Submitted URL: http://bit.ly/35zdqdk
Effective URL: http://urlz.fr/aN65
Submission: On October 18 via api from BE

Summary

This website contacted 30 IPs in 8 countries across 34 domains to perform 50 HTTP transactions. The main IP is 2606:4700:31::681f:ab2, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is urlz.fr.
This is the only time urlz.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 67.199.248.10 396982 (GOOGLE-PR...)
1 2 2606:4700:31:... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 80.211.146.217 31034 (ARUBA-ASN)
6 151.139.241.23 33438 (HIGHWINDS2)
1 145.239.193.145 16276 (OVH)
1 74.214.194.131 59940 (PULSEPOIN...)
1 143.204.101.6 16509 (AMAZON-02)
1 1 185.86.137.43 201081 (SMARTADSE...)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2 2a02:2638::1c 44788 (ASN-CRITE...)
2 145.239.193.51 16276 (OVH)
1 91.228.74.176 27281 (QUANTCAST)
1 63.35.128.55 16509 (AMAZON-02)
1 13.224.197.12 16509 (AMAZON-02)
5 5.179.192.20 34235 (ASPSERVEU...)
1 94.23.196.203 16276 (OVH)
4 5 5.39.66.15 16276 (OVH)
4 4 185.33.223.203 29990 (ASN-APPNEXUS)
2 2 3.120.61.28 16509 (AMAZON-02)
1 1 185.86.138.114 201081 (SMARTADSE...)
6 34.246.169.240 16509 (AMAZON-02)
1 2 2600:9000:20e... 16509 (AMAZON-02)
1 34.95.76.218 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 91.228.74.165 27281 (QUANTCAST)
1 2a00:1450:400... 15169 (GOOGLE)
3 178.79.227.76 22822 (LLNW)
1 143.204.101.74 16509 (AMAZON-02)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 1 104.16.92.60 13335 (CLOUDFLAR...)
2 2 185.64.189.110 62713 (AS-PUBMATIC)
1 1 216.58.208.34 15169 (GOOGLE)
2 2 52.208.204.25 16509 (AMAZON-02)
1 3.122.79.124 16509 (AMAZON-02)
1 54.247.104.216 16509 (AMAZON-02)
4 5 195.8.215.136 41690 (DAILYMOTI...)
3 54.239.168.199 16509 (AMAZON-02)
50 30
Apex Domain
Subdomains
Transfer
7 cpx.to
p.cpx.to
s.cpx.to
8 KB
6 themoneytizer.com
ads.themoneytizer.com
165 KB
5 dailymotion.com
www.dailymotion.com
5 KB
5 id5-sync.com
id5-sync.com
5 KB
5 pepsia.com
player.pepsia.com
54 KB
4 adnxs.com
secure.adnxs.com
4 KB
3 adwstats.com
www.adwstats.com
3 KB
3 dmcdn.net
api.dmcdn.net
s2.dmcdn.net
161 KB
3 chrononpost-france.fr
chrononpost-france.fr
111 KB
2 avocet.io
ads.avocet.io
1 KB
2 pubmatic.com
image2.pubmatic.com
1 KB
2 quantcount.com
rules.quantcount.com
1 KB
2 creative-serving.com
ads.creative-serving.com
2 KB
2 pubstack.io
tmzr.pubstack.io
cdn.prod.pubstack.io
20 KB
2 quantserve.com
edge.quantserve.com
pixel.quantserve.com
6 KB
2 leadplace.fr
tag.leadplace.fr
3 KB
2 criteo.com
gum.criteo.com
497 B
2 smartadserver.com
ww1097.smartadserver.com
rtb-csync.smartadserver.com
958 B
2 urlz.fr
urlz.fr
2 KB
1 adleadevent.com
adtrack.adleadevent.com
517 B
1 bidswitch.net
pool.grid-data.bidswitch.net
300 B
1 doubleclick.net
cm.g.doubleclick.net
861 B
1 truoptik.com
dmp.truoptik.com
682 B
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com
18 KB
1 adpaths.com
hv-contents.adpaths.com
65 KB
1 google-analytics.com
www.google-analytics.com
18 KB
1 googleapis.com
ajax.googleapis.com
30 KB
1 noowho.com
www.noowho.com
2 KB
1 cloudfront.net
d2zur9cc2gf1tx.cloudfront.net
26 KB
1 sascdn.com
ced-ns.sascdn.com
8 KB
1 contextweb.com
tag.contextweb.com
11 KB
1 themoneytizer.net
g.themoneytizer.net
200 B
1 cloudflare.com
ajax.cloudflare.com
4 KB
1 bit.ly
bit.ly
334 B
50 34
Domain Requested by
6 s.cpx.to p.cpx.to
6 ads.themoneytizer.com ajax.cloudflare.com
ads.themoneytizer.com
5 www.dailymotion.com 4 redirects api.dmcdn.net
5 id5-sync.com 4 redirects
5 player.pepsia.com urlz.fr
player.pepsia.com
4 secure.adnxs.com 4 redirects
3 www.adwstats.com hv-contents.adpaths.com
urlz.fr
3 chrononpost-france.fr urlz.fr
2 s2.dmcdn.net
2 ads.avocet.io 2 redirects
2 image2.pubmatic.com 2 redirects
2 rules.quantcount.com 1 redirects
2 ads.creative-serving.com 2 redirects
2 tag.leadplace.fr ads.themoneytizer.com
tag.leadplace.fr
2 gum.criteo.com 1 redirects
2 urlz.fr 1 redirects
1 adtrack.adleadevent.com ajax.googleapis.com
1 pool.grid-data.bidswitch.net
1 cm.g.doubleclick.net 1 redirects
1 dmp.truoptik.com 1 redirects
1 maxcdn.bootstrapcdn.com player.pepsia.com
1 hv-contents.adpaths.com player.pepsia.com
1 api.dmcdn.net player.pepsia.com
1 www.google-analytics.com urlz.fr
1 pixel.quantserve.com
1 ajax.googleapis.com d2zur9cc2gf1tx.cloudfront.net
1 cdn.prod.pubstack.io tmzr.pubstack.io
1 rtb-csync.smartadserver.com 1 redirects
1 www.noowho.com
1 d2zur9cc2gf1tx.cloudfront.net ads.themoneytizer.com
1 tmzr.pubstack.io ads.themoneytizer.com
1 edge.quantserve.com ads.themoneytizer.com
1 ced-ns.sascdn.com
1 ww1097.smartadserver.com 1 redirects
1 p.cpx.to ads.themoneytizer.com
1 tag.contextweb.com ads.themoneytizer.com
1 g.themoneytizer.net ads.themoneytizer.com
1 ajax.cloudflare.com urlz.fr
1 bit.ly 1 redirects
50 39

This site contains links to these domains. Also see Links.

Domain
www.noowho.com
Subject Issuer Validity Valid
ssl412106.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2019-08-10 -
2020-02-16
6 months crt.sh
*.themoneytizer.com
Sectigo RSA Domain Validation Secure Server CA
2019-02-15 -
2021-02-14
2 years crt.sh
*.criteo.com
DigiCert ECC Secure Server CA
2019-03-28 -
2020-04-01
a year crt.sh
*.prod.pubstack.io
Amazon
2019-09-18 -
2020-10-18
a year crt.sh
www.noowho.com
Gandi Standard SSL CA 2
2017-02-07 -
2020-02-07
3 years crt.sh
*.id5-sync.com
Go Daddy Secure Certificate Authority - G2
2017-04-02 -
2020-04-02
3 years crt.sh
s.cpx.to
COMODO RSA Domain Validation Secure Server CA
2015-02-10 -
2020-02-09
5 years crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA
2018-10-16 -
2019-10-21
a year crt.sh
cdn.prod.pubstack.io
Let's Encrypt Authority X3
2019-09-19 -
2019-12-18
3 months crt.sh
*.google-analytics.com
GTS CA 1O1
2019-10-03 -
2019-12-26
3 months crt.sh
*.dmcdn.net
Let's Encrypt Authority X3
2019-09-01 -
2019-11-30
3 months crt.sh
*.bootstrapcdn.com
Sectigo RSA Domain Validation Secure Server CA
2019-09-14 -
2020-10-13
a year crt.sh
pool.grid-data.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA
2019-03-13 -
2020-03-12
a year crt.sh
adtrack.adleadevent.com
Amazon
2019-06-30 -
2020-07-30
a year crt.sh
*.dailymotion.com
DigiCert SHA2 High Assurance Server CA
2019-10-02 -
2020-11-17
a year crt.sh
*.adwstats.com
Amazon
2019-04-23 -
2020-05-23
a year crt.sh

This page contains 6 frames:

Primary Page: http://urlz.fr/aN65
Frame ID: 6BFDF00D27FFB4AE595A694A270B0EA3
Requests: 34 HTTP requests in this frame

Frame: http://chrononpost-france.fr/chorono/chorono/
Frame ID: 6870B289569039E09F88E97032B0A18E
Requests: 1 HTTP requests in this frame

Frame: http://chrononpost-france.fr/chorono/chorono/
Frame ID: 343A2BDE76DAE1BEF4BDE4163EE6CA0A
Requests: 1 HTTP requests in this frame

Frame: http://tag.leadplace.fr/wckr.php?nogdpr&id=MTIZ
Frame ID: 74B1B0B858818B923017215F014A1ADF
Requests: 1 HTTP requests in this frame

Frame: https://www.google-analytics.com/analytics.js
Frame ID: 08BDB8443E727845BE29A75B67F08F6B
Requests: 13 HTTP requests in this frame

