urlscan.io logo urlscan.io
SecurityTrails logo

urlz.fr Open in urlscan Pro
2606:4700:31::681f:bb2  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://urlz.fr/aIQ8
Effective URL: https://urlz.fr/aIQ8
Submission: On October 10 via manual from BR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 38 IPs in 9 countries across 42 domains to perform 78 HTTP transactions. The main IP is 2606:4700:31::681f:bb2, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is urlz.fr.
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on August 21st 2019. Valid for: 6 months.
This is the only time urlz.fr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 2606:4700:31:... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
7 151.139.241.23 33438 (HIGHWINDS2)
1 145.239.193.145 16276 (OVH)
1 74.214.194.132 59940 (PULSEPOIN...)
1 13.224.196.26 16509 (AMAZON-02)
1 2 185.86.137.32 201081 (SMARTADSE...)
1 68.232.35.16 15133 (EDGECAST)
1 2a02:2638::1c 44788 (ASN-CRITE...)
2 145.239.193.51 16276 (OVH)
1 91.228.74.236 27281 (QUANTCAST)
1 54.192.94.143 16509 (AMAZON-02)
5 5.179.192.20 34235 (ASPSERVEU...)
1 94.23.196.203 16276 (OVH)
5 7 54.36.123.232 16276 (OVH)
2 2 185.33.223.203 29990 (ASN-APPNEXUS)
2 2 37.157.4.41 198622 (ADFORM)
2 2 3.120.61.28 16509 (AMAZON-02)
1 1 185.86.137.110 201081 (SMARTADSE...)
1 2600:9000:20e... 16509 (AMAZON-02)
6 52.214.1.180 16509 (AMAZON-02)
4 37.252.173.27 29990 (ASN-APPNEXUS)
1 69.173.144.142 26667 (RUBICONPR...)
1 2.18.234.233 16625 (AKAMAI-AS)
1 2 52.28.33.202 16509 (AMAZON-02)
1 91.228.74.225 27281 (QUANTCAST)
1 2a00:1450:400... 15169 (GOOGLE)
1 54.247.83.136 16509 (AMAZON-02)
3 3 172.217.21.226 15169 (GOOGLE)
1 104.16.92.60 13335 (CLOUDFLAR...)
2 2 52.208.204.25 16509 (AMAZON-02)
2 2 185.64.189.110 62713 (AS-PUBMATIC)
1 1 18.185.45.212 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 178.79.227.76 22822 (LLNW)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
3 4 195.8.215.136 41690 (DAILYMOTI...)
3 178.79.227.167 22822 (LLNW)
1 54.38.64.100 16276 (OVH)
2 11 151.101.14.2 54113 (FASTLY)
2 172.227.124.249 20940 (AKAMAI-ASN1)
2 2 18.196.229.216 16509 (AMAZON-02)
1 69.173.144.165 26667 (RUBICONPR...)
1 1 40.113.136.100 8075 (MICROSOFT...)
2 151.101.14.49 54113 (FASTLY)
2 2 54.154.201.99 16509 (AMAZON-02)
2 2.18.232.130 16625 (AKAMAI-AS)
1 104.109.78.125 20940 (AKAMAI-ASN1)
78 38
3    2606:4700:31::681f:bb2 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
urlz.fr
1    2606:4700::6813:c697 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
ajax.cloudflare.com
7    151.139.241.23 (Dallas, United States)

ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US)
ads.themoneytizer.com
1    145.239.193.145 (France)

ASN16276 (OVH, FR)
g.tmyzer.com
1    74.214.194.132 (Amsterdam, Netherlands)

ASN59940 (PULSEPOINT-EU, NL)
tag.contextweb.com
1    13.224.196.26 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-224-196-26.fra2.r.cloudfront.net
p.cpx.to
2    185.86.137.32 (France)

ASN201081 (SMARTADSERVER, FR)
ww1097.smartadserver.com
1    68.232.35.16 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
ced-ns.sascdn.com
1    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    145.239.193.51 (France)

ASN16276 (OVH, FR)
tag.leadplace.fr
1    91.228.74.236 (United Kingdom)

ASN27281 (QUANTCAST - Quantcast Corporation, US)
secure.quantserve.com
1    54.192.94.143 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-192-94-143.fra2.r.cloudfront.net
d2zur9cc2gf1tx.cloudfront.net
5    5.179.192.20 (Paris, France)

ASN34235 (ASPSERVEUR-AS, FR)
PTR: 5-179-192-20.dynamixhost.net
player.pepsia.com
1    94.23.196.203 (France)

ASN16276 (OVH, FR)
PTR: serveur8.wilsoftech.com
www.noowho.com
7    54.36.123.232 (France)

ASN16276 (OVH, FR)
PTR: s04.id5-sync.com
id5-sync.com
2    185.33.223.203 (Netherlands)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 317.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com
2    37.157.4.41 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    3.120.61.28 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-3-120-61-28.eu-central-1.compute.amazonaws.com
ads.creative-serving.com
1    185.86.137.110 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
1    2600:9000:20eb:f400:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
rules.quantcount.com
6    52.214.1.180 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-214-1-180.eu-west-1.compute.amazonaws.com
s.cpx.to
4    37.252.173.27 (Ascension Island)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
1    69.173.144.142 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)
fastlane.rubiconproject.com
1    2.18.234.233 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-234-233.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
2    52.28.33.202 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-28-33-202.eu-central-1.compute.amazonaws.com
ice.360yield.com
1    91.228.74.225 (United Kingdom)

ASN27281 (QUANTCAST - Quantcast Corporation, US)
pixel.quantserve.com
1    2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
ajax.googleapis.com
1    54.247.83.136 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-247-83-136.eu-west-1.compute.amazonaws.com
adtrack.adleadevent.com
3    172.217.21.226 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s13-in-f2.1e100.net
cm.g.doubleclick.net
1    104.16.92.60 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
dmp.truoptik.com
2    52.208.204.25 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-208-204-25.eu-west-1.compute.amazonaws.com
ads.avocet.io
2    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC - PubMatic, Inc., US)
image2.pubmatic.com
1    18.185.45.212 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-185-45-212.eu-central-1.compute.amazonaws.com
pool.grid-data.bidswitch.net
1    2a00:1450:4001:824::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
1    178.79.227.76 (Italy)

ASN22822 (LLNW - Limelight Networks, Inc., US)
PTR: https-178-79-227-76.vie.llnw.net
api.dmcdn.net
1    2001:4de0:ac19::1:b:3a (Netherlands)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
maxcdn.bootstrapcdn.com
4    195.8.215.136 (France)

ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR)
PTR: www.dailymotion.com
www.dailymotion.com
3    178.79.227.167 (Italy)

ASN22822 (LLNW - Limelight Networks, Inc., US)
PTR: https-178-79-227-167.vie.llnw.net
s1.dmcdn.net
s2.dmcdn.net
1    54.38.64.100 (France)

ASN16276 (OVH, FR)
c.tmyzer.com
11    151.101.14.2 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)
cdn.taboola.com
trc.taboola.com
2    172.227.124.249 (United States)

