urlscan.io logo urlscan.io
SecurityTrails logo

www.fox2.online Open in urlscan Pro
188.114.97.3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://fox2.online/
Effective URL: https://www.fox2.online/
Submission: On June 26 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 3 countries across 9 domains to perform 23 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is www.fox2.online.
TLS certificate: Issued by WE1 on June 23rd 2024. Valid for: 3 months.
This is the only time www.fox2.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

3    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
fox2.online
www.fox2.online
1    2a00:1450:4001:81d::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
3.bp.blogspot.com
2.bp.blogspot.com
2    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
securepubads.g.doubleclick.net
1    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    18.245.86.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-86-80.fra60.r.cloudfront.net
cmp.quantcast.com
8    2600:9000:2550:ee00:1b:cadc:ef40:93a1 (United States)

ASN16509 (AMAZON-02, US)
cmp.inmobi.com
2    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
1    2a04:4e42:400::347 (United States)

ASN54113 (FASTLY, US)
cdn.statically.io
1    142.250.185.193 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f1.1e100.net
2.bp.blogspot.com
1    18.157.128.118 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-128-118.eu-central-1.compute.amazonaws.com
api.cmp.inmobi.com
Apex Domain
Subdomains		 Transfer
9 inmobi.com
cmp.inmobi.com — Cisco Umbrella Rank: 5195
api.cmp.inmobi.com — Cisco Umbrella Rank: 16926
221 KB
5 blogspot.com
3.bp.blogspot.com — Cisco Umbrella Rank: 18882
2.bp.blogspot.com — Cisco Umbrella Rank: 20853
37 KB
3 fox2.online
fox2.online
www.fox2.online
41 KB
2 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 744
126 KB
2 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 235
175 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 83
ajax.googleapis.com — Cisco Umbrella Rank: 469
31 KB
1 statically.io
cdn.statically.io — Cisco Umbrella Rank: 12312
360 B
1 quantcast.com
cmp.quantcast.com — Cisco Umbrella Rank: 9617
606 B
1 gstatic.com
fonts.gstatic.com
10 KB
23 9
Domain Requested by
8 cmp.inmobi.com www.fox2.online
cmp.quantcast.com
cmp.inmobi.com
3 2.bp.blogspot.com
2 fundingchoicesmessages.google.com securepubads.g.doubleclick.net
2 securepubads.g.doubleclick.net www.fox2.online
securepubads.g.doubleclick.net
2 3.bp.blogspot.com www.fox2.online
2 www.fox2.online
1 api.cmp.inmobi.com cmp.inmobi.com
1 cdn.statically.io 1 redirects
1 cmp.quantcast.com 1 redirects
1 fonts.gstatic.com fonts.googleapis.com
1 ajax.googleapis.com www.fox2.online
1 fonts.googleapis.com client
1 fox2.online 1 redirects
23 13

This site contains links to these domains. Also see Links.

Domain
www.blogger.com
www.seoplus-template.com
Subject Issuer Validity Valid
fox2.online
WE1		 2024-06-23 -
2024-09-21		 3 months crt.sh
upload.video.google.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
misc-sni.blogspot.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.gstatic.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.google.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
cmp.inmobi.com
Sectigo ECC Organization Validation Secure Server CA		 2023-08-18 -
2024-08-17		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.fox2.online/
Frame ID: 274FCEB03DDC8509BFEF208D9946E801
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

FOX2.ONLINE

Page URL History Show full URLs

  1. https://fox2.online/ HTTP 301
    https://www.fox2.online/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

23
Requests

91 %
HTTPS

58 %
IPv6

9
Domains

13
Subdomains

11
IPs

3
Countries

642 kB
Transfer

2679 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://fox2.online/ HTTP 301
    https://www.fox2.online/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://cmp.quantcast.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js HTTP 301
  • https://cmp.inmobi.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js?tag_version=V2
Request Chain 12
  • https://cdn.statically.io/img/2.bp.blogspot.com/-L3ph6asSTq4/XCJoZp0vHpI/AAAAAAAAAwM/HzV_751T3tosTksU1m89DrC3lY6Hlss9ACK4BGAYYCw/s350/default.png?format=webp HTTP 302
  • https://2.bp.blogspot.com/-L3ph6asSTq4/XCJoZp0vHpI/AAAAAAAAAwM/HzV_751T3tosTksU1m89DrC3lY6Hlss9ACK4BGAYYCw/s350/default.png

