89.203.249.179 Open in urlscan Pro
89.203.249.179 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://urlz.fr/8JxR
Effective URL:
http://89.203.249.179/dl.php
Submission: On January 30 via manual (January 30th 2019, 6:16:00 pm UTC) from NL

Summary HTTP 38 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 17 IPs in 6 countries across 26 domains to perform 38 HTTP transactions. The main IP is 89.203.249.179, located in Czech Republic and belongs to CDT-AS The Czech Republic, CZ. The main domain is 89.203.249.179.

This is the only time 89.203.249.179 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:31:... 2606:4700:31::681f:bb2	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2606:4700::68... 2606:4700::6813:c697	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
3 3	2600:9000:204... 2600:9000:2047:8800:15:f434:4640:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
3	89.203.249.179 89.203.249.179	25512 (CDT-AS Th...) (CDT-AS The Czech Republic)
5	151.139.241.23 151.139.241.23	33438 (HIGHWINDS2) (HIGHWINDS2 - Highwinds Network Group)
1	74.214.194.132 74.214.194.132	59940 (PULSEPOIN...) (PULSEPOINT-EU)
1	143.204.214.103 143.204.214.103	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 1	185.86.137.42 185.86.137.42	201081 (SMARTADSE...) (SMARTADSERVER)
1	68.232.35.16 68.232.35.16	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
1	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	147.135.143.43 147.135.143.43	16276 (OVH) (OVH)
1	18.185.153.197 18.185.153.197	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	5.179.192.20 5.179.192.20	34235 (ASPSERVEU...) (ASPSERVEUR-AS)
1	94.23.196.203 94.23.196.203	16276 (OVH) (OVH)
1	54.154.242.201 54.154.242.201	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	185.33.223.206 185.33.223.206	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
1 1	2600:9000:204... 2600:9000:2047:ec00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2600:9000:204... 2600:9000:2047:8600:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
38	17

1 2606:4700:31::681f:bb2 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

urlz.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:c697 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2047:8800:15:f434:4640:93a1 (United States) 3 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

b-ooms-1950.shortcm.li	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 89.203.249.179 (Czech Republic)

ASN25512 (CDT-AS The Czech Republic, CZ)
PTR: 179-249-203-89.hicoria.com

89.203.249.179	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.139.241.23 (Dallas, United States)

ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US)

ads.themoneytizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.214.194.132 (Amsterdam, Netherlands)

ASN59940 (PULSEPOINT-EU, NL)

tag.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.214.103 (Wilmington, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-214-103.fra53.r.cloudfront.net

p.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.137.42 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

ww1097.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 68.232.35.16 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

ced-ns.sascdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 147.135.143.43 (Waltham, United States)

ASN16276 (OVH, FR)

tag.leadplace.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.185.153.197 (Cambridge, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-185-153-197.eu-central-1.compute.amazonaws.com

edge.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 5.179.192.20 (France)

ASN34235 (ASPSERVEUR-AS, FR)
PTR: 5-179-192-20.dynamixhost.net

player.pepsia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.23.196.203 (France)

ASN16276 (OVH, FR)
PTR: serveur8.wilsoftech.com

www.noowho.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.154.242.201 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-154-242-201.eu-west-1.compute.amazonaws.com

s.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.223.206 (European Union)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2047:ec00:6:44e3:f8c0:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2047:8600:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	themoneytizer.com ads.themoneytizer.com	114 KB
3	shortcm.li 3 redirects b-ooms-1950.shortcm.li	843 B
2	quantcount.com 1 redirects rules.quantcount.com	403 B
2	pepsia.com player.pepsia.com	52 KB
2	leadplace.fr tag.leadplace.fr	3 KB
2	cpx.to p.cpx.to s.cpx.to	3 KB
1	google-analytics.com www.google-analytics.com	17 KB
1	adnxs.com ib.adnxs.com secure.adnxs.com Failed	1 KB
1	noowho.com www.noowho.com	2 KB
1	quantserve.com edge.quantserve.com	6 KB
1	criteo.com gum.criteo.com	305 B
1	sascdn.com ced-ns.sascdn.com	8 KB
1	smartadserver.com 1 redirects ww1097.smartadserver.com	481 B
1	contextweb.com tag.contextweb.com	11 KB
1	cloudflare.com ajax.cloudflare.com	4 KB
1	urlz.fr urlz.fr	1 KB
0	bootstrapcdn.com Failed maxcdn.bootstrapcdn.com Failed
0	dmcdn.net Failed api.dmcdn.net Failed
0	doubleclick.net Failed cm.g.doubleclick.net Failed
0	avocet.io Failed ads.avocet.io Failed
0	pubmatic.com Failed image2.pubmatic.com Failed
0	turn.com Failed d.turn.com Failed
0	rubiconproject.com Failed fastlane.rubiconproject.com Failed
0	stickyadstv.com Failed ads.stickyadstv.com Failed
0	adform.net Failed c1.adform.net Failed
0	tmyzer.com Failed g.tmyzer.com Failed
38	26

