p1.envoi-virement.com Open in urlscan Pro
81.88.52.70  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://urlz.fr/cV3u Page URL
2. https://p1.envoi-virement.com/ Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25

• https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent= HTTP 302
• https://id5-sync.com/c/12/0/9/1.gif?gdpr=0&gdpr_consent= HTTP 302
• https://ib.adnxs.com/getuid?https://id5-sync.com/c/12/2/8/2.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fid5-sync.com%2Fc%2F12%2F2%2F8%2F2.gif%3Fpuid%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
• https://id5-sync.com/c/12/2/8/2.gif?puid=6727669784938706203&gdpr=0&gdpr_consent=

Request Chain 37

• https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2238be9f5d013814c%22%2C%22version%22%3A%227.0.0-JS-6.3.0%22%2C%22referrer%22%3A%22https%3A%2F%2Furlz.fr%2FcV3u%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2215056%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22166a119c61ed83e%22%2C%22pid%22%3A%2222124029%22%2C%22tid%22%3A%22818428bf-99f5-44a5-a662-5fd7faa639f4%22%2C%22banner%22%3A%7B%7D%7D%2C%7B%22id%22%3A%221733e09314e333f%22%2C%22pid%22%3A%2212065816%22%2C%22tid%22%3A%2258fc3c38-03af-463f-89bd-8e7af860d2db%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A1%2C%22h%22%3A1%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A90%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A30%7D%2C%7B%22w%22%3A990%2C%22h%22%3A90%7D%2C%7B%22w%22%3A950%2C%22h%22%3A90%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%2218826949b730d46%22%2C%22pid%22%3A%221121190%22%2C%22tid%22%3A%2298199f0d-6993-4d1c-8e5b-4b0560f15f55%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%5D%7D%7D%2C%7B%22id%22%3A%22191fbcc95c6a963%22%2C%22pid%22%3A%221121191%22%2C%22tid%22%3A%223b12ef0a-0667-47f6-b30e-5fddad800feb%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%5D%7D%7D%5D%7D%7D HTTP 302
• https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2238be9f5d013814c%22%2C%22version%22%3A%227.0.0-JS-6.3.0%22%2C%22referrer%22%3A%22https%3A%2F%2Furlz.fr%2FcV3u%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2215056%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22166a119c61ed83e%22%2C%22pid%22%3A%2222124029%22%2C%22tid%22%3A%22818428bf-99f5-44a5-a662-5fd7faa639f4%22%2C%22banner%22%3A%7B%7D%7D%2C%7B%22id%22%3A%221733e09314e333f%22%2C%22pid%22%3A%2212065816%22%2C%22tid%22%3A%2258fc3c38-03af-463f-89bd-8e7af860d2db%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A1%2C%22h%22%3A1%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A90%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A30%7D%2C%7B%22w%22%3A990%2C%22h%22%3A90%7D%2C%7B%22w%22%3A950%2C%22h%22%3A90%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%2218826949b730d46%22%2C%22pid%22%3A%221121190%22%2C%22tid%22%3A%2298199f0d-6993-4d1c-8e5b-4b0560f15f55%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%5D%7D%7D%2C%7B%22id%22%3A%22191fbcc95c6a963%22%2C%22pid%22%3A%221121191%22%2C%22tid%22%3A%223b12ef0a-0667-47f6-b30e-5fddad800feb%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%5D%7D%7D%5D%7D%7D

