urlz.fr Open in urlscan Pro
2606:4700:31::681f:bb2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.woo.by/dr
Effective URL:
http://urlz.fr/aFJ3
Submission: On October 01 via manual (October 1st 2019, 5:21:24 pm UTC) from RU

Summary HTTP 80 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 43 IPs in 9 countries across 46 domains to perform 80 HTTP transactions. The main IP is 2606:4700:31::681f:bb2, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is urlz.fr.

This is the only time urlz.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	51.89.139.138 51.89.139.138	16276 (OVH) (OVH)
1 2	2606:4700:31:... 2606:4700:31::681f:bb2	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2606:4700::68... 2606:4700::6813:c697	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
3	2606:4700:30:... 2606:4700:30::681c:1786	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
7	151.139.241.23 151.139.241.23	33438 (HIGHWINDS2) (HIGHWINDS2 - Highwinds Network Group)
1	145.239.193.145 145.239.193.145	16276 (OVH) (OVH)
1	74.214.194.132 74.214.194.132	59940 (PULSEPOIN...) (PULSEPOINT-EU)
1	143.204.214.46 143.204.214.46	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 2	185.86.137.43 185.86.137.43	201081 (SMARTADSE...) (SMARTADSERVER)
1	68.232.35.16 68.232.35.16	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
1	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	145.239.192.166 145.239.192.166	16276 (OVH) (OVH)
1	91.228.74.207 91.228.74.207	27281 (QUANTCAST) (QUANTCAST - Quantcast Corporation)
1	52.222.149.19 52.222.149.19	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
3	5.179.192.20 5.179.192.20	34235 (ASPSERVEU...) (ASPSERVEUR-AS)
1	94.23.196.203 94.23.196.203	16276 (OVH) (OVH)
4 6	54.36.123.231 54.36.123.231	16276 (OVH) (OVH)
4 4	37.252.173.22 37.252.173.22	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
2 2	18.195.67.58 18.195.67.58	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 1	185.86.137.110 185.86.137.110	201081 (SMARTADSE...) (SMARTADSERVER)
6	34.246.169.240 34.246.169.240	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 2	2600:9000:214... 2600:9000:214f:9000:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a00:1450:400... 2a00:1450:4001:824::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1	91.228.74.221 91.228.74.221	27281 (QUANTCAST) (QUANTCAST - Quantcast Corporation)
1	54.247.104.216 54.247.104.216	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
5 5	172.217.22.66 172.217.22.66	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	104.16.91.60 104.16.91.60	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2 2	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC - PubMatic)
2 2	52.214.122.164 52.214.122.164	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	18.185.45.212 18.185.45.212	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a00:1450:400... 2a00:1450:4001:815::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	178.79.227.167 178.79.227.167	22822 (LLNW) (LLNW - Limelight Networks)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:3a	20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group)
2 6	185.33.223.197 185.33.223.197	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
1 2	2.18.234.233 2.18.234.233	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
3 7	52.58.120.61 52.58.120.61	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	69.173.144.140 69.173.144.140	26667 (RUBICONPR...) (RUBICONPROJECT - The Rubicon Project)
3 4	195.8.215.136 195.8.215.136	41690 (DAILYMOTI...) (DAILYMOTION For peering related business)
1	54.38.64.100 54.38.64.100	16276 (OVH) (OVH)
4 14	151.101.14.2 151.101.14.2	54113 (FASTLY) (FASTLY - Fastly)
1 3	2.16.186.80 2.16.186.80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 2	18.185.163.33 18.185.163.33	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	69.173.144.136 69.173.144.136	26667 (RUBICONPR...) (RUBICONPROJECT - The Rubicon Project)
1 1	40.113.136.100 40.113.136.100	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
4	151.101.14.49 151.101.14.49	54113 (FASTLY) (FASTLY - Fastly)
2 2	52.48.102.50 52.48.102.50	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 1	35.162.160.88 35.162.160.88	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	192.132.33.46 192.132.33.46	18568 (BIDTELLECT) (BIDTELLECT - Bidtellect Inc.)
1	130.211.13.252 130.211.13.252	15169 (GOOGLE) (GOOGLE - Google LLC)
4 4	52.29.180.59 52.29.180.59	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2 2	35.205.46.65 35.205.46.65	15169 (GOOGLE) (GOOGLE - Google LLC)
1	178.79.227.76 178.79.227.76	22822 (LLNW) (LLNW - Limelight Networks)
1	104.108.40.167 104.108.40.167	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
2	2.18.232.130 2.18.232.130	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1 1	46.228.164.11 46.228.164.11	56396 (TURN) (TURN)
1 3	52.57.44.17 52.57.44.17	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 1	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
2 2	37.157.6.251 37.157.6.251	198622 (ADFORM) (ADFORM)
1	159.253.128.188 159.253.128.188	36351 (SOFTLAYER) (SOFTLAYER - SoftLayer Technologies Inc.)
80	43

1 51.89.139.138 (United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: 138.ip-51-89-139.eu

www.woo.by	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:31::681f:bb2 (United States) 1 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

urlz.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:c697 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:30::681c:1786 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

havegotin.saidhisfather.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 151.139.241.23 (Dallas, United States)

ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US)

ads.themoneytizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 145.239.193.145 (France)

ASN16276 (OVH, FR)

g.tmyzer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.214.194.132 (Amsterdam, Netherlands)

ASN59940 (PULSEPOINT-EU, NL)

tag.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.214.46 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-214-46.fra53.r.cloudfront.net

p.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.137.43 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

ww1097.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 68.232.35.16 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

ced-ns.sascdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 145.239.192.166 (France)

ASN16276 (OVH, FR)

tag.leadplace.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.228.74.207 (United Kingdom)

ASN27281 (QUANTCAST - Quantcast Corporation, US)

edge.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.149.19 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-149-19.fra53.r.cloudfront.net

d2zur9cc2gf1tx.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 5.179.192.20 (Paris, France)

ASN34235 (ASPSERVEUR-AS, FR)
PTR: 5-179-192-20.dynamixhost.net

player.pepsia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.23.196.203 (France)

ASN16276 (OVH, FR)
PTR: serveur8.wilsoftech.com

www.noowho.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.36.123.231 (France) 4 redirects

ASN16276 (OVH, FR)
PTR: s03.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.173.22 (Ascension Island) 4 redirects

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.195.67.58 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-195-67-58.eu-central-1.compute.amazonaws.com

ads.creative-serving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.137.110 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.246.169.240 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-246-169-240.eu-west-1.compute.amazonaws.com

s.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:214f:9000:6:44e3:f8c0:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.228.74.221 (United Kingdom)

ASN27281 (QUANTCAST - Quantcast Corporation, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.247.104.216 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-247-104-216.eu-west-1.compute.amazonaws.com

adtrack.adleadevent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.22.66 (United States) 5 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s17-in-f66.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.91.60 (United States) 1 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

dmp.truoptik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.110 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC - PubMatic, Inc., US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.214.122.164 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-214-122-164.eu-west-1.compute.amazonaws.com

ads.avocet.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.185.45.212 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-185-45-212.eu-central-1.compute.amazonaws.com

pool.grid-data.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:815::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.79.227.167 (Italy)

ASN22822 (LLNW - Limelight Networks, Inc., US)
PTR: https-178-79-227-167.vie.llnw.net

api.dmcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:3a (Netherlands)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.33.223.197 (Netherlands) 2 redirects

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 302.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.233 (Ascension Island) 1 redirects

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-234-233.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.58.120.61 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-58-120-61.eu-central-1.compute.amazonaws.com

ice.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 195.8.215.136 (France) 3 redirects

ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR)
PTR: www.dailymotion.com

www.dailymotion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.38.64.100 (France)

ASN16276 (OVH, FR)

c.tmyzer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 151.101.14.2 (Frankfurt am Main, Germany) 4 redirects

ASN54113 (FASTLY - Fastly, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.16.186.80 (Ascension Island) 1 redirects

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-80.deploy.static.akamaitechnologies.com

b.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.185.163.33 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-185-163-33.eu-central-1.compute.amazonaws.com

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.136 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 40.113.136.100 (Amsterdam, Netherlands) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

px.powerlinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.14.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)

match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.48.102.50 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-48-102-50.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.162.160.88 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-162-160-88.us-west-2.compute.amazonaws.com

www.storygize.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.132.33.46 (United States)

ASN18568 (BIDTELLECT - Bidtellect Inc., US)
PTR: 46.bidtellect.com

bttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.13.252 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 252.13.211.130.bc.googleusercontent.com

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.29.180.59 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-29-180-59.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.205.46.65 (Ascension Island) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: 65.46.205.35.bc.googleusercontent.com

ads.programattik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.79.227.76 (Italy)

ASN22822 (LLNW - Limelight Networks, Inc., US)
PTR: https-178-79-227-76.vie.llnw.net

s1.dmcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.108.40.167 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-108-40-167.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.232.130 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.228.164.11 (United Kingdom) 1 redirects

ASN56396 (TURN, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.57.44.17 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-57-44-17.eu-central-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.201 (Ascension Island) 1 redirects

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.251 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)
PTR: s1.adform.net

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.253.128.188 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: bc.80.fd9f.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	taboola.com 4 redirects cdn.taboola.com trc.taboola.com match.taboola.com cds.taboola.com	242 KB
12	adnxs.com 6 redirects secure.adnxs.com ib.adnxs.com acdn.adnxs.com	9 KB
10	360yield.com 4 redirects ice.360yield.com ad.360yield.com	7 KB
7	cpx.to p.cpx.to s.cpx.to	8 KB
7	themoneytizer.com ads.themoneytizer.com	160 KB
6	id5-sync.com 4 redirects id5-sync.com	5 KB
5	bidswitch.net 4 redirects pool.grid-data.bidswitch.net x.bidswitch.net	2 KB
5	doubleclick.net 5 redirects cm.g.doubleclick.net	1 KB
4	dailymotion.com 3 redirects www.dailymotion.com	3 KB
3	scorecardresearch.com 1 redirects b.scorecardresearch.com	2 KB
3	rubiconproject.com fastlane.rubiconproject.com pixel.rubiconproject.com eus.rubiconproject.com	2 KB
3	pepsia.com player.pepsia.com	54 KB
3	smartadserver.com 2 redirects ww1097.smartadserver.com rtb-csync.smartadserver.com	2 KB
3	saidhisfather.top havegotin.saidhisfather.top	942 B
2	adform.net 2 redirects track.adform.net	597 B
2	programattik.com 2 redirects ads.programattik.com	1 KB
2	adsrvr.org 2 redirects match.adsrvr.org	891 B
2	mfadsrvr.com 2 redirects rtb.mfadsrvr.com	1 KB
2	stickyadstv.com 1 redirects ads.stickyadstv.com	1 KB
2	dmcdn.net api.dmcdn.net s1.dmcdn.net	38 KB
2	avocet.io 2 redirects ads.avocet.io	1 KB
2	pubmatic.com 2 redirects image2.pubmatic.com	1 KB
2	quantcount.com 1 redirects rules.quantcount.com	1 KB
2	creative-serving.com 2 redirects ads.creative-serving.com	2 KB
2	quantserve.com edge.quantserve.com pixel.quantserve.com	6 KB
2	leadplace.fr tag.leadplace.fr	3 KB
2	tmyzer.com g.tmyzer.com c.tmyzer.com	400 B
2	urlz.fr 1 redirects urlz.fr	1 KB
1	simpli.fi um.simpli.fi	705 B
1	mathtag.com 1 redirects pixel.mathtag.com	548 B
1	turn.com 1 redirects ad.turn.com	518 B
1	bttrack.com bttrack.com	380 B
1	storygize.net 1 redirects www.storygize.net	450 B
1	powerlinks.com 1 redirects px.powerlinks.com	402 B
1	bootstrapcdn.com maxcdn.bootstrapcdn.com	18 KB
1	google-analytics.com www.google-analytics.com	17 KB
1	truoptik.com 1 redirects dmp.truoptik.com	668 B
1	adleadevent.com adtrack.adleadevent.com	517 B
1	googleapis.com ajax.googleapis.com	30 KB
1	noowho.com www.noowho.com	2 KB
1	cloudfront.net d2zur9cc2gf1tx.cloudfront.net	26 KB
1	criteo.com gum.criteo.com	386 B
1	sascdn.com ced-ns.sascdn.com	8 KB
1	contextweb.com tag.contextweb.com	11 KB
1	cloudflare.com ajax.cloudflare.com	4 KB
1	woo.by 1 redirects www.woo.by	238 B
80	46

	Domain	Requested by
9	trc.taboola.com	4 redirects cdn.taboola.com
7	ice.360yield.com	3 redirects
7	ads.themoneytizer.com	ajax.cloudflare.com ads.themoneytizer.com
6	ib.adnxs.com	2 redirects ads.themoneytizer.com urlz.fr
6	s.cpx.to	p.cpx.to
6	id5-sync.com	4 redirects ads.themoneytizer.com
5	cdn.taboola.com	urlz.fr cdn.taboola.com
5	cm.g.doubleclick.net	5 redirects
4	x.bidswitch.net	4 redirects
4	match.taboola.com
4	www.dailymotion.com	3 redirects api.dmcdn.net
4	secure.adnxs.com	4 redirects
3	ad.360yield.com	1 redirects
3	b.scorecardresearch.com	1 redirects cdn.taboola.com urlz.fr
3	player.pepsia.com	urlz.fr player.pepsia.com
3	havegotin.saidhisfather.top	urlz.fr
2	track.adform.net	2 redirects
2	acdn.adnxs.com	ads.themoneytizer.com
2	ads.programattik.com	2 redirects
2	match.adsrvr.org	2 redirects
2	rtb.mfadsrvr.com	2 redirects
2	ads.stickyadstv.com	1 redirects ads.themoneytizer.com
2	ads.avocet.io	2 redirects
2	image2.pubmatic.com	2 redirects
2	rules.quantcount.com	1 redirects
2	ads.creative-serving.com	2 redirects
2	tag.leadplace.fr	ads.themoneytizer.com tag.leadplace.fr
2	ww1097.smartadserver.com	1 redirects ads.themoneytizer.com
2	urlz.fr	1 redirects
1	um.simpli.fi
1	pixel.mathtag.com	1 redirects
1	ad.turn.com	1 redirects
1	eus.rubiconproject.com	ads.themoneytizer.com
1	s1.dmcdn.net
1	cds.taboola.com	urlz.fr
1	bttrack.com	urlz.fr
1	www.storygize.net	1 redirects
1	px.powerlinks.com	1 redirects
1	pixel.rubiconproject.com	urlz.fr
1	c.tmyzer.com	ads.themoneytizer.com
1	fastlane.rubiconproject.com	ads.themoneytizer.com
1	maxcdn.bootstrapcdn.com	player.pepsia.com
1	api.dmcdn.net	player.pepsia.com
1	www.google-analytics.com	urlz.fr
1	pool.grid-data.bidswitch.net
1	dmp.truoptik.com	1 redirects
1	adtrack.adleadevent.com	ajax.googleapis.com
1	pixel.quantserve.com
1	ajax.googleapis.com	d2zur9cc2gf1tx.cloudfront.net
1	rtb-csync.smartadserver.com	1 redirects
1	www.noowho.com
1	d2zur9cc2gf1tx.cloudfront.net	ads.themoneytizer.com
1	edge.quantserve.com	ads.themoneytizer.com
1	gum.criteo.com	ads.themoneytizer.com
1	ced-ns.sascdn.com
1	p.cpx.to	ads.themoneytizer.com
1	tag.contextweb.com	ads.themoneytizer.com
1	g.tmyzer.com	ads.themoneytizer.com
1	ajax.cloudflare.com	urlz.fr
1	www.woo.by	1 redirects
80	60

This site contains links to these domains. Also see Links.