	Domain	Requested by
5	ads.themoneytizer.com	ajax.cloudflare.com ads.themoneytizer.com
3	b-ooms-1950.shortcm.li	3 redirects
2	rules.quantcount.com	1 redirects
2	player.pepsia.com	urlz.fr player.pepsia.com
2	tag.leadplace.fr	ads.themoneytizer.com tag.leadplace.fr
1	www.google-analytics.com	urlz.fr
1	ib.adnxs.com	ads.themoneytizer.com
1	s.cpx.to	p.cpx.to
1	www.noowho.com
1	edge.quantserve.com	ads.themoneytizer.com
1	gum.criteo.com	ads.themoneytizer.com
1	ced-ns.sascdn.com
1	ww1097.smartadserver.com	1 redirects
1	p.cpx.to	ads.themoneytizer.com
1	tag.contextweb.com	ads.themoneytizer.com
1	ajax.cloudflare.com	urlz.fr
1	urlz.fr	urlz.fr
0	maxcdn.bootstrapcdn.com Failed	player.pepsia.com
0	api.dmcdn.net Failed	player.pepsia.com
0	cm.g.doubleclick.net Failed
0	ads.avocet.io Failed
0	image2.pubmatic.com Failed
0	secure.adnxs.com Failed
0	d.turn.com Failed
0	fastlane.rubiconproject.com Failed	ads.themoneytizer.com
0	ads.stickyadstv.com Failed	ads.themoneytizer.com
0	c1.adform.net Failed
0	g.tmyzer.com Failed	ads.themoneytizer.com
38	28

This site contains links to these domains. Also see Links.

Domain
urlz.fr

Subject Issuer	Validity	Valid
ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2018-09-22` - `2019-03-31`	6 months	crt.sh
*.themoneytizer.com RapidSSL RSA CA 2018	`2018-06-14` - `2019-02-28`	9 months	crt.sh
www.noowho.com Gandi Standard SSL CA 2	`2017-02-07` - `2020-02-07`	3 years	crt.sh
s.cpx.to COMODO RSA Domain Validation Secure Server CA	`2015-02-10` - `2020-02-09`	5 years	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2018-10-16` - `2019-10-21`	a year	crt.sh
*.google-analytics.com Google Internet Authority G3	`2018-12-19` - `2019-03-13`	3 months	crt.sh

This page contains 5 frames:

Primary Page: http://89.203.249.179/dl.php
Frame ID: F6C60DF89ACED451F2E71334CE29781A
Requests: 31 HTTP requests in this frame

Frame: http://89.203.249.179/dl.php
Frame ID: AFF797C3297DCEB0A2B5A0FA916637B0
Requests: 1 HTTP requests in this frame

Frame: http://89.203.249.179/dl.php
Frame ID: 89943CD241D6A47E2660D5B294878FEA
Requests: 1 HTTP requests in this frame

Frame: http://tag.leadplace.fr/wckr.php?nogdpr&id=MTIZ
Frame ID: CA5A729693A05335A5366E2F7945FB04
Requests: 1 HTTP requests in this frame

Frame: https://www.google-analytics.com/analytics.js
Frame ID: 3869A3EA87C3E4BD0695F61CFA5D3086
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://urlz.fr/8JxR Page URL
https://b-ooms-1950.shortcm.li/jUyQxw HTTP 302
http://89.203.249.179/dl.php Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /cloudflare/i

Page Statistics

38
Requests

21 %
HTTPS

37 %
IPv6

26
Domains

28
Subdomains

17
IPs

6
Countries

224 kB
Transfer

569 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://urlz.fr/8JxR
Title: referring page

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://urlz.fr/8JxR Page URL
https://b-ooms-1950.shortcm.li/jUyQxw HTTP 302
http://89.203.249.179/dl.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://b-ooms-1950.shortcm.li/jUyQxw HTTP 302
http://89.203.249.179/dl.php

Request Chain 10

http://ww1097.smartadserver.com/config.js?nwid=1097 HTTP 302
http://ced-ns.sascdn.com/diff/js/smart.js

Request Chain 13

http://id5-sync.com/i/12/9.gif HTTP 302
http://id5-sync.com/c/12/0/9/1.gif HTTP 302
http://ib.adnxs.com/getuid?http://id5-sync.com/c/12/2/8/2.gif?puid=$UID HTTP 302
http://ib.adnxs.com/bounce?%2Fgetuid%3Fhttp%3A%2F%2Fid5-sync.com%2Fc%2F12%2F2%2F8%2F2.gif%3Fpuid%3D%24UID HTTP 302
http://id5-sync.com/c/12/2/8/2.gif?puid=211884246538496926 HTTP 302
http://c1.adform.net/serving/cookie/match?party=1135&callback=http%3A%2F%2Fid5-sync.com%2Fc%2F12%2F10%2F7%2F3.gif%3Fpuid%3D%5Badformuid%5D

Request Chain 17

https://b-ooms-1950.shortcm.li/jUyQxw HTTP 302
http://89.203.249.179/dl.php

Request Chain 25

http://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js HTTP 301
https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js

38 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Cookie set 8JxR Show response
urlz.fr/ 3 KB
1 KB 64ms
57ms Document
text/html 2606:4700:31::681f:bb2
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://urlz.fr/8JxR
Protocol: HTTP/1.1
Server: 2606:4700:31::681f:bb2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0978fc45dfbcb26289a177834675854f4e7e1dc977d0a93a38efb30537f456f2