69 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	cV3u Show response urlz.fr/	3 KB 1 KB	108ms 82ms	Document text/html	2606:4700:3038::681f:bb2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://urlz.fr/cV3u Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3038::681f:bb2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 035f98a14bd27c1b69fb95cfb469000321f6c3bbefb7dbf355fa199ecc9bb52f Request headers :method GET :authority urlz.fr :scheme https :path /cV3u pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 date Fri, 12 Jun 2020 19:25:06 GMT content-type text/html; charset=UTF-8 set-cookie __cfduid=daea60090b6ef4a07c0256eb87c8a9fa41591989906; expires=Sun, 12-Jul-20 19:25:06 GMT; path=/; domain=.urlz.fr; HttpOnly; SameSite=Lax cf-cache-status DYNAMIC cf-request-id 034b9743040000176a1b3a5200000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 5a25f4b1ad9d176a-FRA content-encoding br
GET H2	200	rocket-loader.min.js Show response ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/	12 KB 4 KB	16ms 15ms	Script application/javascript	2606:4700::6810:85e5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js Requested by Host: urlz.fr URL: https://urlz.fr/cV3u Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:85e5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e Security Headers Name Value Strict-Transport-Security max-age=15780000; includeSubDomains X-Frame-Options SAMEORIGIN Request headers Referer https://urlz.fr/cV3u User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 12 Jun 2020 19:25:06 GMT content-encoding gzip vary Accept-Encoding last-modified Wed, 10 Jun 2020 17:45:48 GMT server cloudflare etag W/"5ee11c4c-3016" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-frame-options SAMEORIGIN content-type application/javascript status 200 cache-control max-age=172800, public strict-transport-security max-age=15780000; includeSubDomains cf-ray 5a25f4b23c2bd6f1-FRA cf-request-id 034b9743610000d6f1260ff200000001 expires Sun, 14 Jun 2020 19:25:06 GMT
GET H2	200	/ p1.envoi-virement.com/ Frame E84A	0 0	468ms 325ms	Document text/html	81.88.52.70 REGISTER-AS
General Check archive.org Show headers Download Go to Full URL https://p1.envoi-virement.com/ Requested by Host: urlz.fr URL: https://urlz.fr/cV3u Protocol H2 Security TLS 1.3, , AES_256_GCM Server 81.88.52.70 , Italy, ASN39729 (REGISTER-AS, IT), Reverse DNS lhcp3070.webapps.net Software Apache / PHP/7.3.13 Resource Hash Request headers :method GET :authority p1.envoi-virement.com :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://urlz.fr/cV3u accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://urlz.fr/cV3u Response headers status 200 date Fri, 12 Jun 2020 19:25:06 GMT server Apache x-powered-by PHP/7.3.13 cache-control no-cache, private set-cookie XSRF-TOKEN=eyJpdiI6IjVsZnBYc2NLOEpVSFJmN004TkpTXC9BPT0iLCJ2YWx1ZSI6ImliNEtoaXF5MXk4aXVaUEdDS2F0RVIwMjhDMkVIWVJGbWFKY2ptbVEwZzdUd3lzVkF6cnFxWWFCSkhZbm54bVciLCJtYWMiOiIxMGY1MzUyNWI2NmVhMGU3MzQxZGZhYmRjM2ZmYmUwNzE3YjliYTliMmQyMWRhMGVmMTZmYjNkYjJlMWQ1NDJlIn0%3D; expires=Fri, 12-Jun-2020 21:25:06 GMT; Max-Age=7200; path=/ laravel_session=eyJpdiI6Ik9VMm1mYXUrQXdQVXRvaFdZOXNFRWc9PSIsInZhbHVlIjoiZmdcL1crNlk3d1AzcTBBV3dwTzNCcDhnem5FRmZUakRQbTRBZWZzQlZrczdRNWdPV0dPajVxbTljQ1BEWWRTM1UiLCJtYWMiOiI5YzFlYTE3ZWVkNTJmY2U3MGExYWY5N2NkMWY4YWE0NTlmOTU3OTFiMDk1NDQ0NTZlMzk2YzA1OTJlYjhjYzFkIn0%3D; expires=Fri, 12-Jun-2020 21:25:06 GMT; Max-Age=7200; path=/; httponly vary Accept-Encoding,User-Agent content-encoding gzip content-length 1926 content-type text/html; charset=UTF-8
GET H2	200	js Show response www.googletagmanager.com/gtag/	83 KB 33 KB	21ms 20ms	Script application/javascript	2a00:1450:4001:800::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-162669458-1 Requested by Host: ajax.cloudflare.com URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 035f5bc91b332420fb291e203a245ed256e7afe944b7d235df9d34fba8e1276b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://urlz.fr/cV3u User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 12 Jun 2020 19:25:06 GMT content-encoding br vary Accept-Encoding status 200 alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 33234 x-xss-protection 0 last-modified Fri, 12 Jun 2020 18:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Fri, 12 Jun 2020 19:25:06 GMT
GET H2	200	requestform.js Show response ads.themoneytizer.com/s/	55 KB 10 KB	86ms 36ms	Script text/html	151.139.241.23 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=6 Requested by Host: ajax.cloudflare.com URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US), Reverse DNS Software nginx / PHP/5.4.45 Resource Hash 7a10baef858d979dd3ae21c4f167b0e7e51ce3d8ec954700f2450c9a75cf13fc Request headers Referer https://urlz.fr/cV3u User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 12 Jun 2020 19:25:06 GMT content-encoding gzip server nginx x-powered-by PHP/5.4.45 vary Accept-Encoding x-cache HIT content-type text/html; charset=UTF-8 status 200 cache-control max-age=86400 accept-ranges bytes expires Sat, 13 Jun 2020 19:25:06 GMT
GET H2	200	gen.js Show response ads.themoneytizer.com/s/	9 KB 4 KB	73ms 23ms	Script text/html	151.139.241.23 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://ads.themoneytizer.com/s/gen.js?type=6 Requested by Host: ajax.cloudflare.com URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US), Reverse DNS Software nginx / PHP/5.4.45 Resource Hash 380333b0b75ec9ad51d95668ab00662d4c63a0913ec1c10304c6f312e1ee2c8e Request headers Referer https://urlz.fr/cV3u User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 12 Jun 2020 19:25:06 GMT content-encoding gzip server nginx x-powered-by PHP/5.4.45 vary Accept-Encoding x-cache HIT content-type text/html; charset=UTF-8 status 200 cache-control max-age=86400 accept-ranges bytes content-length 3371 expires Sat, 13 Jun 2020 19:25:00 GMT
GET H2	200	requestform.js Show response ads.themoneytizer.com/s/	57 KB 11 KB	93ms 44ms	Script text/html	151.139.241.23 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28 Requested by Host: ajax.cloudflare.com URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US), Reverse DNS Software nginx / PHP/5.4.45 Resource Hash cdf4538b12141bf76f8b72e809d5d15b19a88263d50feb6ad32014ac857857ea Request headers Referer https://urlz.fr/cV3u User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 12 Jun 2020 19:25:06 GMT content-encoding gzip server nginx x-powered-by PHP/5.4.45 vary Accept-Encoding x-cache HIT content-type text/html; charset=UTF-8 status 200 cache-control max-age=86400 accept-ranges bytes expires Sat, 13 Jun 2020 19:25:06 GMT
GET H2	200	gen.js Show response ads.themoneytizer.com/s/	9 KB 4 KB	79ms 29ms	Script text/html	151.139.241.23 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://ads.themoneytizer.com/s/gen.js?type=28 Requested by Host: ajax.cloudflare.com URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US), Reverse DNS Software nginx / PHP/5.4.45 Resource Hash 380333b0b75ec9ad51d95668ab00662d4c63a0913ec1c10304c6f312e1ee2c8e Request headers Referer https://urlz.fr/cV3u User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 12 Jun 2020 19:25:06 GMT content-encoding gzip server nginx x-powered-by PHP/5.4.45 vary Accept-Encoding x-cache HIT content-type text/html; charset=UTF-8 status 200 cache-control max-age=86400 accept-ranges bytes content-length 3371 expires Sat, 13 Jun 2020 19:24:15 GMT
GET H2	200	requestform.js Show response ads.themoneytizer.com/s/	57 KB 11 KB	89ms 39ms	Script text/html	151.139.241.23 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1 Requested by Host: ajax.cloudflare.com URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US), Reverse DNS Software nginx / PHP/5.4.45 Resource Hash 0d74a9bad661593836cf866f3cd12e82e07b13aa884d1f15b6b85b79ffffdff2 Request headers Referer https://urlz.fr/cV3u User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 12 Jun 2020 19:25:06 GMT content-encoding gzip server nginx x-powered-by PHP/5.4.45 vary Accept-Encoding x-cache HIT content-type text/html; charset=UTF-8 status 200 cache-control max-age=86400 accept-ranges bytes expires Sat, 13 Jun 2020 19:25:06 GMT
GET H2	200	gen.js Show response ads.themoneytizer.com/s/	9 KB 4 KB	73ms 24ms	Script text/html	151.139.241.23 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://ads.themoneytizer.com/s/gen.js?type=1 Requested by Host: ajax.cloudflare.com URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US), Reverse DNS Software nginx / PHP/5.4.45 Resource Hash 380333b0b75ec9ad51d95668ab00662d4c63a0913ec1c10304c6f312e1ee2c8e Request headers Referer https://urlz.fr/cV3u User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 12 Jun 2020 19:25:06 GMT content-encoding gzip server nginx x-powered-by PHP/5.4.45 vary Accept-Encoding x-cache HIT content-type text/html; charset=UTF-8 status 200 cache-control max-age=86400 accept-ranges bytes content-length 3371 expires Sat, 13 Jun 2020 19:25:04 GMT