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.fox2.online/
Redirect Chain
  • https://fox2.online/
  • https://www.fox2.online/
178 KB
40 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.fox2.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fce29707aa65322a3fd5166b9d4d2dbc029b40ec4ae7b5982d700b58989c545f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0
cf-cache-status
DYNAMIC
cf-ray
899e0131ee2f71bb-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 26 Jun 2024 14:49:34 GMT
expires
Wed, 26 Jun 2024 14:49:34 GMT
last-modified
Mon, 06 May 2024 04:59:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zeGYNuIJGZNSeCe0M%2BIIUUNGFwDwUjz2yk6clcRVwXnsQvHQdWD8g5b5pxK2z%2FfAxyqguBlS2wivcbrB6dghD3V1CAncCkKxw5raw0lupYvkbeUybtnfZv%2Bt%2FCDu4EdnE5E%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-content-type-options
nosniff
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
899e01315d5b71bb-FRA
content-type
text/html; charset=UTF-8
date
Wed, 26 Jun 2024 14:49:33 GMT
location
https://www.fox2.online/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qKKhUJF%2BO6wX0KdfNn26zcDPEUc%2BRp5HbHPYtrperFwJYQH7zlWJ%2BP3XsNdIThaJZS4mFcfq%2BjnhggmVvPBMwL3%2FKeOAxob1JZPAFUTShp1Q6QugxRlUlppP78DyPg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN
x-xss-protection
0
css2
fonts.googleapis.com/ 		1 KB
970 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Tajawal:wght@500&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d2827edb4b24c23126234289a5ec4351fdc4bb67b05478ee2359dedb210aed9e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.fox2.online/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Wed, 26 Jun 2024 14:49:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 26 Jun 2024 14:43:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 26 Jun 2024 14:49:34 GMT
94780799_258223751988228_6585718726438420480_n.png
3.bp.blogspot.com/-IWoLFKUqnNQ/Xr-F9vFjz9I/AAAAAAAAANg/cZUh9fYZ3BI4P0so5JpIijTLjNjA1WDkACK4BGAYYCw/s1600/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://3.bp.blogspot.com/-IWoLFKUqnNQ/Xr-F9vFjz9I/AAAAAAAAANg/cZUh9fYZ3BI4P0so5JpIijTLjNjA1WDkACK4BGAYYCw/s1600/94780799_258223751988228_6585718726438420480_n.png
Requested by
Host: www.fox2.online
URL: https://www.fox2.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
df2cc6900680217317bb7ca54e0b200638e14f181db085dadd7bc98c739e6a2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.fox2.online/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 11:54:54 GMT
x-content-type-options
nosniff
age
10480
content-disposition
inline;filename="94780799_258223751988228_6585718726438420480_n.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27952
x-xss-protection
0
server
fife
etag
"vd9"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 27 Jun 2024 11:54:54 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		98 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.fox2.online
URL: https://www.fox2.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
d0306f12cbb25cccba1ab901f5684016fd1d20ca703f279fe2f41cfca4d9922c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.fox2.online/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 14:49:34 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31648
x-xss-protection
0
server
cafe
etag
887 / 19900 / m202406180101 / config-hash: 7049961387469594230
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 26 Jun 2024 14:49:34 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Requested by
Host: www.fox2.online
URL: https://www.fox2.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.fox2.online/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 14:12:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2224
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30306
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 26 Jun 2025 14:12:30 GMT
truncated
/ 		627 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6a217480aa6975d5cca42e735655916610429fe4c60dc7f1a21c75badff47d33

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
Iurf6YBj_oCad4k1l8KiHrFpiQ.woff2
fonts.gstatic.com/s/tajawal/v9/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/tajawal/v9/Iurf6YBj_oCad4k1l8KiHrFpiQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Tajawal:wght@500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9986de5db80ec050300f1cea25d651a5779ae62b91a39b5667ac23d0c7668cbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://www.fox2.online
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 22:12:07 GMT
x-content-type-options
nosniff
age
59847
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9900
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:01:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Jun 2025 22:12:07 GMT
choice.js
cmp.inmobi.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/
Redirect Chain
  • https://cmp.quantcast.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js
  • https://cmp.inmobi.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js?tag_version=V2
3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.inmobi.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js?tag_version=V2
Requested by
Host: www.fox2.online
URL: https://www.fox2.online/
Protocol
H2
Server
2600:9000:2550:ee00:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c7fdac25f0cd198d58d3231db7e84b8a5c7529a01d1399c20b0134d8ba143d7c