ASN20940 (AKAMAI-ASN1, US)
PTR: a172-227-124-249.deploy.static.akamaitechnologies.com
sb.scorecardresearch.com
2    18.196.229.216 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-196-229-216.eu-central-1.compute.amazonaws.com
rtb.mfadsrvr.com
1    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)
pixel.rubiconproject.com
1    40.113.136.100 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
px.powerlinks.com
2    151.101.14.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)
match.taboola.com
2    54.154.201.99 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-154-201-99.eu-west-1.compute.amazonaws.com
match.adsrvr.org
2    2.18.232.130 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com
acdn.adnxs.com
1    104.109.78.125 (Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
Apex Domain
Subdomains		 Transfer
13 taboola.com
cdn.taboola.com
trc.taboola.com
match.taboola.com
cds.taboola.com Failed
240 KB
8 adnxs.com
secure.adnxs.com
ib.adnxs.com
acdn.adnxs.com
6 KB
7 id5-sync.com
id5-sync.com
6 KB
7 cpx.to
p.cpx.to
s.cpx.to
8 KB
7 themoneytizer.com
ads.themoneytizer.com
160 KB
5 pepsia.com
player.pepsia.com
54 KB
4 dailymotion.com
www.dailymotion.com
5 KB
4 dmcdn.net
api.dmcdn.net
s1.dmcdn.net
s2.dmcdn.net
356 KB
3 doubleclick.net
cm.g.doubleclick.net
701 B
3 rubiconproject.com
fastlane.rubiconproject.com
pixel.rubiconproject.com
eus.rubiconproject.com
2 KB
3 smartadserver.com
ww1097.smartadserver.com
rtb-csync.smartadserver.com
3 KB
3 urlz.fr
urlz.fr
13 KB
2 adsrvr.org
match.adsrvr.org
889 B
2 mfadsrvr.com
rtb.mfadsrvr.com
1 KB
2 scorecardresearch.com
sb.scorecardresearch.com
1 KB
2 pubmatic.com
image2.pubmatic.com
1 KB
2 avocet.io
ads.avocet.io
1 KB
2 360yield.com
ice.360yield.com
1 KB
2 creative-serving.com
ads.creative-serving.com
2 KB
2 adform.net
c1.adform.net
551 B
2 quantserve.com
secure.quantserve.com
pixel.quantserve.com
6 KB
2 leadplace.fr
tag.leadplace.fr
3 KB
2 tmyzer.com
g.tmyzer.com
c.tmyzer.com
400 B
1 powerlinks.com
px.powerlinks.com
402 B
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com
18 KB
1 google-analytics.com
www.google-analytics.com
17 KB
1 bidswitch.net
pool.grid-data.bidswitch.net
338 B
1 truoptik.com
dmp.truoptik.com
1 adleadevent.com
adtrack.adleadevent.com
518 B
1 googleapis.com
ajax.googleapis.com
30 KB
1 stickyadstv.com
ads.stickyadstv.com
545 B
1 quantcount.com
rules.quantcount.com
967 B
1 noowho.com
www.noowho.com
1 KB
1 cloudfront.net
d2zur9cc2gf1tx.cloudfront.net
26 KB
1 criteo.com
gum.criteo.com
386 B
1 sascdn.com
ced-ns.sascdn.com
8 KB
1 contextweb.com
tag.contextweb.com
11 KB
1 cloudflare.com
ajax.cloudflare.com
4 KB
0 w55c.net Failed
pm.w55c.net Failed
0 bttrack.com Failed
bttrack.com Failed
0 storygize.net Failed
www.storygize.net Failed
0 acesso-online-netbanking.com Failed
bb.acesso-online-netbanking.com Failed
78 42
Domain Requested by
7 id5-sync.com 5 redirects ads.themoneytizer.com
7 ads.themoneytizer.com ajax.cloudflare.com
ads.themoneytizer.com
6 trc.taboola.com 2 redirects cdn.taboola.com
6 s.cpx.to p.cpx.to
5 cdn.taboola.com urlz.fr
cdn.taboola.com
5 player.pepsia.com urlz.fr
player.pepsia.com
4 www.dailymotion.com 3 redirects api.dmcdn.net
4 ib.adnxs.com ads.themoneytizer.com
urlz.fr
3 cm.g.doubleclick.net 3 redirects
3 urlz.fr 1 redirects urlz.fr
2 acdn.adnxs.com ads.themoneytizer.com
2 match.adsrvr.org 2 redirects
2 match.taboola.com urlz.fr
2 rtb.mfadsrvr.com 2 redirects
2 sb.scorecardresearch.com cdn.taboola.com
urlz.fr
2 s2.dmcdn.net
2 image2.pubmatic.com 2 redirects
2 ads.avocet.io 2 redirects
2 ice.360yield.com 1 redirects
2 ads.creative-serving.com 2 redirects urlz.fr
2 c1.adform.net 2 redirects
2 secure.adnxs.com 2 redirects
2 tag.leadplace.fr ads.themoneytizer.com
2 ww1097.smartadserver.com 1 redirects ads.themoneytizer.com
1 eus.rubiconproject.com ads.themoneytizer.com
1 px.powerlinks.com 1 redirects
1 pixel.rubiconproject.com urlz.fr
1 c.tmyzer.com ads.themoneytizer.com
1 s1.dmcdn.net
1 maxcdn.bootstrapcdn.com player.pepsia.com
1 api.dmcdn.net player.pepsia.com
1 www.google-analytics.com urlz.fr
1 pool.grid-data.bidswitch.net 1 redirects
1 dmp.truoptik.com
1 adtrack.adleadevent.com ajax.googleapis.com
1 ajax.googleapis.com ads.themoneytizer.com
1 pixel.quantserve.com
1 ads.stickyadstv.com ads.themoneytizer.com
1 fastlane.rubiconproject.com ads.themoneytizer.com
1 rules.quantcount.com secure.quantserve.com
1 rtb-csync.smartadserver.com 1 redirects
1 www.noowho.com
1 d2zur9cc2gf1tx.cloudfront.net ads.themoneytizer.com
1 secure.quantserve.com ads.themoneytizer.com
1 gum.criteo.com ads.themoneytizer.com
1 ced-ns.sascdn.com
1 p.cpx.to ads.themoneytizer.com
1 tag.contextweb.com ads.themoneytizer.com
1 g.tmyzer.com ads.themoneytizer.com
1 ajax.cloudflare.com urlz.fr
0 pm.w55c.net Failed
0 cds.taboola.com Failed urlz.fr
0 bttrack.com Failed urlz.fr
0 www.storygize.net Failed urlz.fr
0 bb.acesso-online-netbanking.com Failed urlz.fr
78 55

This site contains links to these domains. Also see Links.

Domain
www.noowho.com
Subject Issuer Validity Valid
sni21163.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-08-21 -
2020-02-27		 6 months crt.sh
ssl412106.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-08-10 -
2020-02-16		 6 months crt.sh
*.themoneytizer.com
Sectigo RSA Domain Validation Secure Server CA		 2019-02-15 -
2021-02-14		 2 years crt.sh
g.tmyzer.com
Let's Encrypt Authority X3		 2019-10-01 -
2019-12-30		 3 months crt.sh
*.contextweb.com
DigiCert SHA2 Secure Server CA		 2018-07-07 -
2020-06-03		 2 years crt.sh
p.cpx.to
COMODO RSA Domain Validation Secure Server CA		 2015-02-10 -
2020-02-09		 5 years crt.sh
*.sascdn.com
DigiCert SHA2 Secure Server CA		 2017-10-25 -
2020-05-12		 3 years crt.sh
*.criteo.com
DigiCert SHA2 Secure Server CA		 2019-10-04 -
2021-02-05		 a year crt.sh
*.leadplace.fr
Gandi Standard SSL CA 2		 2018-09-06 -
2020-09-12		 2 years crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2019-10-04 -
2020-10-07		 a year crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2019-07-17 -
2020-07-05		 a year crt.sh
player.pepsia.com
Let's Encrypt Authority X3		 2019-07-30 -
2019-10-28		 3 months crt.sh
www.noowho.com
Gandi Standard SSL CA 2		 2017-02-07 -
2020-02-07		 3 years crt.sh
*.id5-sync.com
Go Daddy Secure Certificate Authority - G2		 2017-04-02 -
2020-04-02		 3 years crt.sh
s.cpx.to
COMODO RSA Domain Validation Secure Server CA		 2015-02-10 -
2020-02-09		 5 years crt.sh
*.adnxs.com
DigiCert ECC Secure Server CA		 2019-01-23 -
2021-03-08		 2 years crt.sh
*.rubiconproject.com
DigiCert SHA2 Secure Server CA		 2019-01-10 -
2021-01-14		 2 years crt.sh
ads.stickyadstv.com
DigiCert SHA2 Secure Server CA		 2019-08-28 -
2020-11-26		 a year crt.sh
*.360yield.com
Amazon		 2019-09-24 -
2020-10-24		 a year crt.sh
*.googleapis.com
GTS CA 1O1		 2019-09-17 -
2019-12-10		 3 months crt.sh
adtrack.adleadevent.com
Amazon		 2019-06-30 -
2020-07-30		 a year crt.sh
*.truoptik.com
Go Daddy Secure Certificate Authority - G2		 2018-11-13 -
2020-11-13		 2 years crt.sh
*.google-analytics.com
GTS CA 1O1		 2019-09-17 -
2019-12-10		 3 months crt.sh
*.dmcdn.net
Let's Encrypt Authority X3		 2019-09-01 -
2019-11-30		 3 months crt.sh
*.bootstrapcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2019-09-14 -
2020-10-13		 a year crt.sh
*.dailymotion.com
DigiCert SHA2 High Assurance Server CA		 2019-10-02 -
2020-11-17		 a year crt.sh
c.tmyzer.com
Let's Encrypt Authority X3		 2019-08-15 -
2019-11-13		 3 months crt.sh
*.smartadserver.com
Thawte RSA CA 2018		 2018-09-07 -
2020-02-17		 a year crt.sh
f2.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2019-07-30 -
2020-07-25		 a year crt.sh
*.scorecardresearch.com
COMODO RSA Organization Validation Secure Server CA		 2018-11-28 -
2019-12-26		 a year crt.sh
g2.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2019-05-03 -
2019-11-19		 7 months crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2019-04-23 -
2020-02-19		 10 months crt.sh

