urlscan.io logo urlscan.io
SecurityTrails logo

u336351g0o.ha002.t.justns.ru Open in urlscan Pro
2a00:b700::6:b  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://s.id/3rSUP
Effective URL: http://u336351g0o.ha002.t.justns.ru/authx
Submission: On February 22 via api from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 7 countries across 21 domains to perform 32 HTTP transactions. The main IP is 2a00:b700::6:b, located in Russian Federation and belongs to ASBAXET, RU. The main domain is u336351g0o.ha002.t.justns.ru.
This is the only time u336351g0o.ha002.t.justns.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 203.119.112.228 56088 (PANDI-ID ...)
1 77.222.40.43 44112 (SWEB-AS)
1 2 2606:4700:31:... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a00:b700::6:b 51659 (ASBAXET)
5 151.139.241.23 12989 (HWNG)
1 145.239.193.145 16276 (OVH)
1 74.214.194.131 59940 (PULSEPOIN...)
1 13.32.158.254 16509 (AMAZON-02)
1 13.32.222.232 16509 (AMAZON-02)
1 2a02:2638:1::13 44788 (ASN-CRITE...)
1 147.135.143.44 16276 (OVH)
1 3.120.80.142 16509 (AMAZON-02)
32 14
1    203.119.112.228 (Indonesia)

ASN56088 (PANDI-ID PANDI - Pengelola Nama Domain Internet Indonesia, ID)
PTR: s.id.112.119.203.in-addr.arpa
s.id
1    77.222.40.43 (Russian Federation)

ASN44112 (SWEB-AS, RU)
PTR: vh265.sweb.ru
tatilexus2.temp.swtest.ru
2    2606:4700:31::681f:bb2 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
urlz.fr
1    2606:4700::6813:c597 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
ajax.cloudflare.com
3    2a00:b700::6:b (Russian Federation)

ASN51659 (ASBAXET, RU)
u336351g0o.ha002.t.justns.ru
5    151.139.241.23 (Dallas, United States)

ASN12989 (HWNG, NL)
ads.themoneytizer.com
1    145.239.193.145 (United Kingdom)

ASN16276 (OVH, FR)
g.tmyzer.com
1    74.214.194.131 (Amsterdam, Netherlands)

ASN59940 (PULSEPOINT-EU, NL)
tag.contextweb.com
1    13.32.158.254 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-32-158-254.fra56.r.cloudfront.net
p.cpx.to
1    13.32.222.232 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-32-222-232.fra56.r.cloudfront.net
d2zur9cc2gf1tx.cloudfront.net
1    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    147.135.143.44 (Waltham, United States)

ASN16276 (OVH, FR)
tag.leadplace.fr
1    3.120.80.142 (Fairfield, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-3-120-80-142.eu-central-1.compute.amazonaws.com
edge.quantserve.com
Domain Requested by
5 ads.themoneytizer.com ajax.cloudflare.com
ads.themoneytizer.com
3 u336351g0o.ha002.t.justns.ru urlz.fr
s.id
2 urlz.fr 1 redirects
1 edge.quantserve.com ads.themoneytizer.com
1 tag.leadplace.fr ads.themoneytizer.com
1 gum.criteo.com ads.themoneytizer.com
1 d2zur9cc2gf1tx.cloudfront.net ads.themoneytizer.com
1 p.cpx.to ads.themoneytizer.com
1 tag.contextweb.com ads.themoneytizer.com
1 g.tmyzer.com ads.themoneytizer.com
1 ajax.cloudflare.com urlz.fr
1 tatilexus2.temp.swtest.ru s.id
1 s.id
0 ajax.googleapis.com Failed ads.themoneytizer.com
0 ads.stickyadstv.com Failed ads.themoneytizer.com
0 fastlane.rubiconproject.com Failed ads.themoneytizer.com
0 ad.360yield.com Failed ads.themoneytizer.com
0 s.cpx.to Failed p.cpx.to
0 www.noowho.com Failed
0 player.pepsia.com Failed s.id
0 ib.adnxs.com Failed ads.themoneytizer.com
0 ww1097.smartadserver.com Failed ads.themoneytizer.com
0 analytics.s.id Failed s.id
32 23

This site contains no links.