GET H/1.1	200 OK	/ Show response g.themoneytizer.net/g/	26 B 200 B	169ms 44ms	Script text/html	145.239.193.145 OVH
General Check archive.org Show headers Download Go to Full URL https://g.themoneytizer.net/g/ Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/gen.js?type=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 145.239.193.145 , France, ASN16276 (OVH, FR), Reverse DNS Software nginx / Resource Hash 24f85d914df50a3785eaeed932eab1fd4cbec751c51376321436d853963a46dd Request headers Referer https://urlz.fr/cV3u User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 12 Jun 2020 19:25:07 GMT Server nginx X-IPLB-Instance 29894 Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H2	200	moneyvisibility.js Show response ads.themoneytizer.com/	12 KB 4 KB	33ms 32ms	Script text/javascript	151.139.241.23 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://ads.themoneytizer.com/moneyvisibility.js Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/gen.js?type=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US), Reverse DNS Software nginx / Resource Hash 22185f510bff003e8504a6bff1759a96e745cb019155405c55fd2263898c6151 Request headers Referer https://urlz.fr/cV3u User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 12 Jun 2020 19:25:06 GMT content-encoding gzip last-modified Wed, 08 Jan 2020 19:01:35 GMT server nginx etag "779a-30ad-59ba5857e2265" vary Accept-Encoding x-cache HIT content-type text/javascript status 200 cache-control max-age=86400 accept-ranges bytes content-length 3955 expires Sat, 13 Jun 2020 19:25:06 GMT
GET H2	200	moneybile.js Show response ads.themoneytizer.com/	37 KB 16 KB	35ms 34ms	Script text/javascript	151.139.241.23 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://ads.themoneytizer.com/moneybile.js Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/gen.js?type=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US), Reverse DNS Software nginx / Resource Hash 94666aec361fee9a9294bb32a5bc11867e479d41c199dd6ec8053122ae105a4b Request headers Referer https://urlz.fr/cV3u User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 12 Jun 2020 19:25:06 GMT content-encoding gzip last-modified Wed, 27 Feb 2019 16:57:00 GMT server nginx etag "7ff1-9390-582e30fefbc74" vary Accept-Encoding x-cache HIT content-type text/javascript status 200 cache-control max-age=86400 accept-ranges bytes content-length 15733 expires Sat, 13 Jun 2020 19:24:17 GMT
GET H2	200	getjs.static.js tag.contextweb.com/	2 KB 0	346ms 109ms	Script application/x-javascript	198.148.27.132 PULSEPOINT
General Check archive.org Show headers Download Go to Full URL https://tag.contextweb.com/getjs.static.js Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/gen.js?type=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.148.27.132 New York, United States, ASN19189 (PULSEPOINT, US), Reverse DNS Software envoy / Resource Hash Request headers Referer https://urlz.fr/cV3u User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 12 Jun 2020 19:25:07 GMT content-encoding gzip server envoy etag d13c8ae45565efb782b52cb7f6a3b3828e3d77a7 p3p policyref="/TagPublish/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT" status 200 cache-control max-age=432000, public x-envoy-upstream-service-time 3 content-type application/x-javascript content-length 11296
GET H/1.1	204 No Content	config.js Show response ww1097.smartadserver.com/	0 82 B	110ms 35ms	Script text/plain	185.86.137.32 SMARTADSERVER
General Check archive.org Show headers Download Go to Full URL https://ww1097.smartadserver.com/config.js?nwid=1097 Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/gen.js?type=1 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.86.137.32 , France, ASN201081 (SMARTADSERVER, FR), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://urlz.fr/cV3u User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-smrt-reason 5 date Fri, 12 Jun 2020 19:25:06 GMT
GET H2	200	sync Show response gum.criteo.com/	49 B 329 B	41ms 12ms	Script text/javascript	2a02:2638:1::13 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/gen.js?type=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software / Resource Hash 005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://urlz.fr/cV3u User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 12 Jun 2020 19:25:06 GMT content-encoding gzip vary Accept-Encoding content-type text/javascript; charset=utf-8 status 200 cache-control private, max-age=3600 strict-transport-security max-age=31536000 content-length 165 expires 60
GET H/1.1	200 OK	libJsLP.js Show response tag.leadplace.fr/	3 KB 3 KB	201ms 61ms	Script application/javascript	145.239.192.166 OVH
General Check archive.org Show headers Download Go to Full URL https://tag.leadplace.fr/libJsLP.js Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/gen.js?type=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 145.239.192.166 , France, ASN16276 (OVH, FR), Reverse DNS Software nginx/1.14.2 / Resource Hash 90e6f92e956b0b2b6e655f63d36cd44cef727f54c2b2a175ab5144de14ba2a31 Request headers Referer https://urlz.fr/cV3u User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 12 Jun 2020 19:25:07 GMT Last-Modified Tue, 30 Oct 2018 10:00:26 GMT Server nginx/1.14.2 ETag "5bd82bba-a72" X-IPLB-Instance 30196 Content-Type application/javascript Accept-Ranges bytes Content-Length 2674
GET H2	200	/ onetag-sys.com/usync/ Frame DA2C	0 0	130ms 43ms	Document text/html	51.89.9.251 OVH
General Check archive.org Show headers Download Go to Full URL https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1591989906960 Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/gen.js?type=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 51.89.9.251 , Germany, ASN16276 (OVH, FR), Reverse DNS ip251.ip-51-89-9.eu Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers :method GET :authority onetag-sys.com :scheme https :path /usync/?pubId=2a897e3f18e6769&cb=1591989906960 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://urlz.fr/cV3u accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://urlz.fr/cV3u Response headers status 200 content-type text/html cache-control no-transform, no-cache content-encoding gzip strict-transport-security max-age=2592000
GET H2	200	/ spl.zeotap.com/ Frame 1835	0 0	68ms 45ms	Document text/html	2606:4700:10::ac43:db6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/gen.js?type=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers :method GET :authority spl.zeotap.com :scheme https :path /?env=mWeb&uc=2&zdid=1258&eventType=map pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://urlz.fr/cV3u accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://urlz.fr/cV3u Response headers status 200 date Fri, 12 Jun 2020 19:25:07 GMT content-type text/html set-cookie __cfduid=d9c99c76c449b6bf2d17c594931c102f11591989907; expires=Sun, 12-Jul-20 19:25:07 GMT; path=/; domain=.zeotap.com; HttpOnly; SameSite=Lax zc=ddb244bc-37bc-43e4-5351-a7d795ed8f90; Path=/; Domain=.zeotap.com; Max-Age=315360000; SameSite=None; Secure zsc=%13%8B%04%E7%C0-%12%23%FDO%C4%07%9F%09%87%DD%C6.%FC%CC%EC%C6%80%E7%22%BA%D3%8D%0Bf%AAt%92%EB%22%BD%1E%13%10%01%F7%05%3A%D5%AA%BA%E0%ADZ3%24%B9%BBW%5DL%14%7FH_%AE%B2%1EQ%EAC%0C%E7%8B%3B%8Db%0C1R%BA%3B%C1%D8%ED%FF4%AF%2A%FA%E8%84%DB%8F%E2%15w%CB%18%1F%26%91; Path=/; Domain=.zeotap.com; Max-Age=86400; SameSite=None; Secure access-control-allow-credentials true access-control-allow-headers * access-control-allow-origin https://urlz.fr vary Origin via 1.1 google cf-cache-status DYNAMIC cf-request-id 034b97462f0000648b553be200000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 5a25f4b6b92f648b-FRA content-encoding br
GET H/1.1	200 OK	quant.js Show response secure.quantserve.com/	22 KB 8 KB	119ms 30ms	Script application/x-javascript	91.228.74.200 QUANTCAST
General Check archive.org Show headers Download Go to Full URL https://secure.quantserve.com/quant.js Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 91.228.74.200 , United Kingdom, ASN27281 (QUANTCAST, US), Reverse DNS Software QS / Resource Hash e6e50fd1047f835e02b1b4140c8a63062dff27f25906501694c4829624150955 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers Referer https://urlz.fr/cV3u User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 12 Jun 2020 19:25:07 GMT Content-Encoding gzip Last-Modified Fri, 12-Jun-2020 19:25:07 GMT Server QS Etag M0-4cca824e Vary Accept-Encoding Connection keep-alive Content-Type application/x-javascript Cache-Control private, no-transform, max-age=604800 Strict-Transport-Security max-age=86400 Content-Length 8082 Expires Fri, 19 Jun 2020 19:25:07 GMT