Frame: https://www.dailymotion.com/embed?api=postMessage&autoplay-mute=true&autoplay=true&controls=false&endscreen-enable=false&id=player_screen_video&mute=true&origin=http%3A%2F%2Furlz.fr&sharing-enable=false&syndication=273739&ui-logo=false&ui-start-screen-info=false
Frame ID: 4927F2DE8F7D32541BBEB55E9023F902
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://bit.ly/35zdqdk HTTP 301
    https://urlz.fr/aN65 HTTP 301
    http://urlz.fr/aN65 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Overall confidence: 100%
Detected patterns
  • script /\/prebid\.js/i

Overall confidence: 100%
Detected patterns
  • script /\.quantserve\.com\/quant\.js/i

Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

50
Requests

56 %
HTTPS

21 %
IPv6

34
Domains

39
Subdomains

30
IPs

8
Countries

717 kB
Transfer

1612 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://bit.ly/35zdqdk HTTP 301
    https://urlz.fr/aN65 HTTP 301
    http://urlz.fr/aN65 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • http://ww1097.smartadserver.com/config.js?nwid=1097 HTTP 302
  • http://ced-ns.sascdn.com/diff/js/smart.js
Request Chain 10
  • http://gum.criteo.com/sync?c=147&r=2&j=criteoCallback HTTP 302
  • https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback
Request Chain 19
  • https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/12/0/9/1.gif?gdpr=1&gdpr_consent= HTTP 302
  • https://secure.adnxs.com/getuid?https://id5-sync.com/c/12/2/8/2.gif?puid=$UID&gdpr=1&gdpr_consent= HTTP 302
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fid5-sync.com%2Fc%2F12%2F2%2F8%2F2.gif%3Fpuid%3D%24UID%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/12/2/8/2.gif?puid=7835919804745555132&gdpr=1&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F7%2F3.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F7%2F3.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/12/101/7/3.gif?puid=b21d3bd9-75f7-42e5-b4f8-dda09861c801&gdpr=1&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=111&partneruserid=ID5-ZHMOqcVreHI9irlwYRPGfoWP_Y7g3dJD9krMBjY3dg&redirurl=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F102%2F6%2F4.gif%3Fpuid%3DSMART_USER_ID%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/12/102/6/4.gif?puid=6986601532906185208&gdpr=1&gdpr_consent=
Request Chain 21
  • http://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js HTTP 301
  • https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Request Chain 34
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D11528%26ref%3D%26hn_ver%3D10%26fid%3D95420284-4b95-4220-b5a1-ece6ee7f10c7 HTTP 302
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.cpx.to%252Fan_fire%253Fapp_nexus_uid%253D%2524UID%2526pid%253D11528%2526ref%253D%2526hn_ver%253D10%2526fid%253D95420284-4b95-4220-b5a1-ece6ee7f10c7 HTTP 302
  • https://s.cpx.to/an_fire?app_nexus_uid=7835919804745555132&pid=11528&ref=&hn_ver=10&fid=95420284-4b95-4220-b5a1-ece6ee7f10c7
Request Chain 35
  • https://dmp.truoptik.com/0362536315099b06/sync.gif?cbk=https%3A%2F%2Fs.cpx.to%2Fsync&dsp=TRUOPTIK&fid=95420284-4b95-4220-b5a1-ece6ee7f10c7&fck=648472e4757211ff&cbp=dsp_uid HTTP 302
  • https://s.cpx.to/sync?dsp_uid=183070fcc2e167e13961cb15ce0a05d8&fid=95420284-4b95-4220-b5a1-ece6ee7f10c7&dsp=TRUOPTIK&fck=648472e4757211ff
Request Chain 36
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D95420284-4b95-4220-b5a1-ece6ee7f10c7 HTTP 302
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D95420284-4b95-4220-b5a1-ece6ee7f10c7 HTTP 302
  • https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=CFC5D9BE-0B71-4C16-A734-0187A6F5962E&fid=95420284-4b95-4220-b5a1-ece6ee7f10c7
Request Chain 37
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=95420284-4b95-4220-b5a1-ece6ee7f10c7 HTTP 302
  • https://s.cpx.to/ca.png?dsp=dbm&fid=95420284-4b95-4220-b5a1-ece6ee7f10c7&google_gid=CAESEH1mH6H448A7hP5NVIPujts&google_cver=1
Request Chain 38
  • https://ads.avocet.io/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Davocet%26dsp_uid%3D%7B%7BUUID%7D%7D%26fid%3D95420284-4b95-4220-b5a1-ece6ee7f10c7 HTTP 302
  • https://ads.avocet.io/getuid?bounce=true&url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Davocet%26dsp_uid%3D%7B%7BUUID%7D%7D%26fid%3D95420284-4b95-4220-b5a1-ece6ee7f10c7 HTTP 302
  • https://s.cpx.to/sync?dsp=avocet&dsp_uid=48b7b103-53a7-42a3-9849-e816bcc59198&fid=95420284-4b95-4220-b5a1-ece6ee7f10c7
Request Chain 42
  • http://www.dailymotion.com/embed?api=postMessage&autoplay-mute=true&autoplay=true&controls=false&endscreen-enable=false&id=player_screen_video&mute=true&origin=http%3A%2F%2Furlz.fr&sharing-enable=false&syndication=273739&ui-logo=false&ui-start-screen-info=false HTTP 301
  • https://www.dailymotion.com/embed?api=postMessage&autoplay-mute=true&autoplay=true&controls=false&endscreen-enable=false&id=player_screen_video&mute=true&origin=http%3A%2F%2Furlz.fr&sharing-enable=false&syndication=273739&ui-logo=false&ui-start-screen-info=false
Request Chain 45
  • http://www.dailymotion.com/thumbnail/1280x720/video/x7mddx4 HTTP 307
  • https://www.dailymotion.com/thumbnail/1280x720/video/x7mddx4 HTTP 302
  • https://s2.dmcdn.net/v/RTzcu1TdCQ-nYDC6Y/1280x720
Request Chain 46
  • http://www.dailymotion.com/thumbnail/1280x720/video/x7fs3hf HTTP 301
  • https://www.dailymotion.com/thumbnail/1280x720/video/x7fs3hf HTTP 302
  • https://s2.dmcdn.net/v/QpkkZ1TKQYoct9xUY/1280x720

50 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request aN65
urlz.fr/
Redirect Chain
  • http://bit.ly/35zdqdk
  • https://urlz.fr/aN65
  • http://urlz.fr/aN65
3 KB
1 KB
Document
General
Full URL
http://urlz.fr/aN65
Protocol
HTTP/1.1
Server
2606:4700:31::681f:ab2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a4e0d6183b56f7a463db10e6ad3e113bf3da13a68fe3ccd0271e7bb5e80b84a

Request headers

Host
urlz.fr
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Cookie
__cfduid=def851da56166fa45559e03237ef954a01571415668
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 18 Oct 2019 16:21:08 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
CF-Cache-Status
DYNAMIC
Server
cloudflare
CF-RAY
527bd7f628e3cbb8-VIE
Content-Encoding
gzip

Redirect headers

status
301
date
Fri, 18 Oct 2019 16:21:08 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=def851da56166fa45559e03237ef954a01571415668; expires=Sat, 17-Oct-20 16:21:08 GMT; path=/; domain=.urlz.fr; HttpOnly
location
http://urlz.fr/aN65
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
527bd7f5585dcbb4-VIE
rocket-loader.min.js
ajax.cloudflare.com/cdn-cgi/scripts/95c75768/cloudflare-static/
12 KB
4 KB
Script
General
Full URL
https://ajax.cloudflare.com/cdn-cgi/scripts/95c75768/cloudflare-static/rocket-loader.min.js
Requested by
Host: urlz.fr
URL: http://urlz.fr/aN65
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:c597 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ebb1042972496d60bb6555b9622f7e23201bbfe5d25b33d1096f1b61d659045
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://urlz.fr/aN65
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 16:21:08 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Thu, 17 Oct 2019 16:08:50 GMT
server
cloudflare
etag
W/"5da89212-2fb5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
application/javascript
status
200
cache-control
max-age=172800, public
strict-transport-security
max-age=15780000; includeSubDomains
cf-ray
527bd7f6dc06cb9c-VIE
expires
Sun, 20 Oct 2019 16:21:08 GMT
/
chrononpost-france.fr/chorono/chorono/ Frame 6870
0
0
Document
General
Full URL
http://chrononpost-france.fr/chorono/chorono/
Requested by
Host: urlz.fr
URL: http://urlz.fr/aN65
Protocol
HTTP/1.1
Server
80.211.146.217 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
host217-146-211-80.serverdedicati.aruba.it
Software
nginx / PleskLin
Resource Hash

Request headers

Host
chrononpost-france.fr
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://urlz.fr/aN65
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://urlz.fr/aN65

Response headers

Server
nginx
Date
Fri, 18 Oct 2019 16:21:07 GMT
Content-Type
text/html
Content-Length
33714
Last-Modified
Sun, 05 Aug 2018 07:06:10 GMT
Connection
keep-alive
ETag
"5b66a1e2-83b2"
X-Powered-By
PleskLin
Accept-Ranges
bytes
requestform.js
ads.themoneytizer.com/s/
34 KB
8 KB
Script
General
Full URL
http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/95c75768/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
NetDNA-cache/2.2 / PHP/5.4.45
Resource Hash
142e395b466d78b3c1b21fb07b5fd04af886b87e5efa0e6735214b9fd6958893