Domain
www.noowho.com

Subject Issuer	Validity	Valid
ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-08-10` - `2020-02-16`	6 months	crt.sh
*.themoneytizer.com Sectigo RSA Domain Validation Secure Server CA	`2019-02-15` - `2021-02-14`	2 years	crt.sh
www.noowho.com Gandi Standard SSL CA 2	`2017-02-07` - `2020-02-07`	3 years	crt.sh
*.id5-sync.com Go Daddy Secure Certificate Authority - G2	`2017-04-02` - `2020-04-02`	3 years	crt.sh
s.cpx.to COMODO RSA Domain Validation Secure Server CA	`2015-02-10` - `2020-02-09`	5 years	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2018-10-16` - `2019-10-21`	a year	crt.sh
adtrack.adleadevent.com Amazon	`2019-06-30` - `2020-07-30`	a year	crt.sh
pool.grid-data.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2019-03-13` - `2020-03-12`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-09-05` - `2019-11-28`	3 months	crt.sh
*.dmcdn.net Let's Encrypt Authority X3	`2019-09-01` - `2019-11-30`	3 months	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2019-09-14` - `2020-10-13`	a year	crt.sh
*.360yield.com Amazon	`2019-09-24` - `2020-10-24`	a year	crt.sh
*.dailymotion.com DigiCert SHA2 High Assurance Server CA	`2018-09-24` - `2019-10-23`	a year	crt.sh
f2.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-07-30` - `2020-07-25`	a year	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-01-10` - `2021-01-14`	2 years	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
g2.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-05-03` - `2019-11-19`	7 months	crt.sh
*.bttrack.com Sectigo RSA Domain Validation Secure Server CA	`2019-03-19` - `2021-04-13`	2 years	crt.sh
*.taboola.com DigiCert ECC Secure Server CA	`2019-09-03` - `2020-09-10`	a year	crt.sh

This page contains 12 frames:

Primary Page: http://urlz.fr/aFJ3
Frame ID: 49CD25A1603B38D472A84E91F85F6CA2
Requests: 47 HTTP requests in this frame

Frame: http://havegotin.saidhisfather.top/
Frame ID: F816D1DBCC244164135EF0FFFDE6F085
Requests: 1 HTTP requests in this frame

Frame: http://havegotin.saidhisfather.top/
Frame ID: 7DC3421FFD32A0D300B0D41192D43059
Requests: 1 HTTP requests in this frame

Frame: http://tag.leadplace.fr/wckr.php?nogdpr&id=MTIZ
Frame ID: D78C9CC26A834E345ED2225F22D71C1E
Requests: 1 HTTP requests in this frame

Frame: https://www.google-analytics.com/analytics.js
Frame ID: D2E78359CEC496B60DCABA6AD4BA5914
Requests: 6 HTTP requests in this frame

Frame: https://www.dailymotion.com/embed?api=postMessage&autoplay-mute=true&autoplay=true&controls=false&endscreen-enable=false&id=player_screen_video&mute=true&origin=http%3A%2F%2Furlz.fr&sharing-enable=false&syndication=273739&ui-logo=false&ui-start-screen-info=false
Frame ID: 15D17B4CA56A9BEF4703784C1BE4FF59
Requests: 1 HTTP requests in this frame

Frame: http://cdn.taboola.com/shared/tbframe.js
Frame ID: F9DCDA13B527D48AA8BFA509FFF7DFE5
Requests: 1 HTTP requests in this frame

Frame: http://cdn.taboola.com/libtrc/themonetizer-network/loader.js
Frame ID: 49EDC38B915CDBB90CA191BC20266CD5
Requests: 9 HTTP requests in this frame

Frame: https://trc.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=3eed85c3-5e75-492c-bfdc-8ab86b060379
Frame ID: 9A434BA1E251831BE8977476631BA601
Requests: 11 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 8E9AB7992BF5F61B087339DE93BFCE68
Requests: 1 HTTP requests in this frame

Frame: http://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: AF2AEE431726439FB5CC9A1D2AC5C6BF
Requests: 1 HTTP requests in this frame

Frame: http://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: E326A728223912BCA2C86E9744B1E0BB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.woo.by/dr HTTP 302
https://urlz.fr/aFJ3 HTTP 301
http://urlz.fr/aFJ3 Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /\/prebid\.js/i

Quantcast (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /\.quantserve\.com\/quant\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

80
Requests

51 %
HTTPS

14 %
IPv6

46
Domains

60
Subdomains

43
IPs

9
Countries

646 kB
Transfer

1805 kB
Size

2
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.noowho.com/Show-23690713.html

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.woo.by/dr HTTP 302
https://urlz.fr/aFJ3 HTTP 301
http://urlz.fr/aFJ3 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

http://ww1097.smartadserver.com/config.js?nwid=1097 HTTP 302
http://ced-ns.sascdn.com/diff/js/smart.js

Request Chain 18

https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent= HTTP 302
https://id5-sync.com/c/12/0/9/1.gif?gdpr=1&gdpr_consent= HTTP 302
https://secure.adnxs.com/getuid?https://id5-sync.com/c/12/2/8/2.gif?puid=$UID&gdpr=1&gdpr_consent= HTTP 302
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fid5-sync.com%2Fc%2F12%2F2%2F8%2F2.gif%3Fpuid%3D%24UID%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/12/2/8/2.gif?puid=6847113233627577372&gdpr=1&gdpr_consent= HTTP 302
https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F7%2F3.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F7%2F3.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/12/101/7/3.gif?puid=9799bb5a-67b1-44d6-9895-068d3418ba18&gdpr=1&gdpr_consent= HTTP 302
https://rtb-csync.smartadserver.com/redir/?partnerid=111&partneruserid=ID5-ZHMOBiueEvMIjxJnhIecKsTKXkUNCkt_e6oJePep7g&redirurl=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F102%2F6%2F4.gif%3Fpuid%3DSMART_USER_ID%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/12/102/6/4.gif?puid=8198683909712912307&gdpr=1&gdpr_consent=

Request Chain 20

http://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js HTTP 301
https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js

Request Chain 25

https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=3d39b580-ca75-42f0-a492-07b055c9faf4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm=&dsp=dbm&fid=3d39b580-ca75-42f0-a492-07b055c9faf4&google_tc= HTTP 302
https://s.cpx.to/ca.png?dsp=dbm&fid=3d39b580-ca75-42f0-a492-07b055c9faf4&google_gid=CAESEJvIkPfod2j0hcwFlUDFLwE&google_cver=1

Request Chain 26

https://dmp.truoptik.com/0362536315099b06/sync.gif?cbk=https%3A%2F%2Fs.cpx.to%2Fsync&dsp=TRUOPTIK&fid=3d39b580-ca75-42f0-a492-07b055c9faf4&fck=5ea73077cc97d5eb&cbp=dsp_uid HTTP 302
https://s.cpx.to/sync?dsp_uid=61efd17f2d2b1c2041b91e792cae20d2&fid=3d39b580-ca75-42f0-a492-07b055c9faf4&dsp=TRUOPTIK&fck=5ea73077cc97d5eb

Request Chain 27

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D3d39b580-ca75-42f0-a492-07b055c9faf4 HTTP 302
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D3d39b580-ca75-42f0-a492-07b055c9faf4 HTTP 302
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=D1460DF5-319D-4F23-94C4-6401C0C23FB1&fid=3d39b580-ca75-42f0-a492-07b055c9faf4

Request Chain 28

https://ads.avocet.io/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Davocet%26dsp_uid%3D%7B%7BUUID%7D%7D%26fid%3D3d39b580-ca75-42f0-a492-07b055c9faf4 HTTP 302
https://ads.avocet.io/getuid?bounce=true&url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Davocet%26dsp_uid%3D%7B%7BUUID%7D%7D%26fid%3D3d39b580-ca75-42f0-a492-07b055c9faf4 HTTP 302
https://s.cpx.to/sync?dsp=avocet&dsp_uid=9d50d604-ddb0-4a79-976c-e3141e4a4c05&fid=3d39b580-ca75-42f0-a492-07b055c9faf4

Request Chain 29

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D11528%26ref%3D%26hn_ver%3D10%26fid%3D3d39b580-ca75-42f0-a492-07b055c9faf4 HTTP 302
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.cpx.to%252Fan_fire%253Fapp_nexus_uid%253D%2524UID%2526pid%253D11528%2526ref%253D%2526hn_ver%253D10%2526fid%253D3d39b580-ca75-42f0-a492-07b055c9faf4 HTTP 302
https://s.cpx.to/an_fire?app_nexus_uid=4311673460706352860&pid=11528&ref=&hn_ver=10&fid=3d39b580-ca75-42f0-a492-07b055c9faf4

Request Chain 40

https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2214da0346ebabaa5%22%2C%22version%22%3A%225.2.0-JS-6.2.0%22%2C%22referrer%22%3A%22http%3A%2F%2Furlz.fr%2FaFJ3%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2275e35ef1659e14%22%2C%22pid%22%3A%221121191%22%2C%22tid%22%3A%22361ac4bd-35e7-457d-8fad-40f68074e297%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%5D%7D%7D%5D%7D%7D HTTP 302
https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2214da0346ebabaa5%22%2C%22version%22%3A%225.2.0-JS-6.2.0%22%2C%22referrer%22%3A%22http%3A%2F%2Furlz.fr%2FaFJ3%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2275e35ef1659e14%22%2C%22pid%22%3A%221121191%22%2C%22tid%22%3A%22361ac4bd-35e7-457d-8fad-40f68074e297%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%5D%7D%7D%5D%7D%7D

Request Chain 44

http://www.dailymotion.com/embed?api=postMessage&autoplay-mute=true&autoplay=true&controls=false&endscreen-enable=false&id=player_screen_video&mute=true&origin=http%3A%2F%2Furlz.fr&sharing-enable=false&syndication=273739&ui-logo=false&ui-start-screen-info=false HTTP 301
https://www.dailymotion.com/embed?api=postMessage&autoplay-mute=true&autoplay=true&controls=false&endscreen-enable=false&id=player_screen_video&mute=true&origin=http%3A%2F%2Furlz.fr&sharing-enable=false&syndication=273739&ui-logo=false&ui-start-screen-info=false

Request Chain 53

http://b.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1569950449440&ns_c=UTF-8&ns_if=1&cv=3.1e&c8=&c7=http%3A%2F%2Furlz.fr%2FaFJ3&c9= HTTP 302
http://b.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1569950449440&ns_c=UTF-8&ns_if=1&cv=3.1e&c8=&c7=http%3A%2F%2Furlz.fr%2FaFJ3&c9=

Request Chain 55

https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola HTTP 302
https://trc.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=3eed85c3-5e75-492c-bfdc-8ab86b060379

Request Chain 57

https://px.powerlinks.com/user/identify?sourceId=d4a7a706-ab0f-11e8-a038-127202fb7690&rurl=https%3A%2F%2Ftrc.taboola.com%2Fsg%2Fpowerlinksdsp-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%24%7BUSER%7D HTTP 302
https://trc.taboola.com/sg/powerlinksdsp-network/1/rtb-h/?taboola_hm=CfaYgSAt6Din8taPPuA4iySroXSg_kN6ltsPnShWwNk%3D

Request Chain 59

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm=&google_sc=&google_tc= HTTP 302
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEAsli25wcPL034rjbHOksSY&google_cver=1 HTTP 302
https://match.taboola.com/sg/google-network/1/rtb-h?taboola_hm=CAESEAsli25wcPL034rjbHOksSY&tbid=80a87903-3861-4966-acf0-00fa11756b82-tuct48d1071&query=taboola_hm%3DCAESEAsli25wcPL034rjbHOksSY%26google_cver%3D1

Request Chain 61

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=58df8bf0-41e5-48b2-a61c-79006064b8cd HTTP 302
https://match.taboola.com/sg/thetradedesk-network/1/rtb-h?taboola_hm=58df8bf0-41e5-48b2-a61c-79006064b8cd&tbid=80a87903-3861-4966-acf0-00fa11756b82-tuct48d1071&query=taboola_hm%3D58df8bf0-41e5-48b2-a61c-79006064b8cd

Request Chain 62

https://www.storygize.net/ccm/4b560cdd-91f9-422b-adb7-e9dff26bc3ad?u=80a87903-3861-4966-acf0-00fa11756b82-tuct48d1071 HTTP 302
https://trc.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=fedfc6fc-1d29-4020-9a45-8a0ab6272942 HTTP 302
https://match.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=fedfc6fc-1d29-4020-9a45-8a0ab6272942&tbid=f0f9bc90-977f-467b-b73f-184ab5a8d4f1-tuct48d1079&query=taboola_hm%3Dfedfc6fc-1d29-4020-9a45-8a0ab6272942

Request Chain 65

https://x.bidswitch.net/sync?ssp=taboola HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=taboola HTTP 302
https://ads.programattik.com/sync?ssp=bidswitch&bidswitch_ssp_id=taboola HTTP 302
https://ads.programattik.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=taboola HTTP 302
https://x.bidswitch.net/sync?dsp_id=156&expires=14&user_id=687c165e-e801-409f-b12e-1634738574fa&ssp=taboola HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=156&expires=14&user_id=687c165e-e801-409f-b12e-1634738574fa&ssp=taboola HTTP 302
https://trc.taboola.com/sg/bidswitch-network/1/rtb-h/?taboola_hm=32172a33-4896-4f4e-bb87-89f2cf9b6df6 HTTP 302
https://match.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=32172a33-4896-4f4e-bb87-89f2cf9b6df6&tbid=eab27c13-3c78-46a6-9032-eceba4f95b5c-tuct48d1074&query=taboola_hm%3D32172a33-4896-4f4e-bb87-89f2cf9b6df6

Request Chain 68

http://www.dailymotion.com/thumbnail/1280x720/video/x73maq4 HTTP 301
https://www.dailymotion.com/thumbnail/1280x720/video/x73maq4 HTTP 302
https://s1.dmcdn.net/vwCsu/1280x720-bZN.jpg

Request Chain 73

https://ib.adnxs.com/getuid?https://ice.360yield.com/match?external_user_id=$UID&publisher_dsp_id=40 HTTP 302
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fice.360yield.com%2Fmatch%3Fexternal_user_id%3D%24UID%26publisher_dsp_id%3D40 HTTP 302
https://ice.360yield.com/match?external_user_id=5797944573872940738&publisher_dsp_id=40 HTTP 302
https://ice.360yield.com/ul_cb/match?external_user_id=5797944573872940738&publisher_dsp_id=40

Request Chain 74

https://ad.turn.com/r/cs?pid=15&publisher_user_id=fd1a902e-0410-46a3-bda2-e5afa649496f&publisher_dsp_id=4&publisher_call_type=redirect&publisher_redirecturl=https://ice.360yield.com/match HTTP 302
https://ad.360yield.com/match?publisher_dsp_id=4&external_user_id=2547910123049076105&gdpr=&gdpr_consent=

Request Chain 75

https://pixel.mathtag.com/sync/img?sync=auto&publisher_user_id=fd1a902e-0410-46a3-bda2-e5afa649496f&publisher_dsp_id=5&publisher_call_type=redirect&publisher_redirecturl=https://ice.360yield.com/match HTTP 302
https://ice.360yield.com/match?publisher_dsp_id=5&external_user_id=5a975d93-86d6-4c00-a3f6-809877f47173

Request Chain 76

https://cm.g.doubleclick.net/pixel?google_nid=improvedigital&google_cm&google_sc HTTP 302
https://ad.360yield.com/match?publisher_dsp_id=55&external_user_id=CAESEN_WP2DxrUS8jNbkusY7hgM&google_cver=1 HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=55&external_user_id=CAESEN_WP2DxrUS8jNbkusY7hgM&google_cver=1