GET H/1.1	200 OK	px.js Show response p.cpx.to/p/12773/	1 KB 2 KB	127ms 34ms	Script application/javascript	13.225.87.71 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://p.cpx.to/p/12773/px.js Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.225.87.71 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-87-71.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash 290de7c8649cb5dc76203b48ee6fbe96f65880b16beb918d2c4a30e915f45856 Request headers Referer https://urlz.fr/cV3u User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 04 Jun 2020 17:38:48 GMT Content-Encoding UTF-8 Connection keep-alive Last-Modified Thu, 04 Jun 2020 14:07:59 GMT Server AmazonS3 Age 697580 ETag "cff01043bc20408622ff6a3f411fdd59" X-Cache Hit from cloudfront Content-Type application/javascript Via 1.1 df26103dc140569d7032449c70c3b141.cloudfront.net (CloudFront) Cache-Control max-age=2419200 X-Amz-Cf-Pop FRA2-C2 Accept-Ranges bytes Content-Length 1498 X-Amz-Cf-Id IsGrpT407hhM-a_NBKkDqfcd3VbmOgREY5Ev1XMoBReqYclAefAMUw==
GET H/1.1	200 OK	notifyme.js Show response d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/	25 KB 26 KB	99ms 20ms	Script text/javascript	13.225.73.12 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.225.73.12 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-73-12.fra2.r.cloudfront.net Software Apache / Resource Hash b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213 Request headers Referer https://urlz.fr/cV3u User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 11 Jun 2020 21:37:57 GMT Via 1.1 f8fe53d5464b299529d281799da8de30.cloudfront.net (CloudFront) Last-Modified Mon, 18 Feb 2019 16:54:28 GMT Server Apache Age 78456 X-Cache Hit from cloudfront Content-Type text/javascript Connection keep-alive X-Amz-Cf-Pop FRA2-C2 Accept-Ranges bytes Content-Length 25704 X-Amz-Cf-Id ECaBc9kc5qt7608vq8s_UE6j-_9gg_TdjHUONV0FufRks8KPCmff5A==
GET H/1.1	200 OK	186329-261067657875242.js Show response js-sec.indexww.com/ht/p/	35 KB 12 KB	162ms 54ms	Script text/javascript	72.247.225.98 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://js-sec.indexww.com/ht/p/186329-261067657875242.js Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 72.247.225.98 , United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a72-247-225-98.deploy.static.akamaitechnologies.com Software Apache / Resource Hash f869c2dff8faee0c62fe6b9eb479f2b326557fadefd778d35dabb9d7cd18a958 Request headers Referer https://urlz.fr/cV3u User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 12 Jun 2020 19:25:07 GMT Content-Encoding gzip Last-Modified Fri, 12 Jun 2020 19:05:30 GMT Server Apache ETag "9057f3-8bdb-5a7e7c2c47326" Vary Accept-Encoding P3P policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=2585 Connection keep-alive Accept-Ranges bytes Content-Type text/javascript Content-Length 12319 Expires Fri, 12 Jun 2020 20:08:12 GMT
GET H2	200	prebid.js Show response ads.themoneytizer.com/moneybid3_20/build/dist/	372 KB 119 KB	31ms 31ms	Script text/javascript	151.139.241.23 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://ads.themoneytizer.com/moneybid3_20/build/dist/prebid.js Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US), Reverse DNS Software nginx / Resource Hash 9927bfa69df2f37ab9bf7766fc14a8bbfa91940a9ddcd30132d90e8b6352330a Request headers Referer https://urlz.fr/cV3u User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 12 Jun 2020 19:25:06 GMT content-encoding gzip last-modified Wed, 10 Jun 2020 21:49:08 GMT server nginx etag "4d6d3-5d128-5a7c1d04797f1" vary Accept-Encoding x-cache HIT content-type text/javascript status 200 cache-control max-age=86400 accept-ranges bytes content-length 121273 expires Sat, 13 Jun 2020 19:24:17 GMT
GET H2	200	/ p1.envoi-virement.com/ Frame 265C	0 0	128ms 128ms	Document text/html	81.88.52.70 REGISTER-AS
General Check archive.org Show headers Download Go to Full URL https://p1.envoi-virement.com/ Requested by Host: urlz.fr URL: https://urlz.fr/cV3u Protocol H2 Security TLS 1.3, , AES_256_GCM Server 81.88.52.70 , Italy, ASN39729 (REGISTER-AS, IT), Reverse DNS lhcp3070.webapps.net Software Apache / PHP/7.3.13 Resource Hash Request headers :method GET :authority p1.envoi-virement.com :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://urlz.fr/cV3u accept-encoding gzip, deflate, br accept-language en-US cookie XSRF-TOKEN=eyJpdiI6IjVsZnBYc2NLOEpVSFJmN004TkpTXC9BPT0iLCJ2YWx1ZSI6ImliNEtoaXF5MXk4aXVaUEdDS2F0RVIwMjhDMkVIWVJGbWFKY2ptbVEwZzdUd3lzVkF6cnFxWWFCSkhZbm54bVciLCJtYWMiOiIxMGY1MzUyNWI2NmVhMGU3MzQxZGZhYmRjM2ZmYmUwNzE3YjliYTliMmQyMWRhMGVmMTZmYjNkYjJlMWQ1NDJlIn0%3D; laravel_session=eyJpdiI6Ik9VMm1mYXUrQXdQVXRvaFdZOXNFRWc9PSIsInZhbHVlIjoiZmdcL1crNlk3d1AzcTBBV3dwTzNCcDhnem5FRmZUakRQbTRBZWZzQlZrczdRNWdPV0dPajVxbTljQ1BEWWRTM1UiLCJtYWMiOiI5YzFlYTE3ZWVkNTJmY2U3MGExYWY5N2NkMWY4YWE0NTlmOTU3OTFiMDk1NDQ0NTZlMzk2YzA1OTJlYjhjYzFkIn0%3D Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://urlz.fr/cV3u Response headers status 200 date Fri, 12 Jun 2020 19:25:06 GMT server Apache x-powered-by PHP/7.3.13 cache-control no-cache, private set-cookie XSRF-TOKEN=eyJpdiI6Ilwvc294SUtDRTFMU3ZcL2ttZGxadFl6UT09IiwidmFsdWUiOiJZejJrWGFIMmxZb2UwcjdKMnlmMXcwQmZBbzd1QU14U0pBOXdvV2tjVWVFcnRFbVRURzlsSk5aTU9xc1ZWemR2IiwibWFjIjoiODNlYWE1NzQyNGJiZGYwYTU1NmNiM2MzZjA5Mjg2OTBlMDdmMWIwY2ZlYTJkMWFkODU1MmFjOTkzYmQ5NzAzMCJ9; expires=Fri, 12-Jun-2020 21:25:07 GMT; Max-Age=7200; path=/ laravel_session=eyJpdiI6ImJvYzRVRzMwYmRIejE2b2FiV3ZiMGc9PSIsInZhbHVlIjoicFlVUmxkQ3phd2paR1I3TUl3RlBOVDA5dVFhZjZEcTNLcmZ5VkNcL25kbzlIc1RaVzlPdGYyenhGWWJqZXVqVUUiLCJtYWMiOiI1ZGU1ODlhZmE0NzBlOTgzYTQ1ZDg3OTIzZWVlMTY0NWNmN2UwYzQwYWU0Mzk1NTU0M2IxOWUyZjZjYTJhMTA2In0%3D; expires=Fri, 12-Jun-2020 21:25:07 GMT; Max-Age=7200; path=/; httponly vary Accept-Encoding,User-Agent content-encoding gzip content-length 1926 content-type text/html; charset=UTF-8
GET		2.gif id5-sync.com/c/12/2/8/ Redirect Chain https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent= https://id5-sync.com/c/12/0/9/1.gif?gdpr=0&gdpr_consent= https://ib.adnxs.com/getuid?https://id5-sync.com/c/12/2/8/2.gif?puid=$UID&gdpr=0&gdpr_consent= https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fid5-sync.com%2Fc%2F12%2F2%2F8%2F2.gif%3Fpuid%3D%24UID%26gdpr%3D0%26gdpr_consent%3D https://id5-sync.com/c/12/2/8/2.gif?puid=6727669784938706203&gdpr=0&gdpr_consent=	0 0
GET H2	200	analytics.js Show response www.google-analytics.com/	45 KB 18 KB	6ms 5ms	Script text/javascript	2a00:1450:4001:809::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-162669458-1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://urlz.fr/cV3u User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Thu, 30 Apr 2020 21:54:13 GMT server Golfe2 age 2729 date Fri, 12 Jun 2020 18:39:38 GMT vary Accept-Encoding content-type text/javascript status 200 cache-control public, max-age=7200 alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 18433 expires Fri, 12 Jun 2020 20:39:38 GMT
GET H2	200	collect www.google-analytics.com/r/	35 B 98 B	13ms 13ms	Image image/gif	2a00:1450:4001:809::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/r/collect?v=1&_v=j82&a=393191535&t=pageview&_s=1&dl=https%3A%2F%2Furlz.fr%2FcV3u&ul=en-us&de=UTF-8&dt=Envoyer%20de%20l%27argent%2C%20payer%20en%20ligne%20ou%20configurer%20un%20compte%20marchand%20-%20PayPal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=432865376&gjid=498022182&cid=266615614.1591989907&tid=UA-162669458-1&_gid=788718112.1591989907&_r=1&gtm=2ou640&z=1801522976 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://urlz.fr/cV3u User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Fri, 12 Jun 2020 19:25:07 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 status 200 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	localstore.js Show response script.4dex.io/	450 B 746 B	43ms 25ms	Script application/javascript	2606:4700:e2::ac40:8720 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://script.4dex.io/localstore.js Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/moneybid3_20/build/dist/prebid.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e2::ac40:8720 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9ca8e213054d163276dedede01f9eaedf3daf414063621030719d3cbde1eca51 Request headers Referer https://urlz.fr/cV3u User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 12 Jun 2020 19:25:07 GMT content-encoding br cf-cache-status HIT age 138 status 200 x-amz-request-id B0A8E1DB97BC484C x-amz-id-2 PVasrBtKlnJhaoS53L6d8Kn3Aq7nx3x3a0fRQDBh3g9Sw7ezu0yKzmVEY0h0G7XLoEgByWagvdE= last-modified Mon, 06 Apr 2020 11:18:51 GMT server cloudflare etag W/"bfa52622781c173885812009122c3f7c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript cache-control public, max-age=1800 cf-request-id 034b9746780000c29a3316a200000001 cf-ray 5a25f4b729e0c29a-FRA