Request headers

Host: urlz.fr
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 30 Jan 2019 18:15:44 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=d8e6b3442d0f6ff128930942868a8f99b1548872144; expires=Thu, 30-Jan-20 18:15:44 GMT; path=/; domain=.urlz.fr; HttpOnly
Server: cloudflare
CF-RAY: 4a15ecf842a9c2d3-FRA
Content-Encoding: gzip

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/2448a7bd/cloudflare-static/ 11 KB
4 KB 18ms
7ms Script
application/javascript 2606:4700::6813:c697
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/2448a7bd/cloudflare-static/rocket-loader.min.js

Requested by

Host: urlz.fr
URL: http://urlz.fr/8JxR

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6813:c697 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

3493abbdef3202f502f59b11be045f3b4df6d94f047d882da751dc36087a31b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://urlz.fr/8JxR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 30 Jan 2019 18:15:44 GMT
content-encoding: gzip
last-modified: Tue, 29 Jan 2019 05:11:37 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5c4fe089-2ba8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=172800, public
strict-transport-security: max-age=15780000; includeSubDomains
cf-ray: 4a15ecf8cb98648d-FRA
expires: Fri, 01 Feb 2019 18:15:44 GMT

GET
H/1.1

404
Not Found

dl.php
89.203.249.179/ Frame AFF7
Redirect Chain

https://b-ooms-1950.shortcm.li/jUyQxw
http://89.203.249.179/dl.php

0
0

54ms
28ms

Document
text/html

89.203.249.179
CDT-AS The Czech ...

General

Check archive.org

Show headers Download Go to

Full URL: http://89.203.249.179/dl.php
Requested by: Host: urlz.fr
URL: http://urlz.fr/8JxR
Protocol: HTTP/1.1
Server: 89.203.249.179 , Czech Republic, ASN25512 (CDT-AS The Czech Republic, CZ),
Reverse DNS: 179-249-203-89.hicoria.com
Software: Apache/2.4.37 (Win32) OpenSSL/1.1.1a PHP/7.3.1 /
Resource Hash

Request headers

Host: 89.203.249.179
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://urlz.fr/8JxR
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://urlz.fr/8JxR

Response headers

Date: Wed, 30 Jan 2019 18:15:45 GMT
Server: Apache/2.4.37 (Win32) OpenSSL/1.1.1a PHP/7.3.1
Vary: accept-language,accept-charset
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Content-Language: en

Redirect headers

status: 302
content-type: text/html; charset=utf-8
content-length: 87
location: http://89.203.249.179/dl.php
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
date: Wed, 30 Jan 2019 18:15:44 GMT
x-cache: Miss from cloudfront
via: 1.1 bc9bd2c59aa48e2932432099ba36a25b.cloudfront.net (CloudFront)
x-amz-cf-id: zNX7XYYJlVjsSr2LftO3_8ZIDo4uV-xEAqi0W9K7T4PJrgQaJ6ZzIw==

GET
H/1.1 200
OK requestform.js Show response
ads.themoneytizer.com/s/ 43 KB
9 KB 31ms
8ms Script
text/html 151.139.241.23
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/2448a7bd/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: NetDNA-cache/2.2 / PHP/5.4.45
Resource Hash: f5840676447d66848c536647257dbbde6bac66162eeb19d30ca26c155480b234

Request headers

Referer: http://urlz.fr/8JxR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 30 Jan 2019 18:15:38 GMT
Content-Encoding: gzip
Server: NetDNA-cache/2.2
X-Powered-By: PHP/5.4.45
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/html; charset=UTF-8
Cache-control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9142
Expires: Thu, 31 Jan 2019 18:15:38 GMT

GET
H/1.1 200
OK gen.js Show response
ads.themoneytizer.com/s/ 5 KB
2 KB 33ms
11ms Script
text/html 151.139.241.23
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: http://ads.themoneytizer.com/s/gen.js?type=28
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/2448a7bd/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: NetDNA-cache/2.2 / PHP/5.4.45
Resource Hash: f3042307a08b2fbccd43b71c9e9c28eeec24fe56a7bdbb0a92a29e3f75021b65

Request headers

Referer: http://urlz.fr/8JxR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 30 Jan 2019 18:14:52 GMT
Content-Encoding: gzip
Server: NetDNA-cache/2.2
X-Powered-By: PHP/5.4.45
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/html; charset=UTF-8
Cache-control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2085
Expires: Thu, 31 Jan 2019 18:14:52 GMT

GET /
g.tmyzer.com/g/ 0
0

GET
H2 200 moneyvisibility.js Show response
ads.themoneytizer.com/ 12 KB
4 KB 50ms
11ms Script
text/javascript 151.139.241.23
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneyvisibility.js
Requested by: Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: 7665c874bc98e44bd494def2883069f2f4c14cdef48d52d517cbbfce75440f37

Request headers

Referer: http://urlz.fr/8JxR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 30 Jan 2019 18:15:45 GMT
content-encoding: gzip
last-modified: Tue, 03 Oct 2017 20:38:26 GMT
server: nginx
etag: "779a-308e-55aaa791f67cd"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 3931
expires: Thu, 31 Jan 2019 18:15:35 GMT