Subject Issuer Validity Valid
*.s.id
COMODO RSA Domain Validation Secure Server CA		 2018-12-03 -
2020-12-02		 2 years crt.sh
ssl412106.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2018-09-22 -
2019-03-31		 6 months crt.sh
*.themoneytizer.com
Sectigo RSA Domain Validation Secure Server CA		 2019-02-15 -
2021-02-14		 2 years crt.sh

This page contains 4 frames:

Primary Page: http://u336351g0o.ha002.t.justns.ru/authx
Frame ID: 05BE2BCB2886707F0CBC3CBF69231E82
Requests: 29 HTTP requests in this frame

Frame: http://u336351g0o.ha002.t.justns.ru/authx
Frame ID: 09F635E6A1E834A4453AD5B2578E827B
Requests: 1 HTTP requests in this frame

Frame: http://u336351g0o.ha002.t.justns.ru/authx
Frame ID: 8BED49AC4FB1A2FB0529014C71E0EC39
Requests: 1 HTTP requests in this frame

Frame: http://tag.leadplace.fr/wckr.php?nogdpr&id=MTIZ
Frame ID: 1F67203A52B17F0545E78AD3EA137F96
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://s.id/3rSUP Page URL
  2. http://tatilexus2.temp.swtest.ru/ Page URL
  3. https://urlz.fr/8Ytf HTTP 301
    http://urlz.fr/8Ytf Page URL
  4. http://u336351g0o.ha002.t.justns.ru/authx Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /Ubuntu/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

32
Requests

16 %
HTTPS

31 %
IPv6

21
Domains

23
Subdomains

14
IPs

7
Countries

171 kB
Transfer

450 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://s.id/3rSUP Page URL
  2. http://tatilexus2.temp.swtest.ru/ Page URL
  3. https://urlz.fr/8Ytf HTTP 301
    http://urlz.fr/8Ytf Page URL
  4. http://u336351g0o.ha002.t.justns.ru/authx Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://urlz.fr/8Ytf HTTP 301
  • http://urlz.fr/8Ytf
Request Chain 17
  • http://id5-sync.com/i/12/9.gif HTTP 302
  • http://id5-sync.com/c/12/0/9/1.gif HTTP 302
  • http://ib.adnxs.com/getuid?http://id5-sync.com/c/12/2/8/2.gif?puid=$UID

32 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set 3rSUP
s.id/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.id/3rSUP
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.119.112.228 , Indonesia, ASN56088 (PANDI-ID PANDI - Pengelola Nama Domain Internet Indonesia, ID),
Reverse DNS
s.id.112.119.203.in-addr.arpa
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash

Request headers

Host
s.id
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Server
nginx/1.10.3 (Ubuntu)
Date
Fri, 22 Feb 2019 13:19:55 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Cache-Control
private, must-revalidate
pragma
no-cache
expires
-1
Set-Cookie
XSRF-TOKEN=eyJpdiI6Ijg5WWQ1dWVpOUg1UkFiUUlpQjZ5U0E9PSIsInZhbHVlIjoiaVRGVHdBWjZcL0c1SEFwUmV4dnJlNFpiMDJHbERTdkNDcGJIYmRuTWtBQjFUUjhyUmdwN2hsZkhpc2xIQTVaTjZTME9MSnd0UkNTY3VtYW10WUR6QTBRPT0iLCJtYWMiOiI0ODAyMTNiOTEzNjMzZjg0NWE0MDQxNTIwZTViOWFkYzIyODI3Yzg0NjQyMzllYWFlMDYxOWE3MjkxYWE1OGQwIn0%3D; expires=Fri, 22-Feb-2019 15:19:54 GMT; Max-Age=7200; path=/ major_tom=eyJpdiI6ImZoUE1HeXQxdDQxNlZhMnhUK0lXTFE9PSIsInZhbHVlIjoiUno5YXNVNnpZck91Q0FQdkNnOVZLeEY0ZzYzNHMxYUt5RXkxRWt5ZWpSMkdDQXlFbElJQzlGdDFwcjRkanlEb3hqTFFIblg3UTZaQ0ljcEZTYTFWTVE9PSIsIm1hYyI6ImY2M2RlMmUyZmRjMmU0N2U1ZGVhMTFmNGNhZjI0MjQ3NTNjOTIyMjgwNmU3YWE3Y2M3MTc3MWM4YTc2N2ZjMjYifQ%3D%3D; expires=Fri, 22-Feb-2019 15:19:54 GMT; Max-Age=7200; path=/; httponly
Content-Encoding
gzip
piwik.js
analytics.s.id/ 		0
0
/
tatilexus2.temp.swtest.ru/ 		64 B
337 B 		Document
General
Check archive.org
Download Go to
Full URL
http://tatilexus2.temp.swtest.ru/
Requested by
Host: s.id
URL: https://s.id/3rSUP
Protocol
HTTP/1.1
Server
77.222.40.43 , Russian Federation, ASN44112 (SWEB-AS, RU),
Reverse DNS
vh265.sweb.ru
Software
nginx/1.15.2 /
Resource Hash

Request headers

Host
tatilexus2.temp.swtest.ru
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Server
nginx/1.15.2
Date
Fri, 22 Feb 2019 13:19:55 GMT
Content-Type
text/html
Content-Length
64
Connection
keep-alive
Keep-Alive
timeout=10
Last-Modified
Thu, 21 Feb 2019 06:15:37 GMT
ETag
"176cb79-40-582616722f636"
Accept-Ranges
bytes
8Ytf
urlz.fr/
Redirect Chain
  • https://urlz.fr/8Ytf
  • http://urlz.fr/8Ytf
3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://urlz.fr/8Ytf
Protocol
HTTP/1.1
Server
2606:4700:31::681f:bb2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5793a13ed2008ad36c874cb4e2f025441d1a94e001b7c378b3fa8e049d06d720

Request headers

Host
urlz.fr
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://tatilexus2.temp.swtest.ru/
Accept-Encoding
gzip, deflate
Cookie
__cfduid=d3bd147cfe30065ba96b19befacae52391550841595
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://tatilexus2.temp.swtest.ru/

Response headers

Date
Fri, 22 Feb 2019 13:19:55 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Server
cloudflare
CF-RAY
4ad1bf44c84ec28d-FRA
Content-Encoding
gzip

Redirect headers

status
301
date
Fri, 22 Feb 2019 13:19:55 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d3bd147cfe30065ba96b19befacae52391550841595; expires=Sat, 22-Feb-20 13:19:55 GMT; path=/; domain=.urlz.fr; HttpOnly
location
http://urlz.fr/8Ytf
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4ad1bf43be65c2d3-FRA
rocket-loader.min.js
ajax.cloudflare.com/cdn-cgi/scripts/cb7744ae/cloudflare-static/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.cloudflare.com/cdn-cgi/scripts/cb7744ae/cloudflare-static/rocket-loader.min.js
Requested by
Host: urlz.fr
URL: http://urlz.fr/8Ytf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:c597 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3349f7ebfafd1cf105f9f4a41a1be792db6dfc5d754de2fbce192a2185486b73
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://urlz.fr/8Ytf
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 22 Feb 2019 13:19:55 GMT
content-encoding
gzip
last-modified
Mon, 18 Feb 2019 17:46:56 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5c6aef90-2d8b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=172800, public
strict-transport-security
max-age=15780000; includeSubDomains
cf-ray
4ad1bf45bb0a97c8-FRA
expires
Sun, 24 Feb 2019 13:19:55 GMT
authx
u336351g0o.ha002.t.justns.ru/ Frame 09F6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://u336351g0o.ha002.t.justns.ru/authx
Requested by
Host: urlz.fr
URL: http://urlz.fr/8Ytf
Protocol
HTTP/1.1
Server
2a00:b700::6:b , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash

Request headers

Host
u336351g0o.ha002.t.justns.ru
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://urlz.fr/8Ytf
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://urlz.fr/8Ytf

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Pragma
no-cache
Content-Type
text/html
Content-Length
618
Date
Fri, 22 Feb 2019 13:19:55 GMT
Server
LiteSpeed
Vary
User-Agent
Connection
Keep-Alive
requestform.js
ads.themoneytizer.com/s/ 		43 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/cb7744ae/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Server
151.139.241.23 Dallas, United States, ASN12989 (HWNG, NL),
Reverse DNS
Software
NetDNA-cache/2.2 / PHP/5.4.45
Resource Hash
2dab93e85c921c8a853f19c5bfa32757e9f235f066e4756a7c914e5cba6619f4

Request headers

Referer
http://urlz.fr/8Ytf
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 22 Feb 2019 13:19:55 GMT
Content-Encoding
gzip
Server
NetDNA-cache/2.2
X-Powered-By
PHP/5.4.45
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
text/html; charset=UTF-8
Cache-control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9086
Expires
Sat, 23 Feb 2019 13:19:55 GMT
gen.js
ads.themoneytizer.com/s/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ads.themoneytizer.com/s/gen.js?type=28
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/cb7744ae/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Server
151.139.241.23 Dallas, United States, ASN12989 (HWNG, NL),
Reverse DNS
Software
NetDNA-cache/2.2 / PHP/5.4.45
Resource Hash
dd76fdd2142192064e0af855f1b21bdad5ed9e807f053e813827e601404a83cb

Request headers

Referer
http://urlz.fr/8Ytf
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 22 Feb 2019 13:18:57 GMT
Content-Encoding
gzip
Server
NetDNA-cache/2.2
X-Powered-By
PHP/5.4.45
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
text/html; charset=UTF-8
Cache-control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2186
Expires
Sat, 23 Feb 2019 13:18:57 GMT
/
g.tmyzer.com/g/ 		26 B
200 B 		Script
General
Check archive.org
Download Go to
Full URL
http://g.tmyzer.com/g/
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol
HTTP/1.1
Server
145.239.193.145 , United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
http://urlz.fr/8Ytf
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 22 Feb 2019 13:19:55 GMT
Server
nginx
X-IPLB-Instance
15015
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
moneyvisibility.js
ads.themoneytizer.com/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/moneyvisibility.js
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN12989 (HWNG, NL),
Reverse DNS
Software
nginx /
Resource Hash
7665c874bc98e44bd494def2883069f2f4c14cdef48d52d517cbbfce75440f37

Request headers

Referer
http://urlz.fr/8Ytf
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 22 Feb 2019 13:19:55 GMT
content-encoding
gzip
last-modified
Tue, 03 Oct 2017 20:38:26 GMT
server
nginx
etag
"779a-308e-55aaa791f67cd"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
status
200
cache-control
max-age=86400
accept-ranges
bytes
content-length
3931
expires
Sat, 23 Feb 2019 13:19:05 GMT
moneybile.js
ads.themoneytizer.com/ 		37 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/moneybile.js
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN12989 (HWNG, NL),
Reverse DNS
Software
nginx /
Resource Hash
94666aec361fee9a9294bb32a5bc11867e479d41c199dd6ec8053122ae105a4b