Request Chain 77

https://track.adform.net/serving/cookie/match/?party=5&publisher_user_id=fd1a902e-0410-46a3-bda2-e5afa649496f&publisher_dsp_id=42&publisher_call_type=redirect&publisher_redirecturl=https://ice.360yield.com/match HTTP 302
https://track.adform.net/serving/cookie/match/?CC=1&party=5&publisher_user_id=fd1a902e-0410-46a3-bda2-e5afa649496f&publisher_dsp_id=42&publisher_call_type=redirect&publisher_redirecturl=https://ice.360yield.com/match HTTP 302
https://ice.360yield.com/match?publisher_dsp_id=42&Expiration=1571160053&external_user_id=2227460407179357686 HTTP 302
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=42&Expiration=1571160053&external_user_id=2227460407179357686

Request Chain 78

http://ads.stickyadstv.com/auto-user-sync HTTP 302
http://um.simpli.fi/freewheel

80 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request aFJ3 Show response
urlz.fr/
Redirect Chain

https://www.woo.by/dr
https://urlz.fr/aFJ3
http://urlz.fr/aFJ3

3 KB
1 KB

76ms
76ms

Document
text/html

2606:4700:31::681f:bb2
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://urlz.fr/aFJ3
Protocol: HTTP/1.1
Server: 2606:4700:31::681f:bb2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c071d7912f24cfd61fa2c27e949009db52528627a4886d900344dc1edbeed06

Request headers

Host: urlz.fr
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Cookie: __cfduid=d722d901c5ac375c3d15fa09350096d241569950446
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1

Response headers

Date: Tue, 01 Oct 2019 17:20:46 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: cloudflare
CF-RAY: 51f01bf2db95cbcc-VIE
Content-Encoding: gzip

Redirect headers

status: 301
date: Tue, 01 Oct 2019 17:20:46 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d722d901c5ac375c3d15fa09350096d241569950446; expires=Wed, 30-Sep-20 17:20:46 GMT; path=/; domain=.urlz.fr; HttpOnly
location: http://urlz.fr/aFJ3
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 51f01bf21dfecbbc-VIE

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/95c75768/cloudflare-static/ 12 KB
4 KB 14ms
14ms Script
application/javascript 2606:4700::6813:c697
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/95c75768/cloudflare-static/rocket-loader.min.js

Requested by

Host: urlz.fr
URL: http://urlz.fr/aFJ3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:c697 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ebb1042972496d60bb6555b9622f7e23201bbfe5d25b33d1096f1b61d659045

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://urlz.fr/aFJ3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 01 Oct 2019 17:20:46 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Mon, 23 Sep 2019 14:57:07 GMT
server: cloudflare
etag: W/"5d88dd43-2fb5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/javascript
status: 200
cache-control: max-age=172800, public
strict-transport-security: max-age=15780000; includeSubDomains
cf-ray: 51f01bf34e1ccbb8-VIE
expires: Thu, 03 Oct 2019 17:20:46 GMT

GET
H/1.1 200
OK Cookie set /
havegotin.saidhisfather.top/ Frame F816 0
0 97ms
97ms Document
text/html 2606:4700:30::681c:1786
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://havegotin.saidhisfather.top/
Requested by: Host: urlz.fr
URL: http://urlz.fr/aFJ3
Protocol: HTTP/1.1
Server: 2606:4700:30::681c:1786 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / PHP/5.4.45
Resource Hash

Request headers

Host: havegotin.saidhisfather.top
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://urlz.fr/aFJ3
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://urlz.fr/aFJ3

Response headers

Date: Tue, 01 Oct 2019 17:20:46 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=d92329e78b25cdeab0aeab7f200f4f2781569950446; expires=Wed, 30-Sep-20 17:20:46 GMT; path=/; domain=.saidhisfather.top; HttpOnly
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.45
Server: cloudflare
CF-RAY: 51f01bf35daacbcc-VIE
Content-Encoding: gzip

GET
H/1.1 200
OK requestform.js Show response
ads.themoneytizer.com/s/ 34 KB
8 KB 34ms
21ms Script
text/html 151.139.241.23
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/95c75768/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: NetDNA-cache/2.2 / PHP/5.4.45
Resource Hash: 6215243acea69bc21dccf71641e9d22d4c94e9ce4ff141beeeee6cc25ba65d5d

Request headers

Referer: http://urlz.fr/aFJ3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 01 Oct 2019 17:20:46 GMT
Content-Encoding: gzip
Server: NetDNA-cache/2.2
X-Powered-By: PHP/5.4.45
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/html; charset=UTF-8
Cache-control: max-age=86400
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes
Expires: Wed, 02 Oct 2019 17:20:46 GMT

GET
H/1.1 200
OK gen.js Show response
ads.themoneytizer.com/s/ 7 KB
3 KB 32ms
18ms Script
text/html 151.139.241.23
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: http://ads.themoneytizer.com/s/gen.js?type=28
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/95c75768/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: NetDNA-cache/2.2 / PHP/5.4.45
Resource Hash: 2c0b1cf6965cedd6fdc86718ff298f16a50ad29397c68cb6b4de5c0954f98728

Request headers

Referer: http://urlz.fr/aFJ3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 01 Oct 2019 17:20:16 GMT
Content-Encoding: gzip
Server: NetDNA-cache/2.2
X-Powered-By: PHP/5.4.45
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/html; charset=UTF-8
Cache-control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2655
Expires: Wed, 02 Oct 2019 17:20:16 GMT

GET
H/1.1 200
OK / Show response
g.tmyzer.com/g/ 26 B
200 B 69ms
55ms Script
text/html 145.239.193.145
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://g.tmyzer.com/g/
Requested by: Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol: HTTP/1.1
Server: 145.239.193.145 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 278393caf9e3b1246267fb79e95027449f041bbf8e8774a4cf46d72cc09b7405

Request headers

Referer: http://urlz.fr/aFJ3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 01 Oct 2019 17:20:47 GMT
Server: nginx
X-IPLB-Instance: 29821
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 moneyvisibility.js Show response
ads.themoneytizer.com/ 12 KB
4 KB 19ms
17ms Script
text/javascript 151.139.241.23
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneyvisibility.js
Requested by: Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: 7665c874bc98e44bd494def2883069f2f4c14cdef48d52d517cbbfce75440f37

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://urlz.fr/aFJ3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 01 Oct 2019 17:20:47 GMT
content-encoding: gzip
last-modified: Wed, 27 Feb 2019 16:57:07 GMT
server: nginx
etag: "779a-308e-582e3105a6be4"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 3931
expires: Wed, 02 Oct 2019 17:20:42 GMT

GET
H2 200 moneybile.js Show response
ads.themoneytizer.com/ 37 KB
16 KB 20ms
18ms Script
text/javascript 151.139.241.23
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneybile.js
Requested by: Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: 94666aec361fee9a9294bb32a5bc11867e479d41c199dd6ec8053122ae105a4b

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://urlz.fr/aFJ3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 01 Oct 2019 17:20:47 GMT
content-encoding: gzip
last-modified: Wed, 27 Feb 2019 16:57:00 GMT
server: nginx
etag: "7ff1-9390-582e30fefbc74"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 15733
expires: Wed, 02 Oct 2019 17:20:13 GMT

GET
H/1.1 200
OK getjs.static.js Show response
tag.contextweb.com/ 32 KB
11 KB 34ms
20ms Script
application/x-javascript 74.214.194.132
PULSEPOINT-EU

General

Check archive.org

Show headers Download Go to

Full URL: http://tag.contextweb.com/getjs.static.js
Requested by: Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol: HTTP/1.1
Server: 74.214.194.132 Amsterdam, Netherlands, ASN59940 (PULSEPOINT-EU, NL),
Reverse DNS
Software: envoy /
Resource Hash: bf0e17523e8f57ccb02223b6e5adea462a5479afc4e79d9cbf80ca7f6186dc69

Request headers

Referer: http://urlz.fr/aFJ3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 01 Oct 2019 17:20:46 GMT
content-encoding: gzip
server: envoy
etag: d13c8ae45565efb782b52cb7f6a3b3828e3d77a7
p3p: policyref="/TagPublish/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: max-age=432000, public
x-envoy-upstream-service-time: 2
content-type: application/x-javascript
content-length: 11296

GET
H/1.1 200
OK px.js Show response
p.cpx.to/p/11528/ 1 KB
2 KB 28ms
27ms Script
application/javascript 143.204.214.46
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://p.cpx.to/p/11528/px.js?r=1d75c
Requested by: Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol: HTTP/1.1
Server: 143.204.214.46 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-214-46.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 759d88dd7c8fa0d1e31323bd2ebf3f238156fdcbd1ed108215f69fece482d0c2

Request headers

Referer: http://urlz.fr/aFJ3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 30 Sep 2019 00:39:37 GMT
Content-Encoding: UTF-8
Connection: keep-alive
Last-Modified: Wed, 10 Oct 2018 10:49:46 GMT
Server: AmazonS3
Age: 146471
ETag: "f30057c89bf67afeaf18ceba624fa4b7"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 511c8b6c7e903efca023a504d527516b.cloudfront.net (CloudFront)
Cache-Control: max-age=2419200
X-Amz-Cf-Pop: FRA53-C1
Accept-Ranges: bytes
Content-Length: 1498
X-Amz-Cf-Id: 2MeLUGuSBgBEY5HB4mtdKc9uU6VitSv05l6yHbgd8ExWA95eUVnoDg==

GET
H/1.1

200
OK

smart.js Show response
ced-ns.sascdn.com/diff/js/
Redirect Chain

http://ww1097.smartadserver.com/config.js?nwid=1097
http://ced-ns.sascdn.com/diff/js/smart.js

24 KB
8 KB

16ms
16ms

Script
application/x-javascript

68.232.35.16
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: http://ced-ns.sascdn.com/diff/js/smart.js
Protocol: HTTP/1.1
Server: 68.232.35.16 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (amb/6BD8) /
Resource Hash: e74d4b9c447f963778d2309bf36b2c9acd06d8c7096f9a98b28643cae53f426b

Request headers

Referer: http://urlz.fr/aFJ3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 01 Oct 2019 17:20:47 GMT
Content-Encoding: gzip
Last-Modified: Thu, 05 Sep 2019 12:08:33 GMT
Server: ECS (amb/6BD8)
Cache-Control: max-age=86400
Etag: "1fc11a0f5e30485338c4562812f21662:1567685313"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: application/x-javascript
X-N: S
Accept-Ranges: bytes
Content-Length: 8004

Redirect headers

Location: http://ced-ns.sascdn.com/diff/js/smart.js
Date: Tue, 01 Oct 2019 17:20:46 GMT
Cache-Control: private
Content-Length: 158
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK sync Show response
gum.criteo.com/ 49 B
386 B 30ms
15ms Script
text/javascript 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: http://gum.criteo.com/sync?c=147&r=2&j=criteoCallback
Requested by: Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol: HTTP/1.1
Server: 2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: /
Resource Hash: 005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0

Request headers

Referer: http://urlz.fr/aFJ3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 01 Oct 2019 17:20:46 GMT
Content-Encoding: gzip
Expires: 60
Cache-Control: private, max-age=3600
Content-Length: 165
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8

GET
H/1.1 200
OK libJsLP.js Show response
tag.leadplace.fr/ 3 KB
3 KB 45ms
31ms Script
application/javascript 145.239.192.166
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://tag.leadplace.fr/libJsLP.js
Requested by: Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol: HTTP/1.1
Server: 145.239.192.166 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 90e6f92e956b0b2b6e655f63d36cd44cef727f54c2b2a175ab5144de14ba2a31

Request headers

Referer: http://urlz.fr/aFJ3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 01 Oct 2019 17:20:47 GMT
Last-Modified: Wed, 28 Nov 2018 09:16:40 GMT
Server: nginx/1.14.2
ETag: "5bfe5cf8-a72"
X-IPLB-Instance: 30195
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 2674

GET
H/1.1 200
OK quant.js Show response
edge.quantserve.com/ 12 KB
6 KB 27ms
27ms Script
application/x-javascript 91.228.74.207
Quantcast Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: http://edge.quantserve.com/quant.js
Requested by: Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol: HTTP/1.1
Server: 91.228.74.207 , United Kingdom, ASN27281 (QUANTCAST - Quantcast Corporation, US),
Reverse DNS
Software: QS /
Resource Hash: 404a9b0ffbcc813e8ddbb8d8510a24a69c09079282f8083ee94f4adc5d627176

Request headers

Referer: http://urlz.fr/aFJ3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 01 Oct 2019 17:20:47 GMT
Content-Encoding: gzip
Last-Modified: Tue, 01-Oct-2019 17:20:47 GMT
Server: QS
ETag: M0-e2b9884a
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=604800
Connection: keep-alive
Content-Length: 5456
Expires: Tue, 08 Oct 2019 17:20:47 GMT

GET
H/1.1 200
OK notifyme.js Show response
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/ 25 KB
26 KB 27ms
26ms Script
text/javascript 52.222.149.19
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Requested by: Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol: HTTP/1.1
Server: 52.222.149.19 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-52-222-149-19.fra53.r.cloudfront.net
Software: Apache /
Resource Hash: b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213

Request headers

Referer: http://urlz.fr/aFJ3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 01 Oct 2019 03:54:22 GMT
Via: 1.1 300b920cc4a53d2daec2ba8180596d82.cloudfront.net (CloudFront)
Last-Modified: Mon, 18 Feb 2019 16:54:28 GMT
Server: Apache
Age: 80393
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
X-Amz-Cf-Pop: FRA53
Accept-Ranges: bytes
Content-Length: 25704
X-Amz-Cf-Id: wxGcxQlQf95m9zVNQhCiIIe6g1zsYdR4kYx9-6nE1Yn0plct1JeiwQ==

GET
H2 200 prebid.js Show response
ads.themoneytizer.com/moneybid2_31/build/dist/ 333 KB
105 KB 70ms
69ms Script
text/javascript 151.139.241.23
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneybid2_31/build/dist/prebid.js
Requested by: Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: 1aa092da3c4c7cfa17ea0a1a695f3c98e49e5ad40fb8054f7f2c0508b640bf50

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://urlz.fr/aFJ3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 01 Oct 2019 17:20:47 GMT
content-encoding: gzip
last-modified: Tue, 17 Sep 2019 15:51:10 GMT
server: nginx
etag: "32334-53511-592c1b0771144"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 107532
expires: Wed, 02 Oct 2019 17:20:05 GMT

GET
H/1.1 200
OK sdk.js Show response
player.pepsia.com/ 38 KB
38 KB 88ms
74ms Script
application/javascript 5.179.192.20
ASPSERVEUR-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://player.pepsia.com/sdk.js?d=16d8856b6b3
Requested by: Host: urlz.fr
URL: http://urlz.fr/aFJ3
Protocol: HTTP/1.1
Server: 5.179.192.20 Paris, France, ASN34235 (ASPSERVEUR-AS, FR),
Reverse DNS: 5-179-192-20.dynamixhost.net
Software: nginx /
Resource Hash: dccff4268cf23b61b45aeb89e063cb102cdf9a862e1c25bd2104aaf135a914d3

Request headers

Referer: http://urlz.fr/aFJ3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 01 Oct 2019 17:20:47 GMT
Last-Modified: Tue, 24 Sep 2019 10:24:44 GMT
Server: nginx
Accept-Ranges: bytes
ETag: "5d89eeec-96b1"
Content-Length: 38577
Content-Type: application/javascript