GET
H2 200 moneybile.js Show response
ads.themoneytizer.com/ 37 KB
16 KB 60ms
22ms Script
text/javascript 151.139.241.23
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneybile.js
Requested by: Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: 94666aec361fee9a9294bb32a5bc11867e479d41c199dd6ec8053122ae105a4b

Request headers

Referer: http://urlz.fr/8JxR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 30 Jan 2019 18:15:45 GMT
content-encoding: gzip
last-modified: Tue, 26 Dec 2017 18:31:28 GMT
server: nginx
etag: "7ff1-9390-561427db3104d"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 15733
expires: Thu, 31 Jan 2019 18:15:04 GMT

GET
H/1.1 200
OK getjs.static.js Show response
tag.contextweb.com/ 32 KB
11 KB 87ms
20ms Script
application/x-javascript 74.214.194.132
PULSEPOINT-EU

General

Check archive.org

Show headers Download Go to

Full URL: http://tag.contextweb.com/getjs.static.js
Requested by: Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol: HTTP/1.1
Server: 74.214.194.132 Amsterdam, Netherlands, ASN59940 (PULSEPOINT-EU, NL),
Reverse DNS
Software: nginx /
Resource Hash: 2797a5a31f878305121024bf4f2271f8059dcc6c2b24efde2994c09631bed34f

Request headers

Referer: http://urlz.fr/8JxR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 30 Jan 2019 18:15:45 GMT
Content-Encoding: gzip
Server: nginx
ETag: 24e3b1b6dd83b252f1213e42689762834e238463
P3P: policyref="/TagPublish/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
Cache-Control: max-age=432000, public
Connection: keep-alive
CW-FEServer: ams-prts05.pulse.prod
Content-Type: application/x-javascript
Content-Length: 11149

GET
H/1.1 200
OK px.js Show response
p.cpx.to/p/11528/ 1 KB
2 KB 55ms
11ms Script
application/javascript 143.204.214.103
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://p.cpx.to/p/11528/px.js?r=1733c
Requested by: Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol: HTTP/1.1
Server: 143.204.214.103 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-214-103.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 759d88dd7c8fa0d1e31323bd2ebf3f238156fdcbd1ed108215f69fece482d0c2

Request headers

Referer: http://urlz.fr/8JxR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 25 Jan 2019 08:08:22 GMT
Content-Encoding: UTF-8
Last-Modified: Wed, 10 Oct 2018 10:49:46 GMT
Server: AmazonS3
Age: 468444
ETag: "f30057c89bf67afeaf18ceba624fa4b7"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 73f3a23156999272233949c078c30859.cloudfront.net (CloudFront)
Cache-Control: max-age=2419200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1498
X-Amz-Cf-Id: v_Y48-OO8O0Aap48oxgNfsHblvRNbMpL-IqHYU4S1nuaMGR8Ya9k5Q==

GET
H/1.1

200
OK

smart.js Show response
ced-ns.sascdn.com/diff/js/
Redirect Chain

http://ww1097.smartadserver.com/config.js?nwid=1097
http://ced-ns.sascdn.com/diff/js/smart.js

23 KB
8 KB

135ms
7ms

Script
application/x-javascript

68.232.35.16
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: http://ced-ns.sascdn.com/diff/js/smart.js
Protocol: HTTP/1.1
Server: 68.232.35.16 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40E6) /
Resource Hash: 1fee8332816393ac071a612425212d2f93299ad6977cd9ab4938bd635d96c254

Request headers

Referer: http://urlz.fr/8JxR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 30 Jan 2019 18:15:45 GMT
Content-Encoding: gzip
Last-Modified: Mon, 14 Jan 2019 14:40:53 GMT
Server: ECS (fcn/40E6)
X-N: S
Etag: "5d1fa54d900ff8a85198a32d477c8fd5:1547476853"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: application/x-javascript
Cache-Control: max-age=86400
Accept-Ranges: bytes
Content-Length: 7691

Redirect headers

Location: http://ced-ns.sascdn.com/diff/js/smart.js
Date: Wed, 30 Jan 2019 18:15:44 GMT
Cache-Control: public, no-cache="Set-Cookie", max-age=3600
Content-Type: text/html; charset=utf-8
ETag: "19BE870A53B9D644BB086647352DF459"
Content-Length: 158
Expires: Wed, 30 Jan 2019 19:15:45 GMT

GET
H/1.1 200
OK sync Show response
gum.criteo.com/ 49 B
305 B 32ms
14ms Script
text/javascript 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: http://gum.criteo.com/sync?c=147&r=2&j=criteoCallback
Requested by: Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol: HTTP/1.1
Server: 2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0

Request headers

Referer: http://urlz.fr/8JxR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 30 Jan 2019 18:15:44 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=3600
Content-Length: 49
Expires: 60

GET
H/1.1 200
OK libJsLP.js Show response
tag.leadplace.fr/ 3 KB
3 KB 53ms
19ms Script
application/javascript 147.135.143.43
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://tag.leadplace.fr/libJsLP.js
Requested by: Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol: HTTP/1.1
Server: 147.135.143.43 Waltham, United States, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 90e6f92e956b0b2b6e655f63d36cd44cef727f54c2b2a175ab5144de14ba2a31

