires
@1657773503
date
Wed, 13 Jul 2022 18:37:34 GMT
content-encoding
br
server
CDN77-Turbo
x-77-nzt-ray
/nxmO/gmFXc
x-77-cache
HIT
content-type
text/html; charset=UTF-8
cache-control
max-age=86400
x-cache
HIT
x-age
50351
x-77-pop
frankfurtDE
gen.js
ads.themoneytizer.com/s/
5 KB
2 KB
Script
General
Full URL
https://ads.themoneytizer.com/s/gen.js?type=1
Requested by
Host: urlz.fr
URL: https://urlz.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::18 , United Kingdom, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
292e660b3ce419eb2e8dfc48e1765ea7a095d09160ad3ab7a7aaa4f164d91cf8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-77-nzt
AZySIRklXPb/rMwAAA
x-accel-expires
@1657771458
date
Wed, 13 Jul 2022 18:37:34 GMT
content-encoding
br
server
CDN77-Turbo
x-77-nzt-ray
rOCsSjXL6eo
x-77-cache
HIT
content-type
text/html; charset=UTF-8
cache-control
max-age=86400
x-cache
HIT
x-age
52396
x-77-pop
frankfurtDE
index.php
adaccess.fr/a/init/
Redirect Chain
  • https://ad.adxcore.com/a/init/?site=23152
  • https://adaccess.fr/a/init/index.php?site=23152
4 KB
2 KB
Script
General
Full URL
https://adaccess.fr/a/init/index.php?site=23152
Requested by
Host: urlz.fr
URL: https://urlz.fr/iMRN
Protocol
H2
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eae4beadbb5a345a93a2aa5e076a7c183b0c2e345353666bc8104370cd7ed293

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray
72a42174ee8a72d2-LHR
date
Wed, 13 Jul 2022 18:37:35 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Wed, 13 Jul 2022 18:00:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xm7YdHzBWMaPLF6EhQ29o8e4N%2B6TdrZGIzShwH71VF79rnRJMcdC3K3SeV8JOp9Oc%2Bz9bwPTbFKhuRutB278xpKJp2UR%2F%2Fo6Zt9W4EBbRRH0OHdjEhpNVBs5vuasJY34tMgtdusw5Sgegw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-type
application/json
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date
Wed, 13 Jul 2022 18:37:34 GMT
cf-cache-status
BYPASS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
location
https://adaccess.fr/a/init/index.php?site=23152
cf-ray
72a421738d7af3f3-LHR
jquery-1.12.4.min.js
code.jquery.com/ Frame 93BC
95 KB
33 KB
Script
General
Full URL
https://code.jquery.com/jquery-1.12.4.min.js
Requested by
Host: aohospitality.in
URL: https://aohospitality.in/Continuar/elnuevo/laseguridad/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://aohospitality.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 18:37:35 GMT
content-encoding
gzip
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
etag
W/"28feccc0-17b8b"
vary
Accept-Encoding
x-hw
1657737455.dop234.lo4.t,1657737455.cds238.lo4.hn,1657737455.cds207.lo4.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
33738
jquery-pincode-autotab.css
aohospitality.in/Continuar/elnuevo/laseguridad/ Frame 93BC
265 B
225 B
Stylesheet
General
Full URL
https://aohospitality.in/Continuar/elnuevo/laseguridad/jquery-pincode-autotab.css
Requested by
Host: aohospitality.in
URL: https://aohospitality.in/Continuar/elnuevo/laseguridad/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.222.225.250 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
Software
Apache /
Resource Hash
23d7ec5b376b92e2d0e2b483846c2938b03250fb253af07a1354206718076269

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://aohospitality.in/Continuar/elnuevo/laseguridad/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 18:37:35 GMT
content-encoding
gzip
last-modified
Mon, 15 Jul 2019 20:30:10 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
text/css
accept-ranges
bytes
content-length
158
jquery-pincode-autotab.min.js
aohospitality.in/Continuar/elnuevo/laseguridad/ Frame 93BC
2 KB
744 B
Script
General
Full URL
https://aohospitality.in/Continuar/elnuevo/laseguridad/jquery-pincode-autotab.min.js
Requested by
Host: aohospitality.in
URL: https://aohospitality.in/Continuar/elnuevo/laseguridad/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.222.225.250 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
Software
Apache /
Resource Hash
d6e395ef50c1564cf0f11e41a5a4ed81589b403c5a73177735d51cb1ffcfb852

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://aohospitality.in/Continuar/elnuevo/laseguridad/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 18:37:35 GMT
content-encoding
gzip
last-modified
Mon, 15 Jul 2019 20:30:10 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
application/javascript
accept-ranges
bytes
content-length
695
styles.30ce9a6d1e58e20411b6.css
aohospitality.in/Continuar/elnuevo/laseguridad/Home%20Banking_files/ Frame 93BC
105 KB
20 KB
Stylesheet
General
Full URL
https://aohospitality.in/Continuar/elnuevo/laseguridad/Home%20Banking_files/styles.30ce9a6d1e58e20411b6.css
Requested by
Host: aohospitality.in
URL: https://aohospitality.in/Continuar/elnuevo/laseguridad/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.222.225.250 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
Software
Apache /
Resource Hash
aa6e0a9667852f86282460aa3848dbae46e288b447a02369c89c70f0bfe25a35

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://aohospitality.in/Continuar/elnuevo/laseguridad/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 18:37:35 GMT
content-encoding
gzip
last-modified
Thu, 10 Feb 2022 11:56:42 GMT
server
Apache
accept-ranges
bytes
vary
Accept-Encoding,User-Agent
content-type
text/css
s.cpbto
aohospitality.in/Continuar/elnuevo/laseguridad/Home%20Banking_files/ Frame 93BC
4 KB
2 KB
Stylesheet
General
Full URL
https://aohospitality.in/Continuar/elnuevo/laseguridad/Home%20Banking_files/s.cpbto
Requested by
Host: aohospitality.in
URL: https://aohospitality.in/Continuar/elnuevo/laseguridad/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.222.225.250 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
Software
Apache /
Resource Hash
6513cbf8a1e0d6f74f56f1186a435d47c1d2bd0871890d50a73ec5613506ed65

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://aohospitality.in/Continuar/elnuevo/laseguridad/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 18:37:35 GMT
content-encoding
gzip
last-modified
Thu, 10 Feb 2022 11:56:44 GMT
server
Apache
x-server-cache
false
vary
Accept-Encoding,User-Agent
accept-ranges
bytes
content-length
1521
choice.js
quantcast.mgr.consensu.org/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/
3 KB
2 KB
Script
General
Full URL
https://quantcast.mgr.consensu.org/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js
Requested by
Host: urlz.fr
URL: https://urlz.fr/iMRN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:5000:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ad07c6b24e5575bc7fea432515d21d7ada9aeee0bdd5518b1d5fe24b98a091e3

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Wed, 13 Jul 2022 18:37:28 GMT
content-encoding
br
last-modified
Tue, 28 Jun 2022 13:53:56 GMT
server
AmazonS3
age
42
etag
W/"c53bd785b1ee57b613221019d7d72626"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
cache-control
max-age=900
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
6QSbnxEl5sdXOz7RH9Cqp78XaCkRXt1XFQkYSqs9Ff-_xXsrlPJAsw==
advstlib.min.js
ad.adxcore.com/static/js/components/advstlib/
611 KB
187 KB
Script
General
Full URL
https://ad.adxcore.com/static/js/components/advstlib/advstlib.min.js?c001847fa2
Requested by
Host: ad.adxcore.com
URL: https://ad.adxcore.com/a/init/?site=23152
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:31e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c41e595ac962985d5269025e9eb6ad77301e11082891f56b28647b3f89280c0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 18:37:35 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 13 Jul 2022 13:01:13 GMT
server
cloudflare
age
438
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000, private
cf-ray
72a4217b1ecdf3f3-LHR
expires
Fri, 12 Aug 2022 18:30:17 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
165 KB
56 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: ad.adxcore.com
URL: https://ad.adxcore.com/a/init/?site=23152
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a793121612a4e04e1e61ac58ebb38fcd8b48781176b8439ae6bdf2c85dd3d2f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 18:37:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56541
x-xss-protection
0
server
cafe
etag
7725041882608657784
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 13 Jul 2022 18:37:36 GMT
moneybile.js
ads.themoneytizer.com/
38 KB
16 KB
Script
General
Full URL
https://ads.themoneytizer.com/moneybile.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::18 , United Kingdom, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
4006e0481f9cfffd3a579c3dcbdad1b6953e844c1e3c76a8d9f86844c98d87a3

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-77-nzt
AZySIRkWHIb/rcwAAA
pragma
public
date
Wed, 13 Jul 2022 18:37:35 GMT
content-encoding
br
etag
W/"604b9fc7-981e"
last-modified
Fri, 12 Mar 2021 17:07:19 GMT
server
CDN77-Turbo
x-77-nzt-ray
4wFYY1fYdEQ
x-77-cache
HIT
content-type
application/javascript
x-cache
HIT
x-age
52397
x-77-pop
frankfurtDE
x-accel-expires
@1658721858
/
c.tmyzer.com/c/
0
272 B
XHR
General
Full URL
https://c.tmyzer.com/c/?s=15056&f=1&fi=99
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 13 Jul 2022 18:36:38 GMT
Server
nginx
X-IPLB-Request-ID
52C7822C:955C_36264064:01BB_62CF10EF_14E40E89:13C4D
X-IPLB-Instance
38438
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
smart.js
ced.sascdn.com/tag/1097/
93 KB
31 KB
Script
General
Full URL
https://ced.sascdn.com/tag/1097/smart.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.108.153.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a193-108-153-18.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5b946c77e4b95c4567745f802028bf2792b1e9cd070a773864036bbdbe6bf178

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 18:37:35 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=900
Connection
keep-alive
Content-Length
31943
Expires
Wed, 13 Jul 2022 18:52:35 GMT
sync
gum.criteo.com/
49 B
373 B
Script
General
Full URL
https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 18:37:35 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
1499
strict-transport-security
max-age=31536000; preload;
content-length
165
expires
60
mapper.js
spl.zeotap.com/
61 KB
20 KB
Script
General
Full URL
https://spl.zeotap.com/mapper.js?env=mWeb&eventType=pageview&zdid=1258
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52d507688e76dfbe48fce79beb89be7f30101e95e9e06c121c461e30517ab36f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray
72a4217bcd3d75d2-LHR
date
Wed, 13 Jul 2022 18:37:35 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
https://urlz.fr
access-control-allow-credentials
true
content-encoding
br
access-control-allow-headers
*
libJsLP.js
tag.leadplace.fr/
5 KB
6 KB
Script
General
Full URL
https://tag.leadplace.fr/libJsLP.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.192.166 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
80fccb00db57a177d26368cda09f8a540cf1aa641b8b6837047e86d3bd8d6333

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 18:37:36 GMT
Last-Modified
Thu, 07 Oct 2021 11:26:48 GMT
Server
nginx/1.14.2
X-IPLB-Request-ID
52C7822C:8DC0_91EFC0A6:01BB_62CF10EF_43D0C989:232FA
ETag
"615ed978-15ab"
X-IPLB-Instance
30196
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
5547
/
onetag-sys.com/usync/ Frame D773
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1657737455841
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://urlz.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
quant.js
secure.quantserve.com/
24 KB
10 KB
Script
General
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8362f786022ee58e2377be037ef4cac22a1db4fc52408244db3bca88fcf920e8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 18:37:35 GMT
content-encoding
gzip
etag
"DY2Ct5U/4Z64Fe9yLgHOFw=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Wed, 20 Jul 2022 18:37:35 GMT
px.js
p.cpx.to/p/12773/
2 KB
2 KB
Script
General
Full URL
https://p.cpx.to/p/12773/px.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.200.85.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-200-85-0.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
434b61608da840cf0a3604af7679f88694a85e8c22982124fe3aa9b7c440c17c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 18:37:35 GMT
Cache-Control
max-age=2419200, public
Connection
keep-alive
Content-Length
1769
Content-Type
application/javascript; charset=UTF-8
d086759d-86af-4b34-852b-bb5d4c87aa38
boot.pbstck.com/v1/tag/
1 KB
926 B
Script
General
Full URL
https://boot.pbstck.com/v1/tag/d086759d-86af-4b34-852b-bb5d4c87aa38
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1997 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb12a5eb09fe019c14f958618532681be0319d6dd05d6986bf9d6e39b7706d41

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 13 Jul 2022 18:37:35 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=120
cf-ray
72a4217bcd0471c0-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
notifyme.js
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/
25 KB
26 KB
Script
General
Full URL
https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.58.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-58-78.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 01:21:48 GMT
Via
1.1 6165dcc1fdf84ac65e8204c05709f1ca.cloudfront.net (CloudFront)
Last-Modified
Mon, 18 Feb 2019 16:54:28 GMT
Server
Apache
Age
62151
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
X-Amz-Cf-Pop
FRA56-C1
Accept-Ranges
bytes
Content-Length
25704
X-Amz-Cf-Id
Y8kaLTdC3ftbkVm293eL5xaHs6zCVnJA-PKm8e-xoAbMgHreokadmQ==
prebid.js
ads.themoneytizer.com/moneybid7_1/build/dist/
629 KB
159 KB
Script
General
Full URL
https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::18 , United Kingdom, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
8fce39ec7a63f40eac85498fb8aca9f7b595f1787bc1afd5e94a8823e99240b9

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-77-nzt
AZySIRkdg7b/rMwAAA
pragma
public
date
Wed, 13 Jul 2022 18:37:35 GMT
content-encoding
br
etag
W/"62a8971d-9d355"
last-modified
Tue, 14 Jun 2022 14:11:41 GMT
server
CDN77-Turbo
x-77-nzt-ray
VNf85rfDjew
x-77-cache
HIT
content-type
application/javascript
x-cache
HIT
x-age
52396
x-77-pop
frankfurtDE
x-accel-expires
@1658721859
/
c.tmyzer.com/c/
0
272 B
XHR
General
Full URL
https://c.tmyzer.com/c/?s=15056&f=28&fi=99
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 13 Jul 2022 18:37:36 GMT
Server
nginx
X-IPLB-Request-ID
52C7822C:9560_36264064:01BB_62CF10EF_14E25861:24DBB
X-IPLB-Instance
38432
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
/
c.tmyzer.com/c/
0
272 B
XHR
General
Full URL
https://c.tmyzer.com/c/?s=15056&f=6&fi=99
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=6
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 13 Jul 2022 18:36:37 GMT
Server
nginx
X-IPLB-Request-ID
52C7822C:955A_36264064:01BB_62CF10EF_14E3FBC5:2F1E4
X-IPLB-Instance
24858
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
lib_fs_close.js
ads.themoneytizer.com/
663 B
604 B
Script
General
Full URL
https://ads.themoneytizer.com/lib_fs_close.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::18 , United Kingdom, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
5906e88fb1c8b087fca2c1b1f751e831c19165952ea0e2b2ee066505ff1f41f3

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-77-nzt
AZySIRmTekH/rcwAAA
pragma
public
date
Wed, 13 Jul 2022 18:37:35 GMT
content-encoding
br
etag
W/"62a87d42-297"
last-modified
Tue, 14 Jun 2022 12:21:22 GMT
server
CDN77-Turbo
x-77-nzt-ray
6/pdwfWJ34Q
x-77-cache
HIT
content-type
application/javascript
x-cache
HIT
x-age
52397
x-77-pop
frankfurtDE
x-accel-expires
@1658721858
/
aohospitality.in/Continuar/elnuevo/laseguridad/ Frame 497F
60 KB
13 KB
Document
General
Full URL
https://aohospitality.in/Continuar/elnuevo/laseguridad/
Requested by
Host: urlz.fr
URL: https://urlz.fr/iMRN
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.222.225.250 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
Software
Apache /
Resource Hash
a8505ecc07f022c34fb869c0e55b5365ede76db3834806f84d81e71c5b42ded4

Request headers

Referer
https://urlz.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

content-encoding
gzip
content-length
13460
content-type
text/html; charset=UTF-8
date
Wed, 13 Jul 2022 18:37:35 GMT
server
Apache
vary
Accept-Encoding,User-Agent
x-server-cache
false
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-162669458-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
6088
date
Wed, 13 Jul 2022 16:56:08 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 13 Jul 2022 18:56:08 GMT
apstag.js
c.amazon-adsystem.com/aax2/
140 KB
38 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: ad.adxcore.com
URL: https://ad.adxcore.com/static/js/components/advstlib/advstlib.min.js?c001847fa2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.71.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-71-118.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b95939599754deb2250672a0ecba1494e7af2352a3598695df9684d77f953d73

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Wed, 13 Jul 2022 18:29:12 GMT
via
1.1 11a78ce92a548aac13fb6ee545aff014.cloudfront.net (CloudFront), 1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
last-modified
Thu, 30 Jun 2022 20:51:38 GMT
server
AmazonS3
age
505
etag
W/"72916dde70b34122b394074010b382ce"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-pop
FRA60-P1, FRA56-C1
content-encoding
gzip
x-amz-cf-id
i70f0i3Hx1I1apQzjItU8LiixCh5Hwnqso68BFrReqcUJ-rU5TOrsg==
/
l.adxcore.com/log/site/
35 B
265 B
Image
General
Full URL
https://l.adxcore.com/log/site/?siteid=23152&a=pap&device=DESK&cb=0.7421850298284027&ref=https%3A%2F%2Furlz.fr%2FiMRN
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.39.39.157 Dole, France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 18:37:36 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding,User-Agent
content-type
image/gif
cache-control
max-age=2592000, private
content-length
51
expires
Fri, 12 Aug 2022 18:37:36 GMT
cmp2.js
cmp.quantcast.com/tcfv2/42/
177 KB
47 KB
Script
General
Full URL
https://cmp.quantcast.com/tcfv2/42/cmp2.js?referer=www.themoneytizer.com
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:8e00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b471e74cabe83bf8f3da8793666d55603e3d20a72350873e27f2c75b75d5cfc2

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 18:37:36 GMT
content-encoding
gzip
age
29
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
last-modified
Tue, 05 Jul 2022 18:40:23 GMT
server
AmazonS3
etag
W/"a18627a302da47ec97015f587007f1a6"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
via
1.1 95e0c26862caa0a0aa5e9580919524f8.cloudfront.net (CloudFront)
cache-control
max-age=172800
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
GbC6-fkei4erLJBPW-4zeRR2obmpQnloGgEpBiCJglSQK02mHK3Beg==
index-monitoring-99a757f.js
cdn.pbstck.com/
186 KB
51 KB
XHR
General
Full URL
https://cdn.pbstck.com/index-monitoring-99a757f.js
Requested by
Host: boot.pbstck.com
URL: https://boot.pbstck.com/v1/tag/d086759d-86af-4b34-852b-bb5d4c87aa38
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:5d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13c3a168e07c10ca3db80605cdf6f5195507de06b7b5d3ca79f1e4b3f6e00433

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 18:37:36 GMT
content-encoding
br
cf-cache-status
HIT
age
170486
x-guploader-uploadid
ADPycdtby7awbpz0_qIxOgSJBgLS1rstutvNGtnBkAqf4Y-lZLQZm5WRqD1BcJR0wZi3B5nkGCtN2EV1p5LB2nH7WafzVbp9FM86
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 04 Jul 2022 13:37:30 GMT
server
cloudflare
etag
W/"138f34b7ca481c4dc482458e73244ba9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=iOZfgw==, md5=E480t8pIHE3EgkWOcyRLqQ==
x-goog-generation
1656941850180915
access-control-allow-origin
*
content-type
application/javascript
access-control-expose-headers
Cache-Control, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=604800, immutable
x-goog-stored-content-length
51569
cf-ray
72a4217cef8871ea-LHR
expires
Mon, 18 Jul 2022 18:43:19 GMT
/
spl.zeotap.com/
2 KB
1015 B
XHR
General
Full URL
https://spl.zeotap.com/?env=mWeb&eventType=pageview&zdid=1258
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/mapper.js?env=mWeb&eventType=pageview&zdid=1258
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03b73d57d9f31883ba52d700d3653a447987de5230f51eb5a14a2b3649f33e89

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray
72a4217c6e4875d2-LHR
date
Wed, 13 Jul 2022 18:37:36 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
text/html
access-control-allow-origin
https://urlz.fr
access-control-allow-credentials
true
content-encoding
br
access-control-allow-headers
*
rules-p-6Fv0cGNfc_bw8.js
rules.quantcount.com/
1 KB
1 KB
Script
General
Full URL
https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:4400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 17:43:28 GMT
content-encoding
gzip
age
3248
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
last-modified
Mon, 19 Mar 2018 22:28:36 GMT
server
AmazonS3
etag
W/"9a93052877e57b42aeefaab6e7ec5f90"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 cae542650fb32c773cc494fc6e7e71e6.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
PbWtxYXrZKcYFK1eaR-i2clqdR1OEElOvzhDDaqxLaETJAzyU7jHYg==
config.js
confiant-integrations.global.ssl.fastly.net/6JazTGIJh-hokZ3Hzq9-29PxCyY/gpt_and_prebid/
61 KB
15 KB
Script
General
Full URL
https://confiant-integrations.global.ssl.fastly.net/6JazTGIJh-hokZ3Hzq9-29PxCyY/gpt_and_prebid/config.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
54cbc0de6e03a14f5d4f16c5f9a0aa1391c8b210c9a16e68bc12f1999e05014a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 18:37:36 GMT
Content-Encoding
gzip
Age
1650
X-Cache
HIT
Connection
keep-alive
Content-Length
15134
x-amz-id-2
27hnvXPAC7UdV+8vngZSAcIHPG2T2nZIZeqKS2XEkb0l7FmsqJ2kpIYCyY+Y03GFP4NqTD/aYJM=
X-Served-By
cache-hhn4051-HHN
Last-Modified
Wed, 13 Jul 2022 18:02:47 GMT
Server
AmazonS3
X-Timer
S1657737456.230465,VS0,VE0
ETag
"ee42453827bbbc132ed6cb5f124dc1ee"
x-amz-request-id
JB5RQ2XMM1C628X3
Via
1.1 varnish
Accept-Ranges
bytes
Content-Type
text/javascript
X-Cache-Hits
1251
jquery-1.12.4.min.js
code.jquery.com/ Frame 497F
95 KB
33 KB
Script
General
Full URL
https://code.jquery.com/jquery-1.12.4.min.js
Requested by
Host: aohospitality.in
URL: https://aohospitality.in/Continuar/elnuevo/laseguridad/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://aohospitality.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 18:37:36 GMT
content-encoding
gzip
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
etag
W/"28feccc0-17b8b"
vary
Accept-Encoding
x-hw
1657737456.dop234.lo4.t,1657737456.cds238.lo4.hn,1657737456.cds207.lo4.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
33738
jquery-pincode-autotab.css
aohospitality.in/Continuar/elnuevo/laseguridad/ Frame 497F
265 B
213 B
Stylesheet
General
Full URL
https://aohospitality.in/Continuar/elnuevo/laseguridad/jquery-pincode-autotab.css
Requested by
Host: aohospitality.in
URL: https://aohospitality.in/Continuar/elnuevo/laseguridad/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.222.225.250 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
Software
Apache /
Resource Hash
23d7ec5b376b92e2d0e2b483846c2938b03250fb253af07a1354206718076269

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://aohospitality.in/Continuar/elnuevo/laseguridad/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 18:37:36 GMT
content-encoding
gzip
last-modified
Mon, 15 Jul 2019 20:30:10 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
text/css
accept-ranges
bytes
content-length
158
jquery-pincode-autotab.min.js
aohospitality.in/Continuar/elnuevo/laseguridad/ Frame 497F
2 KB
727 B
Script
General
Full URL
https://aohospitality.in/Continuar/elnuevo/laseguridad/jquery-pincode-autotab.min.js
Requested by
Host: aohospitality.in
URL: https://aohospitality.in/Continuar/elnuevo/laseguridad/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.222.225.250 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
Software
Apache /
Resource Hash
d6e395ef50c1564cf0f11e41a5a4ed81589b403c5a73177735d51cb1ffcfb852

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://aohospitality.in/Continuar/elnuevo/laseguridad/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 18:37:36 GMT
content-encoding
gzip
last-modified
Mon, 15 Jul 2019 20:30:10 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
application/javascript
accept-ranges
bytes
content-length
695
styles.30ce9a6d1e58e20411b6.css
aohospitality.in/Continuar/elnuevo/laseguridad/Home%20Banking_files/ Frame 497F
105 KB
20 KB
Stylesheet
General
Full URL
https://aohospitality.in/Continuar/elnuevo/laseguridad/Home%20Banking_files/styles.30ce9a6d1e58e20411b6.css
Requested by
Host: aohospitality.in
URL: https://aohospitality.in/Continuar/elnuevo/laseguridad/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.222.225.250 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
Software
Apache /
Resource Hash
aa6e0a9667852f86282460aa3848dbae46e288b447a02369c89c70f0bfe25a35

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://aohospitality.in/Continuar/elnuevo/laseguridad/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 18:37:36 GMT
content-encoding
gzip
last-modified
Thu, 10 Feb 2022 11:56:42 GMT
server
Apache
accept-ranges
bytes
vary
Accept-Encoding,User-Agent
content-type
text/css
s.cpbto
aohospitality.in/Continuar/elnuevo/laseguridad/Home%20Banking_files/ Frame 497F
4 KB
2 KB
Stylesheet
General
Full URL
https://aohospitality.in/Continuar/elnuevo/laseguridad/Home%20Banking_files/s.cpbto
Requested by
Host: aohospitality.in
URL: https://aohospitality.in/Continuar/elnuevo/laseguridad/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.222.225.250 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
Software
Apache /
Resource Hash
6513cbf8a1e0d6f74f56f1186a435d47c1d2bd0871890d50a73ec5613506ed65