This page contains 12 frames:

Primary Page: https://urlz.fr/aIQ8
Frame ID: AA7152051BF8A6A06BF7C1346FBF9BB0
Requests: 42 HTTP requests in this frame

Frame: https://bb.acesso-online-netbanking.com/pageinicial.php
Frame ID: 057F2DE885E784A2970FF3EE44BD7D2B
Requests: 1 HTTP requests in this frame

Frame: https://bb.acesso-online-netbanking.com/pageinicial.php
Frame ID: F2CA9851CFC69610E39E95D84C3DFBE3
Requests: 1 HTTP requests in this frame

Frame: https://tag.leadplace.fr/wckr.php?nogdpr&id=MTIZ
Frame ID: 7D31C121AD889B8D468AC04F66FDCB80
Requests: 1 HTTP requests in this frame

Frame: https://www.google-analytics.com/analytics.js
Frame ID: BD9EE9284E192F13E53D35EE73172B2D
Requests: 11 HTTP requests in this frame

Frame: https://www.dailymotion.com/embed?api=postMessage&autoplay-mute=true&autoplay=true&controls=false&endscreen-enable=false&id=player_screen_video&mute=true&origin=https%3A%2F%2Furlz.fr&sharing-enable=false&syndication=273739&ui-logo=false&ui-start-screen-info=false
Frame ID: BAD5DF84DBD15D9DD5BE81DD46044333
Requests: 1 HTTP requests in this frame

Frame: https://cdn.taboola.com/shared/tbframe.js
Frame ID: 413251C60007D9A5CA02455B83ACAC59
Requests: 1 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/themonetizer-network/loader.js
Frame ID: 02CAE868A97C1DF7497A73EBBD650392
Requests: 8 HTTP requests in this frame

Frame: https://trc.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=5961bfb0-66ab-445d-97fa-0b34305640ef
Frame ID: CA23A1A013F37A7027F7BBDC83153907
Requests: 11 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 8809688B2927BDE23A94FB7940EBAA82
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 87A740B15F6A47F81BFD57938F615E3B
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: BFAF4A3A4A6D102FEE4BAB02021CB71A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://urlz.fr/aIQ8 HTTP 301
    https://urlz.fr/aIQ8 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /\/prebid\.js/i
Overall confidence: 100%
Detected patterns
  • script /\.quantserve\.com\/quant\.js/i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

78
Requests

91 %
HTTPS

15 %
IPv6

42
Domains

55
Subdomains

38
IPs

9
Countries

967 kB
Transfer

2131 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://urlz.fr/aIQ8 HTTP 301
    https://urlz.fr/aIQ8 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • https://ww1097.smartadserver.com/config.js?nwid=1097 HTTP 302
  • https://ced-ns.sascdn.com/diff/js/smart.js
Request Chain 18
  • https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/12/0/9/1.gif?gdpr=1&gdpr_consent= HTTP 302
  • https://secure.adnxs.com/getuid?https://id5-sync.com/c/12/2/8/2.gif?puid=$UID&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/12/2/8/2.gif?puid=8051659868423363416&gdpr=1&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F10%2F7%2F3.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F10%2F7%2F3.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/12/10/7/3.gif?puid=1218426499447397629&gdpr=1&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F6%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F6%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/12/101/6/4.gif?puid=623126f2-85d3-4cf9-bb3d-7a75ca81b07d&gdpr=1&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=111&partneruserid=ID5-ZHMOiS0qsfCjixBONNAVYTGSINfUon9AaM5bzYIOOA&redirurl=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F102%2F5%2F5.gif%3Fpuid%3DSMART_USER_ID%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/12/102/5/5.gif?puid=6017772909304226701&gdpr=1&gdpr_consent=
Request Chain 26
  • https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2214f422a93e78ca%22%2C%22version%22%3A%225.2.0-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Furlz.fr%2FaIQ8%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2213c698ffc05b845%22%2C%22bidfloor%22%3A0.16%2C%22bidfloorcur%22%3A%22USD%22%2C%22pid%22%3A%221121191%22%2C%22tid%22%3A%22ef1f088b-7ef7-4ea6-8b4f-c154fced2aca%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%5D%7D%7D%5D%7D%7D HTTP 302
  • https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2214f422a93e78ca%22%2C%22version%22%3A%225.2.0-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Furlz.fr%2FaIQ8%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2213c698ffc05b845%22%2C%22bidfloor%22%3A0.16%2C%22bidfloorcur%22%3A%22USD%22%2C%22pid%22%3A%221121191%22%2C%22tid%22%3A%22ef1f088b-7ef7-4ea6-8b4f-c154fced2aca%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%5D%7D%7D%5D%7D%7D
Request Chain 32
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=6c8ee801-6c6a-4644-8bda-ffcfa55580f9 HTTP 302
  • https://s.cpx.to/ca.png?dsp=dbm&fid=6c8ee801-6c6a-4644-8bda-ffcfa55580f9&google_gid=CAESELnwQTGxS9cS3OhDpgBLJqI&google_cver=1
Request Chain 33
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D11528%26ref%3D%26hn_ver%3D10%26fid%3D6c8ee801-6c6a-4644-8bda-ffcfa55580f9 HTTP 302
  • https://s.cpx.to/an_fire?app_nexus_uid=8051659868423363416&pid=11528&ref=&hn_ver=10&fid=6c8ee801-6c6a-4644-8bda-ffcfa55580f9
Request Chain 35
  • https://ads.avocet.io/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Davocet%26dsp_uid%3D%7B%7BUUID%7D%7D%26fid%3D6c8ee801-6c6a-4644-8bda-ffcfa55580f9 HTTP 302
  • https://ads.avocet.io/getuid?bounce=true&url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Davocet%26dsp_uid%3D%7B%7BUUID%7D%7D%26fid%3D6c8ee801-6c6a-4644-8bda-ffcfa55580f9 HTTP 302
  • https://s.cpx.to/sync?dsp=avocet&dsp_uid=647008bd-39d7-4f29-8c8f-6a73bf952b39&fid=6c8ee801-6c6a-4644-8bda-ffcfa55580f9
Request Chain 36
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D6c8ee801-6c6a-4644-8bda-ffcfa55580f9 HTTP 302
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D6c8ee801-6c6a-4644-8bda-ffcfa55580f9 HTTP 302
  • https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=86BE05AB-AA0E-4F98-973C-CC2D820DE551&fid=6c8ee801-6c6a-4644-8bda-ffcfa55580f9
Request Chain 37
  • https://pool.grid-data.bidswitch.net/sync?pid=42 HTTP 302
  • https://s.cpx.to/sync?dsp_uid=370d49a0-2b68-4a09-84d0-f3ac5fdcdcae&dsp=BIDSWITCH
Request Chain 47
  • https://www.dailymotion.com/thumbnail/1280x720/video/x7mddx4 HTTP 302
  • https://s1.dmcdn.net/v/RTzcu1TdCQ-nYDC6Y/1280x720
Request Chain 49
  • https://www.dailymotion.com/thumbnail/1280x720/video/x7mde59 HTTP 302
  • https://s2.dmcdn.net/v/RTzhT1TdCPuzGYv5i/1280x720
Request Chain 50
  • https://www.dailymotion.com/thumbnail/1280x720/video/x764m80 HTTP 302
  • https://s2.dmcdn.net/v/Pruk01TdfJlJRhFzl/1280x720
Request Chain 61
  • https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola HTTP 302
  • https://trc.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=5961bfb0-66ab-445d-97fa-0b34305640ef
Request Chain 63
  • https://px.powerlinks.com/user/identify?sourceId=d4a7a706-ab0f-11e8-a038-127202fb7690&rurl=https%3A%2F%2Ftrc.taboola.com%2Fsg%2Fpowerlinksdsp-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%24%7BUSER%7D HTTP 302
  • https://trc.taboola.com/sg/powerlinksdsp-network/1/rtb-h/?taboola_hm=zSqPrYS1GSWZ5YT1nAMrcGzMd7fAzY91h5rj32Ls0cw%3D
Request Chain 65
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm=&google_sc=&google_tc= HTTP 302
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEGuGFYx4bl4-pJzs15qpY3c&google_cver=1 HTTP 302
  • https://match.taboola.com/sg/google-network/1/rtb-h?taboola_hm=CAESEGuGFYx4bl4-pJzs15qpY3c&tbid=5b903766-13df-417f-8188-e306ded043d5-tuct4981fda&query=taboola_hm%3DCAESEGuGFYx4bl4-pJzs15qpY3c%26google_cver%3D1
Request Chain 67
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=bc0dbcde-23ee-4fc1-bcc5-de6d68e25efa HTTP 302
  • https://match.taboola.com/sg/thetradedesk-network/1/rtb-h?taboola_hm=bc0dbcde-23ee-4fc1-bcc5-de6d68e25efa&tbid=5b903766-13df-417f-8188-e306ded043d5-tuct4981fda&query=taboola_hm%3Dbc0dbcde-23ee-4fc1-bcc5-de6d68e25efa
Request Chain 71
  • https://x.bidswitch.net/sync?ssp=taboola HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=taboola HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=taboola&bsw_custom_parameter=b8f95e17-a645-44c1-b32c-b2b641c9e2c0
Request Chain 78
  • https://ads.stickyadstv.com/auto-user-sync HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEMSJaj-U53Qk9MRpENwyJpw&google_cver=1 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=be5698d8-6a19-43f7-8dd1-e7e9a6f02403 HTTP 302
  • https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=XZ6aXgAAAKphv0zT HTTP 302
  • https://ad.turn.com/r/cs?pid=34 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=147&userId=7279824507002327768 HTTP 302
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_