POST H/1.1	200 OK	prebid ib.adnxs.com/ut/v3/	483 B 1 KB	143ms 119ms	XHR application/json	185.33.221.91 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/moneybid3_20/build/dist/prebid.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.221.91 , Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.13.4 / Resource Hash Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://urlz.fr/cV3u User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Fri, 12 Jun 2020 19:25:09 GMT X-Proxy-Origin 185.236.201.148; 185.236.201.148; 721.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.237:80 AN-X-Request-Uuid 6c015199-e325-49c9-8b5f-9914f3514a20 Server nginx/1.13.4 P3P policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://urlz.fr Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 483 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
POST H2	200	/ shb.richaudience.com/hb/	4 B 212 B	119ms 36ms	XHR text/html	94.130.242.224 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://shb.richaudience.com/hb/ Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/moneybid3_20/build/dist/prebid.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 94.130.242.224 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.224.242.130.94.clients.your-server.de Software nginx/1.10.3 / Resource Hash Request headers Referer https://urlz.fr/cV3u User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers date Fri, 12 Jun 2020 19:25:07 GMT content-encoding gzip server nginx/1.10.3 status 200 vary Accept-Encoding content-type text/html; charset=UTF-8 access-control-allow-origin https://urlz.fr access-control-max-age 86400 access-control-allow-credentials true
POST H2	200	/ shb.richaudience.com/hb/	4 B 212 B	116ms 34ms	XHR text/html	94.130.242.224 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://shb.richaudience.com/hb/ Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/moneybid3_20/build/dist/prebid.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 94.130.242.224 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.224.242.130.94.clients.your-server.de Software nginx/1.10.3 / Resource Hash Request headers Referer https://urlz.fr/cV3u User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers date Fri, 12 Jun 2020 19:25:07 GMT content-encoding gzip server nginx/1.10.3 status 200 vary Accept-Encoding content-type text/html; charset=UTF-8 access-control-allow-origin https://urlz.fr access-control-max-age 86400 access-control-allow-credentials true
POST H2	200	/ shb.richaudience.com/hb/	4 B 212 B	115ms 33ms	XHR text/html	94.130.242.224 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://shb.richaudience.com/hb/ Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/moneybid3_20/build/dist/prebid.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 94.130.242.224 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.224.242.130.94.clients.your-server.de Software nginx/1.10.3 / Resource Hash Request headers Referer https://urlz.fr/cV3u User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers date Fri, 12 Jun 2020 19:25:07 GMT content-encoding gzip server nginx/1.10.3 status 200 vary Accept-Encoding content-type text/html; charset=UTF-8 access-control-allow-origin https://urlz.fr access-control-max-age 86400 access-control-allow-credentials true
POST H2	200	/ shb.richaudience.com/hb/	4 B 212 B	118ms 37ms	XHR text/html	94.130.242.224 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://shb.richaudience.com/hb/ Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/moneybid3_20/build/dist/prebid.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 94.130.242.224 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.224.242.130.94.clients.your-server.de Software nginx/1.10.3 / Resource Hash Request headers Referer https://urlz.fr/cV3u User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers date Fri, 12 Jun 2020 19:25:07 GMT content-encoding gzip server nginx/1.10.3 status 200 vary Accept-Encoding content-type text/html; charset=UTF-8 access-control-allow-origin https://urlz.fr access-control-max-age 86400 access-control-allow-credentials true
GET H2	200	moneybid.js Show response ads.themoneytizer.com/bidder1/	75 B 270 B	74ms 26ms	XHR text/html	151.139.241.23 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=15056&adid=11&formatid=video&size=desktop&country=undefined Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/moneybid3_20/build/dist/prebid.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US), Reverse DNS Software nginx / PHP/5.4.45 Resource Hash 649144be1fa79362df36ab951a8b94ba05f5e7f1a484224bf9dc7f333fdb60dd Request headers Referer https://urlz.fr/cV3u User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers date Fri, 12 Jun 2020 19:25:07 GMT server nginx x-powered-by PHP/5.4.45 status 200 x-cache HIT content-type text/html; charset=UTF-8 access-control-allow-origin * cache-control max-age=86400 accept-ranges bytes content-length 75 expires Sat, 13 Jun 2020 19:25:07 GMT
GET H2	200	moneybid.js Show response ads.themoneytizer.com/bidder1/	624 B 659 B	73ms 25ms	XHR text/html	151.139.241.23 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=15056&adid=1&formatid=26322&size=desktop Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/moneybid3_20/build/dist/prebid.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US), Reverse DNS Software nginx / PHP/5.4.45 Resource Hash c1f3d5b8f9aebad647eb95d6e7ee1d40bcdf98c52de9028fc9ec87e209f1148f Request headers Referer https://urlz.fr/cV3u User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers date Fri, 12 Jun 2020 19:25:07 GMT content-encoding gzip server nginx status 200 x-powered-by PHP/5.4.45 vary Accept-Encoding x-cache HIT content-type text/html; charset=UTF-8 access-control-allow-origin * cache-control max-age=86400 accept-ranges bytes content-length 428 expires Sat, 13 Jun 2020 19:25:07 GMT
GET H2	200	moneybid.js Show response ads.themoneytizer.com/bidder1/	631 B 666 B	73ms 25ms	XHR text/html	151.139.241.23 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=15056&adid=28&formatid=30012&size=desktop Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/moneybid3_20/build/dist/prebid.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US), Reverse DNS Software nginx / PHP/5.4.45 Resource Hash 87d0504a593794695c2f77db0efde1f65e73a7086abf260f07f491482517cd07 Request headers Referer https://urlz.fr/cV3u User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers date Fri, 12 Jun 2020 19:25:07 GMT content-encoding gzip server nginx status 200 x-powered-by PHP/5.4.45 vary Accept-Encoding x-cache HIT content-type text/html; charset=UTF-8 access-control-allow-origin * cache-control max-age=86400 accept-ranges bytes content-length 435 expires Sat, 13 Jun 2020 19:25:07 GMT
GET		hb ice.360yield.com/ul_cb/ Redirect Chain https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2238be9f5d013814c%22%2C%22version%22%3A%227.0.0-JS-6.3.0%22%2C%22referrer%22%3A%22https%3A%2F%2Furlz.fr%2F... https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2238be9f5d013814c%22%2C%22version%22%3A%227.0.0-JS-6.3.0%22%2C%22referrer%22%3A%22https%3A%2F%2Furlz...	0 0
POST H2	204	cdb bidder.criteo.com/	0 137 B	112ms 34ms	XHR text/plain	178.250.2.131 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://bidder.criteo.com/cdb?profileId=207&av=31&wv=3.20.0&cb=59169913384 Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/moneybid3_20/build/dist/prebid.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS bidder.am5.vip.prod.criteo.com Software Finatra / Resource Hash Request headers Referer https://urlz.fr/cV3u User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers status 204 date Fri, 12 Jun 2020 19:25:06 GMT access-control-allow-credentials true server Finatra access-control-allow-origin https://urlz.fr timing-allow-origin * vary Origin
POST H2	200	prebid-request Show response onetag-sys.com/	15 B 438 B	64ms 64ms	XHR application/json	51.89.9.251 OVH
General Check archive.org Show headers Download Go to Full URL https://onetag-sys.com/prebid-request Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/moneybid3_20/build/dist/prebid.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 51.89.9.251 , Germany, ASN16276 (OVH, FR), Reverse DNS ip251.ip-51-89-9.eu Software / Resource Hash 663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707 Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers Referer https://urlz.fr/cV3u User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers strict-transport-security max-age=2592000 content-encoding gzip status 200 p3p CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR' access-control-allow-origin https://urlz.fr cache-control no-transform, no-cache access-control-allow-credentials true content-type application/json access-control-allow-headers content-type, origin, referer, user-agent