Request headers

Referer
http://urlz.fr/aN65
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 18 Oct 2019 16:21:08 GMT
Content-Encoding
gzip
Server
NetDNA-cache/2.2
X-Powered-By
PHP/5.4.45
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
text/html; charset=UTF-8
Cache-control
max-age=86400
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
Expires
Sat, 19 Oct 2019 16:21:08 GMT
gen.js
ads.themoneytizer.com/s/
7 KB
3 KB
Script
General
Full URL
http://ads.themoneytizer.com/s/gen.js?type=28
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/95c75768/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
NetDNA-cache/2.2 / PHP/5.4.45
Resource Hash
4f141f27b71bcd4138436160f38404b31e4eac16e4fd263cc7d8c36ef40cd34c

Request headers

Referer
http://urlz.fr/aN65
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 18 Oct 2019 16:20:27 GMT
Content-Encoding
gzip
Server
NetDNA-cache/2.2
X-Powered-By
PHP/5.4.45
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
text/html; charset=UTF-8
Cache-control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2653
Expires
Sat, 19 Oct 2019 16:20:27 GMT
/
g.themoneytizer.net/g/
26 B
200 B
Script
General
Full URL
http://g.themoneytizer.net/g/
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol
HTTP/1.1
Server
145.239.193.145 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
a3977efef5215f018d68e249348803f07c8d4828660fd154ffc72d2b85afedde

Request headers

Referer
http://urlz.fr/aN65
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 18 Oct 2019 16:21:09 GMT
Server
nginx
X-IPLB-Instance
29820
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
moneyvisibility.js
ads.themoneytizer.com/
12 KB
4 KB
Script
General
Full URL
https://ads.themoneytizer.com/moneyvisibility.js
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
7665c874bc98e44bd494def2883069f2f4c14cdef48d52d517cbbfce75440f37

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://urlz.fr/aN65
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 16:21:09 GMT
content-encoding
gzip
last-modified
Wed, 27 Feb 2019 16:57:07 GMT
server
nginx
etag
"779a-308e-582e3105a6be4"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
status
200
cache-control
max-age=86400
accept-ranges
bytes
content-length
3931
expires
Sat, 19 Oct 2019 16:20:40 GMT
moneybile.js
ads.themoneytizer.com/
37 KB
16 KB
Script
General
Full URL
https://ads.themoneytizer.com/moneybile.js
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
94666aec361fee9a9294bb32a5bc11867e479d41c199dd6ec8053122ae105a4b

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://urlz.fr/aN65
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 16:21:09 GMT
content-encoding
gzip
last-modified
Wed, 27 Feb 2019 16:57:00 GMT
server
nginx
etag
"7ff1-9390-582e30fefbc74"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
status
200
cache-control
max-age=86400
accept-ranges
bytes
content-length
15733
expires
Sat, 19 Oct 2019 16:20:34 GMT
getjs.static.js
tag.contextweb.com/
32 KB
11 KB
Script
General
Full URL
http://tag.contextweb.com/getjs.static.js
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol
HTTP/1.1
Server
74.214.194.131 Amsterdam, Netherlands, ASN59940 (PULSEPOINT-EU, NL),
Reverse DNS
Software
envoy /
Resource Hash
bf0e17523e8f57ccb02223b6e5adea462a5479afc4e79d9cbf80ca7f6186dc69

Request headers

Referer
http://urlz.fr/aN65
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 16:21:09 GMT
content-encoding
gzip
server
envoy
etag
d13c8ae45565efb782b52cb7f6a3b3828e3d77a7
p3p
policyref="/TagPublish/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
max-age=432000, public
x-envoy-upstream-service-time
2
content-type
application/x-javascript
content-length
11296
px.js
p.cpx.to/p/11528/
1 KB
2 KB
Script
General
Full URL
http://p.cpx.to/p/11528/px.js?r=1c655
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol
HTTP/1.1
Server
143.204.101.6 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-101-6.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
759d88dd7c8fa0d1e31323bd2ebf3f238156fdcbd1ed108215f69fece482d0c2

Request headers

Referer
http://urlz.fr/aN65
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 18 Oct 2019 15:47:37 GMT
Content-Encoding
UTF-8
Connection
keep-alive
Last-Modified
Wed, 10 Oct 2018 10:49:46 GMT
Server
AmazonS3
Age
2013
ETag
"f30057c89bf67afeaf18ceba624fa4b7"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 fa5a3d5abd34c6fac657b045a4dcbdc5.cloudfront.net (CloudFront)
Cache-Control
max-age=2419200
X-Amz-Cf-Pop
FRA50-C1
Accept-Ranges
bytes
Content-Length
1498
X-Amz-Cf-Id
_VDgoWOFNJMco0M4uGAje36xMe-WP9k5mvkhgV0vN5bcS3aoIygGbA==
smart.js
ced-ns.sascdn.com/diff/js/
Redirect Chain
  • http://ww1097.smartadserver.com/config.js?nwid=1097
  • http://ced-ns.sascdn.com/diff/js/smart.js
24 KB
8 KB
Script
General
Full URL
http://ced-ns.sascdn.com/diff/js/smart.js
Protocol
HTTP/1.1
Server
2a02:26f0:6c00:28b::c01 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Apache /
Resource Hash
e74d4b9c447f963778d2309bf36b2c9acd06d8c7096f9a98b28643cae53f426b

Request headers

Referer
http://urlz.fr/aN65
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 18 Oct 2019 16:21:09 GMT
Content-Encoding
gzip
Last-Modified
Thu, 05 Sep 2019 12:08:33 GMT
Server
Apache
ETag
"1fc11a0f5e30485338c4562812f21662:1567685313"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8004

Redirect headers

Location
http://ced-ns.sascdn.com/diff/js/smart.js
Date
Fri, 18 Oct 2019 16:21:09 GMT
Cache-Control
private
Content-Length
158
Content-Type
text/html; charset=utf-8
sync
gum.criteo.com/
Redirect Chain
  • http://gum.criteo.com/sync?c=147&r=2&j=criteoCallback
  • https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback
49 B
311 B
Script
General
Full URL
https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0

Request headers

Referer
http://urlz.fr/aN65
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 16:21:09 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
status
200
cache-control
private, max-age=3600
content-length
165
expires
60

Redirect headers

location
https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback
date
Fri, 18 Oct 2019 16:21:09 GMT
content-length
179
content-type
text/html; charset=utf-8
libJsLP.js
tag.leadplace.fr/
3 KB
3 KB
Script
General
Full URL
http://tag.leadplace.fr/libJsLP.js
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol
HTTP/1.1
Server
145.239.193.51 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
90e6f92e956b0b2b6e655f63d36cd44cef727f54c2b2a175ab5144de14ba2a31

Request headers

Referer
http://urlz.fr/aN65
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 18 Oct 2019 16:21:09 GMT
Last-Modified
Tue, 27 Nov 2018 14:13:54 GMT
Server
nginx/1.14.2
ETag
"5bfd5122-a72"
X-IPLB-Instance
29922
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
2674
quant.js
edge.quantserve.com/
12 KB
6 KB
Script
General
Full URL
http://edge.quantserve.com/quant.js
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol
HTTP/1.1
Server
91.228.74.176 , United Kingdom, ASN27281 (QUANTCAST - Quantcast Corporation, US),
Reverse DNS
Software
QS /
Resource Hash
404a9b0ffbcc813e8ddbb8d8510a24a69c09079282f8083ee94f4adc5d627176

Request headers

Referer
http://urlz.fr/aN65
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 18 Oct 2019 16:21:09 GMT
Content-Encoding
gzip
Last-Modified
Fri, 18-Oct-2019 16:21:09 GMT
Server
QS
ETag
M0-e2b9884a
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=604800
Connection
keep-alive
Content-Length
5456
Expires
Fri, 25 Oct 2019 16:21:09 GMT
d086759d-86af-4b34-852b-bb5d4c87aa38
tmzr.pubstack.io/v1/tag/
1 KB
824 B
Script
General
Full URL
https://tmzr.pubstack.io/v1/tag/d086759d-86af-4b34-852b-bb5d4c87aa38
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.35.128.55 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-63-35-128-55.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
08c3935de0655aea9e67f39d2c26fec00fcfcb1b81356553ae0d05ee5bb646e6

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://urlz.fr/aN65
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Fri, 18 Oct 2019 16:21:09 GMT
cache-control
max-age=120
content-encoding
gzip
content-length
712
content-type
application/javascript
notifyme.js
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/
25 KB
26 KB
Script
General
Full URL
http://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol
HTTP/1.1
Server
13.224.197.12 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-224-197-12.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213

Request headers

Referer
http://urlz.fr/aN65
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 18 Oct 2019 05:35:21 GMT
Via
1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
Last-Modified
Mon, 18 Feb 2019 16:54:28 GMT
Server
Apache
Age
122309
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
X-Amz-Cf-Pop
FRA2-C1
Accept-Ranges
bytes
Content-Length
25704
X-Amz-Cf-Id
VbjSXoTrNQD6vKryR_muN-WSjF-LqVh6XfIlIZyM2GPfFZgWdXHslQ==
prebid.js
ads.themoneytizer.com/moneybid2_31/build/dist/
351 KB
111 KB
Script
General
Full URL
https://ads.themoneytizer.com/moneybid2_31/build/dist/prebid.js
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
0d22f9b6f2b7945e7f86a028a8e38ffa8bf63d62b977b01ef4d33135217b1183