GET
H/1.1 200
OK /
havegotin.saidhisfather.top/ Frame 7DC3 0
0 77ms
76ms Document
text/html 2606:4700:30::681c:1786
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://havegotin.saidhisfather.top/
Requested by: Host: urlz.fr
URL: http://urlz.fr/aFJ3
Protocol: HTTP/1.1
Server: 2606:4700:30::681c:1786 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / PHP/5.4.45
Resource Hash

Request headers

Host: havegotin.saidhisfather.top
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://urlz.fr/aFJ3
Accept-Encoding: gzip, deflate
Cookie: __cfduid=d92329e78b25cdeab0aeab7f200f4f2781569950446
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://urlz.fr/aFJ3

Response headers

Date: Tue, 01 Oct 2019 17:20:47 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.45
Server: cloudflare
CF-RAY: 51f01bf79c15cb98-VIE
Content-Encoding: gzip

GET
H/1.1 200
OK image.php
www.noowho.com/ 1 KB
2 KB 250ms
205ms Image
image/gif 94.23.196.203
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.noowho.com/image.php?site=23690713&ref=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.23.196.203 , France, ASN16276 (OVH, FR),
Reverse DNS: serveur8.wilsoftech.com
Software: Apache/2.4.7 (Ubuntu) / PHP/5.5.9-1ubuntu4.22
Resource Hash: 870392eaa248a250b590ed5409f48bb4cfb4cff32f7c61b4dfd6983b3873c626

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://urlz.fr/aFJ3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 01 Oct 2019 17:29:34 GMT
Cache-Control: no-store, no-cache, must-revalidate
Server: Apache/2.4.7 (Ubuntu)
Connection: close
X-Powered-By: PHP/5.5.9-1ubuntu4.22
Content-Length: 1481
Content-Type: image/gif

GET
H/1.1

200

4.gif
id5-sync.com/c/12/102/6/
Redirect Chain

https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent=
https://id5-sync.com/c/12/0/9/1.gif?gdpr=1&gdpr_consent=
https://secure.adnxs.com/getuid?https://id5-sync.com/c/12/2/8/2.gif?puid=$UID&gdpr=1&gdpr_consent=
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fid5-sync.com%2Fc%2F12%2F2%2F8%2F2.gif%3Fpuid%3D%24UID%26gdpr%3D1%26gdpr_consent%3D
https://id5-sync.com/c/12/2/8/2.gif?puid=6847113233627577372&gdpr=1&gdpr_consent=
https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F7%2F3.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F7%2F3.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
https://id5-sync.com/c/12/101/7/3.gif?puid=9799bb5a-67b1-44d6-9895-068d3418ba18&gdpr=1&gdpr_consent=
https://rtb-csync.smartadserver.com/redir/?partnerid=111&partneruserid=ID5-ZHMOBiueEvMIjxJnhIecKsTKXkUNCkt_e6oJePep7g&redirurl=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F102%2F6%2F4.gif%3Fpuid%3DSMART_U...
https://id5-sync.com/c/12/102/6/4.gif?puid=8198683909712912307&gdpr=1&gdpr_consent=

43 B
798 B

25ms
23ms

Image
image/gif

54.36.123.231
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id5-sync.com/c/12/102/6/4.gif?puid=8198683909712912307&gdpr=1&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.36.123.231 , France, ASN16276 (OVH, FR),
Reverse DNS: s03.id5-sync.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: http://urlz.fr/aFJ3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 01 Oct 2019 17:20:48 GMT
Content-Type: image/gif;charset=UTF-8
Transfer-Encoding: chunked
P3P: CP="CAO PSA OUR"

Redirect headers

Pragma: no-cache
Date: Tue, 01 Oct 2019 17:20:47 GMT
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Location: https://id5-sync.com/c/12/102/6/4.gif?puid=8198683909712912307&gdpr=1&gdpr_consent=
Cache-Control: no-cache, no-store
Content-Type: text/html; charset=utf-8
Content-Length: 208
Expires: -1

GET
H/1.1 200
OK fire.js Show response
s.cpx.to/ 942 B
2 KB 33ms
33ms Script
application/javascript 34.246.169.240
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://s.cpx.to/fire.js?pid=11528&ref=&hn_ver=10&fid=3d39b580-ca75-42f0-a492-07b055c9faf4

Requested by

Host: p.cpx.to
URL: http://p.cpx.to/p/11528/px.js?r=1d75c

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.246.169.240 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-34-246-169-240.eu-west-1.compute.amazonaws.com

Software

Resource Hash

b845d1d6684c2cdd539a8f28f49213b0b59a106b56c6943a09d6c4eeb82c65bf

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://urlz.fr/aFJ3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Tue, 01 Oct 2019 17:20:47 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/javascript; charset=UTF-8
Content-Length: 942
Expires: Wed, 18 Sep 2019 12:52:09 GMT

GET
H2

200

rules-p-6Fv0cGNfc_bw8.js Show response
rules.quantcount.com/
Redirect Chain

http://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js

1 KB
972 B

7ms
7ms

Script
application/x-javascript

2600:9000:214f:9000:6:44e3:f8c0:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:9000:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681

Request headers

Referer: http://urlz.fr/aFJ3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 01 Oct 2019 17:19:34 GMT
content-encoding: gzip
last-modified: Mon, 19 Mar 2018 22:28:36 GMT
server: AmazonS3
age: 77
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=3600
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: cITRRG3JCfP6VxBTtcynttr2Ih8i8A4LfsaaOFkEZFKtgIAYLsOMxQ==
via: 1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)

Redirect headers

Date: Tue, 01 Oct 2019 17:20:47 GMT
Via: 1.1 7549433a09d06354ea864d169b689e51.cloudfront.net (CloudFront)
Server: CloudFront
X-Amz-Cf-Pop: FRA53-C1
X-Cache: Redirect from cloudfront
Content-Type: text/html
Location: https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Connection: keep-alive
Content-Length: 183
X-Amz-Cf-Id: o3Vz2Mn-DSSNgBvzDLiCrqsmO0YoOxaDSoLO8OAbGdmuSlZxBkFfYQ==

GET
H/1.1 200
OK jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.0.0/ 84 KB
30 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:824::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js

Requested by

Host: d2zur9cc2gf1tx.cloudfront.net
URL: http://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:824::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://urlz.fr/aFJ3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 29 Aug 2019 00:48:22 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 20 Dec 2016 18:17:03 GMT
Server: sffe
Age: 2910745
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 30186
X-XSS-Protection: 0
Expires: Fri, 28 Aug 2020 00:48:22 GMT

GET
H/1.1 200
OK wckr.php
tag.leadplace.fr/ Frame D78C 0
0 25ms
24ms Document
text/html 145.239.192.166
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://tag.leadplace.fr/wckr.php?nogdpr&id=MTIZ
Requested by: Host: tag.leadplace.fr
URL: http://tag.leadplace.fr/libJsLP.js
Protocol: HTTP/1.1
Server: 145.239.192.166 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash

Request headers

Host: tag.leadplace.fr
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://urlz.fr/aFJ3
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://urlz.fr/aFJ3

Response headers

Server: nginx/1.14.2
Date: Tue, 01 Oct 2019 17:20:47 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
X-IPLB-Instance: 30195

GET
H/1.1 200
OK pixel;r=64273074;labels=Categories.hobbiesandinterests;rf=0;a=p-6Fv0cGNfc_bw8;url=http%3A%2F%2Furlz.fr%2FaFJ3;fpan=1;fpa=P0-1126588111-1569950447332;ns=0;ce=1;qjs=1;qv=4c19192-20180628134937;cm=;re...
pixel.quantserve.com/ 35 B
494 B 28ms
28ms Image
image/gif 91.228.74.221
Quantcast Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://pixel.quantserve.com/pixel;r=64273074;labels=Categories.hobbiesandinterests;rf=0;a=p-6Fv0cGNfc_bw8;url=http%3A%2F%2Furlz.fr%2FaFJ3;fpan=1;fpa=P0-1126588111-1569950447332;ns=0;ce=1;qjs=1;qv=4c19192-20180628134937;cm=;ref=;je=0;sr=1600x1200x24;enc=n;dst=1;et=1569950447332;tzo=-120;ogl=
Protocol: HTTP/1.1
Server: 91.228.74.221 , United Kingdom, ASN27281 (QUANTCAST - Quantcast Corporation, US),
Reverse DNS
Software: QS /
Resource Hash: a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Request headers

Referer: http://urlz.fr/aFJ3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 01 Oct 2019 17:20:47 GMT
Server: QS
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
Cache-Control: private, no-cache, no-store, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1 200
OK notifyme.php Show response
adtrack.adleadevent.com/ 0
517 B 107ms
38ms XHR
application/x-javascript 54.247.104.216
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
Requested by: Host: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.247.104.216 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-247-104-216.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: http://urlz.fr/aFJ3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Pragma: no-cache
Date: Tue, 01 Oct 2019 17:20:47 GMT
Content-Encoding: gzip
Last-Modified: Tue, 01 Oct 2019 17:20:47 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: http://urlz.fr
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

ca.png
s.cpx.to/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=3d39b580-ca75-42f0-a492-07b055c9faf4
https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm=&dsp=dbm&fid=3d39b580-ca75-42f0-a492-07b055c9faf4&google_tc=
https://s.cpx.to/ca.png?dsp=dbm&fid=3d39b580-ca75-42f0-a492-07b055c9faf4&google_gid=CAESEJvIkPfod2j0hcwFlUDFLwE&google_cver=1

95 B
804 B

66ms
33ms

Image
image/png

34.246.169.240
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/ca.png?dsp=dbm&fid=3d39b580-ca75-42f0-a492-07b055c9faf4&google_gid=CAESEJvIkPfod2j0hcwFlUDFLwE&google_cver=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.246.169.240 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-34-246-169-240.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: http://urlz.fr/aFJ3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Tue, 01 Oct 2019 17:20:47 GMT
X-Frame-Options: sameorigin
Content-Type: image/png
Cache-Control: no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 95

Redirect headers

pragma: no-cache
date: Tue, 01 Oct 2019 17:20:47 GMT
server: HTTP server (unknown)
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://s.cpx.to/ca.png?dsp=dbm&fid=3d39b580-ca75-42f0-a492-07b055c9faf4&google_gid=CAESEJvIkPfod2j0hcwFlUDFLwE&google_cver=1
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 334
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

sync
s.cpx.to/
Redirect Chain

https://dmp.truoptik.com/0362536315099b06/sync.gif?cbk=https%3A%2F%2Fs.cpx.to%2Fsync&dsp=TRUOPTIK&fid=3d39b580-ca75-42f0-a492-07b055c9faf4&fck=5ea73077cc97d5eb&cbp=dsp_uid
https://s.cpx.to/sync?dsp_uid=61efd17f2d2b1c2041b91e792cae20d2&fid=3d39b580-ca75-42f0-a492-07b055c9faf4&dsp=TRUOPTIK&fck=5ea73077cc97d5eb

95 B
877 B

60ms
35ms

Image
image/png

34.246.169.240
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/sync?dsp_uid=61efd17f2d2b1c2041b91e792cae20d2&fid=3d39b580-ca75-42f0-a492-07b055c9faf4&dsp=TRUOPTIK&fck=5ea73077cc97d5eb

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.246.169.240 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-34-246-169-240.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: http://urlz.fr/aFJ3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Tue, 01 Oct 2019 17:20:47 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Content-Length: 95
Expires: Tue, 01 Oct 2019 17:20:47 GMT

Redirect headers

pragma: no-cache
date: Tue, 01 Oct 2019 17:20:47 GMT
to-dmp-sync: sync5-dmp-nyc1-do.truoptik.com
server: cloudflare
status: 302
user-agent: Tru Optik DMP 1.3.1
location: https://s.cpx.to/sync?dsp_uid=61efd17f2d2b1c2041b91e792cae20d2&fid=3d39b580-ca75-42f0-a492-07b055c9faf4&dsp=TRUOPTIK&fck=5ea73077cc97d5eb
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/html
access-control-allow-origin: *
cache-control: no-store
to-dmp-balancer: balancer1-dmp-nyc1-do.truoptik.com
cf-ray: 51f01bf7ffaad921-AMS
content-length: 154
expires: 0

GET
H/1.1

200
OK

sync
s.cpx.to/
Redirect Chain

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D3d39b580-ca75-42f0-a492-07b055c9faf4
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D3d39b580-ca75-42f0-a492-07b055c9faf4
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=D1460DF5-319D-4F23-94C4-6401C0C23FB1&fid=3d39b580-ca75-42f0-a492-07b055c9faf4

95 B
881 B

33ms
32ms

Image
image/png

34.246.169.240
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=D1460DF5-319D-4F23-94C4-6401C0C23FB1&fid=3d39b580-ca75-42f0-a492-07b055c9faf4

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.246.169.240 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-34-246-169-240.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: http://urlz.fr/aFJ3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Tue, 01 Oct 2019 17:20:47 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Content-Length: 95
Expires: Tue, 01 Oct 2019 17:20:47 GMT

Redirect headers

Location: https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=D1460DF5-319D-4F23-94C4-6401C0C23FB1&fid=3d39b580-ca75-42f0-a492-07b055c9faf4
Date: Tue, 01 Oct 2019 17:20:47 GMT
X-Cnection: close
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Content-Length: 448
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1

200
OK

sync
s.cpx.to/
Redirect Chain

https://ads.avocet.io/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Davocet%26dsp_uid%3D%7B%7BUUID%7D%7D%26fid%3D3d39b580-ca75-42f0-a492-07b055c9faf4
https://ads.avocet.io/getuid?bounce=true&url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Davocet%26dsp_uid%3D%7B%7BUUID%7D%7D%26fid%3D3d39b580-ca75-42f0-a492-07b055c9faf4
https://s.cpx.to/sync?dsp=avocet&dsp_uid=9d50d604-ddb0-4a79-976c-e3141e4a4c05&fid=3d39b580-ca75-42f0-a492-07b055c9faf4

95 B
879 B

56ms
33ms

Image
image/png

34.246.169.240
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/sync?dsp=avocet&dsp_uid=9d50d604-ddb0-4a79-976c-e3141e4a4c05&fid=3d39b580-ca75-42f0-a492-07b055c9faf4

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.246.169.240 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-34-246-169-240.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: http://urlz.fr/aFJ3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Tue, 01 Oct 2019 17:20:47 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Content-Length: 95
Expires: Tue, 01 Oct 2019 17:20:47 GMT

Redirect headers

Location: https://s.cpx.to/sync?dsp=avocet&dsp_uid=9d50d604-ddb0-4a79-976c-e3141e4a4c05&fid=3d39b580-ca75-42f0-a492-07b055c9faf4
Date: Tue, 01 Oct 2019 17:20:47 GMT
Connection: keep-alive
P3p: policyref="http://cdn.avocet.io/w3c/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Content-Length: 149
Content-Type: text/html; charset=utf-8

GET
H/1.1

200
OK

an_fire
s.cpx.to/
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D11528%26ref%3D%26hn_ver%3D10%26fid%3D3d39b580-ca75-42f0-a492-07b055c9faf4
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.cpx.to%252Fan_fire%253Fapp_nexus_uid%253D%2524UID%2526pid%253D11528%2526ref%253D%2526hn_ver%253D10%2526fid%253D3d39b580-ca75-42f0-a...
https://s.cpx.to/an_fire?app_nexus_uid=4311673460706352860&pid=11528&ref=&hn_ver=10&fid=3d39b580-ca75-42f0-a492-07b055c9faf4

95 B
865 B

36ms
35ms

Image
image/png

34.246.169.240
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/an_fire?app_nexus_uid=4311673460706352860&pid=11528&ref=&hn_ver=10&fid=3d39b580-ca75-42f0-a492-07b055c9faf4