POST H2	200	bid-request a.teads.tv/hb/	16 B 293 B	146ms 70ms	XHR application/json	92.123.229.95 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://a.teads.tv/hb/bid-request Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/moneybid3_20/build/dist/prebid.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 92.123.229.95 , Ascension Island, ASN16625 (AKAMAI-AS, US), Reverse DNS a92-123-229-95.deploy.static.akamaitechnologies.com Software / Resource Hash Request headers Referer https://urlz.fr/cV3u User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Fri, 12 Jun 2020 19:25:07 GMT content-encoding gzip status 200 vary Accept-Encoding content-type application/json access-control-allow-origin https://urlz.fr cache-control max-age=0, no-cache, no-store access-control-allow-credentials true content-length 42 expires Fri, 12 Jun 2020 19:25:07 GMT
GET		fastlane.json fastlane.rubiconproject.com/a/api/	0 0
POST H2	200	adreq ads.servenobid.com/	110 B 376 B	128ms 42ms	XHR application/json	34.253.1.139 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ads.servenobid.com/adreq?cb=8752 Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/moneybid3_20/build/dist/prebid.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.253.1.139 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-253-1-139.eu-west-1.compute.amazonaws.com Software / Resource Hash Request headers Referer https://urlz.fr/cV3u User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers date Fri, 12 Jun 2020 19:25:07 GMT content-encoding gzip amp-access-control-allow-source-origin * status 200 vary accept-encoding content-type application/json access-control-allow-origin https://urlz.fr access-control-expose-headers AMP-Access-Control-Allow-Source-Origin access-control-allow-credentials true
GET H2	200	rules-p-6Fv0cGNfc_bw8.js rules.quantcount.com/	1 KB 971 B	110ms 30ms	Script application/x-javascript	2600:9000:215d:be00:6:44e3:f8c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js Requested by Host: secure.quantserve.com URL: https://secure.quantserve.com/quant.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:215d:be00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash Request headers Referer https://urlz.fr/cV3u User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 12 Jun 2020 18:35:34 GMT content-encoding gzip last-modified Mon, 19 Mar 2018 22:28:36 GMT server AmazonS3 age 2975 vary Accept-Encoding x-cache Hit from cloudfront content-type application/x-javascript status 200 cache-control max-age=3600 x-amz-cf-pop CPH50-C1 x-amz-cf-id eeppcbsBb1JCWMrYz-aB2znfzZzM1aQ-MmxojxhD9NHQr8gMaORgsw== via 1.1 e5f9cea29f02f6a9a9b4da9c89f48d01.cloudfront.net (CloudFront)
GET H2	200	adagio.js Show response script.4dex.io/	62 KB 18 KB	44ms 29ms	Fetch application/javascript	2606:4700:e2::ac40:8720 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://script.4dex.io/adagio.js Requested by Host: script.4dex.io URL: https://script.4dex.io/localstore.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e2::ac40:8720 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b21b082670143ac16a71038445d789a8875da5206df9b45e97ceeb44d50e0926 Request headers Referer https://urlz.fr/cV3u User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 12 Jun 2020 19:25:07 GMT content-encoding br vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding cf-cache-status HIT age 901 status 200 x-amz-request-id A22822F5F5F34447 x-amz-id-2 dIPYBJsAnuGdYaSc0BD6+2yPaPuOHN6Pb1QT5HoWKkeRISiWgFlENlyZoN5Xrtr6+7UpUdmnEvA= last-modified Mon, 06 Apr 2020 11:18:49 GMT server cloudflare etag W/"69fac1b60dfd5d00b8ff023e19aca7e0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 3000 access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control public, max-age=1800 cf-request-id 034b9746c000001f39ff9ba200000001 cf-ray 5a25f4b798c01f39-FRA
GET H/1.1	200 OK	fire.js s.cpx.to/	957 B 2 KB	185ms 45ms	Script application/javascript	52.213.151.76 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.cpx.to/fire.js?pid=12773&ref=&hn_ver=10&fid=1196746f-94f3-4fa6-8215-f6a4d16475d1 Requested by Host: p.cpx.to URL: https://p.cpx.to/p/12773/px.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.213.151.76 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-213-151-76.eu-west-1.compute.amazonaws.com Software / Resource Hash Security Headers Name Value Content-Security-Policy default-src 'self' Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options sameorigin Request headers Referer https://urlz.fr/cV3u User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Content-Security-Policy default-src 'self' X-Content-Type-Options nosniff X-Permitted-Cross-Domain-Policies none Date Fri, 12 Jun 2020 19:25:07 GMT X-Frame-Options sameorigin Connection keep-alive P3P CP="NOI DEV ADM" Cache-Control no-store, must-revalidate, private, max-age=0 Strict-Transport-Security max-age=31536000; includeSubDomains Content-Type application/javascript; charset=UTF-8 Content-Length 957 Expires Thu, 07 May 2020 10:39:34 GMT
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/3.0.0/	84 KB 30 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:819::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js Requested by Host: d2zur9cc2gf1tx.cloudfront.net URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://urlz.fr/cV3u User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 27 May 2020 06:58:13 GMT content-encoding gzip x-content-type-options nosniff age 1427214 status 200 alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 30186 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Thu, 27 May 2021 06:58:13 GMT
GET H2	200	rid match.adsrvr.org/track/	109 B 538 B	43ms 43ms	XHR application/json	52.215.98.88 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=186329 Requested by Host: js-sec.indexww.com URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.215.98.88 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-215-98-88.eu-west-1.compute.amazonaws.com Software / Resource Hash Request headers Referer https://urlz.fr/cV3u User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers date Fri, 12 Jun 2020 19:25:07 GMT x-aspnet-version 4.0.30319 status 200 vary Origin content-type application/json; charset=utf-8 access-control-allow-origin https://urlz.fr cache-control private access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept content-length 109 expires Sun, 12 Jul 2020 19:25:07 GMT
GET		notifyme.php adtrack.adleadevent.com/	0 0
GET H/1.1	200 OK	wckr.php tag.leadplace.fr/ Frame A5A8	0 0	50ms 49ms	Document text/html	145.239.192.166 OVH
General Check archive.org Show headers Download Go to Full URL https://tag.leadplace.fr/wckr.php?nogdpr&id=MTIZ Requested by Host: tag.leadplace.fr URL: https://tag.leadplace.fr/libJsLP.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 145.239.192.166 , France, ASN16276 (OVH, FR), Reverse DNS Software nginx/1.14.2 / Resource Hash Request headers Host tag.leadplace.fr Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://urlz.fr/cV3u Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://urlz.fr/cV3u Response headers Server nginx/1.14.2 Date Fri, 12 Jun 2020 19:25:07 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked X-IPLB-Instance 30196
GET H2	200	Primary Request / Show response p1.envoi-virement.com/	6 KB 2 KB	133ms 132ms	Document text/html	81.88.52.70 REGISTER-AS
General Check archive.org Show headers Download Go to Full URL https://p1.envoi-virement.com/ Requested by Host: urlz.fr URL: https://urlz.fr/cV3u Protocol H2 Security TLS 1.3, , AES_256_GCM Server 81.88.52.70 , Italy, ASN39729 (REGISTER-AS, IT), Reverse DNS lhcp3070.webapps.net Software Apache / PHP/7.3.13 Resource Hash 943a773c55ddf7cefce1d76985716a8b0f9ea40b43a6271d0ec030cac3083535 Request headers :method GET :authority p1.envoi-virement.com :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest document referer https://urlz.fr/cV3u accept-encoding gzip, deflate, br accept-language en-US cookie XSRF-TOKEN=eyJpdiI6Ilwvc294SUtDRTFMU3ZcL2ttZGxadFl6UT09IiwidmFsdWUiOiJZejJrWGFIMmxZb2UwcjdKMnlmMXcwQmZBbzd1QU14U0pBOXdvV2tjVWVFcnRFbVRURzlsSk5aTU9xc1ZWemR2IiwibWFjIjoiODNlYWE1NzQyNGJiZGYwYTU1NmNiM2MzZjA5Mjg2OTBlMDdmMWIwY2ZlYTJkMWFkODU1MmFjOTkzYmQ5NzAzMCJ9; laravel_session=eyJpdiI6ImJvYzRVRzMwYmRIejE2b2FiV3ZiMGc9PSIsInZhbHVlIjoicFlVUmxkQ3phd2paR1I3TUl3RlBOVDA5dVFhZjZEcTNLcmZ5VkNcL25kbzlIc1RaVzlPdGYyenhGWWJqZXVqVUUiLCJtYWMiOiI1ZGU1ODlhZmE0NzBlOTgzYTQ1ZDg3OTIzZWVlMTY0NWNmN2UwYzQwYWU0Mzk1NTU0M2IxOWUyZjZjYTJhMTA2In0%3D Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://urlz.fr/cV3u Response headers status 200 date Fri, 12 Jun 2020 19:25:07 GMT server Apache x-powered-by PHP/7.3.13 cache-control no-cache, private set-cookie XSRF-TOKEN=eyJpdiI6InFtc1ArcnlFR0xXRmtVbitZVHl3S1E9PSIsInZhbHVlIjoiWmNJNmRBeFVBSWRmR2lUQ2xPWm9ocEhBYTc4UkNjZ2JsTFRJV2gyUEd6SGFrTlR5ZWNxajd0TzhUVWdMRTlPSSIsIm1hYyI6ImIwY2JhYmUzZTJjZTkxMmE3OWFhNzE2NzEyMjRlYzJiMjE2MTBhOGExODA4NzZiNGJjNzllNTkyMmM4ZTUwYjEifQ%3D%3D; expires=Fri, 12-Jun-2020 21:25:07 GMT; Max-Age=7200; path=/ laravel_session=eyJpdiI6InpYdTJyblhlTjJQODNsSGgrMHh5ZGc9PSIsInZhbHVlIjoiSDNQbXlRbkpjVE1kVXUzRyt1OEZQeEpqdEc0UHp1a25WbnU2bnVSK1NsT0dKNWVIRjJXUGQrcktoN0dvQ0dXbCIsIm1hYyI6Ijk0ZDczZjFkMmYyNjYxMTY4ZTI3NWUzMmM5ZWE1NTMyNmY2NmVkM2I0ZDJiYmNiOTQzMTNjMzNkZDJmYTE4YWQifQ%3D%3D; expires=Fri, 12-Jun-2020 21:25:07 GMT; Max-Age=7200; path=/; httponly vary Accept-Encoding,User-Agent content-encoding gzip content-length 1926 content-type text/html; charset=UTF-8