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://urlz.fr/aN65
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 16:21:09 GMT
content-encoding
gzip
last-modified
Thu, 17 Oct 2019 20:30:51 GMT
server
nginx
etag
"33a7b-57c0c-5952117f11681"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
status
200
cache-control
max-age=86400
accept-ranges
bytes
content-length
113444
expires
Sat, 19 Oct 2019 16:20:39 GMT
sdk.js
player.pepsia.com/
38 KB
38 KB
Script
General
Full URL
http://player.pepsia.com/sdk.js?d=16ddfac3b64
Requested by
Host: urlz.fr
URL: http://urlz.fr/aN65
Protocol
HTTP/1.1
Server
5.179.192.20 Paris, France, ASN34235 (ASPSERVEUR-AS, FR),
Reverse DNS
5-179-192-20.dynamixhost.net
Software
nginx /
Resource Hash
dccff4268cf23b61b45aeb89e063cb102cdf9a862e1c25bd2104aaf135a914d3

Request headers

Referer
http://urlz.fr/aN65
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 18 Oct 2019 16:21:09 GMT
Last-Modified
Tue, 24 Sep 2019 10:24:44 GMT
Server
nginx
Accept-Ranges
bytes
ETag
"5d89eeec-96b1"
Content-Length
38577
Content-Type
application/javascript
/
chrononpost-france.fr/chorono/chorono/ Frame 343A
0
0
Document
General
Full URL
http://chrononpost-france.fr/chorono/chorono/
Requested by
Host: urlz.fr
URL: http://urlz.fr/aN65
Protocol
HTTP/1.1
Server
80.211.146.217 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
host217-146-211-80.serverdedicati.aruba.it
Software
nginx / PleskLin
Resource Hash

Request headers

Host
chrononpost-france.fr
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://urlz.fr/aN65
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://urlz.fr/aN65

Response headers

Server
nginx
Date
Fri, 18 Oct 2019 16:21:08 GMT
Content-Type
text/html
Content-Length
33714
Last-Modified
Sun, 05 Aug 2018 07:06:10 GMT
Connection
keep-alive
ETag
"5b66a1e2-83b2"
X-Powered-By
PleskLin
Accept-Ranges
bytes
image.php
www.noowho.com/
1 KB
2 KB
Image
General
Full URL
https://www.noowho.com/image.php?site=23690713&ref=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.23.196.203 , France, ASN16276 (OVH, FR),
Reverse DNS
serveur8.wilsoftech.com
Software
Apache/2.4.7 (Ubuntu) / PHP/5.5.9-1ubuntu4.22
Resource Hash
bbb523734a37918c1467662a038d44fba0d2430532cd7499c8e6f761a03bf5e3

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://urlz.fr/aN65
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 18 Oct 2019 16:30:20 GMT
Cache-Control
no-store, no-cache, must-revalidate
Server
Apache/2.4.7 (Ubuntu)
Connection
close
X-Powered-By
PHP/5.5.9-1ubuntu4.22
Content-Length
1481
Content-Type
image/gif
4.gif
id5-sync.com/c/12/102/6/
Redirect Chain
  • https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent=
  • https://id5-sync.com/c/12/0/9/1.gif?gdpr=1&gdpr_consent=
  • https://secure.adnxs.com/getuid?https://id5-sync.com/c/12/2/8/2.gif?puid=$UID&gdpr=1&gdpr_consent=
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fid5-sync.com%2Fc%2F12%2F2%2F8%2F2.gif%3Fpuid%3D%24UID%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/12/2/8/2.gif?puid=7835919804745555132&gdpr=1&gdpr_consent=
  • https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F7%2F3.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F7%2F3.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/12/101/7/3.gif?puid=b21d3bd9-75f7-42e5-b4f8-dda09861c801&gdpr=1&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=111&partneruserid=ID5-ZHMOqcVreHI9irlwYRPGfoWP_Y7g3dJD9krMBjY3dg&redirurl=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F102%2F6%2F4.gif%3Fpuid%3DSMART_U...
  • https://id5-sync.com/c/12/102/6/4.gif?puid=6986601532906185208&gdpr=1&gdpr_consent=
43 B
798 B
Image
General
Full URL
https://id5-sync.com/c/12/102/6/4.gif?puid=6986601532906185208&gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.39.66.15 , France, ASN16276 (OVH, FR),
Reverse DNS
s10.id5-sync.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
http://urlz.fr/aN65
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 18 Oct 2019 16:21:10 GMT
Content-Type
image/gif;charset=UTF-8
Transfer-Encoding
chunked
P3P
CP="CAO PSA OUR"

Redirect headers

Pragma
no-cache
Date
Fri, 18 Oct 2019 16:21:10 GMT
P3P
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Location
https://id5-sync.com/c/12/102/6/4.gif?puid=6986601532906185208&gdpr=1&gdpr_consent=
Cache-Control
no-cache, no-store
Content-Type
text/html; charset=utf-8
Content-Length
208
Expires
-1
fire.js
s.cpx.to/
942 B
2 KB
Script
General
Full URL
https://s.cpx.to/fire.js?pid=11528&ref=&hn_ver=10&fid=95420284-4b95-4220-b5a1-ece6ee7f10c7
Requested by
Host: p.cpx.to
URL: http://p.cpx.to/p/11528/px.js?r=1c655
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.169.240 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-246-169-240.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
db389e876febec0538cbab912a7f9395f707b7207cf6057456a45417f0d45962
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://urlz.fr/aN65
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Fri, 18 Oct 2019 16:21:09 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/javascript; charset=UTF-8
Content-Length
942
Expires
Wed, 18 Sep 2019 12:38:04 GMT
rules-p-6Fv0cGNfc_bw8.js
rules.quantcount.com/
Redirect Chain
  • http://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
  • https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
1 KB
965 B
Script
General
Full URL
https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20eb:f600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681

Request headers

Referer
http://urlz.fr/aN65
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 15:31:14 GMT
content-encoding
gzip
last-modified
Mon, 19 Mar 2018 22:28:36 GMT
server
AmazonS3
age
2998
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
status
200
cache-control
max-age=3600
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
H0iuywlVfLe1itC61tYY1fTDzApgcSoGQL9RxeLSB88aD6wySDC2nw==
via
1.1 0f538ee832e1105649039b38ce89e883.cloudfront.net (CloudFront)

Redirect headers

Date
Fri, 18 Oct 2019 16:21:09 GMT
Via
1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
Server
CloudFront
X-Amz-Cf-Pop
FRA2-C1
X-Cache
Redirect from cloudfront
Content-Type
text/html
Location
https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Connection
keep-alive
Content-Length
183
X-Amz-Cf-Id
8tzEe2Y_XSDeBQ4rzYcci80k4zHUTuQOeay59ptdYvqGXB81QZezmQ==
wckr.php
tag.leadplace.fr/ Frame 74B1
0
0
Document
General
Full URL
http://tag.leadplace.fr/wckr.php?nogdpr&id=MTIZ
Requested by
Host: tag.leadplace.fr
URL: http://tag.leadplace.fr/libJsLP.js
Protocol
HTTP/1.1
Server
145.239.193.51 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash

Request headers

Host
tag.leadplace.fr
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://urlz.fr/aN65
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://urlz.fr/aN65

Response headers

Server
nginx/1.14.2
Date
Fri, 18 Oct 2019 16:21:09 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
X-IPLB-Instance
29922
monitoring.js
cdn.prod.pubstack.io/
61 KB
19 KB
XHR
General
Full URL
https://cdn.prod.pubstack.io/monitoring.js
Requested by
Host: tmzr.pubstack.io
URL: https://tmzr.pubstack.io/v1/tag/d086759d-86af-4b34-852b-bb5d4c87aa38
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.76.218 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
218.76.95.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
cca917d5365ca967f37edfa2437c4886dca56067a725a2981f340b6fd6e4d34c

Request headers

Sec-Fetch-Mode
cors
Referer
http://urlz.fr/aN65
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 16:17:52 GMT
content-encoding
gzip
age
197
x-guploader-uploadid
AEnB2Ur1ZCTDYLqSoQbPZoOrbMwMbbvXKTzmJ3llLeqyGGtYxnwb1XhCYsXkoql-OZhpDTPdzEDyea5lCRXc8HbpCpl9CAHGmxaWxSAYh-DMXu0gvsGJKW4
x-goog-storage-class
STANDARD
status
200
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
19087
last-modified
Tue, 01 Oct 2019 13:46:33 GMT
server
UploadServer
etag
"77e7399c17f6a8f88a9f3f04bc2a1ac1"
vary
Accept-Encoding
x-goog-hash
crc32c=/6g0qA==, md5=d+c5nBf2qPiKnz8EvCoawQ==
content-language
en
access-control-allow-origin
*
x-goog-generation
1569937593104851
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600
x-goog-stored-content-length
19087
accept-ranges
bytes
content-type
application/javascript
expires
Fri, 18 Oct 2019 17:17:52 GMT
indexv2.php
player.pepsia.com/V2/
43 KB
15 KB
XHR
General
Full URL
http://player.pepsia.com/V2/indexv2.php?token=00I4&controls=1&autoplay=1&logo=true&volume=1&api=1&id=0&origin=http://urlz.fr&d=16ddfac3c78
Requested by
Host: player.pepsia.com
URL: http://player.pepsia.com/sdk.js?d=16ddfac3b64
Protocol
HTTP/1.1
Server
5.179.192.20 Paris, France, ASN34235 (ASPSERVEUR-AS, FR),
Reverse DNS
5-179-192-20.dynamixhost.net
Software
nginx /
Resource Hash
d0bed8195cdd1501ff14988b39e23c745375324c105a7ce24f91dbfa7aff62ea