Request headers

Referer
http://urlz.fr/8Ytf
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 22 Feb 2019 13:19:55 GMT
content-encoding
gzip
last-modified
Tue, 26 Dec 2017 18:31:28 GMT
server
nginx
etag
"7ff1-9390-561427db3104d"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
status
200
cache-control
max-age=86400
accept-ranges
bytes
content-length
15733
expires
Sat, 23 Feb 2019 13:19:15 GMT
getjs.static.js
tag.contextweb.com/ 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://tag.contextweb.com/getjs.static.js
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol
HTTP/1.1
Server
74.214.194.131 Amsterdam, Netherlands, ASN59940 (PULSEPOINT-EU, NL),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
http://urlz.fr/8Ytf
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 22 Feb 2019 13:19:55 GMT
content-encoding
gzip
server
envoy
etag
d13c8ae45565efb782b52cb7f6a3b3828e3d77a7
p3p
policyref="/TagPublish/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
max-age=432000, public
x-envoy-upstream-service-time
3
content-type
application/x-javascript
content-length
11296
px.js
p.cpx.to/p/11528/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://p.cpx.to/p/11528/px.js?r=1c777
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol
HTTP/1.1
Server
13.32.158.254 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-32-158-254.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
http://urlz.fr/8Ytf
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 02 Oct 2018 16:42:47 GMT
Content-Encoding
UTF-8
Last-Modified
Wed, 26 Sep 2018 10:53:05 GMT
Server
AmazonS3
ETag
"f30057c89bf67afeaf18ceba624fa4b7"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 3664cc1fd21a07e55327a9c256fa758a.cloudfront.net (CloudFront)
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1498
X-Amz-Cf-Id
USjFx1toDxU-r8m8gXjGj_2jIn4cHPC82QsIA7SeRNOwMC6lu7jw3A==
notifyme.js
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/ 		25 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol
HTTP/1.1
Server
13.32.222.232 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-32-222-232.fra56.r.cloudfront.net
Software
Apache /
Resource Hash

Request headers

Referer
http://urlz.fr/8Ytf
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 18 Feb 2019 16:55:05 GMT
Via
1.1 a84a4d90dd581e1a1c18e1bf5992b931.cloudfront.net (CloudFront)
Last-Modified
Mon, 18 Feb 2019 16:54:28 GMT
Server
Apache
Age
73457
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25704
X-Amz-Cf-Id
AMMpxecdddvuvtrJeh7bcqq_r9JZ9CeZGLWXYx71JWAkg2jKjx7yoA==
config.js
ww1097.smartadserver.com/ 		0
0
sync
gum.criteo.com/ 		49 B
305 B 		Script
General
Check archive.org
Download Go to
Full URL
http://gum.criteo.com/sync?c=147&r=2&j=criteoCallback
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol
HTTP/1.1
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0

Request headers

Referer
http://urlz.fr/8Ytf
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 22 Feb 2019 13:19:55 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=3600
Content-Length
49
Expires
60
libJsLP.js
tag.leadplace.fr/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://tag.leadplace.fr/libJsLP.js
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol
HTTP/1.1
Server
147.135.143.44 Waltham, United States, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash

Request headers

Referer
http://urlz.fr/8Ytf
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 22 Feb 2019 13:19:55 GMT
Last-Modified
Tue, 30 Oct 2018 10:00:26 GMT
Server
nginx/1.14.2
ETag
"5bd82bba-a72"
X-IPLB-Instance
13167
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
2674
getuid
ib.adnxs.com/
Redirect Chain
  • http://id5-sync.com/i/12/9.gif
  • http://id5-sync.com/c/12/0/9/1.gif
  • http://ib.adnxs.com/getuid?http://id5-sync.com/c/12/2/8/2.gif?puid=$UID
0
0
quant.js
edge.quantserve.com/ 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://edge.quantserve.com/quant.js
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol
HTTP/1.1
Server
3.120.80.142 Fairfield, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-3-120-80-142.eu-central-1.compute.amazonaws.com
Software
QS /
Resource Hash