POST		headerstats as-sec.casalemedia.com/	0 0
GET		pixel;r=1124119733;labels=Categories.hobbiesandinterests;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Furlz.fr%2FcV3u;fpan=1;fpa=P0-2128953883-1591989907230;ns=0;ce=1;qjs=1;qv=3d595974-20200604132620;cm... pixel.quantserve.com/	0 0
GET		pixel cm.g.doubleclick.net/	0 0
GET		UCookieSetPug image2.pubmatic.com/AdServer/	0 0
GET		getuid secure.adnxs.com/	0 0
GET		sync.gif dmp.truoptik.com/0362536315099b06/	0 0
GET		getuid sync.smartadserver.com/	0 0
GET		sync pool.grid-data.bidswitch.net/	0 0
GET H2	200	bootstrap.min.css maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/	118 KB 19 KB	10ms 9ms	Stylesheet text/css	2001:4de0:ac19::1:b:2b HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css Requested by Host: p1.envoi-virement.com URL: https://p1.envoi-virement.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US), Reverse DNS Software / Resource Hash eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://p1.envoi-virement.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 12 Jun 2020 19:25:07 GMT content-encoding gzip x-content-type-options nosniff last-modified Wed, 12 Dec 2018 18:34:07 GMT status 200 etag "1544639647" vary Accept-Encoding x-cache HIT content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * content-length 19747
GET H2	200	css fonts.googleapis.com/	4 KB 689 B	15ms 14ms	Stylesheet text/css	2a00:1450:4001:81a::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Nunito:200,600 Requested by Host: p1.envoi-virement.com URL: https://p1.envoi-virement.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash efe7f8a700a28a1b7c863d064bae90be5eacb2bf001d727554c841b256f8212a Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://p1.envoi-virement.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff status 200 alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Fri, 12 Jun 2020 19:05:36 GMT server ESF date Fri, 12 Jun 2020 19:25:07 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 12 Jun 2020 19:25:07 GMT
GET H2	200	jquery.min.js Show response cdnjs.cloudflare.com/ajax/libs/jquery/2.1.4/	82 KB 28 KB	24ms 23ms	Script application/javascript	2606:4700::6810:85e5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.4/jquery.min.js Requested by Host: p1.envoi-virement.com URL: https://p1.envoi-virement.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:85e5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5 Security Headers Name Value Strict-Transport-Security max-age=15780000; includeSubDomains Request headers Referer https://p1.envoi-virement.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 12 Jun 2020 19:25:07 GMT content-encoding br vary Accept-Encoding cf-cache-status HIT age 19484132 status 200 alt-svc h3-27=":443"; ma=86400 cf-request-id 034b97478e0000d6f12613f200000001 served-in-seconds 0.003 timing-allow-origin * last-modified Thu, 17 May 2018 09:21:00 GMT server cloudflare etag W/"5afd497c-1499c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000; includeSubDomains content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 cf-ray 5a25f4b8edbed6f1-FRA expires Wed, 02 Jun 2021 19:25:07 GMT
GET H2	200	bootstrap.min.js Show response maxcdn.bootstrapcdn.com/bootstrap/3.3.6/js/	36 KB 10 KB	9ms 8ms	Script text/javascript	2001:4de0:ac19::1:b:2b HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/js/bootstrap.min.js Requested by Host: p1.envoi-virement.com URL: https://p1.envoi-virement.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US), Reverse DNS Software / Resource Hash 2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://p1.envoi-virement.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 12 Jun 2020 19:25:07 GMT content-encoding gzip x-content-type-options nosniff last-modified Wed, 12 Dec 2018 18:33:51 GMT status 200 etag "1544639631" vary Accept-Encoding x-cache HIT content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * content-length 9764
GET H2	200	pp.png p1.envoi-virement.com/public/img/	6 KB 6 KB	41ms 40ms	Image image/png	81.88.52.70 REGISTER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://p1.envoi-virement.com/public/img/pp.png Requested by Host: p1.envoi-virement.com URL: https://p1.envoi-virement.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 81.88.52.70 , Italy, ASN39729 (REGISTER-AS, IT), Reverse DNS lhcp3070.webapps.net Software Apache / Resource Hash c7d397672ea7ed3c32a686032e91454a478aecbaad31993df15584d6080f10c3 Request headers Referer https://p1.envoi-virement.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 12 Jun 2020 19:25:07 GMT last-modified Wed, 18 Mar 2020 10:07:36 GMT server Apache etag "1f433e4-1649-5a11e38b48a00" content-type image/png status 200 accept-ranges bytes content-length 5705
GET H2	200	libphonenumber-js.min.js Show response catamphetamine.github.io/libphonenumber-js/	135 KB 36 KB	22ms 22ms	Script application/javascript	185.199.110.153 FASTLY
General Check archive.org Show headers Download Go to Full URL https://catamphetamine.github.io/libphonenumber-js/libphonenumber-js.min.js Requested by Host: p1.envoi-virement.com URL: https://p1.envoi-virement.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.199.110.153 , United States, ASN54113 (FASTLY, US), Reverse DNS Software GitHub.com / Resource Hash 016d367c1d57f0f67921da8769b3633fdfdc13ebe9baf4adb492add32c88ee32 Request headers Referer https://p1.envoi-virement.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-fastly-request-id ccb71f76f85650f04db171330a7078ea7478b6d1 date Fri, 12 Jun 2020 19:25:07 GMT content-encoding gzip age 0 x-cache HIT status 200 content-length 37145 x-served-by cache-hhn4072-HHN access-control-allow-origin * last-modified Tue, 18 Feb 2020 11:59:07 GMT server GitHub.com x-github-request-id 5866:3BE0:32FD7F:413CD1:5EE3ACC7 x-timer S1591989907.364810,VS0,VE0 etag W/"5e4bd18b-21df3" vary Accept-Encoding content-type application/javascript; charset=utf-8 via 1.1 varnish expires Fri, 12 Jun 2020 16:36:47 GMT cache-control max-age=600 accept-ranges bytes x-proxy-cache MISS x-cache-hits 2
GET		parsley.js parsleyjs.org/dist/	0 0
GET H2	200	XRXW3I6Li01BKofA6sKUYevIWzgPDA.woff2 fonts.gstatic.com/s/nunito/v12/	14 KB 14 KB	7ms 6ms	Font font/woff2	2a00:1450:4001:800::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/nunito/v12/XRXW3I6Li01BKofA6sKUYevIWzgPDA.woff2 Requested by Host: p1.envoi-virement.com URL: https://p1.envoi-virement.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 751133359630858ac3454825f72b1fa6ea1aafddadb444c074e518995ec3bf57 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://fonts.googleapis.com/css?family=Nunito:200,600 Origin https://p1.envoi-virement.com Response headers date Fri, 12 Jun 2020 00:19:44 GMT x-content-type-options nosniff last-modified Thu, 14 Nov 2019 17:38:04 GMT server sffe age 68723 status 200 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13988 x-xss-protection 0 expires Sat, 12 Jun 2021 00:19:44 GMT
GET H2	200	XRXW3I6Li01BKofA-seUYevIWzgPDA.woff2 fonts.gstatic.com/s/nunito/v12/	13 KB 14 KB	7ms 7ms	Font font/woff2	2a00:1450:4001:800::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/nunito/v12/XRXW3I6Li01BKofA-seUYevIWzgPDA.woff2 Requested by Host: p1.envoi-virement.com URL: https://p1.envoi-virement.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3f3a9ecd3b58eb26cce570f9bd3530be1181763b1c823a04f756da3ed8153e43 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://fonts.googleapis.com/css?family=Nunito:200,600 Origin https://p1.envoi-virement.com Response headers date Wed, 10 Jun 2020 18:06:39 GMT x-content-type-options nosniff last-modified Thu, 14 Nov 2019 17:37:29 GMT server sffe age 177508 status 200 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13756 x-xss-protection 0 expires Thu, 10 Jun 2021 18:06:39 GMT
GET		fr.js parsleyjs.org/dist/i18n/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