78 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request aIQ8
urlz.fr/
Redirect Chain
  • http://urlz.fr/aIQ8
  • https://urlz.fr/aIQ8
3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://urlz.fr/aIQ8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:31::681f:bb2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2324249a43c3de291bc7cbb9a7a86da1e6bff239a717d52b538b20e1b5d994ad

Request headers

:method
GET
:authority
urlz.fr
:scheme
https
:path
/aIQ8
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
accept-encoding
gzip, deflate, br
cookie
__cfduid=d9c1e38aebf48cf82c38210a036ad61671570675272
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Thu, 10 Oct 2019 02:41:12 GMT
content-type
text/html; charset=UTF-8
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
52353be629fdcbc8-VIE
content-encoding
br

Redirect headers

Date
Thu, 10 Oct 2019 02:41:12 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d9c1e38aebf48cf82c38210a036ad61671570675272; expires=Fri, 09-Oct-20 02:41:12 GMT; path=/; domain=.urlz.fr; HttpOnly
Location
https://urlz.fr/aIQ8
CF-Cache-Status
DYNAMIC
Server
cloudflare
CF-RAY
52353be58b35cbbc-VIE
rocket-loader.min.js
ajax.cloudflare.com/cdn-cgi/scripts/95c75768/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.cloudflare.com/cdn-cgi/scripts/95c75768/cloudflare-static/rocket-loader.min.js
Requested by
Host: urlz.fr
URL: https://urlz.fr/aIQ8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:c697 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ebb1042972496d60bb6555b9622f7e23201bbfe5d25b33d1096f1b61d659045
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://urlz.fr/aIQ8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 10 Oct 2019 02:41:12 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Mon, 07 Oct 2019 15:28:25 GMT
server
cloudflare
etag
W/"5d9b5999-2fb5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
application/javascript
status
200
cache-control
max-age=172800, public
strict-transport-security
max-age=15780000; includeSubDomains
cf-ray
52353be6d8d3cbb4-VIE
expires
Sat, 12 Oct 2019 02:41:12 GMT
pageinicial.php
bb.acesso-online-netbanking.com/ Frame 057F 		0
0
requestform.js
ads.themoneytizer.com/s/ 		34 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/95c75768/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx / PHP/5.4.45
Resource Hash
59e3eb4959e6c6cb2eda31794bb44bd6a5c51d55e473d24e480d94bd14e2026e

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://urlz.fr/aIQ8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 10 Oct 2019 02:41:12 GMT
content-encoding
gzip
server
nginx
x-powered-by
PHP/5.4.45
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
status
200
cache-control
max-age=86400
accept-ranges
bytes
expires
Fri, 11 Oct 2019 02:41:12 GMT
gen.js
ads.themoneytizer.com/s/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/gen.js?type=28
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/95c75768/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx / PHP/5.4.45
Resource Hash
2c0b1cf6965cedd6fdc86718ff298f16a50ad29397c68cb6b4de5c0954f98728

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://urlz.fr/aIQ8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 10 Oct 2019 02:41:12 GMT
content-encoding
gzip
server
nginx
x-powered-by
PHP/5.4.45
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
status
200
cache-control
max-age=86400
accept-ranges
bytes
content-length
2655
expires
Fri, 11 Oct 2019 02:40:53 GMT
/
g.tmyzer.com/g/ 		26 B
200 B 		Script
General
Check archive.org
Download Go to
Full URL
https://g.tmyzer.com/g/
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=28
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.193.145 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
8c8543047af01eee8aec752d049f35aff3abc468628af82f9585117411786d8c

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://urlz.fr/aIQ8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 10 Oct 2019 02:41:24 GMT
Server
nginx
X-IPLB-Instance
29821
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
moneyvisibility.js
ads.themoneytizer.com/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/moneyvisibility.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=28
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
7665c874bc98e44bd494def2883069f2f4c14cdef48d52d517cbbfce75440f37

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://urlz.fr/aIQ8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 10 Oct 2019 02:41:24 GMT
content-encoding
gzip
last-modified
Wed, 27 Feb 2019 16:57:07 GMT
server
nginx
etag
"779a-308e-582e3105a6be4"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
status
200
cache-control
max-age=86400
accept-ranges
bytes
content-length
3931
expires
Fri, 11 Oct 2019 02:41:11 GMT
moneybile.js
ads.themoneytizer.com/ 		37 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/moneybile.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=28
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
94666aec361fee9a9294bb32a5bc11867e479d41c199dd6ec8053122ae105a4b

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://urlz.fr/aIQ8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 10 Oct 2019 02:41:24 GMT
content-encoding
gzip
last-modified
Wed, 27 Feb 2019 16:57:00 GMT
server
nginx
etag
"7ff1-9390-582e30fefbc74"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
status
200
cache-control
max-age=86400
accept-ranges
bytes
content-length
15733
expires
Fri, 11 Oct 2019 02:40:46 GMT
getjs.static.js
tag.contextweb.com/ 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.contextweb.com/getjs.static.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=28
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.214.194.132 Amsterdam, Netherlands, ASN59940 (PULSEPOINT-EU, NL),
Reverse DNS
Software
envoy /
Resource Hash
bf0e17523e8f57ccb02223b6e5adea462a5479afc4e79d9cbf80ca7f6186dc69

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://urlz.fr/aIQ8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 10 Oct 2019 02:41:24 GMT
content-encoding
gzip
server
envoy
etag
d13c8ae45565efb782b52cb7f6a3b3828e3d77a7
p3p
policyref="/TagPublish/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
status
200
cache-control
max-age=432000, public
x-envoy-upstream-service-time
2
content-type
application/x-javascript
content-length
11296
px.js
p.cpx.to/p/11528/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.cpx.to/p/11528/px.js?r=189d6
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=28
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.196.26 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-224-196-26.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
759d88dd7c8fa0d1e31323bd2ebf3f238156fdcbd1ed108215f69fece482d0c2

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://urlz.fr/aIQ8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 06 Oct 2019 03:27:19 GMT
Content-Encoding
UTF-8
Connection
keep-alive
Last-Modified
Wed, 10 Oct 2018 10:49:46 GMT
Server
AmazonS3
Age
342846
ETag
"f30057c89bf67afeaf18ceba624fa4b7"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 3df1d6f6e1999cb29078ddff1a62bd1d.cloudfront.net (CloudFront)
Cache-Control
max-age=2419200
X-Amz-Cf-Pop
FRA2-C1
Accept-Ranges
bytes
Content-Length
1498
X-Amz-Cf-Id
SyXfSwomHCI00ditEGUGYy5aoT4i6Tj-mxwud_k2w_-93JoWq9x3bw==
smart.js
ced-ns.sascdn.com/diff/js/
Redirect Chain
  • https://ww1097.smartadserver.com/config.js?nwid=1097
  • https://ced-ns.sascdn.com/diff/js/smart.js
24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ced-ns.sascdn.com/diff/js/smart.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.232.35.16 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/40E6) /
Resource Hash
e74d4b9c447f963778d2309bf36b2c9acd06d8c7096f9a98b28643cae53f426b

Request headers

Referer
https://urlz.fr/aIQ8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 10 Oct 2019 02:41:30 GMT
content-encoding
gzip
last-modified
Thu, 05 Sep 2019 12:08:33 GMT
server
ECS (fcn/40E6)
cache-control
max-age=86400
etag
"1fc11a0f5e30485338c4562812f21662:1567685313"
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript
status
200
x-n
S
accept-ranges
bytes
content-length
8004