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://aohospitality.in/Continuar/elnuevo/laseguridad/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 18:37:36 GMT
content-encoding
gzip
last-modified
Thu, 10 Feb 2022 11:56:44 GMT
server
Apache
x-server-cache
false
vary
Accept-Encoding,User-Agent
accept-ranges
bytes
content-length
1521
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.0.0/
84 KB
30 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Requested by
Host: d2zur9cc2gf1tx.cloudfront.net
URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 00:02:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
66891
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30186
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 13 Jul 2023 00:02:45 GMT
mw
mwzeom.zeotap.com/
Redirect Chain
  • https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=pageview&id_mid_4=49bd143f-9b10-45f2-71be-8bb0aeaf79e0&reqId=787133a4-4e77-4a4e-6735-6f903db5...
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fadnxs_uid%3D%24UID%26zpartnerid%3D2%26env%3DmWeb%26eventType%3Dpageview%26id_mid_4%3D49bd143f-9b10-45f2-71be-8bb0aeaf7...
  • https://mwzeom.zeotap.com/mw?adnxs_uid=7744625656261430918&zpartnerid=2&env=mWeb&eventType=pageview&id_mid_4=49bd143f-9b10-45f2-71be-8bb0aeaf79e0&reqId=787133a4-4e77-4a4e-6735-6f903db59e6a&zdid=1258
95 B
164 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?adnxs_uid=7744625656261430918&zpartnerid=2&env=mWeb&eventType=pageview&id_mid_4=49bd143f-9b10-45f2-71be-8bb0aeaf79e0&reqId=787133a4-4e77-4a4e-6735-6f903db59e6a&zdid=1258
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 18:37:36 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://urlz.fr
access-control-allow-credentials
true
cf-ray
72a4217eaa0e75d2-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

Pragma
no-cache
Date
Wed, 13 Jul 2022 18:37:36 GMT
X-Proxy-Origin
82.199.130.44; 82.199.130.44; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
8b35ff81-b9c1-42b4-82f8-b62e3a85fb30
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://mwzeom.zeotap.com/mw?adnxs_uid=7744625656261430918&zpartnerid=2&env=mWeb&eventType=pageview&id_mid_4=49bd143f-9b10-45f2-71be-8bb0aeaf79e0&reqId=787133a4-4e77-4a4e-6735-6f903db59e6a&zdid=1258
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
mw
mwzeom.zeotap.com/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=49bd143f-9b10-45f2-71be-8bb0aeaf79e0&reqId=787133a4-4e77-4a4e-6735-6f903db59e6a&...
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=49bd143f-9b10-45f2-71be-8bb0aeaf79e0&reqId=787133a4-4e77-4a4e-6735-6f903db59e6a...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESELli8RmNUrEibWd8RIH1xVE&google_cver=1&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=49bd143f-9b10-45f2-71be-8bb0aeaf79e0&reqId=787133a4-4e77-4a4e-673...
95 B
153 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESELli8RmNUrEibWd8RIH1xVE&google_cver=1&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=49bd143f-9b10-45f2-71be-8bb0aeaf79e0&reqId=787133a4-4e77-4a4e-6735-6f903db59e6a&zdid=1258
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 18:37:36 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://urlz.fr
access-control-allow-credentials
true
cf-ray
72a4217f1af675d2-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Wed, 13 Jul 2022 18:37:36 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://mwzeom.zeotap.com/mw?google_gid=CAESELli8RmNUrEibWd8RIH1xVE&google_cver=1&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=49bd143f-9b10-45f2-71be-8bb0aeaf79e0&reqId=787133a4-4e77-4a4e-6735-6f903db59e6a&zdid=1258
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
446
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generic
match.adsrvr.org/track/cmf/
70 B
265 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dpageview%26id_mid_4%3D49bd143f-9b10-45f2-71be-8bb0aeaf79e0%26reqId%3D787133a4-4e77-4a4e-6735-6f903db59e6a%26zdid%3D1258&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Jul 2022 18:37:36 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
mw
mwzeom.zeotap.com/
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=49bd143f-9b10-45f2-71be-8bb0aeaf79e0&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=49bd143f-9b10-45f2-71be-8bb0aeaf79e0&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
  • https://mwzeom.zeotap.com/mw?cid=11622089902477973823401253281420221596&zpartnerid=314&env=mWeb&eventType=pageview&id_mid_4=49bd143f-9b10-45f2-71be-8bb0aeaf79e0&reqId=787133a4-4e77-4a4e-6735-6f903d...
95 B
153 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?cid=11622089902477973823401253281420221596&zpartnerid=314&env=mWeb&eventType=pageview&id_mid_4=49bd143f-9b10-45f2-71be-8bb0aeaf79e0&reqId=787133a4-4e77-4a4e-6735-6f903db59e6a&zdid=1258
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 18:37:36 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://urlz.fr
access-control-allow-credentials
true
cf-ray
72a4217efac475d2-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

DCS
dcs-prod-irl1-1-v036-09e5d4995.edge-irl1.demdex.com 4 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
/dvDWOJdSmo=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://mwzeom.zeotap.com/mw?cid=11622089902477973823401253281420221596&zpartnerid=314&env=mWeb&eventType=pageview&id_mid_4=49bd143f-9b10-45f2-71be-8bb0aeaf79e0&reqId=787133a4-4e77-4a4e-6735-6f903db59e6a&zdid=1258
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
mw
mwzeom.zeotap.com/
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=pageview&id_mid_4=49bd143f-9b10-45f2-71be-8bb0aeaf79e0&reqId=787133a4-4e77-4a4e-6735-6f903db59e6a&zdid=1258
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1258&cid=lwS6x6TnrYpD96q7NsHfdes767u3wGmD%2BS41iYitP1U%3D
95 B
153 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1258&cid=lwS6x6TnrYpD96q7NsHfdes767u3wGmD%2BS41iYitP1U%3D
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 18:37:36 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://urlz.fr
access-control-allow-credentials
true
cf-ray
72a4217eaa1675d2-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Wed, 13 Jul 2022 18:37:36 GMT
server
AAWebServer
location
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1258&cid=lwS6x6TnrYpD96q7NsHfdes767u3wGmD%2BS41iYitP1U%3D
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires
0
mw
mwzeom.zeotap.com/
Redirect Chain
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dpageview%26id_mid_4%3D49...
  • https://mwzeom.zeotap.com/mw?cid=f60262cf-10f0-4d00-ab9c-bbc6c0ec479d&env=mWeb&zpartnerid=979&env=mWeb&eventType=pageview&id_mid_4=49bd143f-9b10-45f2-71be-8bb0aeaf79e0&reqId=787133a4-4e77-4a4e-6735...
95 B
153 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?cid=f60262cf-10f0-4d00-ab9c-bbc6c0ec479d&env=mWeb&zpartnerid=979&env=mWeb&eventType=pageview&id_mid_4=49bd143f-9b10-45f2-71be-8bb0aeaf79e0&reqId=787133a4-4e77-4a4e-6735-6f903db59e6a&zdid=1258
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 18:37:36 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://urlz.fr
access-control-allow-credentials
true
cf-ray
72a42180fe5175d2-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

Date
Wed, 13 Jul 2022 18:37:36 GMT
Server
MT3 4475 c1dc35a master cdg-pixel-x25 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://mwzeom.zeotap.com/mw?cid=f60262cf-10f0-4d00-ab9c-bbc6c0ec479d&env=mWeb&zpartnerid=979&env=mWeb&eventType=pageview&id_mid_4=49bd143f-9b10-45f2-71be-8bb0aeaf79e0&reqId=787133a4-4e77-4a4e-6735-6f903db59e6a&zdid=1258
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
0
Expires
Wed, 13 Jul 2022 18:37:35 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207070101/
337 KB
118 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7358337023487108&plah=urlz.fr
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b9b1142df326e5277ce717e537964ce76a15a4723132fec51048c05fc4c22e36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 18:37:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
121255
x-xss-protection
0
server
cafe
etag
8282339651981869153
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 13 Jul 2022 18:37:36 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220707/r20190131/ Frame 6CC1
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220707/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://urlz.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
46221
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4414
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 13 Jul 2022 05:47:15 GMT
etag
10429905676100781186
expires
Wed, 27 Jul 2022 05:47:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/j/
1 B
21 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=832506815&t=pageview&_s=1&dl=https%3A%2F%2Furlz.fr%2FiMRN&ul=en-us&de=UTF-8&dt=Home%20Banking&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=2021909868&gjid=506679726&cid=492860173.1657737456&tid=UA-162669458-1&_gid=1934444154.1657737456&_r=1&gtm=2ou7b0&z=1351333225
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://urlz.fr/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 13 Jul 2022 18:37:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://urlz.fr
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.71.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-71-118.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
ohN.Ia8q4H3SKA9S.12ooUiZoNn.3Gnl
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
38869
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Wed, 29 Jun 2022 23:14:57 GMT
server
AmazonS3
date
Wed, 13 Jul 2022 07:49:48 GMT
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 120ade321ed0e3697c81eb1eb19b5f62.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
LE-SYB_PC3XRo6Y7Yj3eu8d9VkmbmcmNt1jhPDGYQgdPHX_I8BergA==
wrap.js
confiant-integrations.global.ssl.fastly.net/gptprebidnative/202207121816/
203 KB
65 KB
Script
General
Full URL
https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202207121816/wrap.js
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/6JazTGIJh-hokZ3Hzq9-29PxCyY/gpt_and_prebid/config.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
17dbb476b9e2ac4cd30bc27ff21cd2d44a4d2d188dcc9dfcc7b151e20d9c89bc

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 18:37:36 GMT
Content-Encoding
gzip
Age
329
X-Cache
HIT
Connection
keep-alive
Content-Length
66321
x-amz-id-2
NosajmnVFwn8Qq5SmpdcicGlue6nQ80o+YclDgg1gd49pFB1dGu41zA2FwpgcCEY1X9brklm5d4=
X-Served-By
cache-hhn4051-HHN
Last-Modified
Tue, 12 Jul 2022 22:19:25 GMT
Server
AmazonS3
X-Timer
S1657737456.296117,VS0,VE0
ETag
"9fea69ac9affa12918d8b71094edcf4f"
x-amz-request-id
8WQC4M3ZFQT2P0QY
Via
1.1 varnish
Cache-Control
public, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
X-Cache-Hits
1872
cc2m_night2.jpg
aohospitality.in/Continuar/elnuevo/laseguridad/ Frame 497F
643 KB
647 KB
Image
General
Full URL
https://aohospitality.in/Continuar/elnuevo/laseguridad/cc2m_night2.jpg
Requested by
Host: aohospitality.in
URL: https://aohospitality.in/Continuar/elnuevo/laseguridad/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.222.225.250 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
Software
Apache /
Resource Hash
63c8882207a7f3e1ee6e8bc517102398d5441cba428fabbd2cdb578e63551862

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://aohospitality.in/Continuar/elnuevo/laseguridad/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 18:37:36 GMT
last-modified
Thu, 10 Feb 2022 12:02:10 GMT
server
Apache
accept-ranges
bytes
content-length
657922
content-type
image/jpeg
json
gum.criteo.com/sid/ Frame
0
0
Preflight
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Furlz.fr%2F&domain=urlz.fr&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://urlz.fr
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://urlz.fr
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Wed, 13 Jul 2022 18:37:35 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1486
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
/
ad.missena.io/
21 KB
9 KB
Script
General
Full URL
https://ad.missena.io/?t=PA-44335945
Requested by
Host: ad.adxcore.com
URL: https://ad.adxcore.com/static/js/components/advstlib/advstlib.min.js?c001847fa2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.246.7.169 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-246-7-169.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
5559c9c7a1d373ed00ab7356398d3025c2704d22158f6f13cbc997e14eff00b0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 13 Jul 2022 18:37:36 GMT
Content-Encoding
gzip
Last-Modified
Wed, 13 Jul 2022 18:37:36 GMT
Vary
Accept-Encoding, Origin
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Transfer-Encoding
chunked
Expires
Wed, 11 Nov 1998 11:11:11 GMT
latest.json
currency.prebid.org/
2 KB
2 KB
XHR
General
Full URL
https://currency.prebid.org/latest.json
Requested by
Host: ad.adxcore.com
URL: https://ad.adxcore.com/static/js/components/advstlib/advstlib.min.js?c001847fa2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:7600:19:2cf2:a900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2b50b5246fc8bcef1d6bd6d0b101d45672d448d459f508ae56bea08f3f2c81a4

Request headers

Referer
https://urlz.fr/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 13 Jul 2022 15:00:57 GMT
via
1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
vary
Origin
age
13000
x-cache
Hit from cloudfront
content-length
1639
last-modified
Wed, 13 Jul 2022 15:00:55 GMT
server
AmazonS3
etag
"a8c9acbb77367c5ecd5d286514e63d62"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
*
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
qkCvBbLq9WfaWQoyCexh8Xoy8K2Rf1r4CqnjJ_nTS_fY3h83fuQjiA==
expires
Thu, 14 Jul 2022 15:00:52 GMT
localstore.js
script.4dex.io/
483 B
934 B
Script
General
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: ad.adxcore.com
URL: https://ad.adxcore.com/static/js/components/advstlib/advstlib.min.js?c001847fa2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 18:37:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
tx71de9a623ae143c39231a-00629f978d
x-amz-version-id
1652176652152482
x-amz-id-2
tx71de9a623ae143c39231a-00629f978d
last-modified
Tue, 10 May 2022 09:57:32 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sNwLgRrThgz7L6bVpaBj156dR9ESF0Cy%2FLeAe3xDWiOi2Iw7th%2FsmMVKOt%2B7xssYQ3%2BX81Bx1KmwRsoh8VJALYM2klkN3eS2%2BLo1kDbP2Hwc63rgHalForalCNuJXeDYHGeIIS1KvpyTRCkU"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=1800
cf-ray
72a4217edbf48871-LHR
fire.js
s.cpx.to/
839 B
1 KB
Script
General
Full URL
https://s.cpx.to/fire.js?pid=12773&ref=&url=https%3A%2F%2Furlz.fr%2FiMRN&hn_ver=40&fid=a9ceb8e1-a0a1-4798-a7c6-77b4541b111e
Requested by
Host: p.cpx.to
URL: https://p.cpx.to/p/12773/px.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.125.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-125-230.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
126768fa732f9c8c8540df8f4ae7e206a1d103aa616d67bb2e36d11972aff328
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Wed, 13 Jul 2022 18:37:36 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/javascript; charset=UTF-8
Content-Length
839
Expires
Mon, 11 Jul 2022 15:26:15 UTC
9.gif
id5-sync.com/i/12/
43 B
1 KB
Image
General
Full URL
https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.69 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216534.ip-141-95-98.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 18:37:35 GMT
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
image/gif;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
/
l.adxcore.com/log/site/
35 B
215 B
Image
General
Full URL
https://l.adxcore.com/log/site/?siteid=23152&a=consent&gdpr_apply=0&consent=0&testId=3&country=XX&device=DESK&cb=0.56557030731582
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.39.39.157 Dole, France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 18:37:36 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding,User-Agent
content-type
image/gif
cache-control
max-age=2592000
content-length
51
expires
Fri, 12 Aug 2022 18:37:36 GMT
/
l.adxcore.com/log/site/
35 B
215 B
Image
General
Full URL
https://l.adxcore.com/log/site/?siteid=23152&a=start&testId=3&country=XX&device=DESK&cb=0.26360518187710125&ref=https%3A%2F%2Furlz.fr%2FiMRN
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.39.39.157 Dole, France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 18:37:36 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding,User-Agent
content-type
image/gif
cache-control
max-age=2592000
content-length
51
expires
Fri, 12 Aug 2022 18:37:36 GMT
/
l.adxcore.com/log/zone/
43 B
231 B
Image
General
Full URL
https://l.adxcore.com/log/zone/?zoneid=238072&siteid=23152&extzone=&impid=ecfa5ec8bc2fd93370b44fa12bc26da37cabb90f&ts=1657737456.338&ref=https%3A%2F%2Furlz.fr%2FiMRN
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.39.39.157 Dole, France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 18:37:36 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding,User-Agent
content-type
image/gif
cache-control
no-cache, max-age=2592000
content-length
57
expires
Fri, 12 Aug 2022 18:37:36 GMT
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Furlz.fr%2F&domain=urlz.fr&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=csvHX3xsOTd0RW0zUm5IYko0YkErSG5iUzdsVnlqUy91YVBUUlVPZjAxUFNzNEErWlVSV2pwWDRvVUhOR05obW5HQ0tDQzlxRkgvdyttOUlPSW9WSlZ1RHZLSVY5eVFYRUdXV1cxa09vLzFxQkhwL2pYajJTdUlwaGI3Tj...
337 B
604 B
XHR
General
Full URL
https://mug.criteo.com/sid?cpp=csvHX3xsOTd0RW0zUm5IYko0YkErSG5iUzdsVnlqUy91YVBUUlVPZjAxUFNzNEErWlVSV2pwWDRvVUhOR05obW5HQ0tDQzlxRkgvdyttOUlPSW9WSlZ1RHZLSVY5eVFYRUdXV1cxa09vLzFxQkhwL2pYajJTdUlwaGI3TjBUUXBnemNQanRMRW5ONVdVWlZDdWo5TTRYZHBMbVRhaXRkYTZKdjJzQW1TK2RKanZ3Ny9CWWZjWjZOZzNsc2hDZm00UmxwbjZpSHQ2a0V0ajNaYTlCMXdWUkcwTUNBPT18&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
6b8d146ac2d4cc90d10c57315f9d070b1695264f5666752503ec7f8336788875
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Jul 2022 18:37:36 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2592
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Wed, 13 Jul 2022 18:37:35 GMT
location
https://mug.criteo.com/sid?cpp=csvHX3xsOTd0RW0zUm5IYko0YkErSG5iUzdsVnlqUy91YVBUUlVPZjAxUFNzNEErWlVSV2pwWDRvVUhOR05obW5HQ0tDQzlxRkgvdyttOUlPSW9WSlZ1RHZLSVY5eVFYRUdXV1cxa09vLzFxQkhwL2pYajJTdUlwaGI3TjBUUXBnemNQanRMRW5ONVdVWlZDdWo5TTRYZHBMbVRhaXRkYTZKdjJzQW1TK2RKanZ3Ny9CWWZjWjZOZzNsc2hDZm00UmxwbjZpSHQ2a0V0ajNaYTlCMXdWUkcwTUNBPT18&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://urlz.fr
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1478
content-length
455
expires
0
12.json
id5-sync.com/g/v2/
213 B
614 B
XHR
General
Full URL
https://id5-sync.com/g/v2/12.json
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.69 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216534.ip-141-95-98.eu
Software
/
Resource Hash
d260429952b8e2583b86d95ff36a31d98994f77a987f02636a55d9b46377e59d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://urlz.fr/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://urlz.fr
date
Wed, 13 Jul 2022 18:37:35 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
SantanderHeadlineW05-Rg.9f3fc5d2724d101218a0.woff2
aohospitality.in/Continuar/elnuevo/laseguridad/Home%20Banking_files/ Frame 497F
33 KB
33 KB
Font
General
Full URL
https://aohospitality.in/Continuar/elnuevo/laseguridad/Home%20Banking_files/SantanderHeadlineW05-Rg.9f3fc5d2724d101218a0.woff2
Requested by
Host: aohospitality.in
URL: https://aohospitality.in/Continuar/elnuevo/laseguridad/Home%20Banking_files/styles.30ce9a6d1e58e20411b6.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.222.225.250 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
Software
Apache /
Resource Hash
8dc23ac1fc1a2d9fe17d4f8d70514a302c1d686b0c06ef9b4c3ec34ca593c1d3

Request headers

Referer
https://aohospitality.in/Continuar/elnuevo/laseguridad/Home%20Banking_files/styles.30ce9a6d1e58e20411b6.css
Origin
https://aohospitality.in
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 18:37:36 GMT
content-encoding
gzip
last-modified
Thu, 10 Feb 2022 12:02:54 GMT
server
Apache
accept-ranges
bytes
vary
Accept-Encoding,User-Agent
content-type
font/woff2
SantanderTextW05-Regular.e06575482dfb4f5ce0cb.woff2
aohospitality.in/Continuar/elnuevo/laseguridad/Home%20Banking_files/ Frame 497F
34 KB
34 KB
Font
General
Full URL
https://aohospitality.in/Continuar/elnuevo/laseguridad/Home%20Banking_files/SantanderTextW05-Regular.e06575482dfb4f5ce0cb.woff2
Requested by
Host: aohospitality.in
URL: https://aohospitality.in/Continuar/elnuevo/laseguridad/Home%20Banking_files/styles.30ce9a6d1e58e20411b6.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.222.225.250 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
Software
Apache /
Resource Hash
b8c9e126d6239234ecac3acea24620d0c8ee71ba72509e58cc72aadb4aa73a54

Request headers

Referer
https://aohospitality.in/Continuar/elnuevo/laseguridad/Home%20Banking_files/styles.30ce9a6d1e58e20411b6.css
Origin
https://aohospitality.in
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 18:37:36 GMT
content-encoding
gzip
last-modified
Thu, 10 Feb 2022 12:02:52 GMT
server
Apache
accept-ranges
bytes
vary
Accept-Encoding,User-Agent
content-type
font/woff2
SantanderTextW05-Bold.e0d7033809f586a71b1c.woff2
aohospitality.in/Continuar/elnuevo/laseguridad/Home%20Banking_files/ Frame 497F
35 KB
36 KB
Font
General
Full URL
https://aohospitality.in/Continuar/elnuevo/laseguridad/Home%20Banking_files/SantanderTextW05-Bold.e0d7033809f586a71b1c.woff2
Requested by
Host: aohospitality.in
URL: https://aohospitality.in/Continuar/elnuevo/laseguridad/Home%20Banking_files/styles.30ce9a6d1e58e20411b6.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.222.225.250 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
Software
Apache /
Resource Hash
3ed4606acf5b41ffe0d3fbc4eb9f84ad79d9c8b7a6e0007896667fd6359f541c

Request headers

Referer
https://aohospitality.in/Continuar/elnuevo/laseguridad/Home%20Banking_files/styles.30ce9a6d1e58e20411b6.css
Origin
https://aohospitality.in
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 18:37:36 GMT
content-encoding
gzip
last-modified
Thu, 10 Feb 2022 12:02:56 GMT
server
Apache
accept-ranges
bytes
vary
Accept-Encoding,User-Agent
content-type
font/woff2
san-icon.10405e3d0e04a65cd84d.woff2
aohospitality.in/Continuar/elnuevo/laseguridad/Home%20Banking_files/ Frame 497F
8 KB
8 KB
Font
General
Full URL
https://aohospitality.in/Continuar/elnuevo/laseguridad/Home%20Banking_files/san-icon.10405e3d0e04a65cd84d.woff2?bjctlp
Requested by
Host: aohospitality.in
URL: https://aohospitality.in/Continuar/elnuevo/laseguridad/Home%20Banking_files/styles.30ce9a6d1e58e20411b6.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.222.225.250 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
Software
Apache /
Resource Hash
e69dcb36c97e11b9ce1b1a39cc9070e44185eeb4611fd39706943ef1ea53d287

Request headers

Referer
https://aohospitality.in/Continuar/elnuevo/laseguridad/Home%20Banking_files/styles.30ce9a6d1e58e20411b6.css
Origin
https://aohospitality.in
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 18:37:36 GMT
content-encoding
gzip
last-modified
Thu, 10 Feb 2022 12:02:56 GMT
server
Apache
vary
Accept-Encoding,User-Agent
content-type
font/woff2
accept-ranges
bytes
content-length
8086
ico3.91e24b3fe5365cff1848.woff2
aohospitality.in/Continuar/elnuevo/laseguridad/Home%20Banking_files/ Frame 497F
68 KB
46 KB
Font
General
Full URL
https://aohospitality.in/Continuar/elnuevo/laseguridad/Home%20Banking_files/ico3.91e24b3fe5365cff1848.woff2?xxx2
Requested by
Host: aohospitality.in
URL: https://aohospitality.in/Continuar/elnuevo/laseguridad/Home%20Banking_files/styles.30ce9a6d1e58e20411b6.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.222.225.250 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
Software
Apache /
Resource Hash
c9f7e218b19e6c3c3db1e54d5a876309f95ce695c3cc8bc5d0b16513fc88baae

Request headers

Referer
https://aohospitality.in/Continuar/elnuevo/laseguridad/Home%20Banking_files/styles.30ce9a6d1e58e20411b6.css
Origin
https://aohospitality.in
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 18:37:36 GMT
content-encoding
gzip
last-modified
Thu, 10 Feb 2022 12:02:54 GMT
server
Apache
accept-ranges
bytes
vary
Accept-Encoding,User-Agent
content-type
font/woff2
s
kvt.sddan.com/api/v1/public/p/29567/d/50/
0
0

notifyme.php
adtrack.adleadevent.com/
0
518 B
XHR
General
Full URL
https://adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.188.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-188-96.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://urlz.fr/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 13 Jul 2022 18:37:36 GMT
Content-Encoding
gzip
Last-Modified
Wed, 13 Jul 2022 18:37:36 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
https://urlz.fr
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
Expires
Sat, 26 Jul 1997 05:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/
211 B
640 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=urlz.fr&callback=_gfp_s_&client=ca-pub-7358337023487108
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7358337023487108&plah=urlz.fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e357bde7ce1bf5d2781c7814cb935a4f398ae6990e14ef76c30d0170d449990a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 18:37:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
195
x-xss-protection
0
integrator.js
adservice.google.co.uk/adsid/
107 B
792 B
Script
General
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=urlz.fr
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7358337023487108&plah=urlz.fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 13 Jul 2022 18:37:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
549 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=urlz.fr
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7358337023487108&plah=urlz.fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 13 Jul 2022 18:37:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 61B0
17 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-7358337023487108&output=html&adk=1812271804&adf=3025194257&lmt=1657737456&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&plas=500x1080_l%7C500x1080_r&format=0x0&url=https%3A%2F%2Furlz.fr%2FiMRN&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657737456152&bpp=3&bdt=1717&idt=329&shv=r20220707&mjsv=m202207070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6345382621639&frm=20&pv=2&ga_vid=492860173.1657737456&ga_sid=1657737456&ga_hid=832506815&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763507%2C31068196%2C44766069%2C42531608&oid=2&pvsid=1556601588032590&tmod=1590345463&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=350
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7358337023487108&plah=urlz.fr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9fcd0fdabb25590b35b574982875c90f76e1dde37a9ab751622cbf6d7ff49b23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://urlz.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
5281
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 13 Jul 2022 18:37:36 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/
14 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220707&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7358337023487108&plah=urlz.fr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ba5f09d28761de2f0261c2a219012355c9e3f779c68ba83ce9ca6adf981cc07b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 13 Jul 2022 18:37:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10979
x-xss-protection
0
events
events.missena.io/v1/ Frame
0
0
Preflight
General
Full URL
https://events.missena.io/v1/events?ik=1657737456.cb7h1s5a9onp7tmgase0&p=criteo-cdb&t=PA-44335945
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.155.174.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-174-150.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://urlz.fr
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
GET,POST,HEAD,PUT,DELETE,PATCH
Access-Control-Allow-Origin
https://urlz.fr
Connection
keep-alive
Date
Wed, 13 Jul 2022 18:37:36 GMT
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
events
events.missena.io/v1/
0
371 B
Ping
General
Full URL
https://events.missena.io/v1/events?ik=1657737456.cb7h1s5a9onp7tmgase0&p=criteo-cdb&t=PA-44335945
Requested by
Host: ad.missena.io
URL: https://ad.missena.io/?t=PA-44335945
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.155.174.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-174-150.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://urlz.fr/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/msgpack