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://www.fox2.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 26 Jun 2024 14:49:29 GMT
content-encoding
br
via
1.1 fcae03c70d8abce0dc89e45009008e3a.cloudfront.net (CloudFront)
last-modified
Tue, 04 Jun 2024 08:53:14 GMT
server
AmazonS3
x-amz-cf-pop
LHR50-P6
age
39
x-amz-server-side-encryption
AES256
etag
W/"47b9cc47cc1b62252e0878884fd30056"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=900
cross-origin-resource-policy
cross-origin
x-amz-cf-id
TP2sS3jgu-0oEvlQv79BofHXfw3R5NKYpXMT-M3MfQ1whw_pIn-IlQ==

Redirect headers

x-amz-website-redirect-location
https://cmp.inmobi.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js?tag_version=V2
date
Wed, 26 Jun 2024 14:48:37 GMT
via
1.1 8e8e6ea60de74421f0058675cbcf9cb0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P6
age
58
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
0
last-modified
Wed, 15 Nov 2023 20:03:11 GMT
server
AmazonS3
etag
"408e9e32ff11d19e90e67eb67eb171dc"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
location
https://cmp.inmobi.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js?tag_version=V2
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
H6jOX-V-DPBt8ei5X1gJfQMV8ShTf25TyV5DpHStT3R9LvjEzdgRFQ==
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406180101/ 		464 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406180101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
f40e23ed3e42b0bfee05cb46d8ebc0982b6d05e2a4c7398bf9e8f680f5a0f4c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.fox2.online/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 10:34:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
15312
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
147919
x-xss-protection
0
server
cafe
etag
11576365170569119095
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 26 Jun 2025 10:34:22 GMT
256-256.png
3.bp.blogspot.com/-T-V-PJOU4v0/XZYzHfq1dYI/AAAAAAAABOw/obz8rMcwKgEvPkHP1ahM2tyAqm8fRYZYwCK4BGAYYCw/w27-h27-p-k-nu/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://3.bp.blogspot.com/-T-V-PJOU4v0/XZYzHfq1dYI/AAAAAAAABOw/obz8rMcwKgEvPkHP1ahM2tyAqm8fRYZYwCK4BGAYYCw/w27-h27-p-k-nu/256-256.png
Requested by
Host: www.fox2.online
URL: https://www.fox2.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
fdc94d53d1796c028c474c2f2fa236f730b1f0869a42108d706c307422329e21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.fox2.online/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 14:11:49 GMT
x-content-type-options
nosniff
age
2265
cross-origin-resource-policy
cross-origin
content-disposition
inline;filename="256-256.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1286
x-xss-protection
0
server
fife
etag
"v4ed"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 27 Jun 2024 14:11:49 GMT
22974997515
fundingchoicesmessages.google.com/i/ 		197 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/22974997515?ers=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
919424f4242222f2db404c861a6e2836382e2a2484dc96ab445058a81645d2b9
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-Kcmgkkh89is8g64f7XENAg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.fox2.online/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 14:49:34 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-Kcmgkkh89is8g64f7XENAg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjitDikmJw1JBiOHHrNtMFID7vdIfpOhBLfH3JpAHETukzWIOA2Kd-BmsMELfePMc6FYg_Pz7H-huIk_6dZy0C4iURF1kPJV5kPfj4IutJIBbi4fh35cNmNoEHXWfXMylpJOUXxifn55UUZSaVluQXpSWnpRanFpWlFsUbGRiZGJgZmegZGMUXGAAAvqw_kw"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
cmp2.js
cmp.inmobi.com/tcfv2/53/ 		167 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.inmobi.com/tcfv2/53/cmp2.js?referer=www.themoneytizer.com
Requested by
Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2550:ee00:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f7a0c447b915ba02cdfa198f1fee92f0a4a784dc895b61be659a9386c6ed3112