Request headers

Referer
http://urlz.fr/8Ytf
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 22 Feb 2019 13:19:56 GMT
Content-Encoding
gzip
Last-Modified
Fri, 22-Feb-2019 13:19:56 GMT
Server
QS
ETag
M0-e2b9884a
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=604800
Connection
keep-alive
Content-Length
5456
Expires
Fri, 01 Mar 2019 13:19:56 GMT
prebid.js
ads.themoneytizer.com/moneybid1_39/build/dist/ 		262 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/moneybid1_39/build/dist/prebid.js
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN12989 (HWNG, NL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
http://urlz.fr/8Ytf
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 22 Feb 2019 13:19:55 GMT
content-encoding
gzip
last-modified
Thu, 14 Feb 2019 11:56:01 GMT
server
nginx
etag
"2040b-41776-581d957a465c8"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
status
200
cache-control
max-age=86400
accept-ranges
bytes
content-length
84535
expires
Sat, 23 Feb 2019 13:19:45 GMT
sdk.js
player.pepsia.com/ 		0
0
authx
u336351g0o.ha002.t.justns.ru/ Frame 8BED 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://u336351g0o.ha002.t.justns.ru/authx
Requested by
Host: s.id
URL: https://s.id/3rSUP
Protocol
HTTP/1.1
Server
2a00:b700::6:b , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash

Request headers

Host
u336351g0o.ha002.t.justns.ru
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://urlz.fr/8Ytf
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://urlz.fr/8Ytf

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Pragma
no-cache
Content-Type
text/html
Content-Length
618
Date
Fri, 22 Feb 2019 13:19:55 GMT
Server
LiteSpeed
Vary
User-Agent
Connection
Keep-Alive
image.php
www.noowho.com/ 		0
0
Primary Request authx
u336351g0o.ha002.t.justns.ru/ 		618 B
878 B 		Document
General
Check archive.org
Download Go to
Full URL
http://u336351g0o.ha002.t.justns.ru/authx
Requested by
Host: s.id
URL: https://s.id/3rSUP
Protocol
HTTP/1.1
Server
2a00:b700::6:b , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software
LiteSpeed /
Resource Hash
7da7df6b2ae25a2b32a494dacea2c51b02b173dcb020c79f4df47a92fb497274

Request headers

Host
u336351g0o.ha002.t.justns.ru
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://urlz.fr/8Ytf
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://urlz.fr/8Ytf