Request headers

Referer
http://urlz.fr/aN65
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
http://urlz.fr
Date
Fri, 18 Oct 2019 16:21:09 GMT
Content-Encoding
gzip
Access-Control-Allow-Credentials
true
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
algov2.php
player.pepsia.com/V2/
1 KB
892 B
XHR
General
Full URL
http://player.pepsia.com/V2/algov2.php?token=00I4&num=9&origin=http://urlz.fr&d=16ddfac3c7a
Requested by
Host: player.pepsia.com
URL: http://player.pepsia.com/sdk.js?d=16ddfac3b64
Protocol
HTTP/1.1
Server
5.179.192.20 Paris, France, ASN34235 (ASPSERVEUR-AS, FR),
Reverse DNS
5-179-192-20.dynamixhost.net
Software
nginx /
Resource Hash
f001eb03180dc2b4cbb3a8ddb615a7a0240dbd4b353135ac1f7457722306b3ba

Request headers

Referer
http://urlz.fr/aN65
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
http://urlz.fr
Date
Fri, 18 Oct 2019 16:21:09 GMT
Content-Encoding
gzip
Access-Control-Allow-Credentials
true
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.0.0/
84 KB
30 KB
Script
General
Full URL
http://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Requested by
Host: d2zur9cc2gf1tx.cloudfront.net
URL: http://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://urlz.fr/aN65
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 09 Oct 2019 09:50:11 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 20 Dec 2016 18:17:03 GMT
Server
sffe
Age
801058
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
30186
X-XSS-Protection
0
Expires
Thu, 08 Oct 2020 09:50:11 GMT
pixel;r=1663369314;labels=Categories.hobbiesandinterests;rf=0;a=p-6Fv0cGNfc_bw8;url=http%3A%2F%2Furlz.fr%2FaN65;fpan=1;fpa=P0-1971170716-1571415669893;ns=0;ce=1;qjs=1;qv=4c19192-20180628134937;cm=;...
pixel.quantserve.com/
35 B
494 B
Image
General
Full URL
http://pixel.quantserve.com/pixel;r=1663369314;labels=Categories.hobbiesandinterests;rf=0;a=p-6Fv0cGNfc_bw8;url=http%3A%2F%2Furlz.fr%2FaN65;fpan=1;fpa=P0-1971170716-1571415669893;ns=0;ce=1;qjs=1;qv=4c19192-20180628134937;cm=;ref=;je=0;sr=1600x1200x24;enc=n;dst=1;et=1571415669892;tzo=-120;ogl=
Protocol
HTTP/1.1
Server
91.228.74.165 , United Kingdom, ASN27281 (QUANTCAST - Quantcast Corporation, US),
Reverse DNS
Software
QS /
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Request headers

Referer
http://urlz.fr/aN65
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Oct 2019 16:21:10 GMT
Server
QS
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
Cache-Control
private, no-cache, no-store, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
Fri, 04 Aug 1978 12:00:00 GMT
analytics.js
www.google-analytics.com/ Frame 08BD
43 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: urlz.fr
URL: http://urlz.fr/aN65
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://urlz.fr/aN65
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
2794
date
Fri, 18 Oct 2019 15:34:35 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17803
expires
Fri, 18 Oct 2019 17:34:35 GMT
all.js
api.dmcdn.net/ Frame 08BD
29 KB
10 KB
Script
General
Full URL
https://api.dmcdn.net/all.js
Requested by
Host: player.pepsia.com
URL: http://player.pepsia.com/sdk.js?d=16ddfac3b64
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.79.227.76 , Italy, ASN22822 (LLNW - Limelight Networks, Inc., US),
Reverse DNS
https-178-79-227-76.vie.llnw.net
Software
DMS/1.0.42 /
Resource Hash
bc668e376652343280e84405e0dd10fcbf8e4147e7c3bf1ace3d1820aac78f68

Request headers

Sec-Fetch-Mode
cors
Referer
http://urlz.fr/aN65
Origin
http://urlz.fr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 16:21:10 GMT
content-encoding
gzip
last-modified
Fri, 27 Sep 2019 13:09:39 GMT
server
DMS/1.0.42
age
1825109
etag
"5d8e0a13-72c2"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=43200, s-maxage=3600
accept-ranges
bytes
access-control-allow-origin
*
content-length
9628
expires
Fri, 27 Sep 2019 14:22:41 GMT
S8ZvnPK
hv-contents.adpaths.com/publisher/ Frame 08BD
366 KB
65 KB
Script
General
Full URL
http://hv-contents.adpaths.com/publisher/S8ZvnPK
Requested by
Host: player.pepsia.com
URL: http://player.pepsia.com/sdk.js?d=16ddfac3b64
Protocol
HTTP/1.1
Server
143.204.101.74 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-101-74.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
31c8a8eed50d2b86576ab2daf8f7a9e17985d62bf4acafa7ff83af7614f2881b

Request headers

Referer
http://urlz.fr/aN65
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 17 Oct 2019 16:26:57 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 Oct 2019 13:01:17 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA50-C1
Vary
Accept-Encoding
X-Cache
RefreshHit from cloudfront
Content-Type
application/javascript; charset=utf-8
Via
1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
Transfer-Encoding
chunked
Connection
keep-alive
X-Amz-Cf-Id
bdTEboOI-Dmut6KNd62N4HL0EaqBdhJKpV7y0Vz7N3L6pObg5qrgDw==
glyphicons-halflings-regular.woff2
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/fonts/ Frame 08BD
18 KB
18 KB
Font
General
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/fonts/glyphicons-halflings-regular.woff2
Requested by
Host: player.pepsia.com
URL: http://player.pepsia.com/sdk.js?d=16ddfac3b64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
/
Resource Hash
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Request headers

Sec-Fetch-Mode
cors
Referer
http://urlz.fr/aN65
Origin
http://urlz.fr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 16:21:09 GMT
content-encoding
gzip
last-modified
Wed, 12 Dec 2018 18:36:18 GMT
status
200
etag
"1544639778"
vary
Accept-Encoding
x-cache
HIT
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-hello-human
Say hello back! @getBootstrapCDN on Twitter
accept-ranges
bytes
timing-allow-origin
*
content-length
18056
truncated
/ Frame 08BD
43 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
http://urlz.fr/aN65
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/gif
favicon.ico
chrononpost-france.fr/ Frame 08BD
111 KB
111 KB
Image
General
Full URL
http://chrononpost-france.fr/favicon.ico
Requested by
Host: urlz.fr
URL: http://urlz.fr/aN65
Protocol
HTTP/1.1
Server
80.211.146.217 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
host217-146-211-80.serverdedicati.aruba.it
Software
nginx / PleskLin
Resource Hash
88baf40feb43463a8f6aa6543e88bdbe33f0db9a317486e786eee1e5c76a9544

Request headers

Referer
http://urlz.fr/aN65
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 18 Oct 2019 16:21:08 GMT
Last-Modified
Mon, 14 Oct 2019 17:42:18 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
"5da4b37a-1bb33"
Content-Type
image/vnd.microsoft.icon
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
113459
an_fire
s.cpx.to/
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D11528%26ref%3D%26hn_ver%3D10%26fid%3D95420284-4b95-4220-b5a1-ece6ee7f10c7
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.cpx.to%252Fan_fire%253Fapp_nexus_uid%253D%2524UID%2526pid%253D11528%2526ref%253D%2526hn_ver%253D10%2526fid%253D95420284-4b95-4220-b...
  • https://s.cpx.to/an_fire?app_nexus_uid=7835919804745555132&pid=11528&ref=&hn_ver=10&fid=95420284-4b95-4220-b5a1-ece6ee7f10c7
95 B
865 B
Image
General
Full URL
https://s.cpx.to/an_fire?app_nexus_uid=7835919804745555132&pid=11528&ref=&hn_ver=10&fid=95420284-4b95-4220-b5a1-ece6ee7f10c7
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.169.240 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-246-169-240.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
http://urlz.fr/aN65
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Fri, 18 Oct 2019 16:21:10 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Content-Length
95
Expires
Fri, 18 Oct 2019 16:21:10 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 18 Oct 2019 16:21:12 GMT
X-Proxy-Origin
185.210.217.116; 185.210.217.116; 317.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.117:80
AN-X-Request-Uuid
7b843d92-4b73-49d6-9958-0b6e87bd548b
Server
nginx/1.13.4
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://s.cpx.to/an_fire?app_nexus_uid=7835919804745555132&pid=11528&ref=&hn_ver=10&fid=95420284-4b95-4220-b5a1-ece6ee7f10c7
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
s.cpx.to/
Redirect Chain
  • https://dmp.truoptik.com/0362536315099b06/sync.gif?cbk=https%3A%2F%2Fs.cpx.to%2Fsync&dsp=TRUOPTIK&fid=95420284-4b95-4220-b5a1-ece6ee7f10c7&fck=648472e4757211ff&cbp=dsp_uid
  • https://s.cpx.to/sync?dsp_uid=183070fcc2e167e13961cb15ce0a05d8&fid=95420284-4b95-4220-b5a1-ece6ee7f10c7&dsp=TRUOPTIK&fck=648472e4757211ff
95 B
877 B
Image
General
Full URL
https://s.cpx.to/sync?dsp_uid=183070fcc2e167e13961cb15ce0a05d8&fid=95420284-4b95-4220-b5a1-ece6ee7f10c7&dsp=TRUOPTIK&fck=648472e4757211ff
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.169.240 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-246-169-240.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
http://urlz.fr/aN65
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Fri, 18 Oct 2019 16:21:10 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Content-Length
95
Expires
Fri, 18 Oct 2019 16:21:10 GMT