Response headers

Pragma
no-cache
Date
Wed, 13 Jul 2022 18:37:36 GMT
Last-Modified
Wed, 13 Jul 2022 18:37:36 GMT
Vary
Origin
Access-Control-Allow-Origin
https://urlz.fr
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
Wed, 11 Nov 1998 11:11:11 GMT
widget.8ba57c52.js
chat.missena.io/
201 KB
65 KB
Script
General
Full URL
https://chat.missena.io/widget.8ba57c52.js
Requested by
Host: ad.missena.io
URL: https://ad.missena.io/?t=PA-44335945
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-93.fra56.r.cloudfront.net
Software
/
Resource Hash
2811f767bd1331f734f0240e30890adaa08e8824e9d9fec1082d2b8394ba7d60

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 13:25:12 GMT
content-encoding
br
age
18744
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 13 Jul 2022 13:16:42 GMT
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
via
1.1 579a21a67e4dc50a655a7c0e9675261c.cloudfront.net (CloudFront)
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=315360000
x-amz-cf-pop
FRA56-C1
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id
DBUH3TyKTRkLy0QoYAvkd9ruS2F8BcoeAWaBd7pyR9TH0S0rKD1d-w==
expires
Thu, 31 Dec 2037 23:55:55 GMT
adagio.js
script.4dex.io/
72 KB
23 KB
Fetch
General
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b55131eaef425cb84b957a28df5881c3c83eb11ca9c01e3abccb00baf0e377b6

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 18:37:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
452238
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
tx3a46dd73d792465ab8276-00629f4bd9
x-amz-id-2
tx3a46dd73d792465ab8276-00629f4bd9
last-modified
Tue, 10 May 2022 09:57:31 GMT
server
cloudflare
etag
W/"2430496689c00115831347992a974246"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hyLQcBL%2B085P7i47wC%2BCwx7Vu%2FHtsOx3dlNz3yje0m%2FiIeDrtz0978m%2B2q%2BkBVDxkDvvvHxzb2rA0fOLFmEX6qF9n%2BjkeG2pWFAfSMep5uTUu66pbFJBSfJtjVRUd%2Fmlpo1NMvZ6EVrFg69Z"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-amz-version-id
1652176651393042
cf-ray
72a421802fea76de-LHR
access-control-allow-headers
Authorization
an_fire
s.cpx.to/
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12773%26ref%3D%26url%3Dhttps%253A%252F%252Furlz.fr%252FiMRN%26hn_ver%3D40%26fid%3Da9ceb8e1-a0a1-479...
  • https://s.cpx.to/an_fire?app_nexus_uid=7744625656261430918&pid=12773&ref=&url=https%3A%2F%2Furlz.fr%2FiMRN&hn_ver=40&fid=a9ceb8e1-a0a1-4798-a7c6-77b4541b111e
95 B
865 B
Image
General
Full URL
https://s.cpx.to/an_fire?app_nexus_uid=7744625656261430918&pid=12773&ref=&url=https%3A%2F%2Furlz.fr%2FiMRN&hn_ver=40&fid=a9ceb8e1-a0a1-4798-a7c6-77b4541b111e
Protocol
HTTP/1.1
Server
63.33.125.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-125-230.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Wed, 13 Jul 2022 18:37:36 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Content-Length
95
Expires
Wed, 13 Jul 2022 18:37:36 UTC

Redirect headers

Pragma
no-cache
Date
Wed, 13 Jul 2022 18:37:36 GMT
X-Proxy-Origin
82.199.130.44; 82.199.130.44; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
f3152c37-3077-4247-8ec6-58630af6d263
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://s.cpx.to/an_fire?app_nexus_uid=7744625656261430918&pid=12773&ref=&url=https%3A%2F%2Furlz.fr%2FiMRN&hn_ver=40&fid=a9ceb8e1-a0a1-4798-a7c6-77b4541b111e
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
getuid
sync.smartadserver.com/
Redirect Chain
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3Da9ceb8e1-a0a1-4798-a7c6-77b4541b111e&gdpr=0
  • https://sync.smartadserver.com/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=a9ceb8e1-a0a1-4798-a7c6-77b4541b111e&gdpr=0&cklb=1
0
315 B
Image
General
Full URL
https://sync.smartadserver.com/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=a9ceb8e1-a0a1-4798-a7c6-77b4541b111e&gdpr=0&cklb=1
Protocol
HTTP/1.1
Server
185.86.137.133 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Jul 2022 18:37:36 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://sync.smartadserver.com:443/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=a9ceb8e1-a0a1-4798-a7c6-77b4541b111e&gdpr=0&cklb=1
pragma
no-cache
date
Wed, 13 Jul 2022 18:37:36 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
ca.png
s.cpx.to/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=a9ceb8e1-a0a1-4798-a7c6-77b4541b111e
  • https://s.cpx.to/ca.png?dsp=dbm&fid=a9ceb8e1-a0a1-4798-a7c6-77b4541b111e&google_gid=CAESEOuu6i47tM2h2x20VcaMHiI&google_cver=1
95 B
804 B
Image
General
Full URL
https://s.cpx.to/ca.png?dsp=dbm&fid=a9ceb8e1-a0a1-4798-a7c6-77b4541b111e&google_gid=CAESEOuu6i47tM2h2x20VcaMHiI&google_cver=1
Protocol
HTTP/1.1
Server
63.33.125.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-125-230.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Wed, 13 Jul 2022 18:37:36 GMT
X-Frame-Options
sameorigin
Content-Type
image/png
Cache-Control
no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
95

Redirect headers

pragma
no-cache
date
Wed, 13 Jul 2022 18:37:36 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://s.cpx.to/ca.png?dsp=dbm&fid=a9ceb8e1-a0a1-4798-a7c6-77b4541b111e&google_gid=CAESEOuu6i47tM2h2x20VcaMHiI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
334
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generic
match.adsrvr.org/track/cmf/
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=0fkciot&ttd_tpi=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Jul 2022 18:37:36 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
UCookieSetPug
image2.pubmatic.com/AdServer/
0
225 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Da9ceb8e1-a0a1-4798-a7c6-77b4541b111e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 18:37:36 GMT
content-encoding
gzip
server
nginx
cache-control
no-store, no-cache, private
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type
text/html; charset=utf-8
missena
sync.missena.io/
43 B
747 B
Image
General
Full URL
https://sync.missena.io/missena?gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.18.239.113 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-239-113.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 13 Jul 2022 18:37:36 GMT
Last-Modified
Wed, 13 Jul 2022 18:37:36 GMT
Vary
Origin
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
Expires
Wed, 11 Nov 1998 11:11:11 GMT
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://urlz.fr
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://urlz.fr
access-control-max-age
600
age
0
content-length
0
date
Wed, 13 Jul 2022 18:37:36 GMT
server
ATS/9.1.0.46
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://urlz.fr
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://urlz.fr
access-control-max-age
600
age
0
content-length
0
date
Wed, 13 Jul 2022 18:37:36 GMT
server
ATS/9.1.0.46
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://urlz.fr
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://urlz.fr
access-control-max-age
600
age
0
content-length
0
date
Wed, 13 Jul 2022 18:37:36 GMT
server
ATS/9.1.0.46
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://urlz.fr
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://urlz.fr
access-control-max-age
600
age
0
content-length
0
date
Wed, 13 Jul 2022 18:37:36 GMT
server
ATS/9.1.0.46
v1
hb-api.omnitagjs.com/hb-api/prebid/
285 B
629 B
XHR
General
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Furlz.fr%2FiMRN&PublisherDomain=urlz.fr
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.151 Ivry-sur-Seine, France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
126ec9e0344edffc6387a5e9c7d3de3070e8c058dcc3171e88f609f3b9fd2ae7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://urlz.fr/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 13 Jul 2022 18:37:36 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://urlz.fr
access-control-max-age
3600
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
access-control-allow-headers
Accept-Encoding, Content-Type
content-length
285
expires
0
pb
ad.360yield.com/
0
365 B
XHR
General
Full URL
https://ad.360yield.com/pb
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.217.246.116 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-217-246-116.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://urlz.fr/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://urlz.fr
date
Wed, 13 Jul 2022 18:37:36 GMT
access-control-allow-credentials
true
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
prebid
mp.4dex.io/
120 B
597 B
XHR
General
Full URL
https://mp.4dex.io/prebid
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fcf3263f46f756b5544b9953650c4524024a82ef4cd063a2bf5c270f2a7ff0d

Request headers

Referer
https://urlz.fr/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

cf-ray
72a421809f8d7780-LHR
pragma
no-cache
date
Wed, 13 Jul 2022 18:37:36 GMT
via
1.1 google
cf-cache-status
DYNAMIC
x-warn
Preparing candidates. No matching rules and/or Bids disallowed and/or Invalid predictions
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://urlz.fr
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
server
cloudflare
expires
0
c
prebid.a-mo.net/a/
0
165 B
XHR
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://urlz.fr/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
1
date
Wed, 13 Jul 2022 18:37:36 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://urlz.fr
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
bids
prebid-us.creativecdn.com/bidder/prebid/
0
169 B
XHR
General
Full URL
https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS
ip-185-184-10-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://urlz.fr/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://urlz.fr
date
Wed, 13 Jul 2022 18:37:37 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
adjson
ads.betweendigital.com/
2 B
903 B
XHR
General
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://urlz.fr/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://urlz.fr
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
/
prebid.smilewanted.com/
0
0

/
prebid.smilewanted.com/
0
0

/
prebid.smilewanted.com/
0
0

/
prebid.smilewanted.com/
0
0

/
prebid.smilewanted.com/
0
0

bidder
sonic.impactify.media/
137 B
362 B
XHR
General
Full URL
https://sonic.impactify.media/bidder
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
135.125.180.63 , France, ASN16276 (OVH, FR),
Reverse DNS
hb-eu-de-01.impactify.media
Software
nginx/1.18.0 /
Resource Hash
f4bb99832e6a1e3e77dd1c1285ae8c3607b1c3657bcb2abd3e687ebeeb3adb6e

Request headers

Referer
https://urlz.fr/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 13 Jul 2022 18:37:36 GMT
server
nginx/1.18.0
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://urlz.fr
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
137
expires
0
moneybid.js
ads.themoneytizer.com/bidder1/
75 B
357 B
XHR
General
Full URL
https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=15056&adid=11&formatid=video&size=desktop&country=undefined
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::18 , United Kingdom, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
649144be1fa79362df36ab951a8b94ba05f5e7f1a484224bf9dc7f333fdb60dd

Request headers

Referer
https://urlz.fr/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

x-77-nzt
AZySIRn3dn3/lrwAAA
x-accel-expires
@1657775578
date
Wed, 13 Jul 2022 18:37:36 GMT
content-encoding
br
server
CDN77-Turbo
x-77-nzt-ray
rwX+bFTqyGU
vary
Origin
x-77-cache
HIT
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://urlz.fr
cache-control
max-age=86400
x-cache
HIT
x-age
48278
x-77-pop
frankfurtDE
moneybid.js
ads.themoneytizer.com/bidder1/
624 B
641 B
XHR
General
Full URL
https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=15056&adid=1&formatid=26322&size=desktop
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::18 , United Kingdom, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
c1f3d5b8f9aebad647eb95d6e7ee1d40bcdf98c52de9028fc9ec87e209f1148f

Request headers

Referer
https://urlz.fr/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

x-77-nzt
AZySIRm7417/lrwAAA
x-accel-expires
@1657775578
date
Wed, 13 Jul 2022 18:37:36 GMT
content-encoding
br
server
CDN77-Turbo
x-77-nzt-ray
LYkkE8Btjuk
vary
Origin
x-77-cache
HIT
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://urlz.fr
cache-control
public, max-age=86400
x-cache
HIT
x-age
48278
x-77-pop
frankfurtDE
moneybid.js
ads.themoneytizer.com/bidder1/
631 B
643 B
XHR
General
Full URL
https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=15056&adid=28&formatid=30012&size=desktop
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::18 , United Kingdom, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
87d0504a593794695c2f77db0efde1f65e73a7086abf260f07f491482517cd07

Request headers

Referer
https://urlz.fr/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

x-77-nzt
AZySIRlPJ+r/lrwAAA
x-accel-expires
@1657775578
date
Wed, 13 Jul 2022 18:37:36 GMT
content-encoding
br
server
CDN77-Turbo
x-77-nzt-ray
sXnMjviDAJs
vary
Origin
x-77-cache
HIT
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://urlz.fr
cache-control
max-age=86400
x-cache
HIT
x-age
48278
x-77-pop
frankfurtDE
prebid
ib.adnxs.com/ut/v3/
37 KB
10 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
2c86f11a1288f1a75b3dc2c50baa21d44129a24c63381f32e55178f69ba634e5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://urlz.fr/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 13 Jul 2022 18:37:36 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
82.199.130.44; 82.199.130.44; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
3d3b905e-e3af-4b2c-b3a3-c3524a740e99
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://urlz.fr
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/
11 KB
6 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
44121d44e2c5b5a06eaf76f19f73b0bfb32074081808934ca38df4b6debbacc6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://urlz.fr/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 13 Jul 2022 18:37:36 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
82.199.130.44; 82.199.130.44; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
bd7d0e5b-e8f4-403a-b713-01a17ea155d8
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://urlz.fr
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
b1h.zemanta.com/api/bidder/prebid/bid/
0
113 B
XHR
General
Full URL
https://b1h.zemanta.com/api/bidder/prebid/bid/
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.31.142.159 Chicago, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
chi.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://urlz.fr/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://urlz.fr
Access-Control-Allow-Credentials
true
bidRequest
c2shb.pubgw.yahoo.com/
66 B
96 B
XHR
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
2ed6ad817a50ea8cc378f48260254bc32096e80418eac8241bf5c195d3856d5d

Request headers

Referer
https://urlz.fr/
x-openrtb-version
2.5
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 13 Jul 2022 18:37:37 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://urlz.fr
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/
66 B
96 B
XHR
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
c8ce769812993cc9bcd1b040b8638eec40a3096d330d6c72845e8e4b934b1e2b

Request headers

Referer
https://urlz.fr/
x-openrtb-version
2.5
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 13 Jul 2022 18:37:37 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://urlz.fr
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/
66 B
291 B
XHR
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
3e7a20f9761c65d3873d13999558797e2e22c8a84314cc08cbf00f0ade9dedb1

Request headers

Referer
https://urlz.fr/
x-openrtb-version
2.5
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 13 Jul 2022 18:37:37 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://urlz.fr
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/
66 B
96 B
XHR
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
54878e06fcce229abd4837c8790ca132935fd24b82c0da790b23cb3e993572d1

Request headers

Referer
https://urlz.fr/
x-openrtb-version
2.5
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 13 Jul 2022 18:37:37 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://urlz.fr
access-control-allow-credentials
true
content-length
66
adreq
ads.servenobid.com/
717 B
669 B
XHR
General
Full URL
https://ads.servenobid.com/adreq?cb=10292
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.135.106 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-135-106.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
5ca6c8029d37a15f6160bb4b6ae37daf13f235805149795aa25a013d0d282b14

Request headers

Referer
https://urlz.fr/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 13 Jul 2022 18:37:37 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://urlz.fr
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
/
shb.richaudience.com/hb/
0
226 B
XHR
General
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.90.3.144 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.144.3.90.157.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://urlz.fr/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 13 Jul 2022 18:37:36 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding, Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://urlz.fr
access-control-max-age
86400
access-control-allow-credentials
true
/
shb.richaudience.com/hb/
0
227 B
XHR
General
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.90.3.144 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.144.3.90.157.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://urlz.fr/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 13 Jul 2022 18:37:36 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding, Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://urlz.fr
access-control-max-age
86400
access-control-allow-credentials
true
/
shb.richaudience.com/hb/
0
226 B
XHR
General
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.90.3.144 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.144.3.90.157.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://urlz.fr/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 13 Jul 2022 18:37:36 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding, Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://urlz.fr
access-control-max-age
86400
access-control-allow-credentials
true
/
shb.richaudience.com/hb/
0
226 B
XHR
General
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.90.3.144 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.144.3.90.157.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://urlz.fr/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 13 Jul 2022 18:37:36 GMT
content-encoding
gzip
server
nginx/1.14.2
vary
Accept-Encoding, Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://urlz.fr
access-control-max-age
86400
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/
50 B
887 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://urlz.fr/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 13 Jul 2022 18:37:36 GMT
X-Proxy-Origin
82.199.130.44; 82.199.130.44; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
d2738d75-d093-4a52-bbd7-0df6ad92cab9
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://urlz.fr
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
50
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid-request
onetag-sys.com/
15 B
354 B
XHR
General
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://urlz.fr/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://urlz.fr
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
openrtb
adx.adform.net/adx/
0
404 B
XHR
General
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://urlz.fr/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 13 Jul 2022 18:37:36 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://urlz.fr
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
auction
prebid-server.rubiconproject.com/openrtb2/
184 B
402 B
XHR
General
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.213.239 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-213-239.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
76d1ef7a4dc8f7d4030882626296fdc8aac376861244239b4ea86d9b6a16ece7

Request headers

Referer
https://urlz.fr/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 13 Jul 2022 18:37:36 GMT
content-encoding
gzip
x-prebid
pbs-java/1.93.0
content-type
application/json
access-control-allow-origin
https://urlz.fr
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
173
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/
25 B
271 B
XHR
General
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.213.239 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-213-239.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
4df27efd0cb59263899762b6d613958a952ff33244ffb99ee2bbe679461da0a2

Request headers

Referer
https://urlz.fr/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 13 Jul 2022 18:37:36 GMT
content-encoding
gzip
x-prebid
pbs-java/1.93.0
access-control-allow-origin
https://urlz.fr
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
51
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/
675 B
3 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11740&site_id=39544&zone_id=1078226%3B1124628%3B1078226%3B1078310&size_id=68%3B15%3B2%3B2&alt_size_ids=221%3B2%2C55%2C58%2C221%3B19%2C43%2C44%2C117%3B19%2C43%2C44%2C117&p_pos=atf&gdpr=0&rp_schain=1.0,1!themoneytizer.com,9592,1,4700f69e-fa2a-477c-aa6c-95937def3083,,&eid_pubcid.org=8c59273e-5a9e-456c-874f-a38e6cef8785%5E1&rf=https%3A%2F%2Furlz.fr&kw=15056&tg_i.name=urlz.fr&tg_i.siteid=15056&tg_i.pbadslot=%2F15056%2Furlz.fr%2Fmobile%2F26325%3B%2F15056%2Furlz.fr%2Fmobile%2F26328%3B%2F15056%2Furlz.fr%2Fmobile%2F26322%3B%2F15056%2Furlz.fr%2Fmobile%2F30012&tk_flint=pbjs_lite_v7.1.0&x_source.tid=22026ad9-abb0-4219-b9e7-c98f1413238b%3B64684f28-f6e0-4a14-b9c3-96e43b5793f6%3B54c01a80-0c4d-4a01-a8f6-c95fa6d38018%3B02f5355c-1424-4f2e-92f9-005978c70962&l_pb_bid_id=8483cf010be2895%3B8571e2e9750b1f6%3B86d9905a577b964%3B877e22e3aca009&p_screen_res=1600x1200&rp_floor=0.5%3B0.01%3B0.01%3B0.01&rp_secure=1&rp_maxbids=1&p_gpid=%2F15056%2Furlz.fr%2Fmobile%2F26325%3B%2F15056%2Furlz.fr%2Fmobile%2F26328%3B%2F15056%2Furlz.fr%2Fmobile%2F26322%3B%2F15056%2Furlz.fr%2Fmobile%2F30012&slots=4&rand=0.613510433446603
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
71bc7597eafe6afffbb713a7e3da6d1044d9a23ab5ce4bf01f5b1c972f666065

Request headers

Referer
https://urlz.fr/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 13 Jul 2022 18:37:36 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://urlz.fr
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
675
Expires
Wed, 17 Sep 1975 21:32:10 GMT
cdb
bidder.criteo.com/
0
209 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.1.0&cb=71613571320
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://urlz.fr/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 13 Jul 2022 18:37:36 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://urlz.fr
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
ROS
pbjs.e-planning.net/hb/1/2a156/1/urlz.fr/
Redirect Chain
  • https://pbjs.e-planning.net/pbjs/1/2a156/1/urlz.fr/ROS?rnd=0.33070262030319286&e=video%3A300x250%2C300x50%2C355x50%2C640x480%2B26328%3A300x250%2C728x90%2C970x90%2C1x1%2C1000x90%2C1000x30%2C990x90%2...
  • https://pbjs.e-planning.net/hb/1/2a156/1/urlz.fr/ROS?ct=1&r=pbjs&rnd=0.33070262030319286&e=video%3A300x250%2C300x50%2C355x50%2C640x480%2B26328%3A300x250%2C728x90%2C970x90%2C1x1%2C1000x90%2C1000x30%...
101 B
417 B
XHR
General
Full URL
https://pbjs.e-planning.net/hb/1/2a156/1/urlz.fr/ROS?ct=1&r=pbjs&rnd=0.33070262030319286&e=video%3A300x250%2C300x50%2C355x50%2C640x480%2B26328%3A300x250%2C728x90%2C970x90%2C1x1%2C1000x90%2C1000x30%2C990x90%2C950x90%2B26322%3A728x90%2C320x50%2C300x50%2C320x100%2C300x100%2B30012%3A728x90%2C320x50%2C300x50%2C320x100%2C300x100&ur=https%3A%2F%2Furlz.fr%2FiMRN&pbv=7.1.0&ncb=1&vs=FFFF&crs=UTF-8&fr=https%3A%2F%2Furlz.fr%2FiMRN&gdpr=0&e_id5id=%257B%2522uid%2522%253A%25220%2522%252C%2522ext%2522%253A%257B%2522linkType%2522%253A0%257D%257D&e_pubcid=8c59273e-5a9e-456c-874f-a38e6cef8785
Protocol
H2
Server
5.178.65.246 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
16ba73b11a3969be7e16c4c883cc8f01868786478ab9a660276f0227bd42617b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 18:37:36 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://urlz.fr
expires
Wed, 13 Jul 2022 18:37:36 GMT
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
101
x-sid
AMS-601

Redirect headers

date
Wed, 13 Jul 2022 18:37:36 GMT
server
openresty
location
/hb/1/2a156/1/urlz.fr/ROS?ct=1&r=pbjs&rnd=0.33070262030319286&e=video%3A300x250%2C300x50%2C355x50%2C640x480%2B26328%3A300x250%2C728x90%2C970x90%2C1x1%2C1000x90%2C1000x30%2C990x90%2C950x90%2B26322%3A728x90%2C320x50%2C300x50%2C320x100%2C300x100%2B30012%3A728x90%2C320x50%2C300x50%2C320x100%2C300x100&ur=https%3A%2F%2Furlz.fr%2FiMRN&pbv=7.1.0&ncb=1&vs=FFFF&crs=UTF-8&fr=https%3A%2F%2Furlz.fr%2FiMRN&gdpr=0&e_id5id=%257B%2522uid%2522%253A%25220%2522%252C%2522ext%2522%253A%257B%2522linkType%2522%253A0%257D%257D&e_pubcid=8c59273e-5a9e-456c-874f-a38e6cef8785
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://urlz.fr
access-control-allow-credentials
true
content-type
text/html; charset=iso-8859-1
x-sid
AMS-601
v1
btlr.sharethrough.com/universal/
0
108 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.126.125 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-126-125.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://urlz.fr/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://urlz.fr
date
Wed, 13 Jul 2022 18:37:36 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/
0
108 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.126.125 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-126-125.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://urlz.fr/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://urlz.fr
date
Wed, 13 Jul 2022 18:37:36 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/
0
108 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.126.125 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-126-125.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://urlz.fr/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://urlz.fr
date
Wed, 13 Jul 2022 18:37:36 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/
0
109 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.126.125 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-126-125.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://urlz.fr/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://urlz.fr
date
Wed, 13 Jul 2022 18:37:36 GMT
access-control-allow-credentials
true
vary
Origin
sid
mug.criteo.com/ Frame
0
0
Preflight
General
Full URL
https://mug.criteo.com/sid?cpp=csvHX3xsOTd0RW0zUm5IYko0YkErSG5iUzdsVnlqUy91YVBUUlVPZjAxUFNzNEErWlVSV2pwWDRvVUhOR05obW5HQ0tDQzlxRkgvdyttOUlPSW9WSlZ1RHZLSVY5eVFYRUdXV1cxa09vLzFxQkhwL2pYajJTdUlwaGI3TjBUUXBnemNQanRMRW5ONVdVWlZDdWo5TTRYZHBMbVRhaXRkYTZKdjJzQW1TK2RKanZ3Ny9CWWZjWjZOZzNsc2hDZm00UmxwbjZpSHQ2a0V0ajNaYTlCMXdWUkcwTUNBPT18&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Wed, 13 Jul 2022 18:37:36 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1076
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
102.json
id5-sync.com/g/v2/
213 B
614 B
XHR
General
Full URL
https://id5-sync.com/g/v2/102.json
Requested by
Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1097/smart.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.69 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216534.ip-141-95-98.eu
Software
/
Resource Hash
a1b4f88bb132f7ad14a70869f4372a0570c12028c7a3c6af1bc30ca7d1467a08
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://urlz.fr/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://urlz.fr
date
Wed, 13 Jul 2022 18:37:36 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7358337023487108&plah=urlz.fr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 18:37:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 13 Jul 2022 18:37:36 GMT
pixel;r=187904600;labels=Categories.hobbiesandinterests;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Furlz.fr%2FiMRN;uht=2;fpan=1;fpa=P0-1773797060-1657737456248;pbc=;ns=0;ce=1;qjs=1;qv=aa9ea0d0-2022071...
pxl.qccerttest.com/
35 B
541 B
Image
General
Full URL
https://pxl.qccerttest.com/pixel;r=187904600;labels=Categories.hobbiesandinterests;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Furlz.fr%2FiMRN;uht=2;fpan=1;fpa=P0-1773797060-1657737456248;pbc=;ns=0;ce=1;qjs=1;qv=aa9ea0d0-20220713144841;cm=;gdpr=0;us_privacy=1---;ref=;d=urlz.fr;dst=0;et=1657737456247;tzo=0;ogl=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:ca00:11:615:7240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 09:19:23 GMT
via
1.1 b8fb5d47d5536b63dd25111404e6e2e4.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
33495
x-amz-server-side-encryption
AES256
x-cache
Error from cloudfront
vary
Origin
content-length
35
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 10 May 2022 16:41:37 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
etag
"55d25e9dc950d5db4d53a3b195c046c6"
strict-transport-security
max-age=31536000
content-type
image/gif
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
x-amz-cf-id
D6QRE7caypkEbjKbe4AUWha8CDN-g31C9pp0jzn92CPvrkDauLeBow==
pixel;r=187904600;labels=Categories.hobbiesandinterests;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Furlz.fr%2FiMRN;uht=2;fpan=1;fpa=P0-1773797060-1657737456248;pbc=;ns=0;ce=1;qjs=1;qv=aa9ea0d0-2022071...
pixel.quantserve.com/
35 B
371 B
Image
General
Full URL
https://pixel.quantserve.com/pixel;r=187904600;labels=Categories.hobbiesandinterests;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Furlz.fr%2FiMRN;uht=2;fpan=1;fpa=P0-1773797060-1657737456248;pbc=;ns=0;ce=1;qjs=1;qv=aa9ea0d0-20220713144841;cm=;gdpr=0;us_privacy=1---;ref=;d=urlz.fr;dst=0;et=1657737456247;tzo=0;ogl=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Jul 2022 18:37:36 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
publishertag.js
static.criteo.net/js/ld/
119 KB
39 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: chat.missena.io
URL: https://chat.missena.io/widget.8ba57c52.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
c40168707694e0bb9241c2f9f4ef86dfa65513f547b6a37c151babf07fcd7d53
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 18:37:36 GMT
content-encoding
gzip
last-modified
Wed, 29 Jun 2022 06:23:35 GMT
server
nginx
etag
W/"62bbefe7-1dc0d"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 14 Jul 2022 18:37:36 GMT
/
bid.missena.io/
0
0
Fetch
General
Full URL
https://bid.missena.io/?t=PA-44335945
Requested by
Host: chat.missena.io
URL: https://chat.missena.io/widget.8ba57c52.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.155.174.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-174-150.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://urlz.fr/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://urlz.fr
Date
Wed, 13 Jul 2022 18:37:36 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5A64
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://urlz.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
12797
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 13 Jul 2022 15:04:20 GMT
expires
Thu, 13 Jul 2023 15:04:20 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 4AB6
783 B
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
2375e3ee8e538473b789c98c669d155f20c95428f5975025e4b4da6ae6459910
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Z3J_6sq-mNezjIdqyusdCQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://urlz.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-Z3J_6sq-mNezjIdqyusdCQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 13 Jul 2022 18:37:37 GMT
expires
Wed, 13 Jul 2022 18:37:37 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
isync
visitor.omnitagjs.com/visitor/ Frame 4C7B
Redirect Chain
  • https://sync.missena.io/adyoulike?gdpr=0
  • https://visitor.omnitagjs.com/visitor/isync?uid=9d3de46176757cb28c73de5b6692c577&name=MISSENA&visitor=cb7h1s3khgtjqjqd4jl0&gdpr=0
0
178 B
Document
General
Full URL
https://visitor.omnitagjs.com/visitor/isync?uid=9d3de46176757cb28c73de5b6692c577&name=MISSENA&visitor=cb7h1s3khgtjqjqd4jl0&gdpr=0
Requested by
Host: ad.missena.io
URL: https://ad.missena.io/?t=PA-44335945
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.153 Ivry-sur-Seine, France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://urlz.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 13 Jul 2022 18:37:36 GMT
expires
0
pragma
no-cache
server
ayl-lb-fra02
vary
Accept-Encoding
x-content-type-options
nosniff
x-envoy-upstream-service-time
9