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.246.169.240 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-34-246-169-240.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: http://urlz.fr/aFJ3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Tue, 01 Oct 2019 17:20:47 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Content-Length: 95
Expires: Tue, 01 Oct 2019 17:20:47 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 01 Oct 2019 17:20:49 GMT
X-Proxy-Origin: 89.38.98.91; 89.38.98.91; 536.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.14:80
AN-X-Request-Uuid: 1fc2823a-5b6e-49a4-9413-5dd5c2e52792
Server: nginx/1.13.4
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://s.cpx.to/an_fire?app_nexus_uid=4311673460706352860&pid=11528&ref=&hn_ver=10&fid=3d39b580-ca75-42f0-a492-07b055c9faf4
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK sync
pool.grid-data.bidswitch.net/ 43 B
300 B 75ms
25ms Image
image/gif 18.185.45.212
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pool.grid-data.bidswitch.net/sync?pid=42
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.45.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-18-185-45-212.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://urlz.fr/aFJ3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 01 Oct 2019 17:20:47 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK indexv2.php Show response
player.pepsia.com/V2/ 43 KB
15 KB 55ms
54ms XHR
text/html 5.179.192.20
ASPSERVEUR-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://player.pepsia.com/V2/indexv2.php?token=00I4&controls=1&autoplay=1&logo=true&volume=1&api=1&id=0&origin=http://urlz.fr&d=16d8856b742
Requested by: Host: player.pepsia.com
URL: http://player.pepsia.com/sdk.js?d=16d8856b6b3
Protocol: HTTP/1.1
Server: 5.179.192.20 Paris, France, ASN34235 (ASPSERVEUR-AS, FR),
Reverse DNS: 5-179-192-20.dynamixhost.net
Software: nginx /
Resource Hash: 0ae15c9a16e2345af840982b175760978991b1f0d1917738c60870f4a32942c6

Request headers

Referer: http://urlz.fr/aFJ3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: http://urlz.fr
Date: Tue, 01 Oct 2019 17:20:47 GMT
Content-Encoding: gzip
Access-Control-Allow-Credentials: true
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK algov2.php Show response
player.pepsia.com/V2/ 1 KB
782 B 91ms
78ms XHR
text/html 5.179.192.20
ASPSERVEUR-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://player.pepsia.com/V2/algov2.php?token=00I4&num=9&origin=http://urlz.fr&d=16d8856b742
Requested by: Host: player.pepsia.com
URL: http://player.pepsia.com/sdk.js?d=16d8856b6b3
Protocol: HTTP/1.1
Server: 5.179.192.20 Paris, France, ASN34235 (ASPSERVEUR-AS, FR),
Reverse DNS: 5-179-192-20.dynamixhost.net
Software: nginx /
Resource Hash: 5f93f648f5700cc6b98b92067538d7671f2dda507caa3f034d255077dfecf0e3

Request headers

Referer: http://urlz.fr/aFJ3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: http://urlz.fr
Date: Tue, 01 Oct 2019 17:20:47 GMT
Content-Encoding: gzip
Access-Control-Allow-Credentials: true
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame D2E7 43 KB
17 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:815::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: urlz.fr
URL: http://urlz.fr/aFJ3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://urlz.fr/aFJ3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 4241
date: Tue, 01 Oct 2019 16:10:06 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17803
expires: Tue, 01 Oct 2019 18:10:06 GMT

GET
H2 200 all.js Show response
api.dmcdn.net/ Frame D2E7 29 KB
10 KB 128ms
36ms Script
application/x-javascript 178.79.227.167
Limelight Networks

General

Check archive.org

Show headers Download Go to

Full URL: https://api.dmcdn.net/all.js
Requested by: Host: player.pepsia.com
URL: http://player.pepsia.com/sdk.js?d=16d8856b6b3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.79.227.167 , Italy, ASN22822 (LLNW - Limelight Networks, Inc., US),
Reverse DNS: https-178-79-227-167.vie.llnw.net
Software: DMS/1.0.42 /
Resource Hash: bc668e376652343280e84405e0dd10fcbf8e4147e7c3bf1ace3d1820aac78f68

Request headers

Sec-Fetch-Mode: cors
Referer: http://urlz.fr/aFJ3
Origin: http://urlz.fr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 01 Oct 2019 17:20:47 GMT
content-encoding: gzip
last-modified: Fri, 27 Sep 2019 13:09:39 GMT
server: DMS/1.0.42
age: 359886
etag: "5d8e0a13-72c2"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=43200, s-maxage=3600
accept-ranges: bytes
access-control-allow-origin: *
content-length: 9628
expires: Fri, 27 Sep 2019 14:22:41 GMT

GET
H2 200 glyphicons-halflings-regular.woff2
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/fonts/ Frame D2E7 18 KB
18 KB 97ms
96ms Font
font/woff2 2001:4de0:ac19::1:b:3a
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/fonts/glyphicons-halflings-regular.woff2
Requested by: Host: player.pepsia.com
URL: http://player.pepsia.com/sdk.js?d=16d8856b6b3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: /
Resource Hash: fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Request headers

Sec-Fetch-Mode: cors
Referer: http://urlz.fr/aFJ3
Origin: http://urlz.fr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 01 Oct 2019 17:20:47 GMT
content-encoding: gzip
last-modified: Wed, 12 Dec 2018 18:36:18 GMT
status: 200
etag: "1544639778"
vary: Accept-Encoding
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-hello-human: Say hello back! @getBootstrapCDN on Twitter
accept-ranges: bytes
timing-allow-origin: *
content-length: 18056

GET
DATA 200
OK truncated
/ Frame D2E7 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: http://urlz.fr/aFJ3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK favicon.ico
havegotin.saidhisfather.top/ Frame D2E7 1 KB
942 B 69ms
68ms Image
image/x-icon 2606:4700:30::681c:1786
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://havegotin.saidhisfather.top/favicon.ico
Requested by: Host: urlz.fr
URL: http://urlz.fr/aFJ3
Protocol: HTTP/1.1
Server: 2606:4700:30::681c:1786 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c1b86623b5a404af541b7355f1d84ee33f43a8436f72ff1ebf84395aa8f076b

Request headers

Referer: http://urlz.fr/aFJ3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 01 Oct 2019 17:20:47 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Mon, 30 Sep 2019 23:08:00 GMT
Server: cloudflare
ETag: W/"2d83cb2-47e-593cd4ea2f345"
Vary: Accept-Encoding
Content-Type: image/x-icon
Cache-Control: public, max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 51f01bf8d93dcb98-VIE
Expires: Tue, 01 Oct 2019 21:20:47 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 253 B
1 KB 185ms
172ms XHR
application/json 185.33.223.197
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

http://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_31/build/dist/prebid.js

Protocol

HTTP/1.1

Server

185.33.223.197 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

302.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

4035010e802c513bd08f2689a820ddb812849968c58482a54475934130f24850

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://urlz.fr/aFJ3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 01 Oct 2019 17:20:49 GMT
X-Proxy-Origin: 89.38.98.91; 89.38.98.91; 302.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.239:80
AN-X-Request-Uuid: 470d56fe-3541-4d2b-b92a-a6a95fbb5158
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://urlz.fr
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 253
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ 67 B
547 B 129ms
116ms XHR
application/xml 2.18.234.233
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: http://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=5224337&componentId=mustang&timestamp=1569950447566&pKey=459242835&_fw_gdpr_consent=undefined&loc=http%3A%2F%2Furlz.fr%2FaFJ3&playerSize=640x480&
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_31/build/dist/prebid.js
Protocol: HTTP/1.1
Server: 2.18.234.233 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer: http://urlz.fr/aFJ3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 01 Oct 2019 17:20:47 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: http://urlz.fr
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1569950447591025-168
Expires: Tue, 01 Oct 2019 17:20:47 GMT

GET
H2

200

hb Show response
ice.360yield.com/ul_cb/
Redirect Chain

https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2214da0346ebabaa5%22%2C%22version%22%3A%225.2.0-JS-6.2.0%22%2C%22referrer%22%3A%22http%3A%2F%2Furlz.fr%2Fa...
https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2214da0346ebabaa5%22%2C%22version%22%3A%225.2.0-JS-6.2.0%22%2C%22referrer%22%3A%22http%3A%2F%2Furlz....

3 KB
2 KB

35ms
35ms

XHR
application/json

52.58.120.61
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2214da0346ebabaa5%22%2C%22version%22%3A%225.2.0-JS-6.2.0%22%2C%22referrer%22%3A%22http%3A%2F%2Furlz.fr%2FaFJ3%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2275e35ef1659e14%22%2C%22pid%22%3A%221121191%22%2C%22tid%22%3A%22361ac4bd-35e7-457d-8fad-40f68074e297%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%5D%7D%7D%5D%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.120.61 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-58-120-61.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 730f327b914e6c7264b75f74b49b8fa9a544cb0cbbf0712794928d28343a57b6

Request headers

Referer: http://urlz.fr/aFJ3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 01 Oct 2019 17:20:47 GMT
content-encoding: gzip
status: 200
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: http://urlz.fr
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 1694

Redirect headers

date: Tue, 01 Oct 2019 17:20:47 GMT
status: 302
location: https://ice.360yield.com:443/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2214da0346ebabaa5%22%2C%22version%22%3A%225.2.0-JS-6.2.0%22%2C%22referrer%22%3A%22http%3A%2F%2Furlz.fr%2FaFJ3%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2275e35ef1659e14%22%2C%22pid%22%3A%221121191%22%2C%22tid%22%3A%22361ac4bd-35e7-457d-8fad-40f68074e297%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%5D%7D%7D%5D%7D%7D
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: http://urlz.fr
access-control-allow-credentials: true
content-type: text/plain
content-length: 0

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 255 B
2 KB 101ms
101ms XHR
application/json 69.173.144.140
The Rubicon Project

General

Check archive.org

Show headers Download Go to

Full URL: http://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11740&site_id=39544&zone_id=1078310&size_id=2&p_pos=atf&rf=https%3A%2F%2Furlz.fr&kw=15056&tg_i.siteid=15056&tk_flint=pbjs_lite_v2.31.0&x_source.tid=361ac4bd-35e7-457d-8fad-40f68074e297&p_screen_res=1600x1200&rp_floor=0.37&rp_secure=0&slots=1&rand=0.007425484905503543
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_31/build/dist/prebid.js
Protocol: HTTP/1.1
Server: 69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: cacc42f70582f93d949b2313a0bcedbabf3ac0affbbdf79ec609dede2ecd779f

Request headers

Referer: http://urlz.fr/aFJ3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 01 Oct 2019 17:20:47 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: http://urlz.fr
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=5, max=193
Content-Length: 255
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 moneybid.js Show response
ads.themoneytizer.com/bidder1/ 631 B
666 B 16ms
16ms XHR
text/html 151.139.241.23
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=15056&adid=28&formatid=30012&size=desktop
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_31/build/dist/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx / PHP/5.4.45
Resource Hash: 87d0504a593794695c2f77db0efde1f65e73a7086abf260f07f491482517cd07

Request headers

Sec-Fetch-Mode: cors
Referer: http://urlz.fr/aFJ3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 01 Oct 2019 17:20:47 GMT
content-encoding: gzip
server: nginx
status: 200
x-powered-by: PHP/5.4.45
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 435
expires: Wed, 02 Oct 2019 17:19:59 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 144 B
1 KB 41ms
28ms XHR
application/json 185.33.223.197
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

http://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_31/build/dist/prebid.js

Protocol

HTTP/1.1

Server

185.33.223.197 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

302.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

78cb3499d361b1782a58027644100319af9a52fcda8c3ae4ca5d6e79eec4098e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://urlz.fr/aFJ3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 01 Oct 2019 17:20:49 GMT
X-Proxy-Origin: 89.38.98.91; 89.38.98.91; 302.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.40:80
AN-X-Request-Uuid: cbb6e739-044c-4b15-a577-13dcf7969242
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://urlz.fr
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

Cookie set embed
www.dailymotion.com/ Frame 15D1
Redirect Chain

http://www.dailymotion.com/embed?api=postMessage&autoplay-mute=true&autoplay=true&controls=false&endscreen-enable=false&id=player_screen_video&mute=true&origin=http%3A%2F%2Furlz.fr&sharing-enable=f...
https://www.dailymotion.com/embed?api=postMessage&autoplay-mute=true&autoplay=true&controls=false&endscreen-enable=false&id=player_screen_video&mute=true&origin=http%3A%2F%2Furlz.fr&sharing-enable=...

0
0

139ms
61ms

Document
text/html

195.8.215.136
DAILYMOTION For p...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dailymotion.com/embed?api=postMessage&autoplay-mute=true&autoplay=true&controls=false&endscreen-enable=false&id=player_screen_video&mute=true&origin=http%3A%2F%2Furlz.fr&sharing-enable=false&syndication=273739&ui-logo=false&ui-start-screen-info=false

Requested by

Host: api.dmcdn.net
URL: https://api.dmcdn.net/all.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.8.215.136 , France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),

Reverse DNS

www.dailymotion.com

Software

DMS/1.0.42 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31708800; includeSubDomains

Request headers

Host: www.dailymotion.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: http://urlz.fr/aFJ3
Accept-Encoding: gzip, deflate, br
Cookie: v1st=4E222E54A3029F0D48D6E5B8EE4B97EE
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://urlz.fr/aFJ3

Response headers

Content-Security-Policy-Report-Only: default-src https: blob: wss: data: android-webview-video-poster: android-webview: chrome-extension: safari-extension: 'unsafe-eval' 'unsafe-inline'; report-uri https://www.dailymotion.com/content_security_policy_report_uri
Server: DMS/1.0.42
X-DM-BackNode: web-625.adm.dc3.dailymotion.com:80
Vary: X-DM-SSL,Accept-Encoding
Cache-Control: no-cache, no-store
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Content-Security-Policy: upgrade-insecure-requests
Access-Control-Expose-Headers: X-DM-BackNode-Response-Time
Strict-Transport-Security: max-age=31708800; includeSubDomains
Date: Tue, 01 Oct 2019 17:20:47 GMT
Link: <https://static1.dmcdn.net>; rel=preconnect,<https://ajax.googleapis.com>; rel=preconnect
Keep-Alive: timeout=60, max=5000
X-DM-LB-IP: 195.8.215.136
X-DM-LB-Name: lb-08
X-DM-BackNode-Response-Time: 33
Connection: Keep-Alive
Set-Cookie: ts=806857; expires=Sun, 01-Nov-2020 18:20:47 GMT; Max-Age=34304400; path=/; domain=.dailymotion.com sid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ sdx=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ su_user_id=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ su_sid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ su_sdx=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ client_token=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ access_token=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ refresh_token=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ dmvk=5d938aefbd9e8; path=/; domain=.dailymotion.com
Expect-Ct: max-age=0, report-uri="https://www.dailymotion.com/content_security_policy_report_uri"
Content-Length: 12536

Redirect headers

Server: DMS/1.0.42
X-DM-BackNode: web-330.adm.dc3.dailymotion.com:80
Vary: X-DM-SSL
Content-Type: text/html; charset=UTF-8
Access-Control-Expose-Headers: X-DM-BackNode-Response-Time
Date: Tue, 01 Oct 2019 17:20:47 GMT
Location: https://www.dailymotion.com/embed?api=postMessage&autoplay-mute=true&autoplay=true&controls=false&endscreen-enable=false&id=player_screen_video&mute=true&origin=http%3A%2F%2Furlz.fr&sharing-enable=false&syndication=273739&ui-logo=false&ui-start-screen-info=false
Keep-Alive: timeout=60, max=4996
X-DM-LB-IP: 195.8.215.136
X-DM-LB-Name: lb-10
X-DM-BackNode-Response-Time: 8
Connection: Keep-Alive
Set-Cookie: v1st=4E222E54A3029F0D48D6E5B8EE4B97EE; expires=Fri, 30 Oct 2020 17:20:47 GMT; max-age=34128000; path=/; domain=.dailymotion.com
Content-Length: 0