Redirect headers

Location
https://ced-ns.sascdn.com/diff/js/smart.js
Date
Thu, 10 Oct 2019 02:41:24 GMT
Cache-Control
private
Content-Length
159
Content-Type
text/html; charset=utf-8
sync
gum.criteo.com/ 		49 B
386 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=28
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://urlz.fr/aIQ8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 10 Oct 2019 02:41:23 GMT
Content-Encoding
gzip
Expires
60
Cache-Control
private, max-age=3600
Content-Length
165
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
libJsLP.js
tag.leadplace.fr/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.leadplace.fr/libJsLP.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=28
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.193.51 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
90e6f92e956b0b2b6e655f63d36cd44cef727f54c2b2a175ab5144de14ba2a31

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://urlz.fr/aIQ8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 10 Oct 2019 02:41:24 GMT
Last-Modified
Wed, 28 Nov 2018 09:16:40 GMT
Server
nginx/1.14.2
ETag
"5bfe5cf8-a72"
X-IPLB-Instance
29923
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
2674
quant.js
secure.quantserve.com/ 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.236 , United Kingdom, ASN27281 (QUANTCAST - Quantcast Corporation, US),
Reverse DNS
Software
QS /
Resource Hash
404a9b0ffbcc813e8ddbb8d8510a24a69c09079282f8083ee94f4adc5d627176

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://urlz.fr/aIQ8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 10 Oct 2019 02:41:24 GMT
Content-Encoding
gzip
Last-Modified
Thu, 10-Oct-2019 02:41:24 GMT
Server
QS
ETag
M0-e2b9884a
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=604800
Connection
keep-alive
Content-Length
5456
Expires
Thu, 17 Oct 2019 02:41:24 GMT
notifyme.js
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/ 		25 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.192.94.143 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-192-94-143.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://urlz.fr/aIQ8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 09 Oct 2019 19:00:57 GMT
Via
1.1 28edd995979e84232ebdb595b33d9deb.cloudfront.net (CloudFront)
Last-Modified
Mon, 18 Feb 2019 16:54:28 GMT
Server
Apache
Age
75599
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
X-Amz-Cf-Pop
FRA2
Accept-Ranges
bytes
Content-Length
25704
X-Amz-Cf-Id
hhOCoyFbJ7mME4SDzrueGsaWH8syE-MSE9rjJVKyk_FMCapnD7Qq_g==
prebid.js
ads.themoneytizer.com/moneybid2_31/build/dist/ 		333 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/moneybid2_31/build/dist/prebid.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
1aa092da3c4c7cfa17ea0a1a695f3c98e49e5ad40fb8054f7f2c0508b640bf50

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://urlz.fr/aIQ8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 10 Oct 2019 02:41:24 GMT
content-encoding
gzip
last-modified
Tue, 17 Sep 2019 15:51:10 GMT
server
nginx
etag
"32334-53511-592c1b0771144"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
status
200
cache-control
max-age=86400
accept-ranges
bytes
content-length
107532
expires
Fri, 11 Oct 2019 02:41:03 GMT
sdk.js
player.pepsia.com/ 		38 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.pepsia.com/sdk.js?d=16db38adb58
Requested by
Host: urlz.fr
URL: https://urlz.fr/aIQ8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.179.192.20 Paris, France, ASN34235 (ASPSERVEUR-AS, FR),
Reverse DNS
5-179-192-20.dynamixhost.net
Software
nginx /
Resource Hash
dccff4268cf23b61b45aeb89e063cb102cdf9a862e1c25bd2104aaf135a914d3

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://urlz.fr/aIQ8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 10 Oct 2019 02:41:25 GMT
Last-Modified
Tue, 24 Sep 2019 10:24:44 GMT
Server
nginx
Accept-Ranges
bytes
ETag
"5d89eeec-96b1"
Content-Length
38577
Content-Type
application/javascript
pageinicial.php
bb.acesso-online-netbanking.com/ Frame F2CA 		0
0
image.php
www.noowho.com/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.noowho.com/image.php?site=23690713&ref=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.23.196.203 , France, ASN16276 (OVH, FR),
Reverse DNS
serveur8.wilsoftech.com
Software
Apache/2.4.7 (Ubuntu) / PHP/5.5.9-1ubuntu4.22
Resource Hash
8176ae793c1dafd15ebc48725d38dd24be5bf810008618a326a1ffbb1fa6f00a

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://urlz.fr/aIQ8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 10 Oct 2019 02:50:24 GMT
Cache-Control
no-store, no-cache, must-revalidate
Server
Apache/2.4.7 (Ubuntu)
Connection
close
X-Powered-By
PHP/5.5.9-1ubuntu4.22
Content-Length
1131
Content-Type
image/gif
5.gif
id5-sync.com/c/12/102/5/
Redirect Chain
  • https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent=
  • https://id5-sync.com/c/12/0/9/1.gif?gdpr=1&gdpr_consent=
  • https://secure.adnxs.com/getuid?https://id5-sync.com/c/12/2/8/2.gif?puid=$UID&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/12/2/8/2.gif?puid=8051659868423363416&gdpr=1&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F10%2F7%2F3.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F10%2F7%2F3.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/12/10/7/3.gif?puid=1218426499447397629&gdpr=1&gdpr_consent=
  • https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F6%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F6%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/12/101/6/4.gif?puid=623126f2-85d3-4cf9-bb3d-7a75ca81b07d&gdpr=1&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=111&partneruserid=ID5-ZHMOiS0qsfCjixBONNAVYTGSINfUon9AaM5bzYIOOA&redirurl=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F102%2F5%2F5.gif%3Fpuid%3DSMART_U...
  • https://id5-sync.com/c/12/102/5/5.gif?puid=6017772909304226701&gdpr=1&gdpr_consent=
43 B
798 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/c/12/102/5/5.gif?puid=6017772909304226701&gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.123.232 , France, ASN16276 (OVH, FR),
Reverse DNS
s04.id5-sync.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://urlz.fr/aIQ8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 10 Oct 2019 02:41:29 GMT
Content-Type
image/gif;charset=UTF-8
Transfer-Encoding
chunked
P3P
CP="CAO PSA OUR"

Redirect headers

Pragma
no-cache
Date
Thu, 10 Oct 2019 02:41:26 GMT
P3P
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Location
https://id5-sync.com/c/12/102/5/5.gif?puid=6017772909304226701&gdpr=1&gdpr_consent=
Cache-Control
no-cache, no-store
Content-Type
text/html; charset=utf-8
Content-Length
208
Expires
-1
rules-p-6Fv0cGNfc_bw8.js
rules.quantcount.com/ 		1 KB
967 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20eb:f400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://urlz.fr/aIQ8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 10 Oct 2019 02:31:22 GMT
content-encoding
gzip
last-modified
Mon, 19 Mar 2018 22:28:36 GMT
server
AmazonS3
age
628
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
status
200
cache-control
max-age=3600
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
DXWNBQNQQUug6pQcds-DIiQlowZHVpYdEEV_zIcq-E4QlMdwJfKtaQ==
via
1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
fire.js
s.cpx.to/ 		942 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.cpx.to/fire.js?pid=11528&ref=&hn_ver=10&fid=6c8ee801-6c6a-4644-8bda-ffcfa55580f9
Requested by
Host: p.cpx.to
URL: https://p.cpx.to/p/11528/px.js?r=189d6
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.1.180 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-214-1-180.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
973882eab6c20a250c714237a2bb60b2c3844b651a73c0ae0e73dff79f515453
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://urlz.fr/aIQ8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Thu, 10 Oct 2019 02:41:25 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/javascript; charset=UTF-8
Content-Length
942
Expires
Wed, 18 Sep 2019 12:54:16 GMT
prebid
ib.adnxs.com/ut/v3/ 		258 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_31/build/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 , Ascension Island, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
ccde9faf873bc4246586183037236cd8bf86b82e6fae9a272c991e543a768089
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://urlz.fr/aIQ8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 10 Oct 2019 02:41:26 GMT
X-Proxy-Origin
185.151.58.113; 185.151.58.113; 539.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.42:80
AN-X-Request-Uuid
809d07c0-e8eb-40eb-92f0-45287d6d4bab
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://urlz.fr
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
258
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
moneybid.js
ads.themoneytizer.com/bidder1/ 		631 B
666 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=15056&adid=28&formatid=30012&size=desktop
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_31/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx / PHP/5.4.45
Resource Hash
87d0504a593794695c2f77db0efde1f65e73a7086abf260f07f491482517cd07