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Pragma
no-cache
Content-Type
text/html
Content-Length
618
Date
Fri, 22 Feb 2019 13:19:56 GMT
Server
LiteSpeed
Vary
User-Agent
Connection
Keep-Alive
fire.js
s.cpx.to/ 		0
0
hb
ad.360yield.com/ 		0
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		0
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		0
0
swfIndex.php
ads.stickyadstv.com/www/delivery/ 		0
0
prebid
ib.adnxs.com/ut/v3/ 		0
0
wckr.php
tag.leadplace.fr/ Frame 1F67 		0
0
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.0.0/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
analytics.s.id
URL
https://analytics.s.id/piwik.js
Domain
ww1097.smartadserver.com
URL
http://ww1097.smartadserver.com/config.js?nwid=1097
Domain
ib.adnxs.com
URL
http://ib.adnxs.com/getuid?http://id5-sync.com/c/12/2/8/2.gif?puid=$UID
Domain
player.pepsia.com
URL
http://player.pepsia.com/sdk.js?d=169155cc81b
Domain
www.noowho.com
URL
https://www.noowho.com/image.php?site=23690713&ref=http://tatilexus2.temp.swtest.ru/
Domain
s.cpx.to
URL
https://s.cpx.to/fire.js?pid=11528&ref=http%3A%2F%2Ftatilexus2.temp.swtest.ru%2F&hn_ver=10&fid=332da455-b797-459c-acf7-0391416e5009
Domain
ad.360yield.com
URL
http://ad.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22id%22%3A%221571afb97a929ed%22%2C%22version%22%3A%225.0.0-JS-5.2.0%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22261d75fc0dff79%22%2C%22pid%22%3A%221121190%22%2C%22tid%22%3A%228c9f4dcb-9710-42ed-a6f6-17219a986612%22%2C%22banner%22%3A%7B%7D%7D%2C%7B%22id%22%3A%223c0d948bee6906%22%2C%22pid%22%3A%221121191%22%2C%22tid%22%3A%2243b64773-911a-4ff7-b752-95d34bf40a3e%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D
Domain
fastlane.rubiconproject.com
URL
http://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11740&site_id=39544&zone_id=1078226&size_id=2&p_pos=unknown&rf=https%3A%2F%2Furlz.fr&kw=15056&tg_i.siteid=15056&tk_flint=pbjs_lite_v1.39.0&x_source.tid=8c9f4dcb-9710-42ed-a6f6-17219a986612&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=0&slots=1&rand=0.8964811790509892
Domain
fastlane.rubiconproject.com
URL
http://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11740&site_id=39544&zone_id=1078310&size_id=2&p_pos=unknown&rf=https%3A%2F%2Furlz.fr&kw=15056&tg_i.siteid=15056&tk_flint=pbjs_lite_v1.39.0&x_source.tid=43b64773-911a-4ff7-b752-95d34bf40a3e&p_screen_res=1600x1200&rp_floor=0.37&rp_secure=0&slots=1&rand=0.7203352418880771
Domain
ads.stickyadstv.com
URL
http://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=5224337&componentId=mustang&timestamp=1550841596032&pKey=715208315&_fw_gdpr_consent=undefined&loc=http%3A%2F%2Furlz.fr%2F8Ytf&playerSize=640x480&
Domain
ib.adnxs.com
URL
http://ib.adnxs.com/ut/v3/prebid
Domain
tag.leadplace.fr
URL
http://tag.leadplace.fr/wckr.php?nogdpr&id=MTIZ
Domain
ajax.googleapis.com
URL
http://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.360yield.com
ads.stickyadstv.com
ads.themoneytizer.com
ajax.cloudflare.com
ajax.googleapis.com
analytics.s.id
d2zur9cc2gf1tx.cloudfront.net
edge.quantserve.com
fastlane.rubiconproject.com
g.tmyzer.com
gum.criteo.com
ib.adnxs.com
p.cpx.to
player.pepsia.com
s.cpx.to
s.id
tag.contextweb.com
tag.leadplace.fr
tatilexus2.temp.swtest.ru
u336351g0o.ha002.t.justns.ru
urlz.fr
ww1097.smartadserver.com
www.noowho.com
ad.360yield.com
ads.stickyadstv.com
ajax.googleapis.com
analytics.s.id
fastlane.rubiconproject.com
ib.adnxs.com
player.pepsia.com
s.cpx.to
tag.leadplace.fr
ww1097.smartadserver.com
www.noowho.com
13.32.158.254
13.32.222.232
145.239.193.145
147.135.143.44
151.139.241.23
203.119.112.228
2606:4700:31::681f:bb2
2606:4700::6813:c597
2a00:b700::6:b
2a02:2638:1::13
3.120.80.142
74.214.194.131
77.222.40.43
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
2dab93e85c921c8a853f19c5bfa32757e9f235f066e4756a7c914e5cba6619f4
3349f7ebfafd1cf105f9f4a41a1be792db6dfc5d754de2fbce192a2185486b73
5793a13ed2008ad36c874cb4e2f025441d1a94e001b7c378b3fa8e049d06d720
7665c874bc98e44bd494def2883069f2f4c14cdef48d52d517cbbfce75440f37
7da7df6b2ae25a2b32a494dacea2c51b02b173dcb020c79f4df47a92fb497274
94666aec361fee9a9294bb32a5bc11867e479d41c199dd6ec8053122ae105a4b
dd76fdd2142192064e0af855f1b21bdad5ed9e807f053e813827e601404a83cb