Redirect headers

date
Fri, 18 Oct 2019 16:21:10 GMT
cf-cache-status
DYNAMIC
access-control-allow-origin
*
status
302
user-agent
Tru Optik DMP 1.3.1
to-dmp-balancer
balancer2-dmp-nyc1-do.truoptik.com
content-length
154
pragma
no-cache
to-dmp-sync
sync4-dmp-nyc1-do.truoptik.com
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
text/html
location
https://s.cpx.to/sync?dsp_uid=183070fcc2e167e13961cb15ce0a05d8&fid=95420284-4b95-4220-b5a1-ece6ee7f10c7&dsp=TRUOPTIK&fck=648472e4757211ff
cache-control
no-store
cf-ray
527bd801ad42c779-AMS
expires
0
sync
s.cpx.to/
Redirect Chain
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D95420284-4b95-4220-b5a1-ece6ee7f10c7
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D95420284-4b95-4220-b5a1-ece6ee7f10c7
  • https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=CFC5D9BE-0B71-4C16-A734-0187A6F5962E&fid=95420284-4b95-4220-b5a1-ece6ee7f10c7
95 B
881 B
Image
General
Full URL
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=CFC5D9BE-0B71-4C16-A734-0187A6F5962E&fid=95420284-4b95-4220-b5a1-ece6ee7f10c7
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.169.240 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-246-169-240.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
http://urlz.fr/aN65
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Fri, 18 Oct 2019 16:21:10 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Content-Length
95
Expires
Fri, 18 Oct 2019 16:21:10 GMT

Redirect headers

Location
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=CFC5D9BE-0B71-4C16-A734-0187A6F5962E&fid=95420284-4b95-4220-b5a1-ece6ee7f10c7
Date
Fri, 18 Oct 2019 16:21:10 GMT
X-Cnection
close
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Content-Length
448
Content-Type
text/html; charset=iso-8859-1
ca.png
s.cpx.to/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=95420284-4b95-4220-b5a1-ece6ee7f10c7
  • https://s.cpx.to/ca.png?dsp=dbm&fid=95420284-4b95-4220-b5a1-ece6ee7f10c7&google_gid=CAESEH1mH6H448A7hP5NVIPujts&google_cver=1
95 B
804 B
Image
General
Full URL
https://s.cpx.to/ca.png?dsp=dbm&fid=95420284-4b95-4220-b5a1-ece6ee7f10c7&google_gid=CAESEH1mH6H448A7hP5NVIPujts&google_cver=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.169.240 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-246-169-240.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
http://urlz.fr/aN65
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Fri, 18 Oct 2019 16:21:10 GMT
X-Frame-Options
sameorigin
Content-Type
image/png
Cache-Control
no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
95

Redirect headers

pragma
no-cache
date
Fri, 18 Oct 2019 16:21:10 GMT
server
HTTP server (unknown)
status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://s.cpx.to/ca.png?dsp=dbm&fid=95420284-4b95-4220-b5a1-ece6ee7f10c7&google_gid=CAESEH1mH6H448A7hP5NVIPujts&google_cver=1
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
334
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
s.cpx.to/
Redirect Chain
  • https://ads.avocet.io/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Davocet%26dsp_uid%3D%7B%7BUUID%7D%7D%26fid%3D95420284-4b95-4220-b5a1-ece6ee7f10c7
  • https://ads.avocet.io/getuid?bounce=true&url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Davocet%26dsp_uid%3D%7B%7BUUID%7D%7D%26fid%3D95420284-4b95-4220-b5a1-ece6ee7f10c7
  • https://s.cpx.to/sync?dsp=avocet&dsp_uid=48b7b103-53a7-42a3-9849-e816bcc59198&fid=95420284-4b95-4220-b5a1-ece6ee7f10c7
95 B
879 B
Image
General
Full URL
https://s.cpx.to/sync?dsp=avocet&dsp_uid=48b7b103-53a7-42a3-9849-e816bcc59198&fid=95420284-4b95-4220-b5a1-ece6ee7f10c7
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.169.240 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-246-169-240.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
http://urlz.fr/aN65
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Fri, 18 Oct 2019 16:21:10 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Content-Length
95
Expires
Fri, 18 Oct 2019 16:21:10 GMT

Redirect headers

Location
https://s.cpx.to/sync?dsp=avocet&dsp_uid=48b7b103-53a7-42a3-9849-e816bcc59198&fid=95420284-4b95-4220-b5a1-ece6ee7f10c7
Date
Fri, 18 Oct 2019 16:21:10 GMT
Connection
keep-alive
P3p
policyref="http://cdn.avocet.io/w3c/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Content-Length
149
Content-Type
text/html; charset=utf-8
sync
pool.grid-data.bidswitch.net/
43 B
300 B
Image
General
Full URL
https://pool.grid-data.bidswitch.net/sync?pid=42
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.79.124 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-3-122-79-124.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://urlz.fr/aN65
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 18 Oct 2019 16:21:10 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Content-Length
43
Content-Type
image/gif
notifyme.php
adtrack.adleadevent.com/
0
517 B
XHR
General
Full URL
https://adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
Requested by
Host: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.247.104.216 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-247-104-216.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
http://urlz.fr/aN65
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Pragma
no-cache
Date
Fri, 18 Oct 2019 16:21:10 GMT
Content-Encoding
gzip
Last-Modified
Fri, 18 Oct 2019 16:21:10 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
http://urlz.fr
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
Expires
Sat, 26 Jul 1997 05:00:00 GMT
bundle.js
ads.themoneytizer.com/cs2/dist/
97 KB
23 KB
Script
General
Full URL
https://ads.themoneytizer.com/cs2/dist/bundle.js
Requested by
Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
d406f42a088a14459471e30acb1a1c3f856b1f76331473847663a63ba2921250

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://urlz.fr/aN65
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 16:21:10 GMT
content-encoding
gzip
last-modified
Tue, 17 Sep 2019 21:28:09 GMT
server
nginx
etag
W/"3247a-183db-592c6659901e6"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
status
200
cache-control
max-age=86400
accept-ranges
bytes
content-length
23456
expires
Sat, 19 Oct 2019 16:21:09 GMT
Cookie set embed
www.dailymotion.com/ Frame 4927
Redirect Chain
  • http://www.dailymotion.com/embed?api=postMessage&autoplay-mute=true&autoplay=true&controls=false&endscreen-enable=false&id=player_screen_video&mute=true&origin=http%3A%2F%2Furlz.fr&sharing-enable=f...
  • https://www.dailymotion.com/embed?api=postMessage&autoplay-mute=true&autoplay=true&controls=false&endscreen-enable=false&id=player_screen_video&mute=true&origin=http%3A%2F%2Furlz.fr&sharing-enable=...
0
0
Document
General
Full URL
https://www.dailymotion.com/embed?api=postMessage&autoplay-mute=true&autoplay=true&controls=false&endscreen-enable=false&id=player_screen_video&mute=true&origin=http%3A%2F%2Furlz.fr&sharing-enable=false&syndication=273739&ui-logo=false&ui-start-screen-info=false
Requested by
Host: api.dmcdn.net
URL: https://api.dmcdn.net/all.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.8.215.136 , France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
www.dailymotion.com
Software
DMS/1.0.42 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31708800; includeSubDomains

Request headers

Host
www.dailymotion.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
http://urlz.fr/aN65
Accept-Encoding
gzip, deflate, br
Cookie
v1st=C7D21C6E6C7FCB8B783EF51089D76603
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://urlz.fr/aN65

Response headers

Content-Security-Policy-Report-Only
default-src https: blob: wss: data: android-webview-video-poster: android-webview: chrome-extension: safari-extension: 'unsafe-eval' 'unsafe-inline'; report-uri https://www.dailymotion.com/content_security_policy_report_uri
Server
DMS/1.0.42
X-DM-BackNode
web-539.adm.dc3.dailymotion.com:80
Vary
X-DM-SSL,Accept-Encoding
Cache-Control
no-cache, no-store
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Content-Security-Policy
upgrade-insecure-requests
Access-Control-Expose-Headers
X-DM-BackNode-Response-Time
Strict-Transport-Security
max-age=31708800; includeSubDomains
Date
Fri, 18 Oct 2019 16:21:10 GMT
Link
<https://static1.dmcdn.net>; rel=preconnect,<https://ajax.googleapis.com>; rel=preconnect
Keep-Alive
timeout=60, max=5000
X-DM-LB-IP
195.8.215.136
X-DM-LB-Name
lb-07
X-DM-BackNode-Response-Time
36
Connection
Keep-Alive
Set-Cookie
ts=236831; expires=Wed, 18-Nov-2020 17:21:10 GMT; Max-Age=34304400; path=/; domain=.dailymotion.com sid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ sdx=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ su_user_id=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ su_sid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ su_sdx=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ client_token=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ access_token=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ refresh_token=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ dmvk=5da9e6763f7cd; path=/; domain=.dailymotion.com
Expect-Ct
max-age=0, report-uri="https://www.dailymotion.com/content_security_policy_report_uri"
Content-Length
12078

Redirect headers

Server
DMS/1.0.42
X-DM-BackNode
web-376.adm.dc3.dailymotion.com:80
Vary
X-DM-SSL
Content-Type
text/html; charset=UTF-8
Access-Control-Expose-Headers
X-DM-BackNode-Response-Time
Date
Fri, 18 Oct 2019 16:21:10 GMT
Location
https://www.dailymotion.com/embed?api=postMessage&autoplay-mute=true&autoplay=true&controls=false&endscreen-enable=false&id=player_screen_video&mute=true&origin=http%3A%2F%2Furlz.fr&sharing-enable=false&syndication=273739&ui-logo=false&ui-start-screen-info=false
Keep-Alive
timeout=60, max=5000
X-DM-LB-IP
195.8.215.136
X-DM-LB-Name
lb-07
X-DM-BackNode-Response-Time
10
Connection
Keep-Alive
Set-Cookie
v1st=C7D21C6E6C7FCB8B783EF51089D76603; expires=Mon, 16 Nov 2020 16:21:09 GMT; max-age=34128000; path=/; domain=.dailymotion.com
Content-Length
0
sdk.js
www.adwstats.com/ Frame 08BD
5 KB
2 KB
Script
General
Full URL
https://www.adwstats.com/sdk.js
Requested by
Host: hv-contents.adpaths.com
URL: http://hv-contents.adpaths.com/publisher/S8ZvnPK
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.239.168.199 Alpharetta, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-239-168-199.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9439c284891159231745921cdd550553e1df7996ced5b420c89a685ad4caf975