GET
H2 200 bundle.js Show response
ads.themoneytizer.com/cs2/dist/ 97 KB
23 KB 30ms
30ms Script
text/javascript 151.139.241.23
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/cs2/dist/bundle.js
Requested by: Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: d406f42a088a14459471e30acb1a1c3f856b1f76331473847663a63ba2921250

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://urlz.fr/aFJ3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 01 Oct 2019 17:20:47 GMT
content-encoding: gzip
last-modified: Tue, 17 Sep 2019 21:28:09 GMT
server: nginx
etag: "3247a-183db-592c6659901e6"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 23456
expires: Wed, 02 Oct 2019 17:20:47 GMT

GET
H/1.1 200
OK ac Show response
ww1097.smartadserver.com/ 22 B
2 KB 103ms
101ms Script
application/javascript 185.86.137.43
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: http://ww1097.smartadserver.com/ac?nwid=1097&siteid=205724&pgid=890545&fmtid=30012&async=1&visit=m&tmstp=5600095063&tag=sas_30012&sh=1200&sw=1600&pgDomain=http%3A%2F%2Furlz.fr%2FaFJ3&hb_bid=moneytizer&hb_cpm=0.01&hb_ccy=USD&hb_dealid=0&noadcbk=sas.noad
Requested by: Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol: HTTP/1.1
Server: 185.86.137.43 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: cb5e68ea98339921426942e8f8c0756dda0f90adeec0ca8067db577e8ca32e3e

Request headers

Referer: http://urlz.fr/aFJ3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 01 Oct 2019 17:20:47 GMT
Content-Encoding: gzip
X-SMRT-D: 3%3b23%3b101
Vary: Accept-Encoding
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Cache-Control: no-cache, no-store
Content-Type: application/javascript; charset=utf-8
Content-Length: 140
Expires: -1

GET
H/1.1 200
OK / Show response
c.tmyzer.com/c/ 0
200 B 69ms
52ms XHR
text/html 54.38.64.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://c.tmyzer.com/c/?s=15056&f=28&fi=0
Requested by: Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol: HTTP/1.1
Server: 54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://urlz.fr/aFJ3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 01 Oct 2019 17:20:47 GMT
Server: nginx
X-IPLB-Instance: 20690
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK tbframe.js Show response
cdn.taboola.com/shared/ Frame F9DC 14 KB
5 KB 1328ms
36ms Script
application/x-javascript 151.101.14.2
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.taboola.com/shared/tbframe.js
Requested by: Host: urlz.fr
URL: http://urlz.fr/aFJ3
Protocol: HTTP/1.1
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d01d7e89b4d641722a6ee3361a74140f0271768fa9c0fb75168cc1f3dc90ad09

Request headers

Referer: http://urlz.fr/aFJ3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: 0pDr76RrkFiLTlb_BYFV8nfS5Xv_eohq
Content-Encoding: gzip
ETag: "0c6cdb6c2f89bf98124c3679a3412fb6"
Age: 18112
X-Cache: HIT
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 3897
x-amz-id-2: 74zbE6T48GkUHa9db8GRKwBsGK+Uxqz6v4uA0TCeyETdpvdGYuxBbmPdVExkfZpqS4AOweC7/dY=
X-Served-By: cache-fra19168-FRA
Last-Modified: Thu, 14 Apr 2016 14:04:36 GMT
Server: AmazonS3
X-Timer: S1569950449.241716,VS0,VE0
Date: Tue, 01 Oct 2019 17:20:49 GMT
Vary: Accept-Encoding
x-amz-request-id: 594074B13CFB3805
Via: 1.1 varnish
Cache-Control: private,max-age=14400
Accept-Ranges: bytes
Content-Type: application/x-javascript
abp: 95
X-Cache-Hits: 13337

GET
H/1.1 200
OK loader.js Show response
cdn.taboola.com/libtrc/themonetizer-network/ Frame 49ED 441 KB
109 KB 26ms
25ms Script
application/javascript 151.101.14.2
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.taboola.com/libtrc/themonetizer-network/loader.js
Requested by: Host: cdn.taboola.com
URL: http://cdn.taboola.com/shared/tbframe.js
Protocol: HTTP/1.1
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: obaker.241.1.1-10.22.9 /
Resource Hash: b2216d50e27b0a7529f22558252df31c6fc3b63c6e8b8f065343662dc1549f8b

Request headers

Referer: http://urlz.fr/aFJ3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Amz-Version-Id: OYfIAlYokv1sPLYqIWktyNUQapbeXyOn
Content-Encoding: gzip
Etag: "9e34093a549eed40303dd68efa18b27b35086685"
Age: 6088
Via: 1.1 varnish
X-Cache: HIT
X-From-Cache: 1
Connection: keep-alive
Content-Length: 111242
X-Amz-Id-2: RwUmk2n5sI4LWBNdKUho93GFZAxDrm6R53i+djxGjvBKcCV+l5bbu+bLqvMEiF/5XwTeAamKOUI=
X-Served-By: cache-fra19168-FRA
Last-Modified: Sun, 29 Sep 2019 11:07:20 UTC
Server: obaker.241.1.1-10.22.9
X-Timer: S1569950449.297408,VS0,VE0
Date: Tue, 01 Oct 2019 17:20:49 GMT
Vary: Accept-Encoding, Accept-Encoding
X-Amz-Request-Id: 7BA25FD2666DED7C
Access-Control-Allow-Origin: *
Cache-Control: private,max-age=14400
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
abp: 9
X-Cache-Hits: 49

GET
H/1.1 200
OK impl.20190925-18-RELEASE.js Show response
cdn.taboola.com/libtrc/ Frame 49ED 394 KB
112 KB 25ms
25ms Script
application/javascript 151.101.14.2
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.taboola.com/libtrc/impl.20190925-18-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/themonetizer-network/loader.js
Protocol: HTTP/1.1
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 63f4f82cf06f230550429133b1cdc57ece980f534134bc947aabbdedb58fb612

Request headers

Referer: http://urlz.fr/aFJ3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: SiLG3pEQU6AY0ArwqwI0wvQeEAy0aIWv
Content-Encoding: gzip
ETag: "0c930f5c532c1b3d0170c86cf0775ece"
Age: 63
X-Cache: HIT
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 113920
x-amz-id-2: 8TAuLAVgn4j0J+q7BEok4hzzZkA8exiistNEZfnTnndqBE3NhMCUAHlfZm7BWdOi3SZhm7FR0uY=
X-Served-By: cache-fra19168-FRA
Last-Modified: Wed, 25 Sep 2019 16:15:26 GMT
Server: AmazonS3
X-Timer: S1569950449.374808,VS0,VE0
Date: Tue, 01 Oct 2019 17:20:49 GMT
Vary: Accept-Encoding
x-amz-request-id: A6C4D2BAEA18070E
Via: 1.1 varnish
Cache-Control: private,max-age=31536000
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
abp: 95
X-Cache-Hits: 384

GET
H/1.1 200
OK beacon.js Show response
b.scorecardresearch.com/ Frame 49ED 1 KB
1 KB 51ms
37ms Script
application/x-javascript 2.16.186.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://b.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/themonetizer-network/loader.js
Protocol: HTTP/1.1
Server: 2.16.186.80 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-80.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 76c393f564f53c19e795307e622edc8657a603f7a816c2646385697286d11313

Request headers

Referer: http://urlz.fr/aFJ3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 01 Oct 2019 17:20:49 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 902
Expires: Wed, 02 Oct 2019 17:20:49 GMT

GET
H/1.1 200
OK json Show response
trc.taboola.com/themonetizer-urlz/trc/3/ Frame 49ED 5 KB
3 KB 417ms
153ms Script
application/javascript 151.101.14.2
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: http://trc.taboola.com/themonetizer-urlz/trc/3/json?tim=19%3A20%3A49.427&lti=deflated&data=%7B%22id%22%3A512%2C%22ii%22%3A%22%2Fafj3%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22vi%22%3A1569950449425%2C%22cv%22%3A%2220190925-18-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22http%3A%2F%2Furlz.fr%2FaFJ3%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22cmps%22%3A3%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22e%22%3A%22http%3A%2F%2Furlz.fr%2FaFJ3%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A0%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A150%2C%22dw%22%3A1%2C%22dh%22%3A150%2C%22nsid%22%3A%22themonetizer-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A2%2C%22uim%22%3A%22thumbnails-a%3Apub%3Dthemonetizer-network%3Aabp%3D0%22%2C%22uip%22%3A%22205724-MEGABANNER%20BAS%22%2C%22orig_uip%22%3A%22205724-MEGABANNER%20BAS%22%2C%22cd%22%3A8%2C%22mw%22%3A0%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by: Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/impl.20190925-18-RELEASE.js
Protocol: HTTP/1.1
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx /
Resource Hash: a1ec42f6aab61464c9515f0cecc3803e5a3ac6ae27d43914cbe42a11e814609a

Request headers

Referer: http://urlz.fr/aFJ3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 01 Oct 2019 17:20:49 GMT
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
X-Cache: MISS
P3P: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
Connection: keep-alive
X-Served-By: cache-fra19174-FRA
Server: nginx
X-Timer: S1569950450.714842,VS0,VE116
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Via: 1.1 varnish
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
X-Cache-Hits: 0

GET
H/1.1

204
No Content

b2
b.scorecardresearch.com/ Frame 49ED
Redirect Chain

http://b.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1569950449440&ns_c=UTF-8&ns_if=1&cv=3.1e&c8=&c7=http%3A%2F%2Furlz.fr%2FaFJ3&c9=
http://b.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1569950449440&ns_c=UTF-8&ns_if=1&cv=3.1e&c8=&c7=http%3A%2F%2Furlz.fr%2FaFJ3&c9=

0
248 B

26ms
25ms

Image
text/plain

2.16.186.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://b.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1569950449440&ns_c=UTF-8&ns_if=1&cv=3.1e&c8=&c7=http%3A%2F%2Furlz.fr%2FaFJ3&c9=
Requested by: Host: urlz.fr
URL: http://urlz.fr/aFJ3
Protocol: HTTP/1.1
Server: 2.16.186.80 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-80.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://urlz.fr/aFJ3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 01 Oct 2019 17:20:49 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: http://b.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1569950449440&ns_c=UTF-8&ns_if=1&cv=3.1e&c8=&c7=http%3A%2F%2Furlz.fr%2FaFJ3&c9=
Pragma: no-cache
Date: Tue, 01 Oct 2019 17:20:49 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK userx.20190925-18-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ Frame 49ED 22 KB
8 KB 26ms
25ms Script
application/javascript 151.101.14.2
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.taboola.com/libtrc/userx.20190925-18-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/themonetizer-network/loader.js
Protocol: HTTP/1.1
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0eac1ff22bb875d24a2bf43334a1eb91f5a003513545c0aac8f476fb0d66f6b9

Request headers

Referer: http://urlz.fr/aFJ3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: JHhBmeN7fmzvqujbDkst68hJLPnO3TGK
Content-Encoding: gzip
ETag: "7f0e6d37826dfb0c481ba9c167a7101a"
Age: 18
X-Cache: HIT
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 7737
x-amz-id-2: it431X3f8ouqDTl1flTgHqdTIzTbVrdxKE2ZUCPYbQX0HzIfGjWHK/QB9TKXqt5IzuViRumFDEA=
X-Served-By: cache-fra19168-FRA
Last-Modified: Wed, 25 Sep 2019 16:15:52 GMT
Server: AmazonS3
X-Timer: S1569950450.870507,VS0,VE0
Date: Tue, 01 Oct 2019 17:20:49 GMT
Vary: Accept-Encoding
x-amz-request-id: C38B41FCB1670DF6
Via: 1.1 varnish
Cache-Control: private,max-age=14400
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
abp: 23
X-Cache-Hits: 27

GET
H2

204

rtb-h
trc.taboola.com/sg/mediaforcebidder-network/1/ Frame 9A43
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=taboola
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola
https://trc.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=3eed85c3-5e75-492c-bfdc-8ab86b060379

0
190 B

31ms
31ms

Image
text/plain

151.101.14.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=3eed85c3-5e75-492c-bfdc-8ab86b060379
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 01 Oct 2019 17:20:50 GMT
via: 1.1 varnish
server: nginx
x-timer: S1569950450.259855,VS0,VE8
x-cache: MISS
status: 204
x-cache-hits: 0
accept-ranges: bytes
x-served-by: cache-fra19138-FRA

Redirect headers

Location: //trc.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=3eed85c3-5e75-492c-bfdc-8ab86b060379
Date: Tue, 01 Oct 2019 17:20:50 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 9A43 0
239 B 1472ms
27ms Image
image/gif 69.173.144.136
The Rubicon Project

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=16698
Requested by: Host: urlz.fr
URL: http://urlz.fr/aFJ3
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.136 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Content-Type: image/gif

GET
H2

200

/
trc.taboola.com/sg/powerlinksdsp-network/1/rtb-h/ Frame 9A43
Redirect Chain

https://px.powerlinks.com/user/identify?sourceId=d4a7a706-ab0f-11e8-a038-127202fb7690&rurl=https%3A%2F%2Ftrc.taboola.com%2Fsg%2Fpowerlinksdsp-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%24%7BUSER%7D
https://trc.taboola.com/sg/powerlinksdsp-network/1/rtb-h/?taboola_hm=CfaYgSAt6Din8taPPuA4iySroXSg_kN6ltsPnShWwNk%3D

45 B
212 B

34ms
32ms

Image
image/gif

151.101.14.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/powerlinksdsp-network/1/rtb-h/?taboola_hm=CfaYgSAt6Din8taPPuA4iySroXSg_kN6ltsPnShWwNk%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx /
Resource Hash: dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 01 Oct 2019 17:20:52 GMT
via: 1.1 varnish
server: nginx
x-timer: S1569950453.961239,VS0,VE9
x-cache: MISS
status: 200
x-cache-hits: 0
accept-ranges: bytes
x-served-by: cache-fra19138-FRA

Redirect headers

Location: https://trc.taboola.com/sg/powerlinksdsp-network/1/rtb-h/?taboola_hm=CfaYgSAt6Din8taPPuA4iySroXSg_kN6ltsPnShWwNk%3D
Date: Tue, 01 Oct 2019 17:20:52 GMT
Server: nginx
Connection: close
Etag: "CfaYgSAt6Din8taPPuA4iySroXSg_kN6ltsPnShWwNk="
Content-Length: 0

GET
H/1.1 200
OK getuidnb
ib.adnxs.com/ Frame 9A43 43 B
686 B 21ms
20ms Image
image/gif 185.33.223.197
AppNexus

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/getuidnb?https://trc.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID

Requested by

Host: urlz.fr
URL: http://urlz.fr/aFJ3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.197 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

302.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 01 Oct 2019 17:20:51 GMT
X-Proxy-Origin: 89.38.98.91; 89.38.98.91; 302.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.10:80
AN-X-Request-Uuid: 22bd39d9-3928-4cc4-8f89-d71f660fda29
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

rtb-h
match.taboola.com/sg/google-network/1/ Frame 9A43
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm=&google_sc=&google_tc=
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEAsli25wcPL034rjbHOksSY&google_cver=1
https://match.taboola.com/sg/google-network/1/rtb-h?taboola_hm=CAESEAsli25wcPL034rjbHOksSY&tbid=80a87903-3861-4966-acf0-00fa11756b82-tuct48d1071&query=taboola_hm%3DCAESEAsli25wcPL034rjbHOksSY%26goo...