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.fox2.online/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 06:26:06 GMT
content-encoding
br
via
1.1 fcae03c70d8abce0dc89e45009008e3a.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR50-P6
age
30209
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
last-modified
Mon, 03 Jun 2024 09:45:41 GMT
server
AmazonS3
etag
W/"db6c513b7a9d1bf38b36047c185655a2"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=172800
x-amz-meta-qc-ineu
True
vary
Accept-Encoding
x-amz-cf-id
MScc3yX2HlbGWonYBroBbIpYLdNurD8EGj_jfd1nYCc8AjkZfbeu1g==
geoip
cmp.inmobi.com/ 		39 B
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp.inmobi.com/geoip
Requested by
Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/53/cmp2.js?referer=www.themoneytizer.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2550:ee00:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
235de800dbdb395658c21a8de815c39dec05feb44a36d2f27a18f9875c383d9e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/json, text/plain, */*
Referer
https://www.fox2.online/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 14:49:34 GMT
via
1.1 027fb676af23e5e8545e552038c4e1b0.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
LHR50-P6
x-cache
FunctionGeneratedResponse from cloudfront
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
*
content-length
39
x-amz-cf-id
-CcNFCmLFbsWi819dqQEp6cjgY1zwNY3S8n2UNo6sHJrzCCCAosuIw==
default.png
2.bp.blogspot.com/-L3ph6asSTq4/XCJoZp0vHpI/AAAAAAAAAwM/HzV_751T3tosTksU1m89DrC3lY6Hlss9ACK4BGAYYCw/s350/
Redirect Chain
  • https://cdn.statically.io/img/2.bp.blogspot.com/-L3ph6asSTq4/XCJoZp0vHpI/AAAAAAAAAwM/HzV_751T3tosTksU1m89DrC3lY6Hlss9ACK4BGAYYCw/s350/default.png?format=webp
  • https://2.bp.blogspot.com/-L3ph6asSTq4/XCJoZp0vHpI/AAAAAAAAAwM/HzV_751T3tosTksU1m89DrC3lY6Hlss9ACK4BGAYYCw/s350/default.png
4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2.bp.blogspot.com/-L3ph6asSTq4/XCJoZp0vHpI/AAAAAAAAAwM/HzV_751T3tosTksU1m89DrC3lY6Hlss9ACK4BGAYYCw/s350/default.png
Protocol
H3
Server
142.250.185.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f1.1e100.net
Software
fife /
Resource Hash
3087039762141ce9321fe190e4a5e094cb38a67941298b6d732edb6136449df3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://www.fox2.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 26 Jun 2024 14:02:44 GMT
x-content-type-options
nosniff
age
2810
cross-origin-resource-policy
cross-origin
content-disposition
inline;filename="default.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3641
x-xss-protection
0
server
fife
etag
"v304"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 27 Jun 2024 14:02:44 GMT