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://urlz.fr/aN65
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 16:02:32 GMT
content-encoding
gzip
last-modified
Mon, 29 Jul 2019 10:07:08 GMT
server
AmazonS3
age
1118
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
x-amz-cf-pop
FRA50
x-amz-cf-id
q0P-a3Db8j3oQu6ElAWip1iYpv_ZdwBk0aiKzg5DSWNcn0Cg83eheQ==
via
1.1 e0ece2fc930e4eafcacb21a60126c353.cloudfront.net (CloudFront)
generic.pixel
www.adwstats.com/ Frame 08BD
43 B
317 B
Image
General
Full URL
https://www.adwstats.com/generic.pixel?record_interface=generic&send_tracker_init=false&creative_format=N0YY9hj&creative_id=S8ZvnPK&random_number=0.7347640101801138&client_start_timestamp=1571415670475&client_session_id=34329cd1-34ac-4912-bcbc-9dbb51bd2392&event_type=state&event_name=impression&client_date_utc=2019-10-18%2016%3A21%3A10&client_date_utc_offset=%2B02%3A00&client_cache_buster=5ab25a58-3d46-4464-9007-a537960ba5af&client_screen_width=1600&client_screen_height=1200&client_window_width=0&client_window_height=40&client_charset=UTF-8&client_time_elapsed=0&x_domain=
Requested by
Host: urlz.fr
URL: http://urlz.fr/aN65
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.239.168.199 Alpharetta, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-239-168-199.fra50.r.cloudfront.net
Software
adw analytics /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://urlz.fr/aN65
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 16:21:10 GMT
via
1.1 e0ece2fc930e4eafcacb21a60126c353.cloudfront.net (CloudFront)
server
adw analytics
x-amz-cf-pop
FRA50
x-cache
Miss from cloudfront
content-type
image/gif
status
200
content-length
43
x-amz-cf-id
PXlfE7PS-F-TGATE6uP48aUE9GiNnMxq2-RLxdUGTzWWMYsp8x_EFg==
1280x720
s2.dmcdn.net/v/RTzcu1TdCQ-nYDC6Y/ Frame 08BD
Redirect Chain
  • http://www.dailymotion.com/thumbnail/1280x720/video/x7mddx4
  • https://www.dailymotion.com/thumbnail/1280x720/video/x7mddx4
  • https://s2.dmcdn.net/v/RTzcu1TdCQ-nYDC6Y/1280x720
77 KB
77 KB
Image
General
Full URL
https://s2.dmcdn.net/v/RTzcu1TdCQ-nYDC6Y/1280x720
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.79.227.76 , Italy, ASN22822 (LLNW - Limelight Networks, Inc., US),
Reverse DNS
https-178-79-227-76.vie.llnw.net
Software
DMS/1.0.42 /
Resource Hash
b7e8bae3caf2afa8ae360a578e22d2762532e88fec661f2c4f966d0a0703452e

Request headers

Referer
http://urlz.fr/aN65
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 16:21:11 GMT
content-encoding
gzip
x-dm-origin-date
Tue, 08 Oct 2019 17:26:23 GMT
age
860088
x-dm-upstream-cache-status
MISS
x-dm-retries
0
status
200
x-dm-backnode-response-time
88
content-length
78559
x-dm-origin-content-length
78770
x-dm-upstream-resptime
1570555583.908
x-dm-chash
10.190.53.4:81
last-modified
Tue, 08 Oct 2019 17:26:23 GMT
server
DMS/1.0.42
vary
Accept-Encoding
content-type
image/jpeg
access-control-expose-headers
X-DM-BackNode-Response-Time
cache-control
max-age=315360000
x-dm-backend
tailor-03.adm.dc3.dailymotion.com:80
expires
Fri, 05 Oct 2029 17:26:23 GMT

Redirect headers

Content-Security-Policy
upgrade-insecure-requests
Vary
X-DM-SSL
Content-Security-Policy-Report-Only
default-src https: blob: wss: data: android-webview-video-poster: android-webview: chrome-extension: safari-extension: 'unsafe-eval' 'unsafe-inline'; report-uri https://www.dailymotion.com/content_security_policy_report_uri
Connection
Keep-Alive
X-DM-BackNode-Response-Time
17
Content-Length
0
X-DM-LB-Name
lb-07
Server
DMS/1.0.42
Date
Fri, 18 Oct 2019 16:21:11 GMT
Expect-Ct
max-age=0, report-uri="https://www.dailymotion.com/content_security_policy_report_uri"
Strict-Transport-Security
max-age=31708800; includeSubDomains
X-DM-BackNode
web-539.adm.dc3.dailymotion.com:80
Content-Type
text/html; charset=utf-8
Location
https://s2.dmcdn.net/v/RTzcu1TdCQ-nYDC6Y/1280x720
Access-Control-Expose-Headers
X-DM-BackNode-Response-Time
Cache-Control
no-cache
Keep-Alive
timeout=60, max=4992
X-DM-LB-IP
195.8.215.136
Expires
Fri, 18 Oct 2019 16:26:11 GMT
1280x720
s2.dmcdn.net/v/QpkkZ1TKQYoct9xUY/ Frame 08BD
Redirect Chain
  • http://www.dailymotion.com/thumbnail/1280x720/video/x7fs3hf
  • https://www.dailymotion.com/thumbnail/1280x720/video/x7fs3hf
  • https://s2.dmcdn.net/v/QpkkZ1TKQYoct9xUY/1280x720
79 KB
74 KB
Image
General
Full URL
https://s2.dmcdn.net/v/QpkkZ1TKQYoct9xUY/1280x720
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.79.227.76 , Italy, ASN22822 (LLNW - Limelight Networks, Inc., US),
Reverse DNS
https-178-79-227-76.vie.llnw.net
Software
DMS/1.0.42 /
Resource Hash
5b7d5989301267e7c63b2d4454bbc5d9f3abd5db70b7978466a56d3d12b3d3b4

Request headers

Referer
http://urlz.fr/aN65
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 16:21:12 GMT
content-encoding
gzip
x-dm-origin-date
Mon, 07 Oct 2019 15:39:00 GMT
age
952932
x-dm-upstream-cache-status
MISS
x-dm-retries
0
status
200
x-dm-backnode-response-time
117
content-length
74749
x-dm-origin-content-length
80633
x-dm-upstream-resptime
1570462740.822
x-dm-chash
10.190.53.6:81
last-modified
Mon, 07 Oct 2019 15:39:00 GMT
server
DMS/1.0.42
vary
Accept-Encoding
content-type
image/jpeg
access-control-expose-headers
X-DM-BackNode-Response-Time
cache-control
max-age=315360000
x-dm-backend
tailor-02.adm.ix7.dailymotion.com:80
expires
Thu, 04 Oct 2029 15:39:00 GMT

Redirect headers

Content-Security-Policy
upgrade-insecure-requests
Vary
X-DM-SSL
Content-Security-Policy-Report-Only
default-src https: blob: wss: data: android-webview-video-poster: android-webview: chrome-extension: safari-extension: 'unsafe-eval' 'unsafe-inline'; report-uri https://www.dailymotion.com/content_security_policy_report_uri
Connection
Keep-Alive
X-DM-BackNode-Response-Time
21
Content-Length
0
X-DM-LB-Name
lb-07
Server
DMS/1.0.42
Date
Fri, 18 Oct 2019 16:21:12 GMT
Expect-Ct
max-age=0, report-uri="https://www.dailymotion.com/content_security_policy_report_uri"
Strict-Transport-Security
max-age=31708800; includeSubDomains
X-DM-BackNode
web-525.adm.dc3.dailymotion.com:80
Content-Type
text/html; charset=utf-8
Location
https://s2.dmcdn.net/v/QpkkZ1TKQYoct9xUY/1280x720
Access-Control-Expose-Headers
X-DM-BackNode-Response-Time
Cache-Control
no-cache
Keep-Alive
timeout=60, max=4996
X-DM-LB-IP
195.8.215.136
Expires
Fri, 18 Oct 2019 16:26:12 GMT
video_load.php
player.pepsia.com/V2/actions/ Frame 08BD
45 B
290 B
Image
General
Full URL
http://player.pepsia.com/V2/actions/video_load.php?sid=00I4&cid=04Y8&d=16ddfac47ee
Protocol
HTTP/1.1
Server
5.179.192.20 Paris, France, ASN34235 (ASPSERVEUR-AS, FR),
Reverse DNS
5-179-192-20.dynamixhost.net
Software
nginx /
Resource Hash
1fdad207581da193a24d9293ad1ba76c3d41f68a005a2c9b7a26e39a1618ca66