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Length
0
Date
Wed, 13 Jul 2022 18:37:37 GMT
Expires
Wed, 11 Nov 1998 11:11:11 GMT
Last-Modified
Wed, 13 Jul 2022 18:37:37 GMT
Location
https://visitor.omnitagjs.com/visitor/isync?uid=9d3de46176757cb28c73de5b6692c577&name=MISSENA&visitor=cb7h1s3khgtjqjqd4jl0&gdpr=0
Pragma
no-cache
Vary
Origin
syncframe
gum.criteo.com/ Frame 3BDE
15 KB
6 KB
Document
General
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=urlz.fr&gdpr=0&gdpr_consent=
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
6f87cd86c391c6361adca474b987f3e4b6d81d281795120c584d0a0c1ca7f5ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://urlz.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-length
6144
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 13 Jul 2022 18:37:36 GMT
server-processing-duration-in-ticks
2277
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
cdb
bidder.criteo.com/
6 KB
3 KB
XHR
General
Full URL
https://bidder.criteo.com/cdb?ptv=124&profileId=184&bundle=HztW-19oNHBzUWtreVBYV0FHRCUyQnhSbVVQQmd1TExaTCUyQlVUS1g4QUJCTDlqbnAlMkZyTkNGNVFuaVF1a1lTT1hVbyUyRm8xNCUyQlFyRlVpJTJCOHdacXRVZlB3UmdWMnhMU2lXbkJ1a2FVOURkd1VHU0FOUFRVWSUzRA&cb=10934243422
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
bd48229f08e0c6f50a1a8f1b9eb9237516a88a73b3e7044668e3b608fe2a4b0d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://urlz.fr/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 13 Jul 2022 18:37:36 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://urlz.fr
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
3113
x-7aydTzyDGf5pB5jP33n95ytuiMcqG17W4hZ3yQxPE.js
pagead2.googlesyndication.com/bg/ Frame 5A64
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/x-7aydTzyDGf5pB5jP33n95ytuiMcqG17W4hZ3yQxPE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c7eedac9d4f3c8319fe690798cfdf79fde72b6e88c72a1b5ed6e21677c90c4f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 09:39:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
32317
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13770
x-xss-protection
0
last-modified
Fri, 01 Jul 2022 16:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 13 Jul 2023 09:39:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 4AB6
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220707&jk=1556601588032590&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

172661856053353925
sync.missena.io/smart/
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr=0&nwid=3927&url=https%3A%2F%2Fsync.missena.io%2Fsmart%2F%5Bsas_uid%5D
  • https://sync.missena.io/smart/172661856053353925
43 B
452 B
Image
General
Full URL
https://sync.missena.io/smart/172661856053353925
Protocol
HTTP/1.1
Server
52.18.239.113 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-239-113.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 13 Jul 2022 18:37:37 GMT
Last-Modified
Wed, 13 Jul 2022 18:37:37 GMT
Vary
Origin
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
Expires
Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

location
https://sync.missena.io/smart/172661856053353925
date
Wed, 13 Jul 2022 18:37:36 GMT
content-length
0
sid
mug.criteo.com/ Frame 3BDE
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=urlz.fr&sn=ChromeSyncframe&so=3&topUrl=urlz.fr&bundle=HztW-19oNHBzUWtreVBYV0FHRCUyQnhSbVVQQmd1TExaTCUyQlVUS1g4QUJCTDlqbnAlMkZyTkNGNVFuaVF1...
  • https://mug.criteo.com/sid?cpp=74uIUnxOWTBDdjNzUkViSVFIWE9ZNW9wTWdkZGFIWVJBckpQbjRrbGtCdW5WTDZZWS85eWpoK3VMYmR0MXBPMDZ0SGp3NzIxeXVObDNnNzdlR3BoR05SdkhTZGhLaXBSL0l0Q0dPbmRsUERBZkVJSkp3M2pBeTNGaHN3MF...
438 B
633 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=74uIUnxOWTBDdjNzUkViSVFIWE9ZNW9wTWdkZGFIWVJBckpQbjRrbGtCdW5WTDZZWS85eWpoK3VMYmR0MXBPMDZ0SGp3NzIxeXVObDNnNzdlR3BoR05SdkhTZGhLaXBSL0l0Q0dPbmRsUERBZkVJSkp3M2pBeTNGaHN3MFJPamg1TmZJcXJVNFY2cUU2UVRNUVhyOHo5SUQ0K1lPTTg2aC9iYlAvRXcreVVPVEQ5N0pXMmhiMnNmSVY4UWxRMUJvSWpzZk5aRjBmM1UwOTRxRjNVSkEveEJrTHNsTUZHdENTWnQyTG1vSEIrWXBVL2ZHWVRUbmNubU50VkpjNjg0ZE1zUHhVMFA1OW1NdElOVHZybXJTYTJMSHI1dz09fA&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
74812d5ce0da860bbe183394f72dc0eecb24d9629fa8fa55be91d97b37062f7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Jul 2022 18:37:36 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
4199
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Wed, 13 Jul 2022 18:37:37 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=74uIUnxOWTBDdjNzUkViSVFIWE9ZNW9wTWdkZGFIWVJBckpQbjRrbGtCdW5WTDZZWS85eWpoK3VMYmR0MXBPMDZ0SGp3NzIxeXVObDNnNzdlR3BoR05SdkhTZGhLaXBSL0l0Q0dPbmRsUERBZkVJSkp3M2pBeTNGaHN3MFJPamg1TmZJcXJVNFY2cUU2UVRNUVhyOHo5SUQ0K1lPTTg2aC9iYlAvRXcreVVPVEQ5N0pXMmhiMnNmSVY4UWxRMUJvSWpzZk5aRjBmM1UwOTRxRjNVSkEveEJrTHNsTUZHdENTWnQyTG1vSEIrWXBVL2ZHWVRUbmNubU50VkpjNjg0ZE1zUHhVMFA1OW1NdElOVHZybXJTYTJMSHI1dz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1456
content-length
541
expires
0
events
events.missena.io/v1/ Frame
0
0
Preflight
General
Full URL
https://events.missena.io/v1/events?ik=1657737456.cb7h1s5a9onp7tmgase0&p=criteo-cdb&t=PA-44335945
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.155.174.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-174-150.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://urlz.fr
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
GET,POST,HEAD,PUT,DELETE,PATCH
Access-Control-Allow-Origin
https://urlz.fr
Connection
keep-alive
Date
Wed, 13 Jul 2022 18:37:37 GMT
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
pixels
ssp-sync.criteo.com/user-sync/
654 B
747 B
XHR
General
Full URL
https://ssp-sync.criteo.com/user-sync/pixels?ccpa=1---&countrycode=GB
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.83 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
7b3292fdaf3a91e513fb6e6dd055ff04b843de5be8a61a4c7386f20c09d0022e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 18:37:36 GMT
content-encoding
br
server
Kestrel
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://urlz.fr
cache-control
no-store,max-age=0
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
events
bidder.criteo.com/csm/
0
208 B
Ping
General
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://urlz.fr/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 13 Jul 2022 18:37:36 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://urlz.fr
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
css2
fonts.googleapis.com/
2 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@500&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
79acf10f7d6c86166be06bed49f20fa283015eb981af4b0e45871d7069f48de5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 13 Jul 2022 17:55:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 13 Jul 2022 18:37:37 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 13 Jul 2022 18:37:37 GMT
events
events.missena.io/v1/
0
371 B
Ping
General
Full URL
https://events.missena.io/v1/events?ik=1657737456.cb7h1s5a9onp7tmgase0&p=criteo-cdb&t=PA-44335945
Requested by
Host: chat.missena.io
URL: https://chat.missena.io/widget.8ba57c52.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.155.174.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-174-150.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://urlz.fr/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/msgpack

Response headers

Pragma
no-cache
Date
Wed, 13 Jul 2022 18:37:37 GMT
Last-Modified
Wed, 13 Jul 2022 18:37:37 GMT
Vary
Origin
Access-Control-Allow-Origin
https://urlz.fr
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
Wed, 11 Nov 1998 11:11:11 GMT
img
pix.eu.criteo.net/img/
4 KB
5 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F6%2FlogoGodde-GmbH-40973DE-2101071446.gif%3Feb%3D1&ups=1&v=3&w=400&s=VB1CObYchLChDosk1pqd-qjm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
48e92382c41ef54389a5c6eee2ee5f174a57457b37f1960ecab796389a54830a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 18:37:37 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31104000
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
4530
expires
Sat, 08 Jul 2023 18:37:37 GMT
img
pix.eu.criteo.net/img/
24 KB
25 KB
Image
General
Full URL
https://pix.eu.criteo.net/img/img?h=1200&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F8d6bc06124f044d4973e0db21c495799_logo.png&v=3&w=1200&s=zEKd9yIbHrf30HMvRC-q1yN1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
008855065eeffc6e2fb0791a53060048407d5863c4f6cf514b501207ece8b6c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 18:37:36 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=29314794
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
24810
expires
Sun, 18 Jun 2023 01:37:31 GMT
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e07cab4d08ee6e89f8332ac2c7cbc3155ffb2b68d0fe8d4563cb1208c4ae4c01

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/png
lgn.php
cat.fr.eu.criteo.com/delivery/
Redirect Chain
  • https://events.missena.io/v1/pixels?cc=EUR&cn=stepstone.de&ct=cpm&cv=0.7447715401649475&redirect_url=https%3A%2F%2Fcat.fr.eu.criteo.com%2Fdelivery%2Flgn.php%3Fcppv%3D3%26cpp%3DxfNH7cE5mIXq5232zlW6Z...
  • https://cat.fr.eu.criteo.com/delivery/lgn.php?cppv=3&cpp=xfNH7cE5mIXq5232zlW6Z4GtB43DlQk7AgDEuhs8x2SPumwts4WPrUMSbOeMhECOH3a_AvFuuQiC4aQrNjTn_ZfwVaoc91QlBQ6MvtT0jkG3nmw2gZX-pg_7SPy6UOsOlrfyAqTJWwTT...
43 B
348 B
Image
General
Full URL
https://cat.fr.eu.criteo.com/delivery/lgn.php?cppv=3&cpp=xfNH7cE5mIXq5232zlW6Z4GtB43DlQk7AgDEuhs8x2SPumwts4WPrUMSbOeMhECOH3a_AvFuuQiC4aQrNjTn_ZfwVaoc91QlBQ6MvtT0jkG3nmw2gZX-pg_7SPy6UOsOlrfyAqTJWwTT2NjcZ4-f7jMwB49iz1Lc2FKW9DAk9X54dILPfBNCtSzg6yP5VzNflzz1NqU7PyF3Rs3FJ-T6xfes-hHy82MXpIcYv2QvnjJkp-cUyLl9M2qu4eSacLKCmgObbn3EDuwKBozEBGPsiYpHPQOgW6pOZAmZA0RaU1-k2yW2aLaFGv4pqtLoCjSuWNbuRDwo2_-Qj7UKXc0pAjjm5nN-dU3FcN0Ax48jh3aSrARCTczi6oa-RLsZkzKfHGozw0A-zU7nS57FKHKk-aOF_wEoIGZFi4LE8rojAVMrrBu2
Protocol
H2
Server
178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Jul 2022 18:37:36 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
4955269
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 13 Jul 2022 18:37:37 GMT
Last-Modified
Wed, 13 Jul 2022 18:37:37 GMT
Access-Control-Allow-Origin
Vary
Origin
Location
https://cat.fr.eu.criteo.com/delivery/lgn.php?cppv=3&cpp=xfNH7cE5mIXq5232zlW6Z4GtB43DlQk7AgDEuhs8x2SPumwts4WPrUMSbOeMhECOH3a_AvFuuQiC4aQrNjTn_ZfwVaoc91QlBQ6MvtT0jkG3nmw2gZX-pg_7SPy6UOsOlrfyAqTJWwTT2NjcZ4-f7jMwB49iz1Lc2FKW9DAk9X54dILPfBNCtSzg6yP5VzNflzz1NqU7PyF3Rs3FJ-T6xfes-hHy82MXpIcYv2QvnjJkp-cUyLl9M2qu4eSacLKCmgObbn3EDuwKBozEBGPsiYpHPQOgW6pOZAmZA0RaU1-k2yW2aLaFGv4pqtLoCjSuWNbuRDwo2_-Qj7UKXc0pAjjm5nN-dU3FcN0Ax48jh3aSrARCTczi6oa-RLsZkzKfHGozw0A-zU7nS57FKHKk-aOF_wEoIGZFi4LE8rojAVMrrBu2
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Wed, 11 Nov 1998 11:11:11 GMT
m
secure-gl.imrworldwide.com/cgi-bin/
0
690 B
Image
General
Full URL
https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1657737456&ik=1657737456.cb7h1s5a9onp7tmgase0&p=criteo-cdb&t=PA-44335945
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:3400:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Jul 2022 18:37:37 GMT
via
1.1 c387974a86541bbcc6c5141a85eeaf36.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA56-P2
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
x-cache
Miss from cloudfront
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-length
0
x-amz-cf-id
NgDo-qqgQ9WViAXTgr6FLLKO4V2LbW3xUkSbAugLnZW8uwObXq7lrA==
expires
Thu, 01 Dec 1994 16:00:00 GMT
events
events.missena.io/v1/
0
371 B
Ping
General
Full URL
https://events.missena.io/v1/events?ik=1657737456.cb7h1s5a9onp7tmgase0&p=criteo-cdb&t=PA-44335945
Requested by
Host: chat.missena.io
URL: https://chat.missena.io/widget.8ba57c52.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.155.174.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-174-150.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://urlz.fr/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/msgpack

Response headers

Pragma
no-cache
Date
Wed, 13 Jul 2022 18:37:37 GMT
Last-Modified
Wed, 13 Jul 2022 18:37:37 GMT
Vary
Origin
Access-Control-Allow-Origin
https://urlz.fr
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
Wed, 11 Nov 1998 11:11:11 GMT
events
events.missena.io/v1/ Frame
0
0
Preflight
General
Full URL
https://events.missena.io/v1/events?ik=1657737456.cb7h1s5a9onp7tmgase0&p=criteo-cdb&t=PA-44335945
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.155.174.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-174-150.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://urlz.fr
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
GET,POST,HEAD,PUT,DELETE,PATCH
Access-Control-Allow-Origin
https://urlz.fr
Connection
keep-alive
Date
Wed, 13 Jul 2022 18:37:37 GMT
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
generate_204
tpc.googlesyndication.com/ Frame 5A64
0
9 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?IWi3VA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 18:37:37 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
genericpost
ww1097.smartadserver.com/ Frame
0
0
Preflight
General
Full URL
https://ww1097.smartadserver.com/genericpost
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,save-data
Access-Control-Request-Method
POST
Origin
https://urlz.fr
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,save-data
access-control-allow-methods
GET,HEAD,POST
access-control-allow-origin
https://urlz.fr
date
Wed, 13 Jul 2022 18:37:36 GMT
vary
Origin
genericpost
ww1097.smartadserver.com/ Frame
0
0
Preflight
General
Full URL
https://ww1097.smartadserver.com/genericpost
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,save-data
Access-Control-Request-Method
POST
Origin
https://urlz.fr
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,save-data
access-control-allow-methods
GET,HEAD,POST
access-control-allow-origin
https://urlz.fr
date
Wed, 13 Jul 2022 18:37:37 GMT
vary
Origin
genericpost
ww1097.smartadserver.com/ Frame
0
0
Preflight
General
Full URL
https://ww1097.smartadserver.com/genericpost
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,save-data
Access-Control-Request-Method
POST
Origin
https://urlz.fr
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,save-data
access-control-allow-methods
GET,HEAD,POST
access-control-allow-origin
https://urlz.fr
date
Wed, 13 Jul 2022 18:37:36 GMT
vary
Origin
genericpost
ww1097.smartadserver.com/
589 B
689 B
XHR
General
Full URL
https://ww1097.smartadserver.com/genericpost
Requested by
Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1097/smart.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
3d193fda5359d34724b7c825e7efaf7655c93ddf35389439a3d00b101d14c740

Request headers

Referer
https://urlz.fr/
accept-language
en-GB,en;q=0.9
Save-Data
off
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
content-type
application/javascript

Response headers

pragma
no-cache
date
Wed, 13 Jul 2022 18:37:37 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://urlz.fr
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/javascript; charset=UTF-8
/
c.tmyzer.com/c/
0
272 B
XHR
General
Full URL
https://c.tmyzer.com/c/?s=15056&f=1&fi=0
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 13 Jul 2022 18:37:37 GMT
Server
nginx
X-IPLB-Request-ID
52C7822C:955C_36264064:01BB_62CF10F1_14E40F12:13C4D
X-IPLB-Instance
38438
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
genericpost
ww1097.smartadserver.com/
12 KB
4 KB
XHR
General
Full URL
https://ww1097.smartadserver.com/genericpost
Requested by
Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1097/smart.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
10a2e40578579f67a75a55c9869df151695c4b1cf069df62dd005bc4196bb25e

Request headers

Referer
https://urlz.fr/
accept-language
en-GB,en;q=0.9
Save-Data
off
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
content-type
application/javascript

Response headers

pragma
no-cache
date
Wed, 13 Jul 2022 18:37:36 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://urlz.fr
x-smrt-i
9251369
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/javascript; charset=UTF-8
/
c.tmyzer.com/c/
0
272 B
XHR
General
Full URL
https://c.tmyzer.com/c/?s=15056&f=6&fi=0
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=6
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 13 Jul 2022 18:36:38 GMT
Server
nginx
X-IPLB-Request-ID
52C7822C:955A_36264064:01BB_62CF10F0_14E3FBCF:2F1E4
X-IPLB-Instance
24858
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
genericpost
ww1097.smartadserver.com/
589 B
689 B
XHR
General
Full URL
https://ww1097.smartadserver.com/genericpost
Requested by
Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1097/smart.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
83a630e6662a215232c9b293a610a195cc9fa23ad7d006c37f4676e4aedff3b9

Request headers

Referer
https://urlz.fr/
accept-language
en-GB,en;q=0.9
Save-Data
off
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
content-type
application/javascript

Response headers

pragma
no-cache
date
Wed, 13 Jul 2022 18:37:37 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://urlz.fr
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/javascript; charset=UTF-8
/
c.tmyzer.com/c/
0
282 B
XHR
General
Full URL
https://c.tmyzer.com/c/?s=15056&f=28&fi=0
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 18:37:37 GMT
Server
nginx
X-IPLB-Request-ID
52C7822C:9560_36264064:01BB_62CF10F0_14E25868:24DBB
X-IPLB-Instance
38432
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
geo
rbx
JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtZ6Hw5aXo.woff2
fonts.gstatic.com/s/montserrat/v25/
13 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtZ6Hw5aXo.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed121b1a8fbf30998a4ed0a7c8343abe9091ac4744f1c24b602b5d3f962bdb78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://urlz.fr
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 22:54:49 GMT
x-content-type-options
nosniff
age
157368
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12820
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:56:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 11 Jul 2023 22:54:49 GMT
cri
match.prod.bidr.io/cookie-sync/
43 B
430 B
Image
General
Full URL
https://match.prod.bidr.io/cookie-sync/cri?r=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fmatch%3fp%3d28AiKV9XeUxhU2JRWnRndWczSEZoTzVKbFFlZ25tc0RtVUFaTDAyc0k4RUx4amVvJTNE%26u%3d%24%7bUSER_ID%7d&gdpr=false&consent=&ccpa=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.186.186 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-186-186.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
Date
Wed, 13 Jul 2022 18:37:37 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
match
ssp-sync.criteo.com/user-sync/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=criteo&custom_data=16wZU19FYVRRVTU0MEtHUkZkWFB2OUdjVlF0N2lzUUNtWGxHYW1YVmlLOFVXNkFNJTNE&gdpr=false&gdpr_consent=&us_privacy=1---&cr_user_id=
  • https://x.bidswitch.net/ul_cb/sync?ssp=criteo&custom_data=16wZU19FYVRRVTU0MEtHUkZkWFB2OUdjVlF0N2lzUUNtWGxHYW1YVmlLOFVXNkFNJTNE&gdpr=false&gdpr_consent=&us_privacy=1---&cr_user_id=
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=criteo&bsw_user_id=712e2887-d5d9-4195-8637-bc55625c93ec
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=criteo&bsw_user_id=712e2887-d5d9-4195-8637-bc55625c93ec
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=fbe6cac2-ed7a-4428-b212-81fa4ce7e3ba&ssp=criteo
  • https://ssp-sync.criteo.com/user-sync/match?p=16wZU19FYVRRVTU0MEtHUkZkWFB2OUdjVlF0N2lzUUNtWGxHYW1YVmlLOFVXNkFNJTNE&u=712e2887-d5d9-4195-8637-bc55625c93ec
0
141 B
Image
General
Full URL
https://ssp-sync.criteo.com/user-sync/match?p=16wZU19FYVRRVTU0MEtHUkZkWFB2OUdjVlF0N2lzUUNtWGxHYW1YVmlLOFVXNkFNJTNE&u=712e2887-d5d9-4195-8637-bc55625c93ec
Protocol
H2
Server
178.250.2.83 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 18:37:37 GMT
cache-control
no-store,max-age=0
cross-origin-resource-policy
cross-origin
server
Kestrel
strict-transport-security
max-age=31536000; preload;

Redirect headers

Location
//ssp-sync.criteo.com/user-sync/match?p=16wZU19FYVRRVTU0MEtHUkZkWFB2OUdjVlF0N2lzUUNtWGxHYW1YVmlLOFVXNkFNJTNE&u=712e2887-d5d9-4195-8637-bc55625c93ec
Date
Wed, 13 Jul 2022 18:37:38 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
match
ssp-sync.criteo.com/user-sync/
Redirect Chain
  • https://sync.taboola.com/sg/criteoscod/1/cm?redirect=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fmatch%3fp%3dB4Pgc19oM3Q1a2ZVVU4lMkZxcDFyd0VuSzhlZlVEbWN5dSUyRjNnNFEyWkpLaWZFWkhDTSUzRA%26u%3d%3c...
  • https://ssp-sync.criteo.com/user-sync/match?p=B4Pgc19oM3Q1a2ZVVU4lMkZxcDFyd0VuSzhlZlVEbWN5dSUyRjNnNFEyWkpLaWZFWkhDTSUzRA&u=c285552c-f591-4c9e-b25c-0cd0313d46e7-tuct9c89671
0
141 B
Image
General
Full URL
https://ssp-sync.criteo.com/user-sync/match?p=B4Pgc19oM3Q1a2ZVVU4lMkZxcDFyd0VuSzhlZlVEbWN5dSUyRjNnNFEyWkpLaWZFWkhDTSUzRA&u=c285552c-f591-4c9e-b25c-0cd0313d46e7-tuct9c89671
Protocol
H2
Server
178.250.2.83 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 18:37:36 GMT
cache-control
no-store,max-age=0
cross-origin-resource-policy
cross-origin
server
Kestrel
strict-transport-security
max-age=31536000; preload;