Redirect headers

date
Wed, 26 Jun 2024 14:49:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
server
statically
x-cache
HIT
access-control-allow-origin
*
location
https://2.bp.blogspot.com/-L3ph6asSTq4/XCJoZp0vHpI/AAAAAAAAAwM/HzV_751T3tosTksU1m89DrC3lY6Hlss9ACK4BGAYYCw/s350/default.png
access-control-expose-headers
*
cache-control
public, max-age=10
timing-allow-origin
*
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
0
x-served-by
cache-mad22060-MAD
default.png
2.bp.blogspot.com/-L3ph6asSTq4/XCJoZp0vHpI/AAAAAAAAAwM/HzV_751T3tosTksU1m89DrC3lY6Hlss9ACK4BGAYYCw/s328/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2.bp.blogspot.com/-L3ph6asSTq4/XCJoZp0vHpI/AAAAAAAAAwM/HzV_751T3tosTksU1m89DrC3lY6Hlss9ACK4BGAYYCw/s328/default.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
5e2cdf970aca9544bb3a3262da6839d46171681a0833698431853722ef8f3249
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.fox2.online/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 11:57:37 GMT
x-content-type-options
nosniff
age
10317
content-disposition
inline;filename="default.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3157
x-xss-protection
0
server
fife
etag
"v304"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 27 Jun 2024 11:57:37 GMT
default.png
2.bp.blogspot.com/-L3ph6asSTq4/XCJoZp0vHpI/AAAAAAAAAwM/HzV_751T3tosTksU1m89DrC3lY6Hlss9ACK4BGAYYCw/s140/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2.bp.blogspot.com/-L3ph6asSTq4/XCJoZp0vHpI/AAAAAAAAAwM/HzV_751T3tosTksU1m89DrC3lY6Hlss9ACK4BGAYYCw/s140/default.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
8767dc1e5fc93b1de80f81545b42238e0da3ed3bd362d5340a43235b3b92a03a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.fox2.online/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 13:00:18 GMT
x-content-type-options
nosniff
age
6556
content-disposition
inline;filename="default.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1152
x-xss-protection
0
server
fife
etag
"v304"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 27 Jun 2024 13:00:18 GMT
favicon.ico
www.fox2.online/ 		4 KB
961 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.fox2.online/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1495da3cf3db37bf105a12658636ff628fee7b73975b9200049af7747e60b1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.fox2.online/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 14:49:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
412
x-xss-protection
1; mode=block
last-modified
Mon, 06 May 2024 04:59:29 GMT
server
cloudflare
etag
W/"695b62990f53de278f7242e002b1f5bad0c8f8d2fefd7aefbc69eb2388300c84"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Tl8xqLSOg%2BNWcHJaSc7PiL9CQbJ4N1ogtR%2FLelaz2N1kxAu9VCLfDY0%2FnNpfiD22v4O5T9s0LWzAJ89RsI0xrFOO64%2BlLG0tN0E0irdnZA8AGwXaH7gKYWwZ5Fx7NJE9bTc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/x-icon; charset=UTF-8
cache-control
private, max-age=86400
accept-ranges
bytes
cf-ray
899e01382c7071bb-FRA
expires
Wed, 26 Jun 2024 14:49:34 GMT
cmp-list.json
cmp.inmobi.com/GVL-v2/ 		19 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp.inmobi.com/GVL-v2/cmp-list.json
Requested by
Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/53/cmp2.js?referer=www.themoneytizer.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2550:ee00:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fc971dde9b3794d5ce272ed459e185ae920f60e823beb83c364a6a63a316424c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/json, text/plain, */*
Referer
https://www.fox2.online/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 03:00:45 GMT
content-encoding
gzip
via
1.1 027fb676af23e5e8545e552038c4e1b0.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR50-P6
age
42530
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Wed, 26 Jun 2024 03:00:42 GMT
server
AmazonS3
etag
W/"827669b93a7ac16ce875c2b552f14696"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=172800
vary
Accept-Encoding
x-amz-cf-id
tqLO5iXLg2YQMa_Mw35P4CFdRaLdFTZFYGT4pH4NXfVKVvohl26Pyg==
cmp2ui-en.js
cmp.inmobi.com/tcfv2/53/ 		297 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.inmobi.com/tcfv2/53/cmp2ui-en.js
Requested by
Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/53/cmp2.js?referer=www.themoneytizer.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2550:ee00:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
706942656eb9d47aba1a60229b27acc14a95a7f81fd8f7227d2c4e2ab9687207