id5-sync.com

URL

https://id5-sync.com/c/12/2/8/2.gif?puid=6727669784938706203&gdpr=0&gdpr_consent=

Domain

ice.360yield.com

URL

https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2238be9f5d013814c%22%2C%22version%22%3A%227.0.0-JS-6.3.0%22%2C%22referrer%22%3A%22https%3A%2F%2Furlz.fr%2FcV3u%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2215056%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22166a119c61ed83e%22%2C%22pid%22%3A%2222124029%22%2C%22tid%22%3A%22818428bf-99f5-44a5-a662-5fd7faa639f4%22%2C%22banner%22%3A%7B%7D%7D%2C%7B%22id%22%3A%221733e09314e333f%22%2C%22pid%22%3A%2212065816%22%2C%22tid%22%3A%2258fc3c38-03af-463f-89bd-8e7af860d2db%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A1%2C%22h%22%3A1%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A90%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A30%7D%2C%7B%22w%22%3A990%2C%22h%22%3A90%7D%2C%7B%22w%22%3A950%2C%22h%22%3A90%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%2218826949b730d46%22%2C%22pid%22%3A%221121190%22%2C%22tid%22%3A%2298199f0d-6993-4d1c-8e5b-4b0560f15f55%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%5D%7D%7D%2C%7B%22id%22%3A%22191fbcc95c6a963%22%2C%22pid%22%3A%221121191%22%2C%22tid%22%3A%223b12ef0a-0667-47f6-b30e-5fddad800feb%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%5D%7D%7D%5D%7D%7D

Domain

fastlane.rubiconproject.com

URL

https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11740&site_id=39544&zone_id=1124628%3B1078226%3B1078310&size_id=15%3B2%3B2&alt_size_ids=2%2C55%2C58%2C221%3B19%2C43%2C44%2C117%3B19%2C43%2C44%2C117&p_pos=atf&gdpr=0&rp_schain=1.0,1!themoneytizer.com,15056,1,,,&rf=https%3A%2F%2Furlz.fr&kw=15056&tg_i.siteid=15056&tk_flint=pbjs_lite_v3.20.0&x_source.tid=58fc3c38-03af-463f-89bd-8e7af860d2db%3B98199f0d-6993-4d1c-8e5b-4b0560f15f55%3B3b12ef0a-0667-47f6-b30e-5fddad800feb&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=3&rand=0.42735502380576884

Domain

adtrack.adleadevent.com

URL

https://adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7

Domain

as-sec.casalemedia.com

URL

https://as-sec.casalemedia.com/headerstats?s=415712&u=https%3A%2F%2Furlz.fr%2FcV3u&v=3

Domain

pixel.quantserve.com

URL

https://pixel.quantserve.com/pixel;r=1124119733;labels=Categories.hobbiesandinterests;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Furlz.fr%2FcV3u;fpan=1;fpa=P0-2128953883-1591989907230;ns=0;ce=1;qjs=1;qv=3d595974-20200604132620;cm=;gdpr=0;ref=;d=urlz.fr;je=0;sr=1600x1200x24;enc=n;dst=1;et=1591989907230;tzo=-120;ogl=

Domain

cm.g.doubleclick.net

URL

https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=1196746f-94f3-4fa6-8215-f6a4d16475d1

Domain

image2.pubmatic.com

URL

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D1196746f-94f3-4fa6-8215-f6a4d16475d1

Domain

secure.adnxs.com

URL

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12773%26ref%3D%26hn_ver%3D10%26fid%3D1196746f-94f3-4fa6-8215-f6a4d16475d1

Domain

dmp.truoptik.com

URL

https://dmp.truoptik.com/0362536315099b06/sync.gif?cbk=https%3A%2F%2Fs.cpx.to%2Fsync&dsp=TRUOPTIK&fid=1196746f-94f3-4fa6-8215-f6a4d16475d1&fck=38a52059adba9e7b&cbp=dsp_uid

Domain

sync.smartadserver.com

URL

https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3D1196746f-94f3-4fa6-8215-f6a4d16475d1

Domain

pool.grid-data.bidswitch.net

URL

https://pool.grid-data.bidswitch.net/sync?pid=42

Domain

parsleyjs.org

URL

http://parsleyjs.org/dist/parsley.js

Domain

parsleyjs.org

URL

http://parsleyjs.org/dist/i18n/fr.js