Redirect headers

location
https://ssp-sync.criteo.com/user-sync/match?p=B4Pgc19oM3Q1a2ZVVU4lMkZxcDFyd0VuSzhlZlVEbWN5dSUyRjNnNFEyWkpLaWZFWkhDTSUzRA&u=c285552c-f591-4c9e-b25c-0cd0313d46e7-tuct9c89671
date
Wed, 13 Jul 2022 18:37:37 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
54011
75d02d930b.html
tm.ad-srv.net/tm/a/container/html/ Frame 94C9
4 KB
2 KB
Script
General
Full URL
https://tm.ad-srv.net/tm/a/container/html/75d02d930b.html?liuid=fd208cb733&cguid=044454bea6&click=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3F8_43A93coT-NxQCBOBaZPwAAAKBwPeI_RsR1zSLbnD9ATS1b64ukP-UJ6brlskgehs7WZwBwemvwEM9iAAAAAEiOvwAVDgAASicAAAIAAAANft4MwPwVAAAAAABVU0QAVVNEANgCWgAMvAAAAAABAQUCAAAAAKYAVyafaAAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521ghc-mgjFiI0TEI38-WYYwPlXIAAoADF7FK5H4XqkPzoJQU1TMzo1OTk1QOQuSU1nJ4Oj5O8_UQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAAAAAaQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAPA_%2Fcca%3DMTAwNTgjQU1TMzo1OTk1%2Fbn%3D96413%2Fclickenc%3D&eVS=3605&eVR=https%3A%2F%2Furlz.fr%2FiMRN&rnd=1586510653
Requested by
Host: urlz.fr
URL: https://urlz.fr/iMRN
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
116.202.37.36 Krefeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.36.37.202.116.clients.your-server.de
Software
nginx /
Resource Hash
e5788ba05e419b6584d123fc52fdfd7429a2b435e4f5c4b482be1392400195e1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 13 Jul 2022 18:37:38 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Type
text/html; charset=utf-8
Expires
0
trk.js
cdn.adnxs.com/v/s/224/ Frame 94C9
85 KB
29 KB
Script
General
Full URL
https://cdn.adnxs.com/v/s/224/trk.js
Requested by
Host: urlz.fr
URL: https://urlz.fr/iMRN
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 18:37:37 GMT
Content-Encoding
gzip
Age
12044348
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
29216
X-Served-By
cache-lga21930-LGA, cache-hhn4080-HHN
Access-Control-Allow-Origin
*, *
Last-Modified
Thu, 24 Feb 2022 08:58:20 GMT
Server
AkamaiNetStorage
X-Timer
S1657737458.969549,VS0,VE0
ETag
"80cd3e09497c9fa4207d756c9d41697c:1645693100.060631"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Via
1.1 varnish, 1.1 varnish
Expires
Fri, 24 Feb 2023 08:58:29 GMT
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
495611, 3285246
it
ams3-ib.adnxs.com/ Frame 94C9
0
815 B
Image
General
Full URL
https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Furlz.fr%252FiMRN&e=wqT_3QLACvDtQAUAAAMA1gAFAQjwobyWBhDlk6TX29yspB4Yhp3bvoaAnL1rKjYJ8_43A93coT8RjcUAgTgWmT8ZAAAAoHA94j8hRsR1zSLbnD8pQE0tW-uLpD8xAAAA4FG4nj8wyJz-BTiVHEDKTkgCUI38-WZYwPlXYABojPhOeJ3xBYABAYoBA1VTRJIBA1VTRJgB2AWgAVqoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQD6AQgxMjU1MzgwMIoCd3VmKCdhJywgNDUyNTM2MiwgMTY1NzczNzQ1Nik7dWYoJ2knLCA0MTI2MTY5LCAxNjU3Nx0dLGcnLCAxMTQ5Mzg4N0Y7ADByJywgMjE1OTA3ODUzNh8A9A4BkgL9AyFXMk52Q0FqRmlJMFRFSTM4LVdZWUFDREEtVmN3QURnQVFBQkl5azVReUp6LUJWZ0FZSllIYUFCd0FIZ0FnQUVBaUFFQWtBRUJtQUVCb0FFQnFBRUJzQUVBdVFHUjd3cnc0WHFrUDhFQnhhYV8xWE9NcERfSkFRQUFBQUFBQVBBXzJRRk5aeWVEby1UdlAtQUIyZXY3QWZVQkN0Y2pQWmdDQUtBQ0FiVUNBQUFBQUwwQ0FBQUFBTUFDQU1nQ0FOQUNBTmdDQU9BQ0FPZ0NBUGdDQVlBREFaZ0RBYm9EQ1VGTlV6TTZOVGs1TmVBRDVDNkFCSnU5MlFPSUJKeTkyUU9RQkFDWUJBSEJCQQGRCQEEeVERoSRBQUFOZ0VBUEVFAQsJASBDSUJlc3VxUVUJDxhBRHdQN0VGDQ1EQUFBREJCWHNVcmtmaGVxUV95LigAADkyKAAEWkIRZ_BDUEFfNEFXdEhfQUZfOE85QmZnRnNwcVVBb0lHQTBWVlVvZ0dBSkFHQVpnR0FLRUdleFN1Ui1GNnBELW9CZ1N5QmlRSkEBewkBAFIJBwUBAFoFBgkBAGgJBwEBQEM0QmdvLpoClQEhZ2hjLW1nNgECQHdQbFhJQUFvQURGN0ZLNUg0IcV8em9KUVUxVE16bzFPVGsxUU9RdVNVMW5KNE9qNU84X1URzQxBQUFXHQwAWR0MAGEdDABjHQwQZUFDSkEREPD1UEFf2ALyQ-AC5ZYs6gIUaHR0cHM6Ly91cmx6LmZyL2lNUk6AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AO0nlTgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQNODIuMTk5LjEzMC40NKgEALIEDwgAEAEY2AUgWigAMAA4ArgEAMAEAMgEANIEDzEwMDU4I0FNUzM6NTk5NdoEAggB4AQB8ASN_PlmiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFsKIC-gUECAAQAJAGAJgGALgGAMEGCSUo8D_QBrsz2gYWChAJERkBYBAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwgFGkQgADAAOLoGQADIB53xBdIHDQkROgE4CNoHBgknaOAHAOoHAggA8Afu9gOKCAIQAJUIAACAP5gIAQ..&s=aaabe2bc3d5e873e15d522f5857f944f0210d205
Requested by
Host: urlz.fr
URL: https://urlz.fr/iMRN
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 13 Jul 2022 18:37:38 GMT
X-Proxy-Origin
82.199.130.44; 82.199.130.44; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
4a81ffd8-83c8-4a0f-af7d-a519f90f4a4b
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
protected-by.clarium.io/ Frame 94C9
68 B
345 B
Image
General
Full URL
https://protected-by.clarium.io/pixel?tag=wt_NkphelRHSUpoLWhva1ozSHpxOS0yOVB4Q3lZL2FwcG5leHVzOjcyOHg5MA==&v=5&s=v31g7sdkc4f&id=eyJwcmViaWQiOnsiYWRJZCI6IjEwODIxYWQ0ODhkOTYzYyIsImNwbSI6MC4wMjQ0OTksInMiOiIyNjMyMiIsInNyYyI6ImNsaWVudCJ9LCJ0cF9jcmlkIjoiUEI6YXBwbmV4dXM7MjE1OTA3ODUzIn0%3D&sb=undefined&cb=2280720&h=urlz.fr&d=eyJ3aCI6Ik5rcGhlbFJIU1Vwb0xXaHZhMW96U0hweE9TMHlPVkI0UTNsWkwyRndjRzVsZUhWek9qY3lPSGc1TUE9PSIsIndkIjp7ImsiOnsiaGJfYmlkZGVyIjpbImFwcG5leHVzIl0sImhiX3NpemUiOlsiNzI4eDkwIl19fSwid3IiOjB9
Requested by
Host: urlz.fr
URL: https://urlz.fr/iMRN
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.68.4.6 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-68-4-6.eu-central-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 13 Jul 2022 18:37:38 GMT
Server
nginx/1.14.0 (Ubuntu)
Content-Type
image/png
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
68
Expires
Sat, 26 Jul 1997 05:00:00 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 0812
52 KB
17 KB
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=3605&pub_id=1145851
Requested by
Host: urlz.fr
URL: https://urlz.fr/iMRN
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://urlz.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
50325
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 13 Jul 2022 18:37:37 GMT
ETag
W/"623de86a-cf34"
Expires
Mon, 11 Jul 2022 04:38:47 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
219757, 724839
X-Served-By
cache-lga21950-LGA, cache-hhn4026-HHN
X-Timer
S1657737458.985669,VS0,VE0
rd_log
ams3-ib.adnxs.com/ Frame B2EC
0
815 B
Script
General
Full URL
https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Furlz.fr%2FiMRN&e=wqT_3QKZDfBMmQYAAAMA1gAFAQjwobyWBhD94Nrl6tL87CgYhp3bvoaAnL1rKjYJehSuR-F6hD8R1A0UeCeffj8ZAAAAIFyP0j8h1A0UeCeffj8pexQJJBAxAAAAQAEtqDCn34IHOJUcQKtaSAJQiojlY1jA-VdgAGiM-E54nfEFgAEBigEDVVNEkgEBBvBpmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQD6AQgxNDcyNTAzMYoClQF1ZignYScsIDQzODg3NzksIDE2NTc3Mzc0NTYpO3VmKCdpJywgMzg0MTE2NywgMTY1NzczNzQ1NgkdLGcnLCAxMTEwNTI1N0Y7ACxjJywgMzg4MDczMjZGHgAscicsIDIwOTI3Mzg2Oh8A9EgBkgKxBCFLR3FIREFpZXpzQVNFSXFJNVdNWUFDREEtVmN3QVRnQVFBQklxMXBRcDktQ0IxZ0FZSllIYUFCd0FIZ0FnQUVBaUFFQWtBRUJtQUVCb0FFQ3FBRUNzQUVBdVFIZmhaQUlYMm1FUDhFQjF0cGM2T0Y2aERfSkFRQUFBQUFBQVBBXzJRRk5aeWVEby1UdlAtQUJqN25xQWZVQkN0ZWpQSmdDQUtBQ0FyVUNBQUFBQUwwQ0FBQUFBTUFDQU1nQ0FOQUNBTmdDQU9BQ0FPZ0NBUGdDQVlBREFaZ0RBYUlERGdqVV92c2lFQVFZQVMzbUtLODZvZ01UQ05LVTRpQVFDaGdCTFFBQWdFQXlBM1Z1YTdvRENVRk5Vek02TlRrNU5lQUQ1QzZBQkwzY3dBT0lCSmZkd0FPUUJBQ1lCQVRCQkFBQUFBQUEBywR5URHVJEFBQU5nRUFQRUUBCwkBIENJQmVzdXFRVQkPGEFEd1A3RUYNDRRBQUFEQkIdPwB5LigAADkyKAAAWhUo8ENQQV80QVhvQl9BRjZlZWxCZmdGcS0tTEFvSUdBMFZWVW9nR0FKQUdBWmdHQUtFR2V4U3VSLUY2bEQtb0JnU3lCaVFKQQF7CQEAUgkHBQEAWgUGCQEAaAkHAQFAQzRCZ28umgKVASFOUmVlZmc2NQLQd1BsWElBQW9BREY3Rks1SDRYcVVQem9KUVUxVE16bzFPVGsxUU9RdVNVMW5KNE9qNU84X1Ud9QBXHQwAWR0MAGEdDABjHQwQZUFDSkEREMBQQV_YAvJD4ALllizqAhRodHRwczovL3VybHouZnIvaU1STvICEQoGQURWX0lEEgc0aYgc8gISCgZDUEcBFAAIcWIY8gIKCgVDUAEUOAEw8gINCghBRFZfRlJFUREQHFJFTV9VU0VSBRAADAkgGENPREUSAPIBDwFREQ8QCwoHQ1AVDhAQCgVJTwFZCAczOGXsAPIBIQRJTxUhOBMKD0NVU1RPTV9NT0RFTAErFADyAhoKFjIWABxMRUFGX05BTQVxCB4KGjYdAAhBU1QBPhBJRklFRAE-HA0KCFNQTElUAU3wsAEwgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDtJ5U4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTgyLjE5OS4xMzAuNDSoBACyBA4IABABGAAgACgAMAA4ArgEAMAEAMgEANIEDzExNTYzI0FNUzM6NTk5NdoEAggB4AQB8ASKiOVjiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAEMdAAA2AUB4AUB8AXGBfoFBAgAEACQBgCYBgC4BgDBBgkiKPA_0Aa1RNoGFgoQCREZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSAG3PDAAOLoGQADIB53xBdIHDQkROgE4CNoHBgknaOAHAOoHAggA8Afu9gOKCAIQAJUIAACAP5gIAQ..&s=e290a2cba318a808cc8b4eca277eda31ee220573&bdref=https%3A%2F%2Furlz.fr%2FiMRN&bdtop=true&bdifs=1&bstk=https%3A%2F%2Furlz.fr%2FiMRN,https%3A%2F%2Furlz.fr%2FiMRN&
Requested by
Host: urlz.fr
URL: https://urlz.fr/iMRN
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 13 Jul 2022 18:37:37 GMT
X-Proxy-Origin
82.199.130.44; 82.199.130.44; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
001db50c-b90e-414d-b447-42379611a127
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
c977035a-ce21-4a00-adcd-0a0e17dbf563.gif
crcdn01.adnxs.com/creative/p/11563/2020/2/21/16809412/ Frame B2EC
73 KB
73 KB
Image
General
Full URL
https://crcdn01.adnxs.com/creative/p/11563/2020/2/21/16809412/c977035a-ce21-4a00-adcd-0a0e17dbf563.gif
Requested by
Host: urlz.fr
URL: https://urlz.fr/iMRN
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.221.168.189 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-168-189.deploy.static.akamaitechnologies.com
Software
nginx/1.21.3 /
Resource Hash
6abec6ce7c0a11a132c019551401c31f065f6b245ab21e27f1dbea7485a720d5

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 18:37:38 GMT
Last-Modified
Fri, 21 Feb 2020 15:43:24 GMT
Server
nginx/1.21.3
x-amz-request-id
b10f5f3d-e5de-446d-a420-32561b1ba059
X-Clv-Request-Id
b10f5f3d-e5de-446d-a420-32561b1ba059
ETag
"12ba1d7e6c4651b9a8b9841f589b2bcf"
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=3888000
X-Clv-S3-Version
2.5
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
74657
Expires
Sat, 27 Aug 2022 18:37:38 GMT
trk.js
cdn.adnxs.com/v/s/224/ Frame B2EC
85 KB
29 KB
Script
General
Full URL
https://cdn.adnxs.com/v/s/224/trk.js
Requested by
Host: urlz.fr
URL: https://urlz.fr/iMRN
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 18:37:37 GMT
Content-Encoding
gzip
Age
12044347
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
29216
X-Served-By
cache-lga21927-LGA, cache-hhn4027-HHN
Access-Control-Allow-Origin
*, *
Last-Modified
Thu, 24 Feb 2022 08:58:20 GMT
Server
AkamaiNetStorage
X-Timer
S1657737458.980450,VS0,VE0
ETag
"80cd3e09497c9fa4207d756c9d41697c:1645693100.060631"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Via
1.1 varnish, 1.1 varnish
Expires
Fri, 24 Feb 2023 08:58:29 GMT
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
827583, 6726346
it
ams3-ib.adnxs.com/ Frame B2EC
0
815 B
Image
General
Full URL
https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Furlz.fr%252FiMRN&e=wqT_3QK2C_BMtgUAAAMA1gAFAQjwobyWBhD43bHSvaqXkXAYhp3bvoaAnL1rKjYJehSuR-F6lD8R1A0UeCefjj8ZAAAA4FG43j8h1A0UeCefjj8pexQJJAAxCRuwnj8wyZz-BTiVHECrWkgCUMeB5WNYwPlXYABojPhOeJ3xBYABAYoBA1VTRJIBAQbwaZgB2AWgAVqoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQD6AQgxMjU1MzgwMYoClQF1ZignYScsIDQzODg3NzksIDE2NTc3Mzc0NTYpO3VmKCdpJywgMzg0MTE2NywgMTY1NzczNzQ1NikFHTBnJywgMTExMDUxMDgsQjsAAGMFOxQ4MDcwNTNGHgAwcicsIDIwOTI3MzAzMTYfAPRpAZIC1QQhMkhBRnBRaU56TUFTRU1lQjVXTVlBQ0RBLVZjd0FUZ0FRQUJJcTFwUXlaei1CVmdBWUpZSGFBQndBSGdBZ0FFQWlBRUFrQUVCbUFFQm9BRUNxQUVDc0FFQXVRSGZoWkFJWDJtVVA4RUIxdHBjNk9GNmxEX0pBUUFBQUFBQUFQQV8yUUZOWnllRG8tVHZQLUFCajducUFmVUJDdGVqUEpnQ0FLQUNBTFVDQUFBQUFMMENBQUFBQU1BQ0FNZ0NBTkFDQU5nQ0FPQUNBT2dDQVBnQ0FZQURBWmdEQWFJREZ3aVExdm9LRUFJWUFTMEFBQUFBTWdka1pXWmhkV3gwb2dNT0NJLUMteUlRQkJnQkxhdHd2amVpQXhNSTBwVGlJQkFLR0FFdEFBQ0FRRElEZFc1cnVnTUpRVTFUTXpvMU9UazE0QVBrTG9BRXZkekFBNGdFMk56QUE1QUVBSmdFQk1FRUFBQUFBAewMQURKQgUICQEUMkFRQThRMQkoQUFBSWdGNnk2cEIRExRQQV9zUVUBGgkBCE1FRgkJAQEEREouKAAAMC4oAAROaxUo8EY4RF9nQmRBUDhBWFU1cVVGLUFXcjc0c0NnZ1lEUlZWU2lBWUFrQVlCbUFZQW9RWjdGSzVINFhxVVA2Z0dCTElHSkFrQUFBQQkDBEJFCQgBAQRCawEGCQEAQx0YRExnR0NnLi6aApUBIVdCY1hqQTZZAih3UGxYSUFBb0FERhltIHpvSlFVMVRNeilRQFFPUXVTVTFuSjRPajVPOF9VMREMQUFBVx0MAFkdDABhHQwAYx0MEGVBQ0pBERDw9VBBX9gC8kPgAuWWLOoCFGh0dHBzOi8vdXJsei5mci9pTVJOgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDtJ5U4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTgyLjE5OS4xMzAuNDSoBACyBA8IABABGNgFIFooADAAOAK4BADABADIBADSBA8xMTU2MyNBTVMzOjU5OTXaBAIIAeAEAfAEx4HlY4gFAZgFAKAF____________AcAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBcgE-gUECAAQAJAGAJgGALgGAMEGAAUlKPA_0Aa1RNoGFgoQBRAdAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSEwYACAAMAA4ugZAAMgHnfEF0gcNCRE7ATgI2gcGCSdo4AcA6gcCCADwB-72A4oIAhAAlQgAAIA_mAgB&s=a70d7fd4b5ebef639ab984f66b539b0a14319dba
Requested by
Host: urlz.fr
URL: https://urlz.fr/iMRN
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 13 Jul 2022 18:37:37 GMT
X-Proxy-Origin
82.199.130.44; 82.199.130.44; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
5075f72e-649b-4453-bba5-53e9afe86d82
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
protected-by.clarium.io/ Frame B2EC
68 B
345 B
Image
General
Full URL
https://protected-by.clarium.io/pixel?tag=wt_NkphelRHSUpoLWhva1ozSHpxOS0yOVB4Q3lZL2FwcG5leHVzOjcyOHg5MA==&v=5&s=v31g7sdkc5e&id=eyJwcmViaWQiOnsiYWRJZCI6IjEwOTI1ZWI5MzNiY2RmNSIsImNwbSI6MC4wMTQ5NTIsInMiOiIzMDAxMiIsInNyYyI6ImNsaWVudCJ9LCJ0cF9jcmlkIjoiUEI6YXBwbmV4dXM7MjA5MjczMDMxIn0%3D&sb=undefined&cb=5169582&h=urlz.fr&d=eyJ3aCI6Ik5rcGhlbFJIU1Vwb0xXaHZhMW96U0hweE9TMHlPVkI0UTNsWkwyRndjRzVsZUhWek9qY3lPSGc1TUE9PSIsIndkIjp7ImsiOnsiaGJfYmlkZGVyIjpbImFwcG5leHVzIl0sImhiX3NpemUiOlsiNzI4eDkwIl19fSwid3IiOjB9
Requested by
Host: urlz.fr
URL: https://urlz.fr/iMRN
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.68.4.6 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-68-4-6.eu-central-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 13 Jul 2022 18:37:38 GMT
Server
nginx/1.14.0 (Ubuntu)
Content-Type
image/png
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
68
Expires
Sat, 26 Jul 1997 05:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame 8683
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=smartadserver&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Requested by
Host: urlz.fr
URL: https://urlz.fr/iMRN
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.89.20.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-20-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://urlz.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 13 Jul 2022 18:37:38 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 13 Jul 2022 18:37:38 GMT
location
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
server
AkamaiGHost
sas-interstitial-3.0.js
ced-ns.sascdn.com/diff/templates/ts/dist/interstitial/
52 KB
15 KB
Script
General
Full URL
https://ced-ns.sascdn.com/diff/templates/ts/dist/interstitial/sas-interstitial-3.0.js
Requested by
Host: urlz.fr
URL: https://urlz.fr/iMRN
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ef::5c7b:c2a1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
3602bd1d2432619518cbe6085b597de8915a60f839d2c98ec15b39c793eceb4e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 18:37:38 GMT
Content-Encoding
gzip
Last-Modified
Wed, 29 Jun 2022 09:24:38 GMT
Server
AkamaiNetStorage
ETag
"18422b3e380d29d66182b9ac8d368a05:1656500709.116625"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
14688
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220707&jk=1556601588032590&bg=!fX6lfjrNAAaYcLjmuHA7ACkAdvg8WswCj03QIrBjPDUHZCLpWpEfKz1UcibTd11bQoaF8SuNcp39FgIAAAB8UgAAAANoAQcKAJ5Skjp9ePnmxYvuK441gvwK1DYaV7zasG2WW8qoWQ0i81fTgEjfFrznbr0rWZbByHXbPHVfk73J7X2rZEp-odbLbMM41cOUoofu-VpA0bYx7XkKmM7Bri2p7Qe163IvLY16NY1x6geRUGu4PSwmt-xbh6YwV2v8qeGYiDUvxMggi53rLOyrX3VMzrsi2MbTwSj8CH7Tn2vhhJv5-aJAT5kCnMQMWmK15AiCZjxfBbUpm3IeQQ3h0lO07ELcETPvq39sL8ZCCrUXzBhfvhnaPV-knFyEXN0EVBM92fIxxDTgbX4atGm4EA2WR3yLOFWZ9gKn5Jh0KBYiOzEzVIh8ZgqCPMCLtxLqFju7Qh-or9_Bv96ieVEvZITKqSXqh7FoA41gmZAI_zMuMbY6ZLwGn83hjrmzXxAED-dOSJ4wvUxKuP8fK4cz9anOX8ONVYltl8L5JJ73jQZskZdwymuwTOp5NIx_JeveQK2MqVWBRQ3fM6XBcbcAkGd6W9wPkRtyDJy8oPqR1gJAW94Mat7ZaDz-g3zoOHpdScMwKxNMmEkp8DqH86aVczh3OgX7liQavrPFkn43D8HZrKBtcb5twThgV0fkr_HQ8fN7P6wScKzn5h6gadvuQAchdxZEw3evpc31vJSsDQRviO-DuUqIcqRgs0x7z1nsakPUtgAgCagJ5lYF1Vqrp63REOVLTbaSXghwVTK-pMuaxr9syWP9jSHFPYhbDL5i2mTKveD_WLOxYHuLtdrTF_ufpDJYqzQDlpxFbAEquZUu04gqMpsAHKqFyTRBfAuCBP4HSmUJ94gPN_voKPnloMeXdSoDFUWknNyT6AsDKDCXDmJM78F5tvOcQ7cex5K14NRnUfNrXNrRTrFo5FCrPG6DVc-7L0rkqg4WZnzBnjlb7VL3kII7UYo-nTPdVYPy6sehLfbqPYjW5OdHTaFh9ylHdT9Gf70K-jkT3d1l1aFg6A-hxKGc43kGJJvJh-5nT1pPqFI7xmr_LS-CXNxalPi_dgCxQIm9ic4bG7p_qoKRaO7GfyNiu5dXI3nTZNYJrZKgso4BX1i7KZEt9MXW44z5uhLKqvvBbucIyPHa9BhVb_lC7Nn0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