0
153 B

82ms
32ms

Image
text/plain

151.101.14.49
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.taboola.com/sg/google-network/1/rtb-h?taboola_hm=CAESEAsli25wcPL034rjbHOksSY&tbid=80a87903-3861-4966-acf0-00fa11756b82-tuct48d1071&query=taboola_hm%3DCAESEAsli25wcPL034rjbHOksSY%26google_cver%3D1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.49 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx/1.13.12 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 01 Oct 2019 17:20:50 GMT
via: 1.1 varnish
server: nginx/1.13.12
x-timer: S1569950450.019715,VS0,VE9
x-cache: MISS
status: 200
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-fra19167-FRA

Redirect headers

date: Tue, 01 Oct 2019 17:20:49 GMT
via: 1.1 varnish
server: nginx
x-timer: S1569950450.936911,VS0,VE9
x-served-by: cache-fra19138-FRA
status: 302
x-cache: MISS
location: https://match.taboola.com/sg/google-network/1/rtb-h?taboola_hm=CAESEAsli25wcPL034rjbHOksSY&tbid=80a87903-3861-4966-acf0-00fa11756b82-tuct48d1071&query=taboola_hm%3DCAESEAsli25wcPL034rjbHOksSY%26google_cver%3D1
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H/1.1 200
OK getuidnb
ib.adnxs.com/ Frame 9A43 43 B
687 B 38ms
16ms Image
image/gif 185.33.223.197
AppNexus

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/getuidnb?https://trc.taboola.com/sg/nca-appnexus-network/1/rtb-h/?taboola_hm=$UID

Requested by

Host: urlz.fr
URL: http://urlz.fr/aFJ3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.197 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

302.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 01 Oct 2019 17:20:51 GMT
X-Proxy-Origin: 89.38.98.91; 89.38.98.91; 302.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.117:80
AN-X-Request-Uuid: 102c3ff2-aaad-4b3f-bd5d-6120a37a9872
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

rtb-h
match.taboola.com/sg/thetradedesk-network/1/ Frame 9A43
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=58df8bf0-41e5-48b2-a61c-79006064b8cd
https://match.taboola.com/sg/thetradedesk-network/1/rtb-h?taboola_hm=58df8bf0-41e5-48b2-a61c-79006064b8cd&tbid=80a87903-3861-4966-acf0-00fa11756b82-tuct48d1071&query=taboola_hm%3D58df8bf0-41e5-48b2...

0
52 B

70ms
32ms

Image
text/plain

151.101.14.49
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.taboola.com/sg/thetradedesk-network/1/rtb-h?taboola_hm=58df8bf0-41e5-48b2-a61c-79006064b8cd&tbid=80a87903-3861-4966-acf0-00fa11756b82-tuct48d1071&query=taboola_hm%3D58df8bf0-41e5-48b2-a61c-79006064b8cd
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.49 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx/1.13.12 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 01 Oct 2019 17:20:50 GMT
via: 1.1 varnish
server: nginx/1.13.12
x-timer: S1569950450.019698,VS0,VE9
x-cache: MISS
status: 200
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-fra19167-FRA

Redirect headers

date: Tue, 01 Oct 2019 17:20:49 GMT
via: 1.1 varnish
server: nginx
x-timer: S1569950450.944690,VS0,VE15
x-served-by: cache-fra19138-FRA
status: 302
x-cache: MISS
location: https://match.taboola.com/sg/thetradedesk-network/1/rtb-h?taboola_hm=58df8bf0-41e5-48b2-a61c-79006064b8cd&tbid=80a87903-3861-4966-acf0-00fa11756b82-tuct48d1071&query=taboola_hm%3D58df8bf0-41e5-48b2-a61c-79006064b8cd
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2

200

rtb-h
match.taboola.com/sg/storygize-network/1/ Frame 9A43
Redirect Chain

https://www.storygize.net/ccm/4b560cdd-91f9-422b-adb7-e9dff26bc3ad?u=80a87903-3861-4966-acf0-00fa11756b82-tuct48d1071
https://trc.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=fedfc6fc-1d29-4020-9a45-8a0ab6272942
https://match.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=fedfc6fc-1d29-4020-9a45-8a0ab6272942&tbid=f0f9bc90-977f-467b-b73f-184ab5a8d4f1-tuct48d1079&query=taboola_hm%3Dfedfc6fc-1d29-4020-9a...

0
77 B

31ms
31ms

Image
text/plain

151.101.14.49
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=fedfc6fc-1d29-4020-9a45-8a0ab6272942&tbid=f0f9bc90-977f-467b-b73f-184ab5a8d4f1-tuct48d1079&query=taboola_hm%3Dfedfc6fc-1d29-4020-9a45-8a0ab6272942
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.49 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx/1.13.12 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 01 Oct 2019 17:20:57 GMT
via: 1.1 varnish
server: nginx/1.13.12
x-timer: S1569950458.866660,VS0,VE9
x-cache: MISS
status: 200
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-fra19167-FRA

Redirect headers

date: Tue, 01 Oct 2019 17:20:57 GMT
via: 1.1 varnish
server: nginx
x-timer: S1569950458.836702,VS0,VE9
x-served-by: cache-fra19138-FRA
status: 302
x-cache: MISS
location: https://match.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=fedfc6fc-1d29-4020-9a45-8a0ab6272942&tbid=f0f9bc90-977f-467b-b73f-184ab5a8d4f1-tuct48d1079&query=taboola_hm%3Dfedfc6fc-1d29-4020-9a45-8a0ab6272942
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H/1.1 200
OK cookiesync
bttrack.com/pixel/ Frame 9A43 35 B
380 B 3432ms
103ms Image
image/gif 192.132.33.46
Bidtellect Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bttrack.com/pixel/cookiesync?source=14b8c562-d12b-418b-b680-ad517d5839ec
Requested by: Host: urlz.fr
URL: http://urlz.fr/aFJ3
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT - Bidtellect Inc., US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-ServerName: Track003-dc3
Pragma: no-cache
Date: Tue, 01 Oct 2019 17:20:52 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control: private,no-cache
Content-Type: image/gif
Content-Length: 35
Expires: -1

GET
H/1.1 200
OK /
cds.taboola.com/ Frame 9A43 0
292 B 381ms
171ms Image
text/plain 130.211.13.252
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cds.taboola.com/?uid=80a87903-3861-4966-acf0-00fa11756b82-tuct48d1071&_r=3489005
Requested by: Host: urlz.fr
URL: http://urlz.fr/aFJ3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 130.211.13.252 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 252.13.211.130.bc.googleusercontent.com
Software: nginx/1.12.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 01 Oct 2019 17:20:50 GMT
Via: 1.1 varnish
Server: nginx/1.12.2
X-Timer: S1569950450.144212,VS0,VE64
X-Served-By: cache-bwi5050-BWI
X-Cache: MISS
x-envoy-upstream-service-time: 0
Connection: close
Accept-Ranges: bytes
Content-Length: 0
X-Cache-Hits: 0

GET
H2

200

rtb-h
match.taboola.com/sg/bidswitch-network/1/ Frame 9A43
Redirect Chain

https://x.bidswitch.net/sync?ssp=taboola
https://x.bidswitch.net/ul_cb/sync?ssp=taboola
https://ads.programattik.com/sync?ssp=bidswitch&bidswitch_ssp_id=taboola
https://ads.programattik.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=taboola
https://x.bidswitch.net/sync?dsp_id=156&expires=14&user_id=687c165e-e801-409f-b12e-1634738574fa&ssp=taboola
https://x.bidswitch.net/ul_cb/sync?dsp_id=156&expires=14&user_id=687c165e-e801-409f-b12e-1634738574fa&ssp=taboola
https://trc.taboola.com/sg/bidswitch-network/1/rtb-h/?taboola_hm=32172a33-4896-4f4e-bb87-89f2cf9b6df6
https://match.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=32172a33-4896-4f4e-bb87-89f2cf9b6df6&tbid=eab27c13-3c78-46a6-9032-eceba4f95b5c-tuct48d1074&query=taboola_hm%3D32172a33-4896-4f4e-bb...

0
76 B

33ms
32ms

Image
text/plain

151.101.14.49
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=32172a33-4896-4f4e-bb87-89f2cf9b6df6&tbid=eab27c13-3c78-46a6-9032-eceba4f95b5c-tuct48d1074&query=taboola_hm%3D32172a33-4896-4f4e-bb87-89f2cf9b6df6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.49 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx/1.13.12 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 01 Oct 2019 17:20:52 GMT
via: 1.1 varnish
server: nginx/1.13.12
x-timer: S1569950452.361289,VS0,VE9
x-cache: MISS
status: 200
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-fra19167-FRA

Redirect headers

date: Tue, 01 Oct 2019 17:20:52 GMT
via: 1.1 varnish
server: nginx
x-timer: S1569950452.329859,VS0,VE9
x-served-by: cache-fra19138-FRA
status: 302
x-cache: MISS
location: https://match.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=32172a33-4896-4f4e-bb87-89f2cf9b6df6&tbid=eab27c13-3c78-46a6-9032-eceba4f95b5c-tuct48d1074&query=taboola_hm%3D32172a33-4896-4f4e-bb87-89f2cf9b6df6
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

POST
H/1.1 204
No Content available Show response
trc.taboola.com/themonetizer-urlz/log/3/ Frame 49ED 0
530 B 34ms
34ms XHR
image/gif 151.101.14.2
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: http://trc.taboola.com/themonetizer-urlz/log/3/available?route=AM%3AAM%3AV&lti=deflated
Requested by: Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/impl.20190925-18-RELEASE.js
Protocol: HTTP/1.1
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://urlz.fr/aFJ3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Tue, 01 Oct 2019 17:20:49 GMT
Via: 1.1 varnish
Server: nginx
X-Timer: S1569950450.877363,VS0,VE9
X-Served-By: cache-fra19174-FRA
X-Cache: MISS
P3P: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
Access-Control-Allow-Origin: http://urlz.fr
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
X-Cache-Hits: 0

GET
H/1.1 200
OK f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame 49ED 254 B
1 KB 25ms
25ms Image
image/png 151.101.14.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/userx.20190925-18-RELEASE.es6.js
Protocol: HTTP/1.1
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Referer: http://urlz.fr/aFJ3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
Via: 1.1 varnish
ETag: "dfa7b52c86e56bd67fa4002f6ed19854"
Age: 19735
X-Cache: HIT
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 254
x-amz-id-2: Vjnfq2okxpLEG/cBVxSfv3DOOCGN7KTpixt29L7DwUhoZL6eRlgDSODZqhfatrYL58q01gaLKf4=
X-Served-By: cache-fra19168-FRA
Last-Modified: Wed, 24 Jun 2015 07:14:11 GMT
Server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
X-Timer: S1569950450.908783,VS0,VE0
Date: Tue, 01 Oct 2019 17:20:49 GMT
x-amz-request-id: F6D91014AAA6CDC4
Cache-Control: private,max-age=31536000
Accept-Ranges: bytes
Content-Type: image/png
abp: 23
X-Cache-Hits: 35824

GET
H2

200

1280x720-bZN.jpg
s1.dmcdn.net/vwCsu/ Frame D2E7
Redirect Chain

http://www.dailymotion.com/thumbnail/1280x720/video/x73maq4
https://www.dailymotion.com/thumbnail/1280x720/video/x73maq4
https://s1.dmcdn.net/vwCsu/1280x720-bZN.jpg

28 KB
29 KB

39ms
37ms

Image
image/jpeg

178.79.227.76
Limelight Networks

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.dmcdn.net/vwCsu/1280x720-bZN.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.79.227.76 , Italy, ASN22822 (LLNW - Limelight Networks, Inc., US),
Reverse DNS: https-178-79-227-76.vie.llnw.net
Software: DMS/1.0.42 /
Resource Hash: bea16a0a1130945529c58d12b5adc00efd835b4c234bd0d00de5c7ca1931144a

Request headers

Referer: http://urlz.fr/aFJ3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 01 Oct 2019 17:20:50 GMT
x-dm-origin-date: Sat, 24 Aug 2019 07:58:10 GMT
age: 3316960
x-dm-upstream-cache-status: MISS
x-dm-retries: 0
status: 200
x-dm-backnode-response-time: 75
content-length: 28805
x-dm-origin-content-length: 28805
x-dm-chash: 10.190.53.7:81
last-modified: Sat, 24 Aug 2019 07:58:10 GMT
server: DMS/1.0.42
x-dm-upstream-resptime: 1566633490.834
content-type: image/jpeg
access-control-expose-headers: X-DM-BackNode-Response-Time
cache-control: max-age=315360000
x-dm-backend: tailor-01.adm.ix7.dailymotion.com:80
expires: Tue, 21 Aug 2029 07:58:10 GMT

Redirect headers

Content-Security-Policy: upgrade-insecure-requests
Vary: X-DM-SSL
Content-Security-Policy-Report-Only: default-src https: blob: wss: data: android-webview-video-poster: android-webview: chrome-extension: safari-extension: 'unsafe-eval' 'unsafe-inline'; report-uri https://www.dailymotion.com/content_security_policy_report_uri
Connection: Keep-Alive
X-DM-BackNode-Response-Time: 14
Content-Length: 0
X-DM-LB-Name: lb-08
Server: DMS/1.0.42
Date: Tue, 01 Oct 2019 17:20:50 GMT
Expect-Ct: max-age=0, report-uri="https://www.dailymotion.com/content_security_policy_report_uri"
Strict-Transport-Security: max-age=31708800; includeSubDomains
X-DM-BackNode: web-474.adm.dc3.dailymotion.com:80
Content-Type: text/html; charset=utf-8
Location: https://s1.dmcdn.net/vwCsu/1280x720-bZN.jpg
Access-Control-Expose-Headers: X-DM-BackNode-Response-Time
Cache-Control: no-cache
Keep-Alive: timeout=60, max=5000
X-DM-LB-IP: 195.8.215.136
Expires: Wed, 02 Oct 2019 17:20:50 GMT

GET
H/1.1 200 12.json Show response
id5-sync.com/g/v1/ 35 B
266 B 92ms
26ms XHR
text/json 54.36.123.231
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://id5-sync.com/g/v1/12.json?gdpr=0&gdpr_consent=
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_31/build/dist/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.36.123.231 , France, ASN16276 (OVH, FR),
Reverse DNS: s03.id5-sync.com
Software: /
Resource Hash: 6d3ad1cfd3221aa7bffc10ba678fda2d9d94c9aa3b026d45a74fa767763ec1d5

Request headers

Sec-Fetch-Mode: cors
Referer: http://urlz.fr/aFJ3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: http://urlz.fr
Date: Tue, 01 Oct 2019 17:20:50 GMT
Access-Control-Allow-Credentials: true
Vary: Origin
Transfer-Encoding: chunked
Content-Type: text/json;charset=utf-8

GET
H/1.1 200
OK usync.html
eus.rubiconproject.com/ Frame 8E9A 0
0 71ms
22ms Document
text/html 104.108.40.167
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_31/build/dist/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.40.167 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-108-40-167.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: http://urlz.fr/aFJ3
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: http://urlz.fr/aFJ3

Response headers

Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Mon, 30 Sep 2019 17:14:49 GMT
Content-Encoding: gzip
Content-Length: 7661
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=53613
Expires: Wed, 02 Oct 2019 08:14:23 GMT
Date: Tue, 01 Oct 2019 17:20:50 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame AF2A 0
0 303ms
37ms Document
text/html 2.18.232.130
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: http://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_31/build/dist/prebid.js
Protocol: HTTP/1.1
Server: 2.18.232.130 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.9.13 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://urlz.fr/aFJ3
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://urlz.fr/aFJ3