Request headers

Referer: http://urlz.fr/8JxR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 30 Jan 2019 18:15:45 GMT
Last-Modified: Tue, 27 Nov 2018 14:13:54 GMT
Server: nginx/1.14.2
ETag: "5bfd5122-a72"
X-IPLB-Instance: 13157
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 2674

GET

match
c1.adform.net/serving/cookie/
Redirect Chain

http://id5-sync.com/i/12/9.gif
http://id5-sync.com/c/12/0/9/1.gif
http://ib.adnxs.com/getuid?http://id5-sync.com/c/12/2/8/2.gif?puid=$UID
http://ib.adnxs.com/bounce?%2Fgetuid%3Fhttp%3A%2F%2Fid5-sync.com%2Fc%2F12%2F2%2F8%2F2.gif%3Fpuid%3D%24UID
http://id5-sync.com/c/12/2/8/2.gif?puid=211884246538496926
http://c1.adform.net/serving/cookie/match?party=1135&callback=http%3A%2F%2Fid5-sync.com%2Fc%2F12%2F10%2F7%2F3.gif%3Fpuid%3D%5Badformuid%5D

0
0

GET
H/1.1 200
OK quant.js Show response
edge.quantserve.com/ 12 KB
6 KB 179ms
9ms Script
application/x-javascript 18.185.153.197
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://edge.quantserve.com/quant.js
Requested by: Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol: HTTP/1.1
Server: 18.185.153.197 Cambridge, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-18-185-153-197.eu-central-1.compute.amazonaws.com
Software: QS /
Resource Hash: 404a9b0ffbcc813e8ddbb8d8510a24a69c09079282f8083ee94f4adc5d627176

Request headers

Referer: http://urlz.fr/8JxR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 30 Jan 2019 18:15:45 GMT
Content-Encoding: gzip
Last-Modified: Wed, 30-Jan-2019 18:15:45 GMT
Server: QS
ETag: M0-e2b9884a
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=604800
Connection: keep-alive
Content-Length: 5456
Expires: Wed, 06 Feb 2019 18:15:45 GMT

GET
H2 200 prebid.js Show response
ads.themoneytizer.com/moneybid1_39/build/dist/ 260 KB
82 KB 25ms
24ms Script
text/javascript 151.139.241.23
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneybid1_39/build/dist/prebid.js
Requested by: Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: ba95487a7721bf9de3d5b103cc5b48ec09fe4c95db48e4cbdf84f8dbf238b96f

Request headers

Referer: http://urlz.fr/8JxR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 30 Jan 2019 18:15:45 GMT
content-encoding: gzip
last-modified: Wed, 23 Jan 2019 23:00:11 GMT
server: nginx
etag: "1f60c-411aa-580280e5deadf"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 84112
expires: Thu, 31 Jan 2019 18:15:24 GMT

GET
H/1.1 200
OK sdk.js Show response
player.pepsia.com/ 37 KB
37 KB 120ms
43ms Script
application/javascript 5.179.192.20
ASPSERVEUR-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://player.pepsia.com/sdk.js?d=1689ff95880
Requested by: Host: urlz.fr
URL: http://urlz.fr/8JxR
Protocol: HTTP/1.1
Server: 5.179.192.20 , France, ASN34235 (ASPSERVEUR-AS, FR),
Reverse DNS: 5-179-192-20.dynamixhost.net
Software: nginx /
Resource Hash: b5580dc00397bb92dacef43272d8b726884467965cbb110fdc2b0c5e252bfac2

Request headers

Referer: http://urlz.fr/8JxR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 30 Jan 2019 18:15:45 GMT
Last-Modified: Wed, 23 Jan 2019 09:55:22 GMT
Server: nginx
Accept-Ranges: bytes
ETag: "5c483a0a-945e"
Content-Length: 37982
Content-Type: application/javascript

GET
H/1.1

404
Not Found

dl.php
89.203.249.179/ Frame 8994
Redirect Chain

https://b-ooms-1950.shortcm.li/jUyQxw
http://89.203.249.179/dl.php

0
0

34ms
31ms

Document
text/html

89.203.249.179
CDT-AS The Czech ...

General

Check archive.org

Show headers Download Go to

Full URL: http://89.203.249.179/dl.php
Requested by: Host: urlz.fr
URL: http://urlz.fr/8JxR
Protocol: HTTP/1.1
Server: 89.203.249.179 , Czech Republic, ASN25512 (CDT-AS The Czech Republic, CZ),
Reverse DNS: 179-249-203-89.hicoria.com
Software: Apache/2.4.37 (Win32) OpenSSL/1.1.1a PHP/7.3.1 /
Resource Hash

Request headers

Host: 89.203.249.179
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://urlz.fr/8JxR
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://urlz.fr/8JxR

Response headers

Date: Wed, 30 Jan 2019 18:15:45 GMT
Server: Apache/2.4.37 (Win32) OpenSSL/1.1.1a PHP/7.3.1
Vary: accept-language,accept-charset
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Content-Language: en

Redirect headers

status: 302
content-type: text/html; charset=utf-8
content-length: 87
location: http://89.203.249.179/dl.php
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
date: Wed, 30 Jan 2019 18:15:45 GMT
x-cache: Miss from cloudfront
via: 1.1 bc9bd2c59aa48e2932432099ba36a25b.cloudfront.net (CloudFront)
x-amz-cf-id: L1TTOM-1_9_1aAzls0C4CxpbFSmufyYoBgCNJZMeiBpubux1vQJ4uQ==