Request headers

Referer
http://urlz.fr/aN65
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 18 Oct 2019 16:21:12 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
video_start.php
player.pepsia.com/V2/actions/ Frame 08BD
43 B
269 B
Image
General
Full URL
http://player.pepsia.com/V2/actions/video_start.php?sid=00I4&cid=04Y8&d=16ddfac490f
Protocol
HTTP/1.1
Server
5.179.192.20 Paris, France, ASN34235 (ASPSERVEUR-AS, FR),
Reverse DNS
5-179-192-20.dynamixhost.net
Software
nginx /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
http://urlz.fr/aN65
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 18 Oct 2019 16:21:13 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
generic.pixel
www.adwstats.com/ Frame 08BD
43 B
316 B
Image
General
Full URL
https://www.adwstats.com/generic.pixel?record_interface=generic&send_tracker_init=false&creative_format=N0YY9hj&creative_id=S8ZvnPK&random_number=0.7120039209057023&client_start_timestamp=1571415670475&client_session_id=34329cd1-34ac-4912-bcbc-9dbb51bd2392&event_type=state&event_name=playerDetected&completion_value=5.001&completion_ref=S8ZvnPK&client_date_utc=2019-10-18%2016%3A21%3A15&client_date_utc_offset=%2B02%3A00&client_cache_buster=9cd91835-4824-4f53-9fb6-faf721718207&client_screen_width=1600&client_screen_height=1200&client_window_width=400&client_window_height=265&client_charset=UTF-8&client_time_elapsed=5001&x_domain=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.239.168.199 Alpharetta, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-239-168-199.fra50.r.cloudfront.net
Software
adw analytics /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://urlz.fr/aN65
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 18 Oct 2019 16:21:15 GMT
via
1.1 e0ece2fc930e4eafcacb21a60126c353.cloudfront.net (CloudFront)
server
adw analytics
x-amz-cf-pop
FRA50
x-cache
Miss from cloudfront
content-type
image/gif
status
200
content-length
43
x-amz-cf-id
XNM3O54h2JCGCPv1FvcGMWTAsiiPLppYC4AaEvuOffHl0YRYRbhzQw==

Verdicts & Comments Add Verdict or Comment

117 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| __cfQR function| confiantWrap number| themoneytizer_async object| geo object| node object| excludeconfiant object| eucountries object| _captifyAnalytics object| sas object| generic function| criteoCallback object| criteo_gum object| pwidget_config function| loadScriptTemelio function| whenFormatFctDefined function| whenDefined object| tagsObject string| website number| random object| pubstack object| target object| cs object| notifyme object| tmzr object| d object| pbs object| format_size object| format_size_ix object| format_size_rubicon object| format_criteo object| format_pulsepoint object| between_w object| between_h object| counter_refresh object| smart_prebid2 object| notvisibleloop string| crtg_content object| mydiv object| creatediv undefined| paragraphs undefined| counter undefined| temp undefined| myP undefined| myPNumber undefined| coeffFilterBegin undefined| coeffFilterEnd undefined| filterBegin undefined| filterEnd undefined| limitPargraphs undefined| filteringParagraphs undefined| number undefined| divs undefined| coeffFilterBeginDiv undefined| filterBeginDiv function| isEmpty function| Getsize function| GetsizeRubicon function| GetPulseSize function| Timeout function| checkVisibility3 function| refreshSlot undefined| convertHtmlToText object| _qevents boolean| moneycaching boolean| confiant object| params number| nugg function| Adcall_30012 string| Noowho_ref string| page boolean| timepast object| iframe boolean| __cfRLUnblockHandlers function| quantserve function| __qc object| ezt object| _qoptions function| VisSense object| sas_ads boolean| sas_ajax object| sas_manager object| sas_unrenderedFormats undefined| sas_callAd undefined| sas_callAds function| sas_render function| SmartAdServerAjaxOneCall function| SmartAdServer_iframe function| SmartAdServer function| SmartAdServerAjax function| sas_gcf function| sas_appendToContainer function| sascc function| sasmobile function| sas_addCleanListener function| sas_cleanAds function| sas_cleanAd number| sas_renderMode object| pp function| MobileDetect object| md function| tmzrChunk object| __core-js_shared__ object| ADAGIO object| googletag object| libJsLeadPlace string| moneytizergeo object| Pepsia function| PepsiaPlayerAsync string| k undefined| $ undefined| jQuery object| core object| pbstck object| data function| __cmp

1 Cookies

Domain/Path Name / Value
.urlz.fr/ Name: __cfduid
Value: def851da56166fa45559e03237ef954a01571415668

3 Console Messages

Source Level URL
Text
console-api warning URL: http://hv-contents.adpaths.com/publisher/S8ZvnPK(Line 1)
Message:
Pepsia DM Delegate: Pepsia DM Player does not give the container size, positions and sizes may be wrong
console-api warning URL: http://hv-contents.adpaths.com/publisher/S8ZvnPK(Line 1)
Message:
Pepsia DM Delegate: Pepsia DM Player does not give the container size, positions and sizes may be wrong
console-api warning URL: http://hv-contents.adpaths.com/publisher/S8ZvnPK(Line 1)
Message:
Pepsia DM Delegate: Pepsia DM Player does not give the container size, positions and sizes may be wrong

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.avocet.io
ads.creative-serving.com
ads.themoneytizer.com
adtrack.adleadevent.com
ajax.cloudflare.com
ajax.googleapis.com
api.dmcdn.net
bit.ly
cdn.prod.pubstack.io
ced-ns.sascdn.com
chrononpost-france.fr
cm.g.doubleclick.net
d2zur9cc2gf1tx.cloudfront.net
dmp.truoptik.com
edge.quantserve.com
g.themoneytizer.net
gum.criteo.com
hv-contents.adpaths.com
id5-sync.com
image2.pubmatic.com
maxcdn.bootstrapcdn.com
p.cpx.to
pixel.quantserve.com
player.pepsia.com
pool.grid-data.bidswitch.net
rtb-csync.smartadserver.com
rules.quantcount.com
s.cpx.to
s2.dmcdn.net
secure.adnxs.com
tag.contextweb.com
tag.leadplace.fr
tmzr.pubstack.io
urlz.fr
ww1097.smartadserver.com
www.adwstats.com
www.dailymotion.com
www.google-analytics.com
www.noowho.com
104.16.92.60
13.224.197.12
143.204.101.6
143.204.101.74
145.239.193.145
145.239.193.51
151.139.241.23
178.79.227.76
185.33.223.203
185.64.189.110
185.86.137.43
185.86.138.114
195.8.215.136
2001:4de0:ac19::1:b:1b
216.58.208.34
2600:9000:20eb:f600:6:44e3:f8c0:93a1
2606:4700:31::681f:ab2
2606:4700::6813:c597
2a00:1450:4001:825::200a
2a00:1450:4001:825::200e
2a02:2638::1c
2a02:26f0:6c00:28b::c01
3.120.61.28
3.122.79.124
34.246.169.240
34.95.76.218
5.179.192.20
5.39.66.15
52.208.204.25
54.239.168.199
54.247.104.216
63.35.128.55
67.199.248.10
74.214.194.131
80.211.146.217
91.228.74.165
91.228.74.176
94.23.196.203
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
08c3935de0655aea9e67f39d2c26fec00fcfcb1b81356553ae0d05ee5bb646e6
0a4e0d6183b56f7a463db10e6ad3e113bf3da13a68fe3ccd0271e7bb5e80b84a
0d22f9b6f2b7945e7f86a028a8e38ffa8bf63d62b977b01ef4d33135217b1183
142e395b466d78b3c1b21fb07b5fd04af886b87e5efa0e6735214b9fd6958893
1fdad207581da193a24d9293ad1ba76c3d41f68a005a2c9b7a26e39a1618ca66
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
31c8a8eed50d2b86576ab2daf8f7a9e17985d62bf4acafa7ff83af7614f2881b
404a9b0ffbcc813e8ddbb8d8510a24a69c09079282f8083ee94f4adc5d627176
46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681
4f141f27b71bcd4138436160f38404b31e4eac16e4fd263cc7d8c36ef40cd34c
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5b7d5989301267e7c63b2d4454bbc5d9f3abd5db70b7978466a56d3d12b3d3b4
759d88dd7c8fa0d1e31323bd2ebf3f238156fdcbd1ed108215f69fece482d0c2
7665c874bc98e44bd494def2883069f2f4c14cdef48d52d517cbbfce75440f37
7ebb1042972496d60bb6555b9622f7e23201bbfe5d25b33d1096f1b61d659045
88baf40feb43463a8f6aa6543e88bdbe33f0db9a317486e786eee1e5c76a9544
90e6f92e956b0b2b6e655f63d36cd44cef727f54c2b2a175ab5144de14ba2a31
9439c284891159231745921cdd550553e1df7996ced5b420c89a685ad4caf975
94666aec361fee9a9294bb32a5bc11867e479d41c199dd6ec8053122ae105a4b
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a3977efef5215f018d68e249348803f07c8d4828660fd154ffc72d2b85afedde
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213
b7e8bae3caf2afa8ae360a578e22d2762532e88fec661f2c4f966d0a0703452e
bbb523734a37918c1467662a038d44fba0d2430532cd7499c8e6f761a03bf5e3
bc668e376652343280e84405e0dd10fcbf8e4147e7c3bf1ace3d1820aac78f68
bf0e17523e8f57ccb02223b6e5adea462a5479afc4e79d9cbf80ca7f6186dc69
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
cca917d5365ca967f37edfa2437c4886dca56067a725a2981f340b6fd6e4d34c
d0bed8195cdd1501ff14988b39e23c745375324c105a7ce24f91dbfa7aff62ea
d406f42a088a14459471e30acb1a1c3f856b1f76331473847663a63ba2921250
db389e876febec0538cbab912a7f9395f707b7207cf6057456a45417f0d45962
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
dccff4268cf23b61b45aeb89e063cb102cdf9a862e1c25bd2104aaf135a914d3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e74d4b9c447f963778d2309bf36b2c9acd06d8c7096f9a98b28643cae53f426b
f001eb03180dc2b4cbb3a8ddb615a7a0240dbd4b353135ac1f7457722306b3ba
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c