Response headers

Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: W/"573e714d-3e3"
Server: nginx/1.9.13
Content-Type: text/html
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 506
Cache-Control: max-age=31536000
Expires: Wed, 30 Sep 2020 17:20:51 GMT
Date: Tue, 01 Oct 2019 17:20:51 GMT
Connection: keep-alive

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame E326 0
0 328ms
25ms Document
text/html 2.18.232.130
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: http://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_31/build/dist/prebid.js
Protocol: HTTP/1.1
Server: 2.18.232.130 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.9.13 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://urlz.fr/aFJ3
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://urlz.fr/aFJ3

Response headers

Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: W/"573e714d-3e3"
Server: nginx/1.9.13
Content-Type: text/html
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 506
Cache-Control: max-age=31536000
Expires: Wed, 30 Sep 2020 17:20:51 GMT
Date: Tue, 01 Oct 2019 17:20:51 GMT
Connection: keep-alive

GET
H2

200

match
ice.360yield.com/ul_cb/
Redirect Chain

https://ib.adnxs.com/getuid?https://ice.360yield.com/match?external_user_id=$UID&publisher_dsp_id=40
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fice.360yield.com%2Fmatch%3Fexternal_user_id%3D%24UID%26publisher_dsp_id%3D40
https://ice.360yield.com/match?external_user_id=5797944573872940738&publisher_dsp_id=40
https://ice.360yield.com/ul_cb/match?external_user_id=5797944573872940738&publisher_dsp_id=40

43 B
543 B

30ms
30ms

Image
image/gif

52.58.120.61
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ice.360yield.com/ul_cb/match?external_user_id=5797944573872940738&publisher_dsp_id=40
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.120.61 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-58-120-61.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: http://urlz.fr/aFJ3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Tue, 01 Oct 2019 17:20:50 GMT
access-control-allow-origin: *
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

status: 302
date: Tue, 01 Oct 2019 17:20:50 GMT
content-type: text/plain
content-length: 0
location: https://ice.360yield.com:443/ul_cb/match?external_user_id=5797944573872940738&publisher_dsp_id=40
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

match
ad.360yield.com/
Redirect Chain

https://ad.turn.com/r/cs?pid=15&publisher_user_id=fd1a902e-0410-46a3-bda2-e5afa649496f&publisher_dsp_id=4&publisher_call_type=redirect&publisher_redirecturl=https://ice.360yield.com/match
https://ad.360yield.com/match?publisher_dsp_id=4&external_user_id=2547910123049076105&gdpr=&gdpr_consent=

43 B
391 B

83ms
29ms

Image
image/gif

52.57.44.17
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/match?publisher_dsp_id=4&external_user_id=2547910123049076105&gdpr=&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.44.17 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-57-44-17.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: http://urlz.fr/aFJ3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Tue, 01 Oct 2019 17:20:50 GMT
access-control-allow-origin: *
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

Location: https://ad.360yield.com/match?publisher_dsp_id=4&external_user_id=2547910123049076105&gdpr=&gdpr_consent=
Pragma: no-cache
Date: Tue, 01 Oct 2019 17:20:50 GMT
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Server: Apache-Coyote/1.1
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

match
ice.360yield.com/
Redirect Chain

https://pixel.mathtag.com/sync/img?sync=auto&publisher_user_id=fd1a902e-0410-46a3-bda2-e5afa649496f&publisher_dsp_id=5&publisher_call_type=redirect&publisher_redirecturl=https://ice.360yield.com/match
https://ice.360yield.com/match?publisher_dsp_id=5&external_user_id=5a975d93-86d6-4c00-a3f6-809877f47173

43 B
562 B

29ms
29ms

Image
image/gif

52.58.120.61
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ice.360yield.com/match?publisher_dsp_id=5&external_user_id=5a975d93-86d6-4c00-a3f6-809877f47173
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.120.61 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-58-120-61.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: http://urlz.fr/aFJ3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Tue, 01 Oct 2019 17:20:50 GMT
access-control-allow-origin: *
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

Date: Tue, 01 Oct 2019 17:20:50 GMT
Server: MT3 1734 ed2a032 master cdg-pixel-x22
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://ice.360yield.com/match?publisher_dsp_id=5&external_user_id=5a975d93-86d6-4c00-a3f6-809877f47173
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 0
Expires: Tue, 01 Oct 2019 17:20:49 GMT

GET
H2

200

match
ad.360yield.com/ul_cb/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=improvedigital&google_cm&google_sc
https://ad.360yield.com/match?publisher_dsp_id=55&external_user_id=CAESEN_WP2DxrUS8jNbkusY7hgM&google_cver=1
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=55&external_user_id=CAESEN_WP2DxrUS8jNbkusY7hgM&google_cver=1

43 B
482 B

29ms
28ms

Image
image/gif

52.57.44.17
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=55&external_user_id=CAESEN_WP2DxrUS8jNbkusY7hgM&google_cver=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.44.17 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-57-44-17.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: http://urlz.fr/aFJ3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Tue, 01 Oct 2019 17:20:50 GMT
access-control-allow-origin: *
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

status: 302
date: Tue, 01 Oct 2019 17:20:50 GMT
content-type: text/plain
content-length: 0
location: https://ad.360yield.com:443/ul_cb/match?publisher_dsp_id=55&external_user_id=CAESEN_WP2DxrUS8jNbkusY7hgM&google_cver=1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

match
ice.360yield.com/ul_cb/
Redirect Chain

https://track.adform.net/serving/cookie/match/?party=5&publisher_user_id=fd1a902e-0410-46a3-bda2-e5afa649496f&publisher_dsp_id=42&publisher_call_type=redirect&publisher_redirecturl=https://ice.360y...
https://track.adform.net/serving/cookie/match/?CC=1&party=5&publisher_user_id=fd1a902e-0410-46a3-bda2-e5afa649496f&publisher_dsp_id=42&publisher_call_type=redirect&publisher_redirecturl=https://ice...
https://ice.360yield.com/match?publisher_dsp_id=42&Expiration=1571160053&external_user_id=2227460407179357686
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=42&Expiration=1571160053&external_user_id=2227460407179357686

43 B
543 B

33ms
32ms

Image
image/gif

52.58.120.61
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ice.360yield.com/ul_cb/match?publisher_dsp_id=42&Expiration=1571160053&external_user_id=2227460407179357686
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.120.61 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-58-120-61.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: http://urlz.fr/aFJ3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Tue, 01 Oct 2019 17:20:53 GMT
access-control-allow-origin: *
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

status: 302
date: Tue, 01 Oct 2019 17:20:53 GMT
content-type: text/plain
content-length: 0
location: https://ice.360yield.com:443/ul_cb/match?publisher_dsp_id=42&Expiration=1571160053&external_user_id=2227460407179357686
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200
OK

freewheel
um.simpli.fi/
Redirect Chain

http://ads.stickyadstv.com/auto-user-sync
http://um.simpli.fi/freewheel?

43 B
705 B

2059ms
18ms

Image
image/gif

159.253.128.188
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://um.simpli.fi/freewheel?

Protocol

HTTP/1.1

Server

159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),

Reverse DNS

bc.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://urlz.fr/aFJ3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 01 Oct 2019 17:20:54 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 43
Expires: Mon, 30 Sep 2019 17:20:54 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 01 Oct 2019 17:20:51 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: http://um.simpli.fi/freewheel?
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1569950451922036-165
Expires: Tue, 01 Oct 2019 17:20:51 GMT

POST
H/1.1 204
No Content perf Show response
trc.taboola.com/themonetizer-urlz/log/3/ Frame 49ED 0
531 B 35ms
35ms XHR
image/gif 151.101.14.2
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: http://trc.taboola.com/themonetizer-urlz/log/3/perf?route=AM%3AAM%3AV&lti=deflated
Requested by: Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/impl.20190925-18-RELEASE.js
Protocol: HTTP/1.1
Server: 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://urlz.fr/aFJ3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Tue, 01 Oct 2019 17:20:59 GMT
Via: 1.1 varnish
Server: nginx
X-Timer: S1569950459.375481,VS0,VE10
X-Served-By: cache-fra19174-FRA
X-Cache: MISS
P3P: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
Access-Control-Allow-Origin: http://urlz.fr
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
X-Cache-Hits: 0

Verdicts & Comments Add Verdict or Comment

132 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.saidhisfather.top/	1970-01-19 12:51:26	Name: __cfduid Value: d92329e78b25cdeab0aeab7f200f4f2781569950446
			.urlz.fr/	1970-01-19 12:51:26	Name: __cfduid Value: d722d901c5ac375c3d15fa09350096d241569950446

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.adnxs.com
ad.360yield.com
ad.turn.com
ads.avocet.io
ads.creative-serving.com
ads.programattik.com
ads.stickyadstv.com
ads.themoneytizer.com
adtrack.adleadevent.com
ajax.cloudflare.com
ajax.googleapis.com
api.dmcdn.net
b.scorecardresearch.com
bttrack.com
c.tmyzer.com
cdn.taboola.com
cds.taboola.com
ced-ns.sascdn.com
cm.g.doubleclick.net
d2zur9cc2gf1tx.cloudfront.net
dmp.truoptik.com
edge.quantserve.com
eus.rubiconproject.com
fastlane.rubiconproject.com
g.tmyzer.com
gum.criteo.com
havegotin.saidhisfather.top
ib.adnxs.com
ice.360yield.com
id5-sync.com
image2.pubmatic.com
match.adsrvr.org
match.taboola.com
maxcdn.bootstrapcdn.com
p.cpx.to
pixel.mathtag.com
pixel.quantserve.com
pixel.rubiconproject.com
player.pepsia.com
pool.grid-data.bidswitch.net
px.powerlinks.com
rtb-csync.smartadserver.com
rtb.mfadsrvr.com
rules.quantcount.com
s.cpx.to
s1.dmcdn.net
secure.adnxs.com
tag.contextweb.com
tag.leadplace.fr
track.adform.net
trc.taboola.com
um.simpli.fi
urlz.fr
ww1097.smartadserver.com
www.dailymotion.com
www.google-analytics.com
www.noowho.com
www.storygize.net
www.woo.by
x.bidswitch.net
104.108.40.167
104.16.91.60
130.211.13.252
143.204.214.46
145.239.192.166
145.239.193.145
151.101.14.2
151.101.14.49
151.139.241.23
159.253.128.188
172.217.22.66
178.79.227.167
178.79.227.76
18.185.163.33
18.185.45.212
18.195.67.58
185.33.223.197
185.64.189.110
185.86.137.110
185.86.137.43
192.132.33.46
195.8.215.136
2.16.186.80
2.18.232.130
2.18.233.201
2.18.234.233
2001:4de0:ac19::1:b:3a
2600:9000:214f:9000:6:44e3:f8c0:93a1
2606:4700:30::681c:1786
2606:4700:31::681f:bb2
2606:4700::6813:c697
2a00:1450:4001:815::200e
2a00:1450:4001:824::200a
2a02:2638::1c
34.246.169.240
35.162.160.88
35.205.46.65
37.157.6.251
37.252.173.22
40.113.136.100
46.228.164.11
5.179.192.20
51.89.139.138
52.214.122.164
52.222.149.19
52.29.180.59
52.48.102.50
52.57.44.17
52.58.120.61
54.247.104.216
54.36.123.231
54.38.64.100
68.232.35.16
69.173.144.136
69.173.144.140
74.214.194.132
91.228.74.207
91.228.74.221
94.23.196.203
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
0ae15c9a16e2345af840982b175760978991b1f0d1917738c60870f4a32942c6
0c1b86623b5a404af541b7355f1d84ee33f43a8436f72ff1ebf84395aa8f076b
0eac1ff22bb875d24a2bf43334a1eb91f5a003513545c0aac8f476fb0d66f6b9
1aa092da3c4c7cfa17ea0a1a695f3c98e49e5ad40fb8054f7f2c0508b640bf50
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
278393caf9e3b1246267fb79e95027449f041bbf8e8774a4cf46d72cc09b7405
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe
2c0b1cf6965cedd6fdc86718ff298f16a50ad29397c68cb6b4de5c0954f98728
4035010e802c513bd08f2689a820ddb812849968c58482a54475934130f24850
404a9b0ffbcc813e8ddbb8d8510a24a69c09079282f8083ee94f4adc5d627176
46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5f93f648f5700cc6b98b92067538d7671f2dda507caa3f034d255077dfecf0e3
6215243acea69bc21dccf71641e9d22d4c94e9ce4ff141beeeee6cc25ba65d5d
63f4f82cf06f230550429133b1cdc57ece980f534134bc947aabbdedb58fb612
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d3ad1cfd3221aa7bffc10ba678fda2d9d94c9aa3b026d45a74fa767763ec1d5
730f327b914e6c7264b75f74b49b8fa9a544cb0cbbf0712794928d28343a57b6
759d88dd7c8fa0d1e31323bd2ebf3f238156fdcbd1ed108215f69fece482d0c2
7665c874bc98e44bd494def2883069f2f4c14cdef48d52d517cbbfce75440f37
76c393f564f53c19e795307e622edc8657a603f7a816c2646385697286d11313
78cb3499d361b1782a58027644100319af9a52fcda8c3ae4ca5d6e79eec4098e
7c071d7912f24cfd61fa2c27e949009db52528627a4886d900344dc1edbeed06
7ebb1042972496d60bb6555b9622f7e23201bbfe5d25b33d1096f1b61d659045
870392eaa248a250b590ed5409f48bb4cfb4cff32f7c61b4dfd6983b3873c626
87d0504a593794695c2f77db0efde1f65e73a7086abf260f07f491482517cd07
90e6f92e956b0b2b6e655f63d36cd44cef727f54c2b2a175ab5144de14ba2a31
94666aec361fee9a9294bb32a5bc11867e479d41c199dd6ec8053122ae105a4b
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1ec42f6aab61464c9515f0cecc3803e5a3ac6ae27d43914cbe42a11e814609a
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
b2216d50e27b0a7529f22558252df31c6fc3b63c6e8b8f065343662dc1549f8b
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213
b845d1d6684c2cdd539a8f28f49213b0b59a106b56c6943a09d6c4eeb82c65bf
bc668e376652343280e84405e0dd10fcbf8e4147e7c3bf1ace3d1820aac78f68
bea16a0a1130945529c58d12b5adc00efd835b4c234bd0d00de5c7ca1931144a
bf0e17523e8f57ccb02223b6e5adea462a5479afc4e79d9cbf80ca7f6186dc69
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
cacc42f70582f93d949b2313a0bcedbabf3ac0affbbdf79ec609dede2ecd779f
cb5e68ea98339921426942e8f8c0756dda0f90adeec0ca8067db577e8ca32e3e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d01d7e89b4d641722a6ee3361a74140f0271768fa9c0fb75168cc1f3dc90ad09
d406f42a088a14459471e30acb1a1c3f856b1f76331473847663a63ba2921250
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dccff4268cf23b61b45aeb89e063cb102cdf9a862e1c25bd2104aaf135a914d3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e74d4b9c447f963778d2309bf36b2c9acd06d8c7096f9a98b28643cae53f426b
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

urlz.fr Open in urlscan Pro 2606:4700:31::681f:bb2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

80 Requests

51 %HTTPS

14 %IPv6

46 Domains

60 Subdomains

43 IPs

9 Countries

646 kBTransfer

1805 kBSize

2 Cookies

1 Outgoing links

Page URL History

Redirected requests

80 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

urlz.fr Open in urlscan Pro
2606:4700:31::681f:bb2 Public Scan

Screenshot
Live screenshot

Full Image

80
Requests

51 %
HTTPS

14 %
IPv6

46
Domains

60
Subdomains

43
IPs

9
Countries

646 kB
Transfer

1805 kB
Size

2
Cookies

80 HTTP transactions
1 data transactions