GET
H/1.1 200
OK image.php
www.noowho.com/ 1 KB
2 KB 274ms
118ms Image
image/gif 94.23.196.203
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.noowho.com/image.php?site=23690713&ref=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.23.196.203 , France, ASN16276 (OVH, FR),
Reverse DNS: serveur8.wilsoftech.com
Software: Apache/2.4.7 (Ubuntu) / PHP/5.5.9-1ubuntu4.22
Resource Hash

Request headers

Referer: http://urlz.fr/8JxR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 30 Jan 2019 18:18:53 GMT
Cache-Control: no-store, no-cache, must-revalidate
Server: Apache/2.4.7 (Ubuntu)
Connection: close
X-Powered-By: PHP/5.5.9-1ubuntu4.22
Content-Length: 1478
Content-Type: image/gif

GET
H/1.1 200
OK fire.js
s.cpx.to/ 897 B
1 KB 212ms
29ms Script
text/plain 54.154.242.201
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://s.cpx.to/fire.js?pid=11528&ref=&hn_ver=10&fid=a171c1cc-a3d7-45f3-beaa-5fa15a93a533
Requested by: Host: p.cpx.to
URL: http://p.cpx.to/p/11528/px.js?r=1733c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.242.201 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-154-242-201.eu-west-1.compute.amazonaws.com
Software: akka-http/2.4.17 /
Resource Hash

Request headers

Referer: http://urlz.fr/8JxR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Jan 2019 18:15:45 GMT
Server: akka-http/2.4.17
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Type: text/plain; charset=UTF-8
Content-Length: 897
Expires: Thu, 24 Jan 2019 09:49:00 GMT

GET
H/1.1 200
OK wckr.php
tag.leadplace.fr/ Frame CA5A 0
0 70ms
19ms Document
text/html 147.135.143.43
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://tag.leadplace.fr/wckr.php?nogdpr&id=MTIZ
Requested by: Host: tag.leadplace.fr
URL: http://tag.leadplace.fr/libJsLP.js
Protocol: HTTP/1.1
Server: 147.135.143.43 Waltham, United States, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash

Request headers

Host: tag.leadplace.fr
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://urlz.fr/8JxR
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://urlz.fr/8JxR

Response headers

Server: nginx/1.14.2
Date: Wed, 30 Jan 2019 18:15:45 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
X-IPLB-Instance: 13157

POST
H/1.1 200
OK prebid
ib.adnxs.com/ut/v3/ 373 B
1 KB 127ms
98ms XHR
application/json 185.33.223.206
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

http://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid1_39/build/dist/prebid.js

Protocol

HTTP/1.1

Server

185.33.223.206 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

Software

nginx/1.13.4 /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://urlz.fr/8JxR
Origin: http://urlz.fr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 30 Jan 2019 18:15:47 GMT
X-Proxy-Origin: 185.220.70.202; 185.220.70.202; 301.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.107:80
AN-X-Request-Uuid: dcfaf7c6-442f-4f0e-958b-7606611f39f2
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://urlz.fr
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 373
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET swfIndex.php
ads.stickyadstv.com/www/delivery/ 0
0

GET fastlane.json
fastlane.rubiconproject.com/a/api/ 0
0

GET
H2

200

rules-p-6Fv0cGNfc_bw8.js
rules.quantcount.com/
Redirect Chain

http://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js

0
0

30ms
8ms

Script
application/x-javascript

2600:9000:2047:8600:6:44e3:f8c0:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2047:8600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: http://urlz.fr/8JxR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 30 Jan 2019 17:29:26 GMT
content-encoding: gzip
last-modified: Mon, 19 Mar 2018 22:28:36 GMT
server: AmazonS3
age: 2784
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=3600
x-amz-cf-id: hyjIOsHwQjFG74GZ4Gu2sAMWbTXJQEZzWF5IDaZA49i7xG8QEYcsqw==
via: 1.1 c0486ca54d4ad5a3da496bc2b5f49cd2.cloudfront.net (CloudFront)

Redirect headers

Date: Wed, 30 Jan 2019 18:15:45 GMT
Via: 1.1 0c23bed0dc9f1c700b571cf55c540239.cloudfront.net (CloudFront)
Server: CloudFront
X-Cache: Redirect from cloudfront
Content-Type: text/html
Location: https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Connection: keep-alive
Content-Length: 183
X-Amz-Cf-Id: qY60AAFbIVKizlCjPPntOE4INHmh-GcbQeyjAO44oFasVJ-Oi6yBhQ==

GET
H/1.1 200
OK /
player.pepsia.com/V2/ 42 KB
15 KB 46ms
45ms XHR
text/html 5.179.192.20
ASPSERVEUR-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://player.pepsia.com/V2/?token=00I4&autoplay=1&logo=true&volume=1&api=1&id=0&origin=http://urlz.fr&d=1689ff959ff
Requested by: Host: player.pepsia.com
URL: http://player.pepsia.com/sdk.js?d=1689ff95880
Protocol: HTTP/1.1
Server: 5.179.192.20 , France, ASN34235 (ASPSERVEUR-AS, FR),
Reverse DNS: 5-179-192-20.dynamixhost.net
Software: nginx /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://urlz.fr/8JxR
Origin: http://urlz.fr