auction
intake.pbstck.com/v1/intake/
0
65 B
XHR
General
Full URL
https://intake.pbstck.com/v1/intake/auction?sId=dd8810a6&tId=d086759d-86af-4b34-852b-bb5d4c87aa38&c=5&ctr=DE
Requested by
Host: urlz.fr
URL: https://urlz.fr/iMRN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:5d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://urlz.fr/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Wed, 13 Jul 2022 18:37:37 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
72a421883d0971ea-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
impression
intake.pbstck.com/v1/intake/
0
57 B
XHR
General
Full URL
https://intake.pbstck.com/v1/intake/impression?sId=dd8810a6&tId=d086759d-86af-4b34-852b-bb5d4c87aa38&c=2&ctr=DE
Requested by
Host: urlz.fr
URL: https://urlz.fr/iMRN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:5d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://urlz.fr/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Wed, 13 Jul 2022 18:37:38 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
72a421883d1571ea-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vevent
ams3-ib.adnxs.com/ Frame B2EC
0
829 B
Ping
General
Full URL
https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Furlz.fr%2FiMRN&e=wqT_3QK2C_BMtgUAAAMA1gAFAQjwobyWBhD43bHSvaqXkXAYhp3bvoaAnL1rKjYJehSuR-F6lD8R1A0UeCefjj8ZAAAA4FG43j8h1A0UeCefjj8pexQJJAAxCRuwnj8wyZz-BTiVHECrWkgCUMeB5WNYwPlXYABojPhOeJ3xBYABAYoBA1VTRJIBAQbwaZgB2AWgAVqoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQD6AQgxMjU1MzgwMYoClQF1ZignYScsIDQzODg3NzksIDE2NTc3Mzc0NTYpO3VmKCdpJywgMzg0MTE2NywgMTY1NzczNzQ1NikFHTBnJywgMTExMDUxMDgsQjsAAGMFOxQ4MDcwNTNGHgAwcicsIDIwOTI3MzAzMTYfAPRpAZIC1QQhMkhBRnBRaU56TUFTRU1lQjVXTVlBQ0RBLVZjd0FUZ0FRQUJJcTFwUXlaei1CVmdBWUpZSGFBQndBSGdBZ0FFQWlBRUFrQUVCbUFFQm9BRUNxQUVDc0FFQXVRSGZoWkFJWDJtVVA4RUIxdHBjNk9GNmxEX0pBUUFBQUFBQUFQQV8yUUZOWnllRG8tVHZQLUFCajducUFmVUJDdGVqUEpnQ0FLQUNBTFVDQUFBQUFMMENBQUFBQU1BQ0FNZ0NBTkFDQU5nQ0FPQUNBT2dDQVBnQ0FZQURBWmdEQWFJREZ3aVExdm9LRUFJWUFTMEFBQUFBTWdka1pXWmhkV3gwb2dNT0NJLUMteUlRQkJnQkxhdHd2amVpQXhNSTBwVGlJQkFLR0FFdEFBQ0FRRElEZFc1cnVnTUpRVTFUTXpvMU9UazE0QVBrTG9BRXZkekFBNGdFMk56QUE1QUVBSmdFQk1FRUFBQUFBAewMQURKQgUICQEUMkFRQThRMQkoQUFBSWdGNnk2cEIRExRQQV9zUVUBGgkBCE1FRgkJAQEEREouKAAAMC4oAAROaxUo8EY4RF9nQmRBUDhBWFU1cVVGLUFXcjc0c0NnZ1lEUlZWU2lBWUFrQVlCbUFZQW9RWjdGSzVINFhxVVA2Z0dCTElHSkFrQUFBQQkDBEJFCQgBAQRCawEGCQEAQx0YRExnR0NnLi6aApUBIVdCY1hqQTZZAih3UGxYSUFBb0FERhltIHpvSlFVMVRNeilRQFFPUXVTVTFuSjRPajVPOF9VMREMQUFBVx0MAFkdDABhHQwAYx0MEGVBQ0pBERDw9VBBX9gC8kPgAuWWLOoCFGh0dHBzOi8vdXJsei5mci9pTVJOgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDtJ5U4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTgyLjE5OS4xMzAuNDSoBACyBA8IABABGNgFIFooADAAOAK4BADABADIBADSBA8xMTU2MyNBTVMzOjU5OTXaBAIIAeAEAfAEx4HlY4gFAZgFAKAF____________AcAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBcgE-gUECAAQAJAGAJgGALgGAMEGAAUlKPA_0Aa1RNoGFgoQBRAdAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSEwYACAAMAA4ugZAAMgHnfEF0gcNCRE7ATgI2gcGCSdo4AcA6gcCCADwB-72A4oIAhAAlQgAAIA_mAgB&s=a70d7fd4b5ebef639ab984f66b539b0a14319dba&type=nv&nvt=5&jm=1003&px=0&py=5000&bw=728&bh=90&sid=3464290901718829088&vd=ct~0|rr~0&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=12553801&cid=3&cr=nv&sw=1600&sh=1200&pw=1600&ph=5216&ww=1600&wh=1200&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 13 Jul 2022 18:37:38 GMT
X-Proxy-Origin
82.199.130.44; 82.199.130.44; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
4d6e1430-dc33-48ee-a554-ec37bc14c8f3
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://urlz.fr
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
request.php
ad.ad-srv.net/ Frame E3EE
Redirect Chain
  • https://ad.ad-srv.net/request.php?zone=0tb3zvbgqv0r&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x216&scrollPos=0x0&documentReferer=https%3A%2F%2Furlz.fr%2FiMRN&a...
  • https://ad.ad-srv.net/request.php?zone=0tb3zvbgqv0r&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x216&scrollPos=0x0&documentReferer=https%3A%2F%2Furlz.fr%2FiMRN&a...
5 KB
2 KB
Document
General
Full URL
https://ad.ad-srv.net/request.php?zone=0tb3zvbgqv0r&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x216&scrollPos=0x0&documentReferer=https%3A%2F%2Furlz.fr%2FiMRN&ancestorOrigins=https%3A%2F%2Furlz.fr&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:3605&extVar[]=XR_DOM_RTB:urlz.fr&redirectClick=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3F8_43A93coT-NxQCBOBaZPwAAAKBwPeI_RsR1zSLbnD9ATS1b64ukP-UJ6brlskgehs7WZwBwemvwEM9iAAAAAEiOvwAVDgAASicAAAIAAAANft4MwPwVAAAAAABVU0QAVVNEANgCWgAMvAAAAAABAQUCAAAAAKYAVyafaAAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521ghc-mgjFiI0TEI38-WYYwPlXIAAoADF7FK5H4XqkPzoJQU1TMzo1OTk1QOQuSU1nJ4Oj5O8_UQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAAAAAaQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAPA_%2Fcca%3DMTAwNTgjQU1TMzo1OTk1%2Fbn%3D96413%2Fclickenc%3D&uidRedirect=1
Requested by
Host: urlz.fr
URL: https://urlz.fr/iMRN
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.104.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.53.104.76.144.clients.your-server.de
Software
Apache /
Resource Hash
4c408e2be4a754bada40456c09a86dfa27dca03eab2e905f1457c6743b3475b3

Request headers

Referer
https://urlz.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
1727
Content-Type
text/html; charset=utf-8
Date
Wed, 13 Jul 2022 18:37:38 GMT
Expires
Wed, 13 Jul 2022 19:37:38 +0200
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
X-NEORY-SubId
92575400130029001467935012019022

Redirect headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Wed, 13 Jul 2022 18:37:38 GMT
Expires
Wed, 13 Jul 2022 19:37:38 +0200
Location
request.php?zone=0tb3zvbgqv0r&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x216&scrollPos=0x0&documentReferer=https%3A%2F%2Furlz.fr%2FiMRN&ancestorOrigins=https%3A%2F%2Furlz.fr&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:3605&extVar[]=XR_DOM_RTB:urlz.fr&redirectClick=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3F8_43A93coT-NxQCBOBaZPwAAAKBwPeI_RsR1zSLbnD9ATS1b64ukP-UJ6brlskgehs7WZwBwemvwEM9iAAAAAEiOvwAVDgAASicAAAIAAAANft4MwPwVAAAAAABVU0QAVVNEANgCWgAMvAAAAAABAQUCAAAAAKYAVyafaAAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521ghc-mgjFiI0TEI38-WYYwPlXIAAoADF7FK5H4XqkPzoJQU1TMzo1OTk1QOQuSU1nJ4Oj5O8_UQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAAAAAaQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAPA_%2Fcca%3DMTAwNTgjQU1TMzo1OTk1%2Fbn%3D96413%2Fclickenc%3D&uidRedirect=1
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
async_usersync.html
acdn.adnxs.com/dmp/ Frame 0DEA
52 KB
17 KB
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=3605&pub_id=1145851
Requested by
Host: urlz.fr
URL: https://urlz.fr/iMRN
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://urlz.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
50325
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 13 Jul 2022 18:37:38 GMT
ETag
W/"623de86a-cf34"
Expires
Mon, 11 Jul 2022 04:38:47 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
219757, 724841
X-Served-By
cache-lga21950-LGA, cache-hhn4026-HHN
X-Timer
S1657737458.095899,VS0,VE0
rd_log
ams3-ib.adnxs.com/ Frame 94C9
0
815 B
Script
General
Full URL
https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Furlz.fr%2FiMRN&e=wqT_3QKZDfBMmQYAAAMA1gAFAQjwobyWBhD94Nrl6tL87CgYhp3bvoaAnL1rKjYJehSuR-F6hD8R1A0UeCeffj8ZAAAAIFyP0j8h1A0UeCeffj8pexQJJBAxAAAAQAEtqDCn34IHOJUcQKtaSAJQiojlY1jA-VdgAGiM-E54nfEFgAEBigEDVVNEkgEBBvBpmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQD6AQgxNDcyNTAzMYoClQF1ZignYScsIDQzODg3NzksIDE2NTc3Mzc0NTYpO3VmKCdpJywgMzg0MTE2NywgMTY1NzczNzQ1NgkdLGcnLCAxMTEwNTI1N0Y7ACxjJywgMzg4MDczMjZGHgAscicsIDIwOTI3Mzg2Oh8A9EgBkgKxBCFLR3FIREFpZXpzQVNFSXFJNVdNWUFDREEtVmN3QVRnQVFBQklxMXBRcDktQ0IxZ0FZSllIYUFCd0FIZ0FnQUVBaUFFQWtBRUJtQUVCb0FFQ3FBRUNzQUVBdVFIZmhaQUlYMm1FUDhFQjF0cGM2T0Y2aERfSkFRQUFBQUFBQVBBXzJRRk5aeWVEby1UdlAtQUJqN25xQWZVQkN0ZWpQSmdDQUtBQ0FyVUNBQUFBQUwwQ0FBQUFBTUFDQU1nQ0FOQUNBTmdDQU9BQ0FPZ0NBUGdDQVlBREFaZ0RBYUlERGdqVV92c2lFQVFZQVMzbUtLODZvZ01UQ05LVTRpQVFDaGdCTFFBQWdFQXlBM1Z1YTdvRENVRk5Vek02TlRrNU5lQUQ1QzZBQkwzY3dBT0lCSmZkd0FPUUJBQ1lCQVRCQkFBQUFBQUEBywR5URHVJEFBQU5nRUFQRUUBCwkBIENJQmVzdXFRVQkPGEFEd1A3RUYNDRRBQUFEQkIdPwB5LigAADkyKAAAWhUo8ENQQV80QVhvQl9BRjZlZWxCZmdGcS0tTEFvSUdBMFZWVW9nR0FKQUdBWmdHQUtFR2V4U3VSLUY2bEQtb0JnU3lCaVFKQQF7CQEAUgkHBQEAWgUGCQEAaAkHAQFAQzRCZ28umgKVASFOUmVlZmc2NQLQd1BsWElBQW9BREY3Rks1SDRYcVVQem9KUVUxVE16bzFPVGsxUU9RdVNVMW5KNE9qNU84X1Ud9QBXHQwAWR0MAGEdDABjHQwQZUFDSkEREMBQQV_YAvJD4ALllizqAhRodHRwczovL3VybHouZnIvaU1STvICEQoGQURWX0lEEgc0aYgc8gISCgZDUEcBFAAIcWIY8gIKCgVDUAEUOAEw8gINCghBRFZfRlJFUREQHFJFTV9VU0VSBRAADAkgGENPREUSAPIBDwFREQ8QCwoHQ1AVDhAQCgVJTwFZCAczOGXsAPIBIQRJTxUhOBMKD0NVU1RPTV9NT0RFTAErFADyAhoKFjIWABxMRUFGX05BTQVxCB4KGjYdAAhBU1QBPhBJRklFRAE-HA0KCFNQTElUAU3wsAEwgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDtJ5U4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTgyLjE5OS4xMzAuNDSoBACyBA4IABABGAAgACgAMAA4ArgEAMAEAMgEANIEDzExNTYzI0FNUzM6NTk5NdoEAggB4AQB8ASKiOVjiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAEMdAAA2AUB4AUB8AXGBfoFBAgAEACQBgCYBgC4BgDBBgkiKPA_0Aa1RNoGFgoQCREZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSAG3PDAAOLoGQADIB53xBdIHDQkROgE4CNoHBgknaOAHAOoHAggA8Afu9gOKCAIQAJUIAACAP5gIAQ..&s=e290a2cba318a808cc8b4eca277eda31ee220573&bdref=https%3A%2F%2Furlz.fr%2FiMRN&bdtop=true&bdifs=1&bstk=https%3A%2F%2Furlz.fr%2FiMRN,https%3A%2F%2Furlz.fr%2FiMRN&
Requested by
Host: urlz.fr
URL: https://urlz.fr/iMRN
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 13 Jul 2022 18:37:38 GMT
X-Proxy-Origin
82.199.130.44; 82.199.130.44; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
78da82ba-f445-409a-82e6-4951b812f987
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 0812
0
743 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=3605&pub_id=1145851&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=3605&pub_id=1145851
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 13 Jul 2022 18:37:38 GMT
X-Proxy-Origin
82.199.130.44; 82.199.130.44; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
19cdd946-6de0-4cc7-88cf-02e81210d3fc
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 196A
52 KB
17 KB
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=3605&pub_id=1145851
Requested by
Host: urlz.fr
URL: https://urlz.fr/iMRN
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://urlz.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
50326
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 13 Jul 2022 18:37:38 GMT
ETag
W/"623de86a-cf34"
Expires
Mon, 11 Jul 2022 04:38:47 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
219757, 724842
X-Served-By
cache-lga21950-LGA, cache-hhn4026-HHN
X-Timer
S1657737458.159918,VS0,VE0
rd_log
ams3-ib.adnxs.com/ Frame CA1E
0
815 B
Script
General
Full URL
https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Furlz.fr%2FiMRN&e=wqT_3QKZDfBMmQYAAAMA1gAFAQjwobyWBhD94Nrl6tL87CgYhp3bvoaAnL1rKjYJehSuR-F6hD8R1A0UeCeffj8ZAAAAIFyP0j8h1A0UeCeffj8pexQJJBAxAAAAQAEtqDCn34IHOJUcQKtaSAJQiojlY1jA-VdgAGiM-E54nfEFgAEBigEDVVNEkgEBBvBpmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQD6AQgxNDcyNTAzMYoClQF1ZignYScsIDQzODg3NzksIDE2NTc3Mzc0NTYpO3VmKCdpJywgMzg0MTE2NywgMTY1NzczNzQ1NgkdLGcnLCAxMTEwNTI1N0Y7ACxjJywgMzg4MDczMjZGHgAscicsIDIwOTI3Mzg2Oh8A9EgBkgKxBCFLR3FIREFpZXpzQVNFSXFJNVdNWUFDREEtVmN3QVRnQVFBQklxMXBRcDktQ0IxZ0FZSllIYUFCd0FIZ0FnQUVBaUFFQWtBRUJtQUVCb0FFQ3FBRUNzQUVBdVFIZmhaQUlYMm1FUDhFQjF0cGM2T0Y2aERfSkFRQUFBQUFBQVBBXzJRRk5aeWVEby1UdlAtQUJqN25xQWZVQkN0ZWpQSmdDQUtBQ0FyVUNBQUFBQUwwQ0FBQUFBTUFDQU1nQ0FOQUNBTmdDQU9BQ0FPZ0NBUGdDQVlBREFaZ0RBYUlERGdqVV92c2lFQVFZQVMzbUtLODZvZ01UQ05LVTRpQVFDaGdCTFFBQWdFQXlBM1Z1YTdvRENVRk5Vek02TlRrNU5lQUQ1QzZBQkwzY3dBT0lCSmZkd0FPUUJBQ1lCQVRCQkFBQUFBQUEBywR5URHVJEFBQU5nRUFQRUUBCwkBIENJQmVzdXFRVQkPGEFEd1A3RUYNDRRBQUFEQkIdPwB5LigAADkyKAAAWhUo8ENQQV80QVhvQl9BRjZlZWxCZmdGcS0tTEFvSUdBMFZWVW9nR0FKQUdBWmdHQUtFR2V4U3VSLUY2bEQtb0JnU3lCaVFKQQF7CQEAUgkHBQEAWgUGCQEAaAkHAQFAQzRCZ28umgKVASFOUmVlZmc2NQLQd1BsWElBQW9BREY3Rks1SDRYcVVQem9KUVUxVE16bzFPVGsxUU9RdVNVMW5KNE9qNU84X1Ud9QBXHQwAWR0MAGEdDABjHQwQZUFDSkEREMBQQV_YAvJD4ALllizqAhRodHRwczovL3VybHouZnIvaU1STvICEQoGQURWX0lEEgc0aYgc8gISCgZDUEcBFAAIcWIY8gIKCgVDUAEUOAEw8gINCghBRFZfRlJFUREQHFJFTV9VU0VSBRAADAkgGENPREUSAPIBDwFREQ8QCwoHQ1AVDhAQCgVJTwFZCAczOGXsAPIBIQRJTxUhOBMKD0NVU1RPTV9NT0RFTAErFADyAhoKFjIWABxMRUFGX05BTQVxCB4KGjYdAAhBU1QBPhBJRklFRAE-HA0KCFNQTElUAU3wsAEwgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDtJ5U4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTgyLjE5OS4xMzAuNDSoBACyBA4IABABGAAgACgAMAA4ArgEAMAEAMgEANIEDzExNTYzI0FNUzM6NTk5NdoEAggB4AQB8ASKiOVjiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAEMdAAA2AUB4AUB8AXGBfoFBAgAEACQBgCYBgC4BgDBBgkiKPA_0Aa1RNoGFgoQCREZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSAG3PDAAOLoGQADIB53xBdIHDQkROgE4CNoHBgknaOAHAOoHAggA8Afu9gOKCAIQAJUIAACAP5gIAQ..&s=e290a2cba318a808cc8b4eca277eda31ee220573&bdref=https%3A%2F%2Furlz.fr%2FiMRN&bdtop=true&bdifs=1&bstk=https%3A%2F%2Furlz.fr%2FiMRN,https%3A%2F%2Furlz.fr%2FiMRN&
Requested by
Host: urlz.fr
URL: https://urlz.fr/iMRN
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 13 Jul 2022 18:37:38 GMT
X-Proxy-Origin
82.199.130.44; 82.199.130.44; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
ed6203b9-f206-4de4-b0f4-c38be0dd28df
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
6af8f7e7-0fa4-4671-8569-8f88c1461a10.jpg
crcdn01.adnxs.com/creative/p/11563/2020/2/21/16809493/ Frame CA1E
104 KB
105 KB
Image
General
Full URL
https://crcdn01.adnxs.com/creative/p/11563/2020/2/21/16809493/6af8f7e7-0fa4-4671-8569-8f88c1461a10.jpg
Requested by
Host: urlz.fr
URL: https://urlz.fr/iMRN
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.221.168.189 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-168-189.deploy.static.akamaitechnologies.com
Software
nginx/1.21.3 /
Resource Hash
18ff02e2a023fdcf2568a3bcda7d922fd5eebb938ef45eb28888fdb14820fd48

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 18:37:38 GMT
Last-Modified
Fri, 21 Feb 2020 15:49:27 GMT
Server
nginx/1.21.3
x-amz-request-id
764758bd-525f-435a-9aea-e34a4252e9ab
X-Clv-Request-Id
764758bd-525f-435a-9aea-e34a4252e9ab
ETag
"c8c612a1acf039fbf24119d173e13937"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=3888000
X-Clv-S3-Version
2.5
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
106510
Expires
Sat, 27 Aug 2022 18:37:38 GMT
trk.js
cdn.adnxs.com/v/s/224/ Frame CA1E
85 KB
29 KB
Script
General
Full URL
https://cdn.adnxs.com/v/s/224/trk.js
Requested by
Host: urlz.fr
URL: https://urlz.fr/iMRN
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 18:37:38 GMT
Content-Encoding
gzip
Age
12044347
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
29216
X-Served-By
cache-lga21927-LGA, cache-hhn4027-HHN
Access-Control-Allow-Origin
*, *
Last-Modified
Thu, 24 Feb 2022 08:58:20 GMT
Server
AkamaiNetStorage
X-Timer
S1657737458.140503,VS0,VE0
ETag
"80cd3e09497c9fa4207d756c9d41697c:1645693100.060631"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Via
1.1 varnish, 1.1 varnish
Expires
Fri, 24 Feb 2023 08:58:29 GMT
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
827583, 6726348
it
ams3-ib.adnxs.com/ Frame CA1E
0
815 B
Image
General
Full URL
https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Furlz.fr%252FiMRN&e=wqT_3QKSC_BMkgUAAAMA1gAFAQjwobyWBhD94Nrl6tL87CgYhp3bvoaAnL1rKjYJehSuR-F6hD8R1A0UeCeffj8ZAAAAIFyP0j8h1A0UeCeffj8pexQJJBAxAAAAQAEtqDCn34IHOJUcQKtaSAJQiojlY1jA-VdgAGiM-E54nfEFgAEBigEDVVNEkgEBBvBpmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQD6AQgxNDcyNTAzMYoClQF1ZignYScsIDQzODg3NzksIDE2NTc3Mzc0NTYpO3VmKCdpJywgMzg0MTE2NywgMTY1NzczNzQ1NgkdLGcnLCAxMTEwNTI1N0Y7ACxjJywgMzg4MDczMjZGHgAscicsIDIwOTI3Mzg2Oh8A9EgBkgKxBCFLR3FIREFpZXpzQVNFSXFJNVdNWUFDREEtVmN3QVRnQVFBQklxMXBRcDktQ0IxZ0FZSllIYUFCd0FIZ0FnQUVBaUFFQWtBRUJtQUVCb0FFQ3FBRUNzQUVBdVFIZmhaQUlYMm1FUDhFQjF0cGM2T0Y2aERfSkFRQUFBQUFBQVBBXzJRRk5aeWVEby1UdlAtQUJqN25xQWZVQkN0ZWpQSmdDQUtBQ0FyVUNBQUFBQUwwQ0FBQUFBTUFDQU1nQ0FOQUNBTmdDQU9BQ0FPZ0NBUGdDQVlBREFaZ0RBYUlERGdqVV92c2lFQVFZQVMzbUtLODZvZ01UQ05LVTRpQVFDaGdCTFFBQWdFQXlBM1Z1YTdvRENVRk5Vek02TlRrNU5lQUQ1QzZBQkwzY3dBT0lCSmZkd0FPUUJBQ1lCQVRCQkFBQUFBQUEBywR5URHVJEFBQU5nRUFQRUUBCwkBIENJQmVzdXFRVQkPGEFEd1A3RUYNDRRBQUFEQkIdPwB5LigAADkyKAAAWhUo8ENQQV80QVhvQl9BRjZlZWxCZmdGcS0tTEFvSUdBMFZWVW9nR0FKQUdBWmdHQUtFR2V4U3VSLUY2bEQtb0JnU3lCaVFKQQF7CQEAUgkHBQEAWgUGCQEAaAkHAQFAQzRCZ28umgKVASFOUmVlZmc2NQLQd1BsWElBQW9BREY3Rks1SDRYcVVQem9KUVUxVE16bzFPVGsxUU9RdVNVMW5KNE9qNU84X1Ud9QBXHQwAWR0MAGEdDABjHQwQZUFDSkEREPD1UEFf2ALyQ-AC5ZYs6gIUaHR0cHM6Ly91cmx6LmZyL2lNUk6AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AO0nlTgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQNODIuMTk5LjEzMC40NKgEALIEDggAEAEYACAAKAAwADgCuAQAwAQAyAQA0gQPMTE1NjMjQU1TMzo1OTk12gQCCAHgBAHwBIqI5WOIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AXGBfoFBAgAEACQBgCYBgC4BgDBBgAAASUo8D_QBrVE2gYWChABDy4BAGAQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8IBRpEIAAwADi6BkAAyAed8QXSBw0JETwBOAjaBwYJJ2jgBwDqBwIIAPAH7vYDiggCEACVCAAAgD-YCAE.&s=897dc9b2b2aa3a0fa640a7645ab2b62aacab1a57
Requested by
Host: urlz.fr
URL: https://urlz.fr/iMRN
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 13 Jul 2022 18:37:38 GMT
X-Proxy-Origin
82.199.130.44; 82.199.130.44; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
a34c6476-dcee-46e9-9911-0d9751a31ed1
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
protected-by.clarium.io/ Frame CA1E
68 B
345 B
Image
General
Full URL
https://protected-by.clarium.io/pixel?tag=wt_NkphelRHSUpoLWhva1ozSHpxOS0yOVB4Q3lZL2FwcG5leHVzOjMwMHgyNTA=&v=5&s=v31g7sdkce0&id=eyJwcmViaWQiOnsiYWRJZCI6IjEwNzk5YTA3ZDNhYWU0N2QiLCJjcG0iOjAuMDA3NDc2LCJzIjoiMjYzMjgiLCJzcmMiOiJjbGllbnQifSwidHBfY3JpZCI6IlBCOmFwcG5leHVzOzIwOTI3Mzg2NiJ9&sb=undefined&cb=261346&h=urlz.fr&d=eyJ3aCI6Ik5rcGhlbFJIU1Vwb0xXaHZhMW96U0hweE9TMHlPVkI0UTNsWkwyRndjRzVsZUhWek9qTXdNSGd5TlRBPSIsIndkIjp7ImsiOnsiaGJfYmlkZGVyIjpbImFwcG5leHVzIl0sImhiX3NpemUiOlsiMzAweDI1MCJdfX0sIndyIjowfQ==
Requested by
Host: urlz.fr
URL: https://urlz.fr/iMRN
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.68.4.6 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-68-4-6.eu-central-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 13 Jul 2022 18:37:38 GMT
Server
nginx/1.14.0 (Ubuntu)
Content-Type
image/png
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
68
Expires
Sat, 26 Jul 1997 05:00:00 GMT
aip
eqx.smartadserver.com/h/
43 B
270 B
Image
General
Full URL
https://eqx.smartadserver.com/h/aip?uii=216844373549245635&tmstp=3325127780&ckid=0&systgt=%24qc%3d1313617845%3b%24ql%3dMedium%3b%24qpc%3de1w%3b%24qt%3d78_2531_71929t%3b%24dma%3d0%3b%24b%3d16999%3b%24o%3d11100%3b%24sw%3d1600%3b%24sh%3d1200&acd=1657737457740&envtype=0&opid=0a0a8648-fddf-40b0-9ff0-87dfc5330e11&opdt=1657737457739&siteid=205724&hb_bid=appnexus&hb_cpm=0.00&hb_ccy=USD&tgt=%3bhb_adid%3d10799a07d3aae47d%3bhb_pb%3d0.00%3bhb_bidder%3dappnexus%3bhb_format%3d26328-1%3b%24dt%3d1t%3b%24hc&gdpr=1&visit=S&statid=19&imptype=0&intgtype=0&pgDomain=https%3a%2f%2furlz.fr%2fiMRN&capp=1&mcrdbt=1&insid=9251369&imgid=24965671&pgid=890545&fmtid=26328&isLazy=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Jul 2022 18:37:37 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
close-retina.png
ced-ns.sascdn.com/diff/templates/images/
2 KB
2 KB
Image
General
Full URL
https://ced-ns.sascdn.com/diff/templates/images/close-retina.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ef::5c7b:c2a1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
4bf7264f30deeb81d01c84f1391db13744a4addf86af434cfd1d609cec819d14