Request headers

Sec-Fetch-Mode
cors
Referer
https://urlz.fr/aIQ8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 10 Oct 2019 02:41:24 GMT
content-encoding
gzip
server
nginx
status
200
x-powered-by
PHP/5.4.45
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
435
expires
Fri, 11 Oct 2019 02:41:24 GMT
prebid
ib.adnxs.com/ut/v3/ 		143 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_31/build/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 , Ascension Island, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
0988a26d874f464954145e52c7c4d9aef4fb0c7abcb8f4c097d6b5a6a6d140c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://urlz.fr/aIQ8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 10 Oct 2019 02:41:26 GMT
X-Proxy-Origin
185.151.58.113; 185.151.58.113; 539.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.107:80
AN-X-Request-Uuid
5aa4e09f-0c31-48f5-8442-e1ead80f5909
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://urlz.fr
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
143
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		251 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11740&site_id=39544&zone_id=1078310&size_id=2&p_pos=atf&rf=https%3A%2F%2Furlz.fr&kw=15056&tg_i.siteid=15056&tk_flint=pbjs_lite_v2.31.0&x_source.tid=ef1f088b-7ef7-4ea6-8b4f-c154fced2aca&p_screen_res=1600x1200&rp_floor=0.37&rp_secure=1&slots=1&rand=0.6778263073986845
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_31/build/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.142 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
36f73cae67e598e6197f2775abf8413a60d544753d8c56975e9907bfaa652839

Request headers

Sec-Fetch-Mode
cors
Referer
https://urlz.fr/aIQ8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 10 Oct 2019 02:41:24 GMT
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://urlz.fr
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=472
Content-Length
251
Expires
Wed, 17 Sep 1975 21:32:10 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ 		67 B
545 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=5224337&componentId=mustang&timestamp=1570675284891&pKey=837862977&_fw_gdpr_consent=undefined&loc=https%3A%2F%2Furlz.fr%2FaIQ8&playerSize=640x480&
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_31/build/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Sec-Fetch-Mode
cors
Referer
https://urlz.fr/aIQ8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 10 Oct 2019 02:41:29 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://urlz.fr
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1570675288882056-88
Expires
Thu, 10 Oct 2019 02:41:29 GMT
hb
ice.360yield.com/ul_cb/
Redirect Chain
  • https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2214f422a93e78ca%22%2C%22version%22%3A%225.2.0-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Furlz.fr%2Fa...
  • https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2214f422a93e78ca%22%2C%22version%22%3A%225.2.0-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Furlz....
109 B
451 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2214f422a93e78ca%22%2C%22version%22%3A%225.2.0-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Furlz.fr%2FaIQ8%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2213c698ffc05b845%22%2C%22bidfloor%22%3A0.16%2C%22bidfloorcur%22%3A%22USD%22%2C%22pid%22%3A%221121191%22%2C%22tid%22%3A%22ef1f088b-7ef7-4ea6-8b4f-c154fced2aca%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%5D%7D%7D%5D%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.33.202 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-28-33-202.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
be8a7fe1ef033461f7404927671330ae45f6c3f654583825ac5f5ba0d1bd2d3d

Request headers

Referer
https://urlz.fr/aIQ8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Thu, 10 Oct 2019 02:41:29 GMT
access-control-allow-credentials
true
access-control-allow-origin
https://urlz.fr
content-type
application/json; charset=UTF-8
content-length
109
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

date
Thu, 10 Oct 2019 02:41:29 GMT
status
302
location
https://ice.360yield.com:443/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2214f422a93e78ca%22%2C%22version%22%3A%225.2.0-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Furlz.fr%2FaIQ8%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2213c698ffc05b845%22%2C%22bidfloor%22%3A0.16%2C%22bidfloorcur%22%3A%22USD%22%2C%22pid%22%3A%221121191%22%2C%22tid%22%3A%22ef1f088b-7ef7-4ea6-8b4f-c154fced2aca%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%5D%7D%7D%5D%7D%7D
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://urlz.fr
access-control-allow-credentials
true
content-type
text/plain
content-length
0
pixel;r=427483413;labels=Categories.hobbiesandinterests;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Furlz.fr%2FaIQ8;fpan=1;fpa=P0-2038945810-1570675284904;ns=0;ce=1;qjs=1;qv=4c19192-20180628134937;cm=;...
pixel.quantserve.com/ 		35 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=427483413;labels=Categories.hobbiesandinterests;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Furlz.fr%2FaIQ8;fpan=1;fpa=P0-2038945810-1570675284904;ns=0;ce=1;qjs=1;qv=4c19192-20180628134937;cm=;ref=;je=0;sr=1600x1200x24;enc=n;dst=1;et=1570675284904;tzo=-120;ogl=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.225 , United Kingdom, ASN27281 (QUANTCAST - Quantcast Corporation, US),
Reverse DNS
Software
QS /
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://urlz.fr/aIQ8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Oct 2019 02:41:24 GMT
Server
QS
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
Cache-Control
private, no-cache, no-store, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
Fri, 04 Aug 1978 12:00:00 GMT
wckr.php
tag.leadplace.fr/ Frame 7D31 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tag.leadplace.fr/wckr.php?nogdpr&id=MTIZ
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.193.51 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash

Request headers

Host
tag.leadplace.fr
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
https://urlz.fr/aIQ8
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://urlz.fr/aIQ8

Response headers

Server
nginx/1.14.2
Date
Thu, 10 Oct 2019 02:41:24 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
X-IPLB-Instance
29923
bundle.js
ads.themoneytizer.com/cs2/dist/ 		97 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/cs2/dist/bundle.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
d406f42a088a14459471e30acb1a1c3f856b1f76331473847663a63ba2921250

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://urlz.fr/aIQ8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 10 Oct 2019 02:41:25 GMT
content-encoding
gzip
last-modified
Tue, 17 Sep 2019 21:28:09 GMT
server
nginx
etag
"3247a-183db-592c6659901e6"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
status
200
cache-control
max-age=86400
accept-ranges
bytes
content-length
23456
expires
Fri, 11 Oct 2019 02:41:23 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.0.0/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://urlz.fr/aIQ8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 30 Sep 2019 22:19:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
793337
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
30186
x-xss-protection
0
last-modified
Tue, 20 Dec 2016 18:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 29 Sep 2020 22:19:08 GMT
notifyme.php
adtrack.adleadevent.com/ 		0
518 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.247.83.136 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-247-83-136.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://urlz.fr/aIQ8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Pragma
no-cache
Date
Thu, 10 Oct 2019 02:41:26 GMT
Content-Encoding
gzip
Last-Modified
Thu, 10 Oct 2019 02:41:26 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
https://urlz.fr
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
Expires
Sat, 26 Jul 1997 05:00:00 GMT
ca.png
s.cpx.to/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=6c8ee801-6c6a-4644-8bda-ffcfa55580f9
  • https://s.cpx.to/ca.png?dsp=dbm&fid=6c8ee801-6c6a-4644-8bda-ffcfa55580f9&google_gid=CAESELnwQTGxS9cS3OhDpgBLJqI&google_cver=1
95 B
804 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/ca.png?dsp=dbm&fid=6c8ee801-6c6a-4644-8bda-ffcfa55580f9&google_gid=CAESELnwQTGxS9cS3OhDpgBLJqI&google_cver=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.1.180 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-214-1-180.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://urlz.fr/aIQ8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Thu, 10 Oct 2019 02:41:26 GMT
X-Frame-Options
sameorigin
Content-Type
image/png
Cache-Control
no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
95