Response headers

Access-Control-Allow-Origin: http://urlz.fr
Date: Wed, 30 Jan 2019 18:15:45 GMT
Content-Encoding: gzip
Access-Control-Allow-Credentials: true
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET algo.php
player.pepsia.com/ 0
0

GET https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Damobee%26dsp_uid%3D%24%21%7BTURN_UUID%7D%26fid%3Da171c1cc-a3d7-45f3-beaa-5fa15a93a533
d.turn.com/r/dd/id/L21rdC8xMjgwL2NpZC8xNzQ4MDc2NjU4L3QvMg/url/ 0
0

GET getuid
secure.adnxs.com/ 0
0

GET UCookieSetPug
image2.pubmatic.com/AdServer/ 0
0

GET getuid
ads.avocet.io/ 0
0

GET pixel
cm.g.doubleclick.net/ 0
0

GET
H/1.1

404
Not Found

Primary Request dl.php Show response
89.203.249.179/
Redirect Chain

https://b-ooms-1950.shortcm.li/jUyQxw
http://89.203.249.179/dl.php

1 KB
2 KB

40ms
39ms

Document
text/html

89.203.249.179
CDT-AS The Czech ...

General

Check archive.org

Show headers Download Go to

Full URL: http://89.203.249.179/dl.php
Requested by: Host: urlz.fr
URL: http://urlz.fr/8JxR
Protocol: HTTP/1.1
Server: 89.203.249.179 , Czech Republic, ASN25512 (CDT-AS The Czech Republic, CZ),
Reverse DNS: 179-249-203-89.hicoria.com
Software: Apache/2.4.37 (Win32) OpenSSL/1.1.1a PHP/7.3.1 /
Resource Hash: d15bd64cf1246b4556d817a8c2dd1621added7d1aaacde8224cef40c1bdb8002

Request headers

Host: 89.203.249.179
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://urlz.fr/8JxR
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://urlz.fr/8JxR

Response headers

Date: Wed, 30 Jan 2019 18:15:46 GMT
Server: Apache/2.4.37 (Win32) OpenSSL/1.1.1a PHP/7.3.1
Vary: accept-language,accept-charset
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Content-Language: en

Redirect headers

status: 302
content-type: text/html; charset=utf-8
content-length: 87
location: http://89.203.249.179/dl.php
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
date: Wed, 30 Jan 2019 18:15:45 GMT
x-cache: Miss from cloudfront
via: 1.1 bc9bd2c59aa48e2932432099ba36a25b.cloudfront.net (CloudFront)
x-amz-cf-id: Y99c8YFFKxI_6__dn8PzNiK583AN0ZhVxOh4ovY6pLrWab1R6Ut5DQ==

GET
H2 200 analytics.js
www.google-analytics.com/ Frame 3869 43 KB
17 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:808::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: urlz.fr
URL: http://urlz.fr/8JxR

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:808::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://urlz.fr/8JxR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 16 Jan 2019 20:01:45 GMT
server: Golfe2
age: 3682
date: Wed, 30 Jan 2019 17:14:23 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
content-length: 17543
expires: Wed, 30 Jan 2019 19:14:23 GMT

GET all.js
api.dmcdn.net/ Frame 3869 0
0

GET glyphicons-halflings-regular.woff2
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/fonts/ Frame 3869 0
0

GET
DATA 200
OK truncated
/ Frame 3869 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Response headers

Content-Type: image/gif

GET favicon.ico
urlz.fr/ Frame 3869 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: g.tmyzer.com
URL: http://g.tmyzer.com/g/

Domain: c1.adform.net
URL: http://c1.adform.net/serving/cookie/match?party=1135&callback=http%3A%2F%2Fid5-sync.com%2Fc%2F12%2F10%2F7%2F3.gif%3Fpuid%3D%5Badformuid%5D

Domain: ads.stickyadstv.com
URL: http://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=5224337&componentId=mustang&timestamp=1548872145326&pKey=-1653109416&_fw_gdpr_consent=undefined&loc=http%3A%2F%2Furlz.fr%2F8JxR&playerSize=640x480&

Domain: fastlane.rubiconproject.com
URL: http://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11740&site_id=39544&zone_id=1078226&size_id=2&p_pos=unknown&rf=https%3A%2F%2Furlz.fr&kw=15056&tg_i.siteid=15056&tk_flint=pbjs_lite_v1.39.0&x_source.tid=61643ed9-6e75-4a63-95fa-a560233e0c5d&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=0&slots=1&rand=0.9737726859950588

Domain: fastlane.rubiconproject.com
URL: http://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11740&site_id=39544&zone_id=1078310&size_id=2&p_pos=unknown&rf=https%3A%2F%2Furlz.fr&kw=15056&tg_i.siteid=15056&tk_flint=pbjs_lite_v1.39.0&x_source.tid=da876658-299e-4667-afc5-25f0915a7f8c&p_screen_res=1600x1200&rp_floor=0.37&rp_secure=0&slots=1&rand=0.09387471350113752