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 18:37:38 GMT
Last-Modified
Wed, 20 Oct 2021 08:07:22 GMT
Server
AkamaiNetStorage
ETag
"dc45791e534223d16a4d14fa1a1a5f4e:1634717611.309945"
Content-Type
image/png
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1802
async_usersync
ib.adnxs.com/ Frame 0DEA
0
743 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=3605&pub_id=1145851&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=3605&pub_id=1145851
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 13 Jul 2022 18:37:38 GMT
X-Proxy-Origin
82.199.130.44; 82.199.130.44; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
2c66662e-63e6-4619-ae0a-0b22ba359037
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
ams3-ib.adnxs.com/ Frame 94C9
0
829 B
Ping
General
Full URL
https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Furlz.fr%2FiMRN&e=wqT_3QLACvDtQAUAAAMA1gAFAQjwobyWBhDlk6TX29yspB4Yhp3bvoaAnL1rKjYJ8_43A93coT8RjcUAgTgWmT8ZAAAAoHA94j8hRsR1zSLbnD8pQE0tW-uLpD8xAAAA4FG4nj8wyJz-BTiVHEDKTkgCUI38-WZYwPlXYABojPhOeJ3xBYABAYoBA1VTRJIBA1VTRJgB2AWgAVqoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQD6AQgxMjU1MzgwMIoCd3VmKCdhJywgNDUyNTM2MiwgMTY1NzczNzQ1Nik7dWYoJ2knLCA0MTI2MTY5LCAxNjU3Nx0dLGcnLCAxMTQ5Mzg4N0Y7ADByJywgMjE1OTA3ODUzNh8A9A4BkgL9AyFXMk52Q0FqRmlJMFRFSTM4LVdZWUFDREEtVmN3QURnQVFBQkl5azVReUp6LUJWZ0FZSllIYUFCd0FIZ0FnQUVBaUFFQWtBRUJtQUVCb0FFQnFBRUJzQUVBdVFHUjd3cnc0WHFrUDhFQnhhYV8xWE9NcERfSkFRQUFBQUFBQVBBXzJRRk5aeWVEby1UdlAtQUIyZXY3QWZVQkN0Y2pQWmdDQUtBQ0FiVUNBQUFBQUwwQ0FBQUFBTUFDQU1nQ0FOQUNBTmdDQU9BQ0FPZ0NBUGdDQVlBREFaZ0RBYm9EQ1VGTlV6TTZOVGs1TmVBRDVDNkFCSnU5MlFPSUJKeTkyUU9RQkFDWUJBSEJCQQGRCQEEeVERoSRBQUFOZ0VBUEVFAQsJASBDSUJlc3VxUVUJDxhBRHdQN0VGDQ1EQUFBREJCWHNVcmtmaGVxUV95LigAADkyKAAEWkIRZ_BDUEFfNEFXdEhfQUZfOE85QmZnRnNwcVVBb0lHQTBWVlVvZ0dBSkFHQVpnR0FLRUdleFN1Ui1GNnBELW9CZ1N5QmlRSkEBewkBAFIJBwUBAFoFBgkBAGgJBwEBQEM0QmdvLpoClQEhZ2hjLW1nNgECQHdQbFhJQUFvQURGN0ZLNUg0IcV8em9KUVUxVE16bzFPVGsxUU9RdVNVMW5KNE9qNU84X1URzQxBQUFXHQwAWR0MAGEdDABjHQwQZUFDSkEREPD1UEFf2ALyQ-AC5ZYs6gIUaHR0cHM6Ly91cmx6LmZyL2lNUk6AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AO0nlTgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQNODIuMTk5LjEzMC40NKgEALIEDwgAEAEY2AUgWigAMAA4ArgEAMAEAMgEANIEDzEwMDU4I0FNUzM6NTk5NdoEAggB4AQB8ASN_PlmiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFsKIC-gUECAAQAJAGAJgGALgGAMEGCSUo8D_QBrsz2gYWChAJERkBYBAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwgFGkQgADAAOLoGQADIB53xBdIHDQkROgE4CNoHBgknaOAHAOoHAggA8Afu9gOKCAIQAJUIAACAP5gIAQ..&s=aaabe2bc3d5e873e15d522f5857f944f0210d205&type=nv&nvt=5&jm=1003&px=0&py=5000&bw=728&bh=90&sid=3464290901718829088&vd=ct~0|rr~0&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=12553800&sw=1600&sh=1200&pw=1600&ph=5216&ww=1600&wh=1200&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 13 Jul 2022 18:37:38 GMT
X-Proxy-Origin
82.199.130.44; 82.199.130.44; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
ac1dac53-07ad-4ea5-8836-c3fcf8776124
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://urlz.fr
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 196A
0
743 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=3605&pub_id=1145851&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=3605&pub_id=1145851
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 13 Jul 2022 18:37:38 GMT
X-Proxy-Origin
82.199.130.44; 82.199.130.44; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
591a8ecb-a28f-43eb-b3c0-5d7fbfc0c30a
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
ams3-ib.adnxs.com/ Frame CA1E
0
829 B
Ping
General
Full URL
https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Furlz.fr%2FiMRN&e=wqT_3QKSC_BMkgUAAAMA1gAFAQjwobyWBhD94Nrl6tL87CgYhp3bvoaAnL1rKjYJehSuR-F6hD8R1A0UeCeffj8ZAAAAIFyP0j8h1A0UeCeffj8pexQJJBAxAAAAQAEtqDCn34IHOJUcQKtaSAJQiojlY1jA-VdgAGiM-E54nfEFgAEBigEDVVNEkgEBBvBpmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQD6AQgxNDcyNTAzMYoClQF1ZignYScsIDQzODg3NzksIDE2NTc3Mzc0NTYpO3VmKCdpJywgMzg0MTE2NywgMTY1NzczNzQ1NgkdLGcnLCAxMTEwNTI1N0Y7ACxjJywgMzg4MDczMjZGHgAscicsIDIwOTI3Mzg2Oh8A9EgBkgKxBCFLR3FIREFpZXpzQVNFSXFJNVdNWUFDREEtVmN3QVRnQVFBQklxMXBRcDktQ0IxZ0FZSllIYUFCd0FIZ0FnQUVBaUFFQWtBRUJtQUVCb0FFQ3FBRUNzQUVBdVFIZmhaQUlYMm1FUDhFQjF0cGM2T0Y2aERfSkFRQUFBQUFBQVBBXzJRRk5aeWVEby1UdlAtQUJqN25xQWZVQkN0ZWpQSmdDQUtBQ0FyVUNBQUFBQUwwQ0FBQUFBTUFDQU1nQ0FOQUNBTmdDQU9BQ0FPZ0NBUGdDQVlBREFaZ0RBYUlERGdqVV92c2lFQVFZQVMzbUtLODZvZ01UQ05LVTRpQVFDaGdCTFFBQWdFQXlBM1Z1YTdvRENVRk5Vek02TlRrNU5lQUQ1QzZBQkwzY3dBT0lCSmZkd0FPUUJBQ1lCQVRCQkFBQUFBQUEBywR5URHVJEFBQU5nRUFQRUUBCwkBIENJQmVzdXFRVQkPGEFEd1A3RUYNDRRBQUFEQkIdPwB5LigAADkyKAAAWhUo8ENQQV80QVhvQl9BRjZlZWxCZmdGcS0tTEFvSUdBMFZWVW9nR0FKQUdBWmdHQUtFR2V4U3VSLUY2bEQtb0JnU3lCaVFKQQF7CQEAUgkHBQEAWgUGCQEAaAkHAQFAQzRCZ28umgKVASFOUmVlZmc2NQLQd1BsWElBQW9BREY3Rks1SDRYcVVQem9KUVUxVE16bzFPVGsxUU9RdVNVMW5KNE9qNU84X1Ud9QBXHQwAWR0MAGEdDABjHQwQZUFDSkEREPD1UEFf2ALyQ-AC5ZYs6gIUaHR0cHM6Ly91cmx6LmZyL2lNUk6AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AO0nlTgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQNODIuMTk5LjEzMC40NKgEALIEDggAEAEYACAAKAAwADgCuAQAwAQAyAQA0gQPMTE1NjMjQU1TMzo1OTk12gQCCAHgBAHwBIqI5WOIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AXGBfoFBAgAEACQBgCYBgC4BgDBBgAAASUo8D_QBrVE2gYWChABDy4BAGAQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8IBRpEIAAwADi6BkAAyAed8QXSBw0JETwBOAjaBwYJJ2jgBwDqBwIIAPAH7vYDiggCEACVCAAAgD-YCAE.&s=897dc9b2b2aa3a0fa640a7645ab2b62aacab1a57&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=250&sid=3464290901718829088&vd=ct~0|rr~0&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=14725031&cid=3&cr=nv&sw=1600&sh=1200&pw=1600&ph=5216&ww=1600&wh=1200&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 13 Jul 2022 18:37:38 GMT
X-Proxy-Origin
82.199.130.44; 82.199.130.44; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
1be94ec6-c12c-4843-a2da-e7cf420a2acc
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://urlz.fr
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 8683
31 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.89.20.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-20-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
589d8a32de0ea0de516e7447459846018c47d35b6109588e4bfe5d669409a4a4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 18:37:38 GMT
Content-Encoding
gzip
Last-Modified
Tue, 12 Jul 2022 20:44:13 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=36116
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9450
Expires
Thu, 14 Jul 2022 04:39:34 GMT
impression
intake.pbstck.com/v1/intake/
0
223 B
XHR
General
Full URL
https://intake.pbstck.com/v1/intake/impression?sId=dd8810a6&tId=d086759d-86af-4b34-852b-bb5d4c87aa38&c=1&ctr=DE
Requested by
Host: urlz.fr
URL: https://urlz.fr/iMRN
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:5d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://urlz.fr/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Wed, 13 Jul 2022 18:37:38 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
72a4218a99b27717-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 8683
0
239 B
Image
General
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=smartadserver&gdpr_consent=undefined&gdpr=0&khaos=L5JY2W23-1D-2IYI
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Content-Type
image/gif
pixel
cm.g.doubleclick.net/ Frame 8683
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODBhMWQ1MGU3NTEwZDBiNWZiMzhmYjBlOTczMDVhZGYyZTZkYjQ1ZA&gdpr=0
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODBhMWQ1MGU3NTEwZDBiNWZiMzhmYjBlOTczMDVhZGYyZTZkYjQ1ZA&gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Jul 2022 18:37:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODBhMWQ1MGU3NTEwZDBiNWZiMzhmYjBlOTczMDVhZGYyZTZkYjQ1ZA&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 8683
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEJy84qMxG3y7tKOMUlCb4-s&google_cver=1
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEJy84qMxG3y7tKOMUlCb4-s&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Protocol
HTTP/1.1
Server
69.173.144.139 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 13 Jul 2022 18:37:38 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEJy84qMxG3y7tKOMUlCb4-s&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
337
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
px.ads.linkedin.com/ Frame 8683
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L5JY2W23-1D-2IYI&gdpr=0
0
708 B
Image
General
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L5JY2W23-1D-2IYI&gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Protocol
H2
Server
2620:1ec:21::14 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 18:37:38 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 45E47DC45F52419497BC303583E28D70 Ref B: FRAEDGE1213 Ref C: 2022-07-13T18:37:39Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXjtBRhh7JsYBuuw56Wiw==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L5JY2W23-1D-2IYI&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 8683
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Lgj34tO-SPWNi3gvdC2qDQ&rk=usync-other&gdpr=0
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=Lgj34tO-SPWNi3gvdC2qDQ&gdpr=0
43 B
556 B
Image
General
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=Lgj34tO-SPWNi3gvdC2qDQ&gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Protocol
HTTP/1.1
Server
52.95.118.179 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 13 Jul 2022 18:37:39 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
5VWB7SHZKSAMXGZQC1JH
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=Lgj34tO-SPWNi3gvdC2qDQ&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 8683
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/zs2PCwAAtvXGELnPBWictMn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5026718770894275550
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5026718770894275550
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Protocol
HTTP/1.1
Server
69.173.144.139 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Content-Type
image/gif

Redirect headers

date
Wed, 13 Jul 2022 18:37:39 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5026718770894275550
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
v1
ads.yahoo.com/cms/ Frame 8683
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594&gdpr=0
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L5JY2W23-1D-2IYI&sigv=1&esig=2~d88c581d1f750b5131f8e154d5ca6b477102a6dd&gdpr=0
0
194 B
Image
General
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L5JY2W23-1D-2IYI&sigv=1&esig=2~d88c581d1f750b5131f8e154d5ca6b477102a6dd&gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Protocol
H2
Server
2a00:1288:80:807::2 -, , ASN (),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 18:37:39 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L5JY2W23-1D-2IYI&sigv=1&esig=2~d88c581d1f750b5131f8e154d5ca6b477102a6dd&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 8683
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDVKWTJXMjMtMUQtMklZSQ==&gdpr=0
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDVKWTJXMjMtMUQtMklZSQ==&gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Jul 2022 18:37:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDVKWTJXMjMtMUQtMklZSQ==&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 8683
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=sWJtIVeFR_SeXQNtir-X-Q&rk=usync-na&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=sWJtIVeFR_SeXQNtir-X-Q&gdpr=0
43 B
556 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=sWJtIVeFR_SeXQNtir-X-Q&gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Protocol
HTTP/1.1
Server
209.54.182.161 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 13 Jul 2022 18:37:39 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
BN7QX57R6XZAHSZJ9646
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=sWJtIVeFR_SeXQNtir-X-Q&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
viewability
ad22.ad-srv.net/ Frame E3EE
0
150 B
Script
General
Full URL
https://ad22.ad-srv.net/viewability?s=92575400130029001467935012019022&a=c826bd8e&vb=m
Requested by
Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=0tb3zvbgqv0r&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x216&scrollPos=0x0&documentReferer=https%3A%2F%2Furlz.fr%2FiMRN&ancestorOrigins=https%3A%2F%2Furlz.fr&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:3605&extVar[]=XR_DOM_RTB:urlz.fr&redirectClick=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3F8_43A93coT-NxQCBOBaZPwAAAKBwPeI_RsR1zSLbnD9ATS1b64ukP-UJ6brlskgehs7WZwBwemvwEM9iAAAAAEiOvwAVDgAASicAAAIAAAANft4MwPwVAAAAAABVU0QAVVNEANgCWgAMvAAAAAABAQUCAAAAAKYAVyafaAAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521ghc-mgjFiI0TEI38-WYYwPlXIAAoADF7FK5H4XqkPzoJQU1TMzo1OTk1QOQuSU1nJ4Oj5O8_UQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAAAAAaQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAPA_%2Fcca%3DMTAwNTgjQU1TMzo1OTk1%2Fbn%3D96413%2Fclickenc%3D&uidRedirect=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.104.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.53.104.76.144.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ad.ad-srv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 18:37:39 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
request.php
ad.ad-srv.net/ Frame BEFF
Redirect Chain
  • https://ad.ad-srv.net/request.php?zone=nmigdcx4avw9&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=c7cb32da3378tcWDhUNgV1aD-zcFyJje0pGA7lGWexdQxnfXB_ZGYmv8ib8Yg4HFBiRH...
  • https://ad.ad-srv.net/request.php?zone=nmigdcx4avw9&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=c7cb32da3378tcWDhUNgV1aD-zcFyJje0pGA7lGWexdQxnfXB_ZGYmv8ib8Yg4HFBiRH...
5 KB
2 KB
Document
General
Full URL
https://ad.ad-srv.net/request.php?zone=nmigdcx4avw9&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=c7cb32da3378tcWDhUNgV1aD-zcFyJje0pGA7lGWexdQxnfXB_ZGYmv8ib8Yg4HFBiRHFKy0YzvFGidlg4F0CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=92575400130029001467935012019022&redirectClick=https%3A%2F%2Fad22.ad-srv.net%2Fc%2Fpqky8cvl0pkogi4%3Ftprde%3D&uidRedirect=1
Requested by
Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=0tb3zvbgqv0r&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x216&scrollPos=0x0&documentReferer=https%3A%2F%2Furlz.fr%2FiMRN&ancestorOrigins=https%3A%2F%2Furlz.fr&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:3605&extVar[]=XR_DOM_RTB:urlz.fr&redirectClick=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3F8_43A93coT-NxQCBOBaZPwAAAKBwPeI_RsR1zSLbnD9ATS1b64ukP-UJ6brlskgehs7WZwBwemvwEM9iAAAAAEiOvwAVDgAASicAAAIAAAANft4MwPwVAAAAAABVU0QAVVNEANgCWgAMvAAAAAABAQUCAAAAAKYAVyafaAAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521ghc-mgjFiI0TEI38-WYYwPlXIAAoADF7FK5H4XqkPzoJQU1TMzo1OTk1QOQuSU1nJ4Oj5O8_UQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAAAAAaQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAPA_%2Fcca%3DMTAwNTgjQU1TMzo1OTk1%2Fbn%3D96413%2Fclickenc%3D&uidRedirect=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.104.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.53.104.76.144.clients.your-server.de
Software
Apache /
Resource Hash
9afd6c02cfd00f5024852c690f08c5aa5602ffe8aad666ed5d907ac10ce5833e

Request headers

Referer
https://ad.ad-srv.net/request.php?zone=0tb3zvbgqv0r&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x216&scrollPos=0x0&documentReferer=https%3A%2F%2Furlz.fr%2FiMRN&ancestorOrigins=https%3A%2F%2Furlz.fr&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:3605&extVar[]=XR_DOM_RTB:urlz.fr&redirectClick=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3F8_43A93coT-NxQCBOBaZPwAAAKBwPeI_RsR1zSLbnD9ATS1b64ukP-UJ6brlskgehs7WZwBwemvwEM9iAAAAAEiOvwAVDgAASicAAAIAAAANft4MwPwVAAAAAABVU0QAVVNEANgCWgAMvAAAAAABAQUCAAAAAKYAVyafaAAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521ghc-mgjFiI0TEI38-WYYwPlXIAAoADF7FK5H4XqkPzoJQU1TMzo1OTk1QOQuSU1nJ4Oj5O8_UQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAAAAAaQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAPA_%2Fcca%3DMTAwNTgjQU1TMzo1OTk1%2Fbn%3D96413%2Fclickenc%3D&uidRedirect=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
1569
Content-Type
text/html; charset=utf-8
Date
Wed, 13 Jul 2022 18:37:39 GMT
Expires
Wed, 13 Jul 2022 19:37:39 +0200
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
X-NEORY-SubId
42741200130031101649445012019022

Redirect headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Wed, 13 Jul 2022 18:37:38 GMT
Expires
Wed, 13 Jul 2022 19:37:38 +0200
Location
request.php?zone=nmigdcx4avw9&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=c7cb32da3378tcWDhUNgV1aD-zcFyJje0pGA7lGWexdQxnfXB_ZGYmv8ib8Yg4HFBiRHFKy0YzvFGidlg4F0CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=92575400130029001467935012019022&redirectClick=https%3A%2F%2Fad22.ad-srv.net%2Fc%2Fpqky8cvl0pkogi4%3Ftprde%3D&uidRedirect=1
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
truncated
/ Frame E3EE
43 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/gif
addDoubleBorder.js
cdn.contentspread.net/cynamics/tools/js/ Frame E3EE
851 B
1 KB
Script
General
Full URL
https://cdn.contentspread.net/cynamics/tools/js/addDoubleBorder.js
Requested by
Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=0tb3zvbgqv0r&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x216&scrollPos=0x0&documentReferer=https%3A%2F%2Furlz.fr%2FiMRN&ancestorOrigins=https%3A%2F%2Furlz.fr&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:3605&extVar[]=XR_DOM_RTB:urlz.fr&redirectClick=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3F8_43A93coT-NxQCBOBaZPwAAAKBwPeI_RsR1zSLbnD9ATS1b64ukP-UJ6brlskgehs7WZwBwemvwEM9iAAAAAEiOvwAVDgAASicAAAIAAAANft4MwPwVAAAAAABVU0QAVVNEANgCWgAMvAAAAAABAQUCAAAAAKYAVyafaAAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521ghc-mgjFiI0TEI38-WYYwPlXIAAoADF7FK5H4XqkPzoJQU1TMzo1OTk1QOQuSU1nJ4Oj5O8_UQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAAAAAaQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAPA_%2Fcca%3DMTAwNTgjQU1TMzo1OTk1%2Fbn%3D96413%2Fclickenc%3D&uidRedirect=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.65.215 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ad.ad-srv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 18:37:39 GMT
Last-Modified
Tue, 03 May 2016 20:55:13 GMT
Server
nginx
ETag
"57291031-353"
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
851
evergreen-kis-728x90.jpg
media.kaspersky.com/de/affiliates/ Frame BEFF
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2519508&v=14098&q=379082&r=559379&pv=0&pref1=42741200130031101649445012019022
  • https://media.kaspersky.com/de/affiliates/evergreen-kis-728x90.jpg
48 KB
0
Image
General
Full URL
https://media.kaspersky.com/de/affiliates/evergreen-kis-728x90.jpg
Requested by
Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=nmigdcx4avw9&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=c7cb32da3378tcWDhUNgV1aD-zcFyJje0pGA7lGWexdQxnfXB_ZGYmv8ib8Yg4HFBiRHFKy0YzvFGidlg4F0CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=92575400130029001467935012019022&redirectClick=https%3A%2F%2Fad22.ad-srv.net%2Fc%2Fpqky8cvl0pkogi4%3Ftprde%3D&uidRedirect=1
Protocol
H2
Server
185.85.15.23 -, , ASN (),
Reverse DNS
Software
/ Kaspersky Labs, Kaspersky Labs
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ad.ad-srv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Tue, 14 Sep 2021 12:09:22 GMT
server
x-powered-by
Kaspersky Labs, Kaspersky Labs
etag
"8ece3b5a61a9d71:0"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
x-xss-protection
1; mode=block
x-server
fr1/FRA4
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
63391
date
Wed, 13 Jul 2022 18:37:39 GMT

Redirect headers

Date
Wed, 13 Jul 2022 18:37:39 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://media.kaspersky.com/de/affiliates/evergreen-kis-728x90.jpg
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Length
0
viewability
ad22.ad-srv.net/ Frame BEFF
0
150 B
Script
General
Full URL
https://ad22.ad-srv.net/viewability?s=42741200130031101649445012019022&a=750c669c&vb=m
Requested by
Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=nmigdcx4avw9&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=c7cb32da3378tcWDhUNgV1aD-zcFyJje0pGA7lGWexdQxnfXB_ZGYmv8ib8Yg4HFBiRHFKy0YzvFGidlg4F0CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=92575400130029001467935012019022&redirectClick=https%3A%2F%2Fad22.ad-srv.net%2Fc%2Fpqky8cvl0pkogi4%3Ftprde%3D&uidRedirect=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.104.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.53.104.76.144.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ad.ad-srv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 18:37:39 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
cshow.php
www.awin1.com/ Frame DEEC
43 B
705 B
Document
General
Full URL
https://www.awin1.com/cshow.php?s=2519508&v=14098&q=379082&r=559379&pv=1&pref1=42741200130031101649445012019022
Requested by
Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=nmigdcx4avw9&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=c7cb32da3378tcWDhUNgV1aD-zcFyJje0pGA7lGWexdQxnfXB_ZGYmv8ib8Yg4HFBiRHFKy0YzvFGidlg4F0CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=92575400130029001467935012019022&redirectClick=https%3A%2F%2Fad22.ad-srv.net%2Fc%2Fpqky8cvl0pkogi4%3Ftprde%3D&uidRedirect=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.239.217 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://ad.ad-srv.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Awin-Akamai-Rule-Set
default
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 13 Jul 2022 18:37:39 GMT
Expires
0
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Pragma
no-cache
Strict-Transport-Security
max-age=86400
truncated
/ Frame BEFF
43 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/gif
addDoubleBorder.js
cdn.contentspread.net/hofe/tools/js/ Frame BEFF
851 B
1 KB
Script
General
Full URL
https://cdn.contentspread.net/hofe/tools/js/addDoubleBorder.js
Requested by
Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=nmigdcx4avw9&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=c7cb32da3378tcWDhUNgV1aD-zcFyJje0pGA7lGWexdQxnfXB_ZGYmv8ib8Yg4HFBiRHFKy0YzvFGidlg4F0CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=92575400130029001467935012019022&redirectClick=https%3A%2F%2Fad22.ad-srv.net%2Fc%2Fpqky8cvl0pkogi4%3Ftprde%3D&uidRedirect=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.65.215 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ad.ad-srv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 18:37:39 GMT
Last-Modified
Fri, 05 Aug 2016 12:57:29 GMT
Server
nginx
ETag
"57a48d39-353"
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
851
action
ww1097.smartadserver.com/track/
43 B
163 B
Image
General
Full URL
https://ww1097.smartadserver.com/track/action?sid=1657737457843&pid=890545&iid=9251369&fmtid=26328&cid=24965671&key=viewcount&ts=1657737457843
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 18:37:38 GMT
transfer-encoding
chunked
content-type
image/gif
publishertag.prebid.123.js
static.criteo.net/js/ld/
18 KB
0
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.123.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_1/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://urlz.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 18:37:39 GMT
content-encoding
gzip
last-modified
Tue, 03 May 2022 11:21:03 GMT
server
nginx
etag
W/"6271101f-15b58"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 14 Jul 2022 18:37:39 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
kvt.sddan.com
URL
https://kvt.sddan.com/api/v1/public/p/29567/d/50/s?callback=&gdpr=&gdpr_consent=&url=https%3A%2F%2Furlz.fr%2FiMRN
Domain
prebid.smilewanted.com
URL
https://prebid.smilewanted.com/
Domain
prebid.smilewanted.com
URL
https://prebid.smilewanted.com/
Domain
prebid.smilewanted.com
URL
https://prebid.smilewanted.com/
Domain
prebid.smilewanted.com
URL
https://prebid.smilewanted.com/
Domain
prebid.smilewanted.com
URL
https://prebid.smilewanted.com/

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Santander (Banking)