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.fox2.online/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 06:26:03 GMT
content-encoding
br
via
1.1 fcae03c70d8abce0dc89e45009008e3a.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR50-P6
age
30212
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
cross-origin-resource-policy
cross-origin
last-modified
Mon, 03 Jun 2024 09:45:44 GMT
server
AmazonS3
etag
W/"991fbc793ffbdf15116c0458b5a2027a"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=172800
vary
Accept-Encoding
x-amz-cf-id
tZ1SrGXkERm-VJIOiD76IPluy57yh-u2T--XRxV1fpudYx7ZCU9Qfg==
vendor-list-trimmed-v1.json
cmp.inmobi.com/GVL-v3/ 		593 KB
65 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp.inmobi.com/GVL-v3/vendor-list-trimmed-v1.json
Requested by
Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/53/cmp2.js?referer=www.themoneytizer.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2550:ee00:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
870081c102495df88cbdfad8de12f5070ed18fab6ee2382e22403940a5f368b0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.fox2.online/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 12:34:56 GMT
content-encoding
br
via
1.1 027fb676af23e5e8545e552038c4e1b0.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR50-P6
age
8079
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
last-modified
Thu, 20 Jun 2024 23:59:19 GMT
server
AmazonS3
etag
W/"b9ef025c1e2e7a8bd49659c0bc0c0816"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
access-control-allow-credentials
true
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
yLyqXLB0x7hqpljFHJFu2AcgNy1XuplLP2sa7igJTH0gOhQ37oEFzQ==
google-atp-list.json
cmp.inmobi.com/tcfv2/ 		142 KB
33 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp.inmobi.com/tcfv2/google-atp-list.json
Requested by
Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/53/cmp2.js?referer=www.themoneytizer.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2550:ee00:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9f0dc15253c79e35ffeb35b079b9913b0588525ee7b970dfb2fe94d6a960b8b5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/json, text/plain, */*
Referer
https://www.fox2.online/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 06:26:03 GMT
content-encoding
br
via
1.1 027fb676af23e5e8545e552038c4e1b0.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR50-P6
age
30212
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Wed, 26 Jun 2024 03:00:25 GMT
server
AmazonS3
etag
W/"1ec7c43a6ba7c25fb30966aeccbd7ac0"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=172800
access-control-allow-credentials
true
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
WMRzKHgz_6X3_qabyaTpRQ8c_hVVoyq2ygzmWCPOXp64OKfUVv-cDw==
/
api.cmp.inmobi.com/ 		2 B
102 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.cmp.inmobi.com/?log=%7B%22accountId%22%3A%226Fv0cGNfc_bw8%22%2C%22domain%22%3A%22www.fox2.online%22%2C%22publisher%22%3A%22themoneytizer.com%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.53%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22x0zxUTtv48%2FwZzgVhnTIZQ%22%2C%22tagVersion%22%3A%22V2%22%2C%22gvlVersion%22%3A3%2C%22clientTimestamp%22%3A1719413374934%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-yrss6tnwekkwk29qchhr%22%7D
Requested by
Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/53/cmp2ui-en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.157.128.118 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-128-118.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/json, text/plain, */*
Referer
https://www.fox2.online/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Wed, 26 Jun 2024 14:49:35 GMT
content-length
2
content-type
text/plain; charset=utf-8
geoip
cmp.inmobi.com/ 		39 B
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp.inmobi.com/geoip
Requested by
Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/53/cmp2ui-en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2550:ee00:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
235de800dbdb395658c21a8de815c39dec05feb44a36d2f27a18f9875c383d9e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/json, text/plain, */*
Referer
https://www.fox2.online/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 14:49:34 GMT
via
1.1 027fb676af23e5e8545e552038c4e1b0.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
LHR50-P6
x-cache
FunctionGeneratedResponse from cloudfront
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
*
content-length
39
x-amz-cf-id
hYbG-hZBpV-97U21omZrzXuruxbi_R6gKjiVAa_xmMTAP4ONMp7EuQ==
AGSKWxUbVBnnPj_hhVbiL8TPfAI-Bagwh_vwfJPCgSn3sMhZHzICRGgq4OHvaVXp8x1xb7LtWjL5A1mI973tRoGUu94VCw9hQExirLRRyvB-2GkQo39-kpiR6bwOxk6avlol9WjVDUjF2A==
fundingchoicesmessages.google.com/f/ 		383 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUbVBnnPj_hhVbiL8TPfAI-Bagwh_vwfJPCgSn3sMhZHzICRGgq4OHvaVXp8x1xb7LtWjL5A1mI973tRoGUu94VCw9hQExirLRRyvB-2GkQo39-kpiR6bwOxk6avlol9WjVDUjF2A==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzE5NDEzMzc1LDIxNjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cuZm94Mi5vbmxpbmUvIixudWxsLFtbOCwiUTlDY1ZPZFBSakUiXSxbOSwibmwiXSxbMjIsImZhbHNlIl0sWzE5LCIxIl0sWzE3LCJbMF0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.nl.Q9CcVOdPRjE.es5.O/am=MAw/d=1/rs=AJlcJMyzoUZ5FVWYrR76W_AFK4HV6fgb1g/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a26df350578d54e4ab2b198e5addb28397c73c2f289f9d3872f71669499f45ed
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-x1p_1_v1xfn9syiocIPFHw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.fox2.online/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 14:49:35 GMT
content-security-policy
script-src 'report-sample' 'nonce-x1p_1_v1xfn9syiocIPFHw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjitDikmII1pBiOHnrNtNFID7vdIfpOhBLfH3JpAHETukzWIOA2Kd-BmsMELfePMc6FYg_Pz7H-huIk_6dZy0C4iURF1kPJV5kPfj4IutJIBbi4fh_5cNmNoEJZ4_MY1TSSMovjE_OzyspykwqLckvSktOSy1OLSpLLYo3MjAyMTAzMtEzMIovMAAAwnM_gA"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 undefined| event object| fence object| sharedStorage object| _0x205f function| _0x53b8 function| prst object| adsbygoogle object| blogLabels object| googletag function| $ function| jQuery function| __tcfapi function| __uspapi object| ggeac object| google_tag_data object| google_js_reporting_queue string| ArrowIcon string| BlogID object| _0x1ec6 function| _0x33fe string| olderLink string| $my_menu string| $my_icon string| $my_tre undefined| google_measure_js_timing object| google_reactive_ads_global_state object| regeneratorRuntime function| __tcfapiui object| dataLayer function| gtag object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| NThlN2JkZGU4OWJmMWUyNmxvYWRlcl9qcw== string| NThlN2JkZGU4OWJmMWUyNmNhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady

1 Cookies

Domain/Path Name / Value
.www.fox2.online/ Name: usprivacy
Value: 1N--

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2.bp.blogspot.com
3.bp.blogspot.com
ajax.googleapis.com
api.cmp.inmobi.com
cdn.statically.io
cmp.inmobi.com
cmp.quantcast.com
fonts.googleapis.com
fonts.gstatic.com
fox2.online
fundingchoicesmessages.google.com
securepubads.g.doubleclick.net
www.fox2.online
142.250.185.162
142.250.185.193
18.157.128.118
18.245.86.80
188.114.97.3
2600:9000:2550:ee00:1b:cadc:ef40:93a1
2a00:1450:4001:80f::200a
2a00:1450:4001:812::2001
2a00:1450:4001:81d::200a
2a00:1450:4001:827::2003
2a00:1450:4001:829::200e
2a04:4e42:400::347
235de800dbdb395658c21a8de815c39dec05feb44a36d2f27a18f9875c383d9e
3087039762141ce9321fe190e4a5e094cb38a67941298b6d732edb6136449df3
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5e2cdf970aca9544bb3a3262da6839d46171681a0833698431853722ef8f3249
6a217480aa6975d5cca42e735655916610429fe4c60dc7f1a21c75badff47d33
706942656eb9d47aba1a60229b27acc14a95a7f81fd8f7227d2c4e2ab9687207
870081c102495df88cbdfad8de12f5070ed18fab6ee2382e22403940a5f368b0
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8767dc1e5fc93b1de80f81545b42238e0da3ed3bd362d5340a43235b3b92a03a
919424f4242222f2db404c861a6e2836382e2a2484dc96ab445058a81645d2b9
9986de5db80ec050300f1cea25d651a5779ae62b91a39b5667ac23d0c7668cbb
9f0dc15253c79e35ffeb35b079b9913b0588525ee7b970dfb2fe94d6a960b8b5
a1495da3cf3db37bf105a12658636ff628fee7b73975b9200049af7747e60b1f
a26df350578d54e4ab2b198e5addb28397c73c2f289f9d3872f71669499f45ed
c7fdac25f0cd198d58d3231db7e84b8a5c7529a01d1399c20b0134d8ba143d7c
d0306f12cbb25cccba1ab901f5684016fd1d20ca703f279fe2f41cfca4d9922c
d2827edb4b24c23126234289a5ec4351fdc4bb67b05478ee2359dedb210aed9e
df2cc6900680217317bb7ca54e0b200638e14f181db085dadd7bc98c739e6a2a
f40e23ed3e42b0bfee05cb46d8ebc0982b6d05e2a4c7398bf9e8f680f5a0f4c1
f7a0c447b915ba02cdfa198f1fee92f0a4a784dc895b61be659a9386c6ed3112
fc971dde9b3794d5ce272ed459e185ae920f60e823beb83c364a6a63a316424c
fce29707aa65322a3fd5166b9d4d2dbc029b40ec4ae7b5982d700b58989c545f
fdc94d53d1796c028c474c2f2fa236f730b1f0869a42108d706c307422329e21