Domain: player.pepsia.com
URL: http://player.pepsia.com/algo.php?token=00I4&num=9&origin=http://urlz.fr&d=1689ff95a00

Domain: d.turn.com
URL: https://d.turn.com/r/dd/id/L21rdC8xMjgwL2NpZC8xNzQ4MDc2NjU4L3QvMg/url/https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Damobee%26dsp_uid%3D%24%21%7BTURN_UUID%7D%26fid%3Da171c1cc-a3d7-45f3-beaa-5fa15a93a533

Domain: secure.adnxs.com
URL: https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D11528%26ref%3D%26hn_ver%3D10%26fid%3Da171c1cc-a3d7-45f3-beaa-5fa15a93a533

Domain: image2.pubmatic.com
URL: https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Da171c1cc-a3d7-45f3-beaa-5fa15a93a533

Domain: ads.avocet.io
URL: https://ads.avocet.io/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Davocet%26dsp_uid%3D%7B%7BUUID%7D%7D%26fid%3Da171c1cc-a3d7-45f3-beaa-5fa15a93a533

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=a171c1cc-a3d7-45f3-beaa-5fa15a93a533

Domain: api.dmcdn.net
URL: https://api.dmcdn.net/all.js

Domain: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/fonts/glyphicons-halflings-regular.woff2

Domain: urlz.fr
URL: http://urlz.fr/favicon.ico

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.avocet.io
ads.stickyadstv.com
ads.themoneytizer.com
ajax.cloudflare.com
api.dmcdn.net
b-ooms-1950.shortcm.li
c1.adform.net
ced-ns.sascdn.com
cm.g.doubleclick.net
d.turn.com
edge.quantserve.com
fastlane.rubiconproject.com
g.tmyzer.com
gum.criteo.com
ib.adnxs.com
image2.pubmatic.com
maxcdn.bootstrapcdn.com
p.cpx.to
player.pepsia.com
rules.quantcount.com
s.cpx.to
secure.adnxs.com
tag.contextweb.com
tag.leadplace.fr
urlz.fr
ww1097.smartadserver.com
www.google-analytics.com
www.noowho.com
ads.avocet.io
ads.stickyadstv.com
api.dmcdn.net
c1.adform.net
cm.g.doubleclick.net
d.turn.com
fastlane.rubiconproject.com
g.tmyzer.com
image2.pubmatic.com
maxcdn.bootstrapcdn.com
player.pepsia.com
secure.adnxs.com
urlz.fr
143.204.214.103
147.135.143.43
151.139.241.23
18.185.153.197
185.33.223.206
185.86.137.42
2600:9000:2047:8600:6:44e3:f8c0:93a1
2600:9000:2047:8800:15:f434:4640:93a1
2600:9000:2047:ec00:6:44e3:f8c0:93a1
2606:4700:31::681f:bb2
2606:4700::6813:c697
2a00:1450:4001:808::200e
2a02:2638:1::13
5.179.192.20
54.154.242.201
68.232.35.16
74.214.194.132
89.203.249.179
94.23.196.203
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
0978fc45dfbcb26289a177834675854f4e7e1dc977d0a93a38efb30537f456f2
1fee8332816393ac071a612425212d2f93299ad6977cd9ab4938bd635d96c254
2797a5a31f878305121024bf4f2271f8059dcc6c2b24efde2994c09631bed34f
3493abbdef3202f502f59b11be045f3b4df6d94f047d882da751dc36087a31b0
404a9b0ffbcc813e8ddbb8d8510a24a69c09079282f8083ee94f4adc5d627176
759d88dd7c8fa0d1e31323bd2ebf3f238156fdcbd1ed108215f69fece482d0c2
7665c874bc98e44bd494def2883069f2f4c14cdef48d52d517cbbfce75440f37
90e6f92e956b0b2b6e655f63d36cd44cef727f54c2b2a175ab5144de14ba2a31
94666aec361fee9a9294bb32a5bc11867e479d41c199dd6ec8053122ae105a4b
b5580dc00397bb92dacef43272d8b726884467965cbb110fdc2b0c5e252bfac2
ba95487a7721bf9de3d5b103cc5b48ec09fe4c95db48e4cbdf84f8dbf238b96f
d15bd64cf1246b4556d817a8c2dd1621added7d1aaacde8224cef40c1bdb8002
f3042307a08b2fbccd43b71c9e9c28eeec24fe56a7bdbb0a92a29e3f75021b65
f5840676447d66848c536647257dbbde6bac66162eeb19d30ca26c155480b234

89.203.249.179 Open in urlscan Pro 89.203.249.179 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

38 Requests

21 %HTTPS

37 %IPv6

26 Domains

28 Subdomains

17 IPs

6 Countries

224 kBTransfer

569 kBSize

0 Cookies

1 Outgoing links

Page URL History

Redirected requests

38 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

89.203.249.179 Open in urlscan Pro
89.203.249.179 Public Scan

Screenshot
Live screenshot

Full Image

38
Requests

21 %
HTTPS

37 %
IPv6

26
Domains

28
Subdomains

17
IPs

6
Countries

224 kB
Transfer

569 kB
Size

0
Cookies

38 HTTP transactions
1 data transactions