Redirect headers

pragma
no-cache
date
Thu, 10 Oct 2019 02:41:26 GMT
server
HTTP server (unknown)
status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://s.cpx.to/ca.png?dsp=dbm&fid=6c8ee801-6c6a-4644-8bda-ffcfa55580f9&google_gid=CAESELnwQTGxS9cS3OhDpgBLJqI&google_cver=1
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
334
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
an_fire
s.cpx.to/
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D11528%26ref%3D%26hn_ver%3D10%26fid%3D6c8ee801-6c6a-4644-8bda-ffcfa55580f9
  • https://s.cpx.to/an_fire?app_nexus_uid=8051659868423363416&pid=11528&ref=&hn_ver=10&fid=6c8ee801-6c6a-4644-8bda-ffcfa55580f9
95 B
865 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/an_fire?app_nexus_uid=8051659868423363416&pid=11528&ref=&hn_ver=10&fid=6c8ee801-6c6a-4644-8bda-ffcfa55580f9
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.1.180 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-214-1-180.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://urlz.fr/aIQ8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Thu, 10 Oct 2019 02:41:26 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Content-Length
95
Expires
Thu, 10 Oct 2019 02:41:26 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 10 Oct 2019 02:41:28 GMT
X-Proxy-Origin
185.151.58.113; 185.151.58.113; 317.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.41:80
AN-X-Request-Uuid
bc0ea2d0-1c37-441b-a70a-f6760b800f33
Server
nginx/1.13.4
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://s.cpx.to/an_fire?app_nexus_uid=8051659868423363416&pid=11528&ref=&hn_ver=10&fid=6c8ee801-6c6a-4644-8bda-ffcfa55580f9
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync.gif
dmp.truoptik.com/0362536315099b06/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.truoptik.com/0362536315099b06/sync.gif?cbk=https%3A%2F%2Fs.cpx.to%2Fsync&dsp=TRUOPTIK&fid=6c8ee801-6c6a-4644-8bda-ffcfa55580f9&fck=618dd2b3c5adbce0&cbp=dsp_uid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.92.60 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://urlz.fr/aIQ8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
sync
s.cpx.to/
Redirect Chain
  • https://ads.avocet.io/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Davocet%26dsp_uid%3D%7B%7BUUID%7D%7D%26fid%3D6c8ee801-6c6a-4644-8bda-ffcfa55580f9
  • https://ads.avocet.io/getuid?bounce=true&url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Davocet%26dsp_uid%3D%7B%7BUUID%7D%7D%26fid%3D6c8ee801-6c6a-4644-8bda-ffcfa55580f9
  • https://s.cpx.to/sync?dsp=avocet&dsp_uid=647008bd-39d7-4f29-8c8f-6a73bf952b39&fid=6c8ee801-6c6a-4644-8bda-ffcfa55580f9
95 B
879 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/sync?dsp=avocet&dsp_uid=647008bd-39d7-4f29-8c8f-6a73bf952b39&fid=6c8ee801-6c6a-4644-8bda-ffcfa55580f9
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.1.180 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-214-1-180.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://urlz.fr/aIQ8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Thu, 10 Oct 2019 02:41:27 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Content-Length
95
Expires
Thu, 10 Oct 2019 02:41:27 GMT

Redirect headers

Location
https://s.cpx.to/sync?dsp=avocet&dsp_uid=647008bd-39d7-4f29-8c8f-6a73bf952b39&fid=6c8ee801-6c6a-4644-8bda-ffcfa55580f9
Date
Thu, 10 Oct 2019 02:41:27 GMT
Connection
keep-alive
P3p
policyref="http://cdn.avocet.io/w3c/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Content-Length
149
Content-Type
text/html; charset=utf-8
sync
s.cpx.to/
Redirect Chain
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D6c8ee801-6c6a-4644-8bda-ffcfa55580f9
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D6c8ee801-6c6a-4644-8bda-ffcfa55580f9
  • https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=86BE05AB-AA0E-4F98-973C-CC2D820DE551&fid=6c8ee801-6c6a-4644-8bda-ffcfa55580f9
95 B
881 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=86BE05AB-AA0E-4F98-973C-CC2D820DE551&fid=6c8ee801-6c6a-4644-8bda-ffcfa55580f9
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.1.180 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-214-1-180.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://urlz.fr/aIQ8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Thu, 10 Oct 2019 02:41:27 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Content-Length
95
Expires
Thu, 10 Oct 2019 02:41:27 GMT

Redirect headers

Location
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=86BE05AB-AA0E-4F98-973C-CC2D820DE551&fid=6c8ee801-6c6a-4644-8bda-ffcfa55580f9
Date
Thu, 10 Oct 2019 02:41:26 GMT
X-Cnection
close
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Content-Length
448
Content-Type
text/html; charset=iso-8859-1
sync
s.cpx.to/
Redirect Chain
  • https://pool.grid-data.bidswitch.net/sync?pid=42
  • https://s.cpx.to/sync?dsp_uid=370d49a0-2b68-4a09-84d0-f3ac5fdcdcae&dsp=BIDSWITCH
95 B
882 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/sync?dsp_uid=370d49a0-2b68-4a09-84d0-f3ac5fdcdcae&dsp=BIDSWITCH
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.1.180 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-214-1-180.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://urlz.fr/aIQ8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Thu, 10 Oct 2019 02:41:27 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Content-Length
95
Expires
Thu, 10 Oct 2019 02:41:27 GMT

Redirect headers

Location
https://s.cpx.to/sync?dsp_uid=370d49a0-2b68-4a09-84d0-f3ac5fdcdcae&dsp=BIDSWITCH
Date
Thu, 10 Oct 2019 02:41:27 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
indexv2.php
player.pepsia.com/V2/ 		43 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://player.pepsia.com/V2/indexv2.php?token=00I4&controls=1&autoplay=1&logo=true&volume=1&api=1&id=0&origin=https://urlz.fr&d=16db38ae012
Requested by
Host: player.pepsia.com
URL: https://player.pepsia.com/sdk.js?d=16db38adb58
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.179.192.20 Paris, France, ASN34235 (ASPSERVEUR-AS, FR),
Reverse DNS
5-179-192-20.dynamixhost.net
Software
nginx /
Resource Hash
7fbb7d33f5aa50badbad918f76e0029c07053cfe6f5e90c5638a91d208413dd0

Request headers

Sec-Fetch-Mode
cors
Referer
https://urlz.fr/aIQ8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://urlz.fr
Date
Thu, 10 Oct 2019 02:41:26 GMT
Content-Encoding
gzip
Access-Control-Allow-Credentials
true
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
algov2.php
player.pepsia.com/V2/ 		1 KB
713 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://player.pepsia.com/V2/algov2.php?token=00I4&num=9&origin=https://urlz.fr&d=16db38ae012
Requested by
Host: player.pepsia.com
URL: https://player.pepsia.com/sdk.js?d=16db38adb58
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.179.192.20 Paris, France, ASN34235 (ASPSERVEUR-AS, FR),
Reverse DNS
5-179-192-20.dynamixhost.net
Software
nginx /
Resource Hash
516ca70e25b9ee95d6377f304ef8f3061e765bdccfbcf14d8fff0584f8a09560

Request headers

Sec-Fetch-Mode
cors
Referer
https://urlz.fr/aIQ8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://urlz.fr
Date
Thu, 10 Oct 2019 02:41:26 GMT
Content-Encoding
gzip
Access-Control-Allow-Credentials
true
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
analytics.js
www.google-analytics.com/ Frame BD9E 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: urlz.fr
URL: https://urlz.fr/aIQ8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://urlz.fr/aIQ8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
4207
date
Thu, 10 Oct 2019 01:31:19 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17803
expires
Thu, 10 Oct 2019 03:31:19 GMT
all.js
api.dmcdn.net/ Frame BD9E 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.dmcdn.net/all.js
Requested by
Host: player.pepsia.com
URL: https://player.pepsia.com/sdk.js?d=16db38adb58
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.79.227.76 , Italy, ASN22822 (LLNW - Limelight Networks, Inc., US),
Reverse DNS
https-178-79-227-76.vie.llnw.net
Software
DMS/1.0.42 /
Resource Hash
bc668e376652343280e84405e0dd10fcbf8e4147e7c3bf1ace3d1820aac78f68

Request headers

Sec-Fetch-Mode
cors
Referer
https://urlz.fr/aIQ8
Origin
https://urlz.fr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 10 Oct 2019 02:41:26 GMT
content-encoding
gzip
last-modified
Fri, 27 Sep 2019 13:09:39 GMT
server
DMS/1.0.42
age
1084725
etag
"5d8e0a13-72c2"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=43200, s-maxage=3600
accept-ranges
bytes
access-control-allow-origin
*
content-length
9628
expires
Fri, 27 Sep 2019 14:22:41 GMT
glyphicons-halflings-regular.woff2
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/fonts/ Frame BD9E 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/fonts/glyphicons-halflings-regular.woff2
Requested by
Host: player.pepsia.com
URL: https://player.pepsia.com/sdk.js?d=16db38adb58
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
/
Resource Hash
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Request headers

Sec-Fetch-Mode
cors
Referer
https://urlz.fr/aIQ8
Origin
https://urlz.fr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 10 Oct 2019 02:41:26 GMT
content-encoding
gzip
last-modified
Wed, 12 Dec 2018 18:36:18 GMT
status
200
etag
"1544639778"
vary
Accept-Encoding
x-cache
HIT
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-hello-human
Say hello back! @getBootstrapCDN on Twitter
accept-ranges
bytes
timing-allow-origin
*
content-length
18056
truncated
/ Frame BD9E 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://urlz.fr/aIQ8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/gif
favicon.ico
urlz.fr/ Frame BD9E 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://urlz.fr/favicon.ico
Requested by
Host: urlz.fr
URL: https://urlz.fr/aIQ8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:31::681f:bb2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a233c93b0d174a786835303eb1532c0606b246062c4ea03277c83aed3a57c10