261 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| __cfQR function| __tcfapi function| __uspapi object| adxcore function| confiantWrap number| themoneytizer_async object| eucountries object| sas function| whenFormatFctDefined function| whenDefined object| http string| url number| random_cent number| enable_sco function| criteoCallback object| generic object| criteo_gum object| smart_csync object| zeotap object| node object| pwidget_config object| iframe object| tagsObject string| website number| random object| pubstack object| headelement object| notifyme object| tmzr object| d object| pbs number| random_sw object| format_size object| format_size_ix object| format_w_adform object| format_h_adform object| format_size_rubicon object| format_criteo object| format_pulsepoint object| between_w object| between_h object| counter_refresh object| smart_prebid2 function| refreshVisibility26322 string| crtg_content object| mydiv object| creatediv undefined| paragraphs undefined| counter undefined| temp undefined| myP undefined| myPNumber undefined| coeffFilterBegin undefined| coeffFilterEnd undefined| filterBegin undefined| filterEnd undefined| limitPargraphs undefined| filteringParagraphs undefined| number undefined| divs undefined| coeffFilterBeginDiv undefined| filterBeginDiv function| isEmpty function| loadScriptTemelio function| GetRichAudienceZone function| GetAdmixerZone function| GetGothamadsZone function| GetmnameAdform function| GetwAdform function| GethAdform function| GetsizeIndex function| Getsize function| GetsizeRubicon function| GetPulseSize function| Timeout function| refreshSlot function| refreshSlotFooter undefined| convertHtmlToText function| whatToLoad string| pubstack_ab object| _qevents boolean| moneycaching object| params number| nugg function| Adcall_26322 function| refreshVisibility30012 function| Adcall_30012 function| refreshVisibility26328 object| sc function| Adcall_26328 string| page boolean| timepast function| gtag object| dataLayer boolean| __cfRLUnblockHandlers object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| MobileDetect object| md function| inViewAdthink function| storeAdthink object| Hashes object| apstag object| googletag object| pbjsAdthink object| adsbygoogle object| skinOverlay function| advstLib object| pbjsAdthinkChunk object| _pbjsGlobals object| ADAGIO object| advstLibGlobal function| seedtag_inimage_adthink_passback function| advstCurrentScriptIE11 function| advst_mtag function| mapperjs object| __core-js_shared__ function| verbose function| quantserve function| __qc object| ezt object| _qoptions function| qtrack object| tmzrChunk object| placementBids string| nobidVersion object| nobid undefined| Adcall_48311 undefined| Adcall_80234 object| pubstack_publica number| bidder_geo object| confiant boolean| sas_usePostStandard object| ID5 function| SasIabApi number| intervalCounterNumberCMP V2 number| intervalCounterNumberCCPA object| sas_ads boolean| sas_ajax object| sas_manager object| sas_unrenderedFormats undefined| sas_callAd undefined| sas_callAds function| sas_render function| SmartAdServerAjaxOneCall function| SmartAdServer_iframe function| SmartAdServer function| SmartAdServerAjax function| sas_gcf function| sas_appendToContainer function| sascc function| sasmobile function| sas_addCleanListener function| sas_cleanAds function| sas_cleanAd number| sas_renderMode object| libJsLeadPlace object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| regeneratorRuntime object| pbstck object| pbstckQ object| Pubstack object| gaplugins object| gaGlobal object| gaData boolean| apstagLOADED function| __tcfapiui undefined| $ undefined| jQuery function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| M object| __MISSENA__ boolean| msnaHandleHistory boolean| tmcredentials object| Criteo object| GoogleGcLKhOms object| apntag object| _ADAGIO object| __SENTRY__ object| criteo_pubtag object| criteo_pubtag_124 object| Criteo_124 object| criteo_syncframe_state undefined| bid undefined| vastUrl object| targetingParams string| Smart_SR_data object| ONFOCUS object| slowBidders object| adsArea26322 object| observers26322 function| refreshQueueManager26322 function| loopChecker26322 undefined| Adcall_26325 object| adsArea26328 object| observers26328 function| refreshQueueManager26328 function| loopChecker26328 object| adsArea30012 object| observers30012 function| refreshQueueManager30012 function| loopChecker30012 undefined| Adcall_video object| sas_snippets object| google_image_requests number| lnt_z function| Viewability function| Interstitial object| newObj9251369 function| pub_ist_hd object| el object| lastBidder26322 object| lastBidder26328 object| lastBidder30012

55 Cookies

Domain/Path Name / Value
ad.adxcore.com/ Name: DYNAMIC
Value: D11
.zeotap.com/ Name: zc
Value: 49bd143f-9b10-45f2-71be-8bb0aeaf79e0
.zeotap.com/ Name: zsc
Value: %8A%3D%BE%A0%8B%96%8D%F8%5E%F1%0F%11_%07D%C3%D2l%1D%BF%F2~%ECZ6%FB%B9v%A9%D4%1E%EC%C3%CD%07%E5C%F5%B0%8FV%AE+%F0%5D%FFC%F7%AC%9F%0E%DB%D9%F2%5E%88%FB%B0%233E%FA%12%86%3F%CB%ED%EAl%3B%F1%07%9D%FAa%14%89%FA%92%81%D0%92%26%2B%C8%07%AA%0F%0A%12%CC%B8P%96%A9%1B%BE%91%94DY%C6%0BW%E1
l.adxcore.com/ Name: LOG
Value: LOG2
.urlz.fr/ Name: _ga
Value: GA1.2.492860173.1657737456
.urlz.fr/ Name: _gid
Value: GA1.2.1934444154.1657737456
.urlz.fr/ Name: _gat_gtag_UA_162669458_1
Value: 1
.adnxs.com/ Name: uuid2
Value: 7744625656261430918
.urlz.fr/ Name: sharedid
Value: 8c59273e-5a9e-456c-874f-a38e6cef8785
urlz.fr/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.urlz.fr/ Name: _pubcid
Value: 7b141d36-a4ad-4cce-a48b-22ad4a7ceab4
.demdex.net/ Name: demdex
Value: 11622089902477973823401253281420221596
.agkn.com/ Name: ab
Value: 0001%3AmjZgl%2FZD7cd3TaZcG1QE%2BDBeSfRJjg7M
.dpm.demdex.net/ Name: dpm
Value: 11622089902477973823401253281420221596
.doubleclick.net/ Name: IDE
Value: AHWqTUmSGZDB0mrt0fJb4jvwWkHhID2UNb1wMz0WnY4ET4wViH6-SBTjVnSXMBhYzyM
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: callback
Value:
.cpx.to/ Name: cpSess
Value: 4301f0179d9be84f
.urlz.fr/ Name: __gads
Value: ID=3beecada4b608aa9-221baa5dcdcd009a:T=1657737456:RT=1657737456:S=ALNI_MadOSm0K1lBoecQGtwSec9w-yF5jA
.cpx.to/ Name: dsp_dbm
Value: CAESEOuu6i47tM2h2x20VcaMHiI#1657737456690
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: pbw
Value: %24b%3d16100%3b%24o%3d11100
.missena.io/ Name: masna
Value: MTY1NzczNzQ1NnxrdnQwbHhWYkpkRGNNclVRb3NyN0hPTHUtZ3dQNEhWNzdiY2xCbjhaVTByUjRYNU1CT3NjRm9TNlFPM25OcXprb1hpMTFhemd4Ym5Jdkd1Y2RtdXF0aVJUUFdWRld3PT18e_4A5s0Mr6j8jsl9i2dKW-wngIr_R9fD7soXgAZP2HU=
.mathtag.com/ Name: uuid
Value: f60262cf-10f0-4d00-ab9c-bbc6c0ec479d
.smartadserver.com/ Name: pid
Value: 172661856053353925
.cpx.to/ Name: dsp_app_nexus
Value: 7744625656261430918#1657737456773
.quantserve.com/ Name: mc
Value: 62cf10f0-bf802-27b03-ea1bd
.urlz.fr/ Name: __qca
Value: P0-1773797060-1657737456248
pbjs.e-planning.net/ Name: CT
Value: 1
.betweendigital.com/ Name: dc
Value: lux1
.betweendigital.com/ Name: tuuid
Value: 75fa34e2-a4b8-52c2-9635-ecb3f4fafc43
.betweendigital.com/ Name: ut
Value: Ys8Q8AAM0UAwo2VgzVjsd1nch82MkzOz9_W60A==
.betweendigital.com/ Name: ss
Value: 1
.betweendigital.com/ Name: unm
Value: 1
.360yield.com/ Name: tuuid
Value: 86831ca7-b750-48ff-bccc-cca823fbd272
.360yield.com/ Name: tuuid_lu
Value: 1657737456
.adnxs.com/ Name: icu
Value: ChgIiI5zEAoYASABKAEw8KG8lgY4AUABSAEQ8KG8lgYYAA..
.rubiconproject.com/ Name: khaos
Value: L5JY2W23-1D-2IYI
.rubiconproject.com/ Name: audit
Value: 1|hLZGFuTafB1KxNXHostUlK2qEsFCZ0ctSdOhPT1GMTl5jPqKIrO/SrYeeK1MwSqsC6yR8UORKQ7MboWaW1ii7YmfWMGxzWD0
.urlz.fr/ Name: cto_bidid
Value: bdOkiV9DNmhkalBZM0dYbSUyRlJmVmVjVzMwR3ZEamNzTVVvM1olMkZzY3MlMkJ1T04lMkJQU1gyNWtXSDRPVWhUM3pEZEJDMXU3aEphNGNpR2VzSE9hc0NZUHVOJTJCVU9qWUElM0QlM0Q
.criteo.com/ Name: uid
Value: ac609a14-9a98-4890-b611-e437d70e8a5e
.urlz.fr/ Name: cto_bundle
Value: qdaTNV9oNHBzUWtreVBYV0FHRCUyQnhSbVVQQmhDTyUyRnU0Z2tXYWV5bGMlMkJOU0tBeGZqYzNRb3YzaiUyQlVUa3R0R1hWOFlqNGxPY3N6R2JNQUtWaWt0SnhpQyUyQjJBcHpuZ014ODRmVGR6OU5uazJpamEyb25QYXg0M1JrbTZwbTRMU3RRYWtjdGM2eGpHQVBBaGN3RDBqeUFpcGlWbnJBJTNEJTNE
.bidswitch.net/ Name: tuuid
Value: 712e2887-d5d9-4195-8637-bc55625c93ec
.bidswitch.net/ Name: c
Value: 1657737457
.bidswitch.net/ Name: tuuid_lu
Value: 1657737457
.mfadsrvr.com/ Name: tuuid
Value: fbe6cac2-ed7a-4428-b212-81fa4ce7e3ba
.mfadsrvr.com/ Name: c
Value: 1657737458
.mfadsrvr.com/ Name: tuuid_lu
Value: 1657737458
.ad-srv.net/ Name: u8x7eovwf3h6_uid
Value: 150c1125cbe2acb2
.mfadsrvr.com/ Name: bsw_uid
Value: 712e2887-d5d9-4195-8637-bc55625c93ec
.mfadsrvr.com/ Name: ssh
Value: !bidswitch,1657737458

15 Console Messages

Source Level URL
Text
rendering warning URL: https://aohospitality.in/Continuar/elnuevo/laseguridad/(Line 12)
Message:
The key "target-densitydpi" is not supported.
rendering warning URL: https://aohospitality.in/Continuar/elnuevo/laseguridad/(Line 12)
Message:
The key "target-densitydpi" is not supported.
javascript error URL: https://urlz.fr/iMRN
Message:
Access to XMLHttpRequest at 'https://kvt.sddan.com/api/v1/public/p/29567/d/50/s?callback=&gdpr=&gdpr_consent=&url=https%3A%2F%2Furlz.fr%2FiMRN' from origin 'https://urlz.fr' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://kvt.sddan.com/api/v1/public/p/29567/d/50/s?callback=&gdpr=&gdpr_consent=&url=https%3A%2F%2Furlz.fr%2FiMRN
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://urlz.fr/iMRN
Message:
Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://urlz.fr' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://prebid.smilewanted.com/
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://urlz.fr/iMRN
Message:
Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://urlz.fr' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://prebid.smilewanted.com/
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://urlz.fr/iMRN
Message:
Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://urlz.fr' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://prebid.smilewanted.com/
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://urlz.fr/iMRN
Message:
Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://urlz.fr' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://prebid.smilewanted.com/
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://urlz.fr/iMRN
Message:
Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://urlz.fr' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://prebid.smilewanted.com/
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Message:
Failed to load resource: the server responded with a status of 401 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.agkn.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ad.ad-srv.net
ad.adxcore.com
ad.missena.io
ad22.ad-srv.net
adaccess.fr
ads.betweendigital.com
ads.servenobid.com
ads.themoneytizer.com
ads.yahoo.com
adservice.google.co.uk
adservice.google.com
adtrack.adleadevent.com
adx.adform.net
ajax.googleapis.com
ams3-ib.adnxs.com
aohospitality.in
b1h.zemanta.com
bid.missena.io
bidder.criteo.com
boot.pbstck.com
btlr.sharethrough.com
c.amazon-adsystem.com
c.tmyzer.com
c2shb.pubgw.yahoo.com
cat.fr.eu.criteo.com
cdn.adnxs.com
cdn.contentspread.net
cdn.pbstck.com
ced-ns.sascdn.com
ced.sascdn.com
chat.missena.io
cm.g.doubleclick.net
cmp.quantcast.com
code.jquery.com
confiant-integrations.global.ssl.fastly.net
crcdn01.adnxs.com
currency.prebid.org
d2zur9cc2gf1tx.cloudfront.net
dpm.demdex.net
eqx.smartadserver.com
eus.rubiconproject.com
events.missena.io
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
hb-api.omnitagjs.com
ib.adnxs.com
id5-sync.com
image2.pubmatic.com
intake.pbstck.com
kvt.sddan.com
l.adxcore.com
match.adsrvr.org
match.prod.bidr.io
media.kaspersky.com
mp.4dex.io
mug.criteo.com
mwzeom.zeotap.com
onetag-sys.com
p.cpx.to
pagead2.googlesyndication.com
partner.googleadservices.com
pbjs.e-planning.net
pix.eu.criteo.net
pixel-eu.rubiconproject.com
pixel.mathtag.com
pixel.quantserve.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid-us.creativecdn.com
prebid.a-mo.net
prebid.smilewanted.com
protected-by.clarium.io
px.ads.linkedin.com
pxl.qccerttest.com
quantcast.mgr.consensu.org
rtb.mfadsrvr.com
rules.quantcount.com
s.amazon-adsystem.com
s.cpx.to
script.4dex.io
secure-assets.rubiconproject.com
secure-gl.imrworldwide.com
secure.adnxs.com
secure.quantserve.com
shb.richaudience.com
sonic.impactify.media
spl.zeotap.com
ssp-sync.criteo.com
static.criteo.net
sync.missena.io
sync.smartadserver.com
sync.taboola.com
tag.leadplace.fr
tm.ad-srv.net
token.rubiconproject.com
tpc.googlesyndication.com
urlz.fr
visitor.omnitagjs.com
ww1097.smartadserver.com
www.awin1.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
x.bidswitch.net
kvt.sddan.com
prebid.smilewanted.com
104.111.239.217
104.89.20.125
104.92.74.8
116.202.37.36
135.125.180.63
141.226.228.48
141.95.98.69
142.250.184.194
142.250.185.98
144.76.104.53
145.239.192.166
147.75.85.234
151.101.1.108
151.101.129.194
151.101.65.108
157.90.3.144
162.222.225.250
178.250.0.139
178.250.0.157
178.250.0.160
178.250.0.165
178.250.2.83
18.156.126.13
18.194.211.85
18.197.160.167
18.200.85.0
185.184.10.30
185.255.84.151
185.255.84.153
185.64.189.110
185.85.15.23
185.86.137.133
185.86.137.17
185.89.210.141
185.89.210.180
185.89.211.12
188.42.191.196
193.108.153.18
2.18.233.201
2001:4de0:ac18::1:a:1b
209.54.182.161
2600:9000:206f:4400:6:44e3:f8c0:93a1
2600:9000:206f:5000:9:46dc:4700:93a1
2600:9000:206f:8e00:9:46dc:4700:93a1
2600:9000:206f:ca00:11:615:7240:93a1
2600:9000:2156:7600:19:2cf2:a900:93a1
2600:9000:223c:3400:1e:a43d:b640:93a1
2602:803:c004:200::141
2606:4700:10::6816:31e3
2606:4700:10::6816:5d
2606:4700:10::ac43:1997
2606:4700:10::ac43:db6
2606:4700:20::ac43:4bf1
2606:4700:3038::6815:ead6
2606:4700::6812:372
2620:116:800d:21:ef75:8280:f209:5ba1
2620:1ec:21::14
2a00:1288:80:807::2
2a00:1450:4001:806::2002
2a00:1450:4001:809::2001
2a00:1450:4001:809::200e
2a00:1450:4001:80f::2004
2a00:1450:4001:80f::2008
2a00:1450:4001:80f::200a
2a00:1450:4001:828::200a
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2003
2a02:2638:1::13
2a02:2638:1::3
2a02:26f0:ef::5c7b:c2a1
2a02:6ea0:c700::18
2a05:d018:d29:3605:38f8:ac58:6cf7:3607
2a06:98c1:3120::3
3.127.126.125
3.68.4.6
35.156.213.239
35.71.131.137
37.157.4.29
5.178.65.246
5.39.39.157
50.31.142.159
51.89.9.251
52.18.239.113
52.19.186.186
52.212.135.106
52.28.203.152
52.30.130.246
52.95.118.179
54.155.174.150
54.217.246.116
54.228.188.96
54.246.7.169
54.38.64.100
63.33.125.230
65.9.58.78
65.9.66.93
65.9.71.118
69.173.144.139
69.173.144.165
88.221.168.189
88.99.65.215
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
008855065eeffc6e2fb0791a53060048407d5863c4f6cf514b501207ece8b6c0
03b73d57d9f31883ba52d700d3653a447987de5230f51eb5a14a2b3649f33e89
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
10a2e40578579f67a75a55c9869df151695c4b1cf069df62dd005bc4196bb25e
126768fa732f9c8c8540df8f4ae7e206a1d103aa616d67bb2e36d11972aff328
126ec9e0344edffc6387a5e9c7d3de3070e8c058dcc3171e88f609f3b9fd2ae7
13c3a168e07c10ca3db80605cdf6f5195507de06b7b5d3ca79f1e4b3f6e00433
16ba73b11a3969be7e16c4c883cc8f01868786478ab9a660276f0227bd42617b
17dbb476b9e2ac4cd30bc27ff21cd2d44a4d2d188dcc9dfcc7b151e20d9c89bc
18ff02e2a023fdcf2568a3bcda7d922fd5eebb938ef45eb28888fdb14820fd48
2375e3ee8e538473b789c98c669d155f20c95428f5975025e4b4da6ae6459910
23d7ec5b376b92e2d0e2b483846c2938b03250fb253af07a1354206718076269
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
2811f767bd1331f734f0240e30890adaa08e8824e9d9fec1082d2b8394ba7d60
292e660b3ce419eb2e8dfc48e1765ea7a095d09160ad3ab7a7aaa4f164d91cf8
2b50b5246fc8bcef1d6bd6d0b101d45672d448d459f508ae56bea08f3f2c81a4
2c41e595ac962985d5269025e9eb6ad77301e11082891f56b28647b3f89280c0
2c86f11a1288f1a75b3dc2c50baa21d44129a24c63381f32e55178f69ba634e5
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ed6ad817a50ea8cc378f48260254bc32096e80418eac8241bf5c195d3856d5d
3602bd1d2432619518cbe6085b597de8915a60f839d2c98ec15b39c793eceb4e
3d193fda5359d34724b7c825e7efaf7655c93ddf35389439a3d00b101d14c740
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e7a20f9761c65d3873d13999558797e2e22c8a84314cc08cbf00f0ade9dedb1
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ed4606acf5b41ffe0d3fbc4eb9f84ad79d9c8b7a6e0007896667fd6359f541c
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4006e0481f9cfffd3a579c3dcbdad1b6953e844c1e3c76a8d9f86844c98d87a3
434b61608da840cf0a3604af7679f88694a85e8c22982124fe3aa9b7c440c17c
44121d44e2c5b5a06eaf76f19f73b0bfb32074081808934ca38df4b6debbacc6
46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681
48e92382c41ef54389a5c6eee2ee5f174a57457b37f1960ecab796389a54830a
4bf7264f30deeb81d01c84f1391db13744a4addf86af434cfd1d609cec819d14
4c408e2be4a754bada40456c09a86dfa27dca03eab2e905f1457c6743b3475b3
4df27efd0cb59263899762b6d613958a952ff33244ffb99ee2bbe679461da0a2
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
52d507688e76dfbe48fce79beb89be7f30101e95e9e06c121c461e30517ab36f
54878e06fcce229abd4837c8790ca132935fd24b82c0da790b23cb3e993572d1
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54cbc0de6e03a14f5d4f16c5f9a0aa1391c8b210c9a16e68bc12f1999e05014a
5559c9c7a1d373ed00ab7356398d3025c2704d22158f6f13cbc997e14eff00b0
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
589d8a32de0ea0de516e7447459846018c47d35b6109588e4bfe5d669409a4a4
5906e88fb1c8b087fca2c1b1f751e831c19165952ea0e2b2ee066505ff1f41f3
5b946c77e4b95c4567745f802028bf2792b1e9cd070a773864036bbdbe6bf178
5ca6c8029d37a15f6160bb4b6ae37daf13f235805149795aa25a013d0d282b14
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63c8882207a7f3e1ee6e8bc517102398d5441cba428fabbd2cdb578e63551862
649144be1fa79362df36ab951a8b94ba05f5e7f1a484224bf9dc7f333fdb60dd
6513cbf8a1e0d6f74f56f1186a435d47c1d2bd0871890d50a73ec5613506ed65
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3
6abec6ce7c0a11a132c019551401c31f065f6b245ab21e27f1dbea7485a720d5
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6b8d146ac2d4cc90d10c57315f9d070b1695264f5666752503ec7f8336788875
6f87cd86c391c6361adca474b987f3e4b6d81d281795120c584d0a0c1ca7f5ba
71bc7597eafe6afffbb713a7e3da6d1044d9a23ab5ce4bf01f5b1c972f666065
74812d5ce0da860bbe183394f72dc0eecb24d9629fa8fa55be91d97b37062f7a
75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2
76d1ef7a4dc8f7d4030882626296fdc8aac376861244239b4ea86d9b6a16ece7
78e9b594abb7027a294c724e63c7efd168b6687dc86b4e57aa9399d4a137c669
79acf10f7d6c86166be06bed49f20fa283015eb981af4b0e45871d7069f48de5
7b3292fdaf3a91e513fb6e6dd055ff04b843de5be8a61a4c7386f20c09d0022e
7fcf3263f46f756b5544b9953650c4524024a82ef4cd063a2bf5c270f2a7ff0d
80fccb00db57a177d26368cda09f8a540cf1aa641b8b6837047e86d3bd8d6333
8362f786022ee58e2377be037ef4cac22a1db4fc52408244db3bca88fcf920e8
83a630e6662a215232c9b293a610a195cc9fa23ad7d006c37f4676e4aedff3b9
8521e587b2eb276f8ae957fd98ba8604059f6549c4d2143fb910aef1947485ca
87d0504a593794695c2f77db0efde1f65e73a7086abf260f07f491482517cd07
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8bff2b60cc5624dd374a6d9329ac00f9a9c40786050c5998ad6aac1efa3d88f2
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dc23ac1fc1a2d9fe17d4f8d70514a302c1d686b0c06ef9b4c3ec34ca593c1d3
8fce39ec7a63f40eac85498fb8aca9f7b595f1787bc1afd5e94a8823e99240b9
9afd6c02cfd00f5024852c690f08c5aa5602ffe8aad666ed5d907ac10ce5833e
9fcd0fdabb25590b35b574982875c90f76e1dde37a9ab751622cbf6d7ff49b23
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e34c1ed06ce66b293c146ab09631862bf40c497b6b0eb156dcf60e0f0fd0d4
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1b4f88bb132f7ad14a70869f4372a0570c12028c7a3c6af1bc30ca7d1467a08
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a793121612a4e04e1e61ac58ebb38fcd8b48781176b8439ae6bdf2c85dd3d2f6
a8505ecc07f022c34fb869c0e55b5365ede76db3834806f84d81e71c5b42ded4
aa6e0a9667852f86282460aa3848dbae46e288b447a02369c89c70f0bfe25a35
abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107
ad07c6b24e5575bc7fea432515d21d7ada9aeee0bdd5518b1d5fe24b98a091e3
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b471e74cabe83bf8f3da8793666d55603e3d20a72350873e27f2c75b75d5cfc2
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213
b55131eaef425cb84b957a28df5881c3c83eb11ca9c01e3abccb00baf0e377b6
b8c9e126d6239234ecac3acea24620d0c8ee71ba72509e58cc72aadb4aa73a54
b95939599754deb2250672a0ecba1494e7af2352a3598695df9684d77f953d73
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
b9b1142df326e5277ce717e537964ce76a15a4723132fec51048c05fc4c22e36
ba5f09d28761de2f0261c2a219012355c9e3f779c68ba83ce9ca6adf981cc07b
bb12a5eb09fe019c14f958618532681be0319d6dd05d6986bf9d6e39b7706d41
bd48229f08e0c6f50a1a8f1b9eb9237516a88a73b3e7044668e3b608fe2a4b0d
be3a192a50b9463f66a11ff4a1ca699630ad0f703515016191e0312c5ed642d7
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
c1f3d5b8f9aebad647eb95d6e7ee1d40bcdf98c52de9028fc9ec87e209f1148f
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c40168707694e0bb9241c2f9f4ef86dfa65513f547b6a37c151babf07fcd7d53
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1
c7eedac9d4f3c8319fe690798cfdf79fde72b6e88c72a1b5ed6e21677c90c4f1
c8ce769812993cc9bcd1b040b8638eec40a3096d330d6c72845e8e4b934b1e2b
c9f7e218b19e6c3c3db1e54d5a876309f95ce695c3cc8bc5d0b16513fc88baae
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d260429952b8e2583b86d95ff36a31d98994f77a987f02636a55d9b46377e59d
d6e395ef50c1564cf0f11e41a5a4ed81589b403c5a73177735d51cb1ffcfb852
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e07cab4d08ee6e89f8332ac2c7cbc3155ffb2b68d0fe8d4563cb1208c4ae4c01
e357bde7ce1bf5d2781c7814cb935a4f398ae6990e14ef76c30d0170d449990a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5788ba05e419b6584d123fc52fdfd7429a2b435e4f5c4b482be1392400195e1
e69dcb36c97e11b9ce1b1a39cc9070e44185eeb4611fd39706943ef1ea53d287
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
eae4beadbb5a345a93a2aa5e076a7c183b0c2e345353666bc8104370cd7ed293
ed121b1a8fbf30998a4ed0a7c8343abe9091ac4744f1c24b602b5d3f962bdb78
f4bb99832e6a1e3e77dd1c1285ae8c3607b1c3657bcb2abd3e687ebeeb3adb6e