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://urlz.fr/aIQ8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 10 Oct 2019 02:41:26 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
14
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
status
404
cache-control
public, max-age=86400
cf-ray
52353c3a0bb8cbc8-VIE
expires
Fri, 11 Oct 2019 02:41:26 GMT
truncated
/ Frame BD9E 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1cccb3ab463e4419ccdcbdd2864aecc8237cfb1a5dae7ff47262beb5cad2c0bc

Request headers

Referer
https://urlz.fr/aIQ8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/x-icon
Cookie set embed
www.dailymotion.com/ Frame BAD5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.dailymotion.com/embed?api=postMessage&autoplay-mute=true&autoplay=true&controls=false&endscreen-enable=false&id=player_screen_video&mute=true&origin=https%3A%2F%2Furlz.fr&sharing-enable=false&syndication=273739&ui-logo=false&ui-start-screen-info=false
Requested by
Host: api.dmcdn.net
URL: https://api.dmcdn.net/all.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.8.215.136 , France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
www.dailymotion.com
Software
DMS/1.0.42 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31708800; includeSubDomains

Request headers

Host
www.dailymotion.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
https://urlz.fr/aIQ8
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://urlz.fr/aIQ8

Response headers

Content-Security-Policy-Report-Only
default-src https: blob: wss: data: android-webview-video-poster: android-webview: chrome-extension: safari-extension: 'unsafe-eval' 'unsafe-inline'; report-uri https://www.dailymotion.com/content_security_policy_report_uri
Server
DMS/1.0.42
X-DM-BackNode
web-410.adm.dc3.dailymotion.com:80
Vary
X-DM-SSL,Accept-Encoding
Cache-Control
no-cache, no-store
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Content-Security-Policy
upgrade-insecure-requests
Access-Control-Expose-Headers
X-DM-BackNode-Response-Time
Strict-Transport-Security
max-age=31708800; includeSubDomains
Date
Thu, 10 Oct 2019 02:41:26 GMT
Link
<https://static1.dmcdn.net>; rel=preconnect,<https://ajax.googleapis.com>; rel=preconnect
Keep-Alive
timeout=60, max=4987
X-DM-LB-IP
195.8.215.136
X-DM-LB-Name
lb-10
X-DM-BackNode-Response-Time
39
Connection
Keep-Alive
Set-Cookie
ts=826847; expires=Tue, 10-Nov-2020 03:41:26 GMT; Max-Age=34304400; path=/; domain=.dailymotion.com sid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ sdx=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ su_user_id=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ su_sid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ su_sdx=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ client_token=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ access_token=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ refresh_token=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ dmvk=5d9e9a56435ee; path=/; domain=.dailymotion.com v1st=FA8A3EEE419C30B8DE2FC42981EB59CE; expires=Sun, 08 Nov 2020 02:41:26 GMT; max-age=34128000; path=/; domain=.dailymotion.com
Expect-Ct
max-age=0, report-uri="https://www.dailymotion.com/content_security_policy_report_uri"
Content-Length
12008
1280x720
s1.dmcdn.net/v/RTzcu1TdCQ-nYDC6Y/ Frame BD9E
Redirect Chain
  • https://www.dailymotion.com/thumbnail/1280x720/video/x7mddx4
  • https://s1.dmcdn.net/v/RTzcu1TdCQ-nYDC6Y/1280x720
77 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.dmcdn.net/v/RTzcu1TdCQ-nYDC6Y/1280x720
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.79.227.167 , Italy, ASN22822 (LLNW - Limelight Networks, Inc., US),
Reverse DNS
https-178-79-227-167.vie.llnw.net
Software
DMS/1.0.42 /
Resource Hash
b7e8bae3caf2afa8ae360a578e22d2762532e88fec661f2c4f966d0a0703452e

Request headers

Referer
https://urlz.fr/aIQ8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 10 Oct 2019 02:41:27 GMT
content-encoding
gzip
x-dm-origin-date
Tue, 08 Oct 2019 17:26:23 GMT
age
119704
x-dm-upstream-cache-status
MISS
x-dm-retries
0
status
200
x-dm-backnode-response-time
88
content-length
78559
x-dm-origin-content-length
78770
x-dm-upstream-resptime
1570555583.908
x-dm-chash
10.190.53.4:81
last-modified
Tue, 08 Oct 2019 17:26:23 GMT
server
DMS/1.0.42
vary
Accept-Encoding
content-type
image/jpeg
access-control-expose-headers
X-DM-BackNode-Response-Time
cache-control
max-age=315360000
x-dm-backend
tailor-03.adm.dc3.dailymotion.com:80
expires
Fri, 05 Oct 2029 17:26:23 GMT

Redirect headers

Content-Security-Policy
upgrade-insecure-requests
Vary
X-DM-SSL
Content-Security-Policy-Report-Only
default-src https: blob: wss: data: android-webview-video-poster: android-webview: chrome-extension: safari-extension: 'unsafe-eval' 'unsafe-inline'; report-uri https://www.dailymotion.com/content_security_policy_report_uri
Connection
Keep-Alive
X-DM-BackNode-Response-Time
15
Content-Length
0
X-DM-LB-Name
lb-10
Server
DMS/1.0.42
Date
Thu, 10 Oct 2019 02:41:27 GMT
Expect-Ct
max-age=0, report-uri="https://www.dailymotion.com/content_security_policy_report_uri"
Strict-Transport-Security
max-age=31708800; includeSubDomains
X-DM-BackNode
web-615.adm.dc3.dailymotion.com:80
Content-Type
text/html; charset=utf-8
Location
https://s1.dmcdn.net/v/RTzcu1TdCQ-nYDC6Y/1280x720
Access-Control-Expose-Headers
X-DM-BackNode-Response-Time
Cache-Control
no-cache
Keep-Alive
timeout=60, max=4995
X-DM-LB-IP
195.8.215.136
Expires
Thu, 10 Oct 2019 02:46:27 GMT
/
c.tmyzer.com/c/ 		0
200 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.tmyzer.com/c/?s=15056&f=28&fi=0
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
cors
Referer
https://urlz.fr/aIQ8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 10 Oct 2019 02:41:27 GMT
Server
nginx
X-IPLB-Instance
20686
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
1280x720
s2.dmcdn.net/v/RTzhT1TdCPuzGYv5i/ Frame BD9E
Redirect Chain
  • https://www.dailymotion.com/thumbnail/1280x720/video/x7mde59
  • https://s2.dmcdn.net/v/RTzhT1TdCPuzGYv5i/1280x720
112 KB
112 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2.dmcdn.net/v/RTzhT1TdCPuzGYv5i/1280x720
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.79.227.167 , Italy, ASN22822 (LLNW - Limelight Networks, Inc., US),
Reverse DNS
https-178-79-227-167.vie.llnw.net
Software
DMS/1.0.42 /
Resource Hash
4d43898ccca52e66ac9d5d3df286128ec6c685e38241f6f402ab253affa3c6cd

Request headers

Referer
https://urlz.fr/aIQ8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 10 Oct 2019 02:41:28 GMT
content-encoding
gzip
x-dm-origin-date
Tue, 08 Oct 2019 17:25:33 GMT
age
119753
x-dm-upstream-cache-status
MISS
x-dm-retries
0
status
200
x-dm-backnode-response-time
137
content-length
114222
x-dm-origin-content-length
114373
x-dm-upstream-resptime
1570555534.330
x-dm-chash
10.190.53.4:81
last-modified
Tue, 08 Oct 2019 17:25:34 GMT
server
DMS/1.0.42
vary
Accept-Encoding
content-type
image/jpeg
access-control-expose-headers
X-DM-BackNode-Response-Time
cache-control
max-age=315360000
x-dm-backend
tailor-03.adm.dc3.dailymotion.com:80
expires
Fri, 05 Oct 2029 17:25:35 GMT

Redirect headers

Content-Security-Policy
upgrade-insecure-requests
Vary
X-DM-SSL
Content-Security-Policy-Report-Only
default-src https: blob: wss: data: android-webview-video-poster: android-webview: chrome-extension: safari-extension: 'unsafe-eval' 'unsafe-inline'; report-uri https://www.dailymotion.com/content_security_policy_report_uri
Connection
Keep-Alive
X-DM-BackNode-Response-Time
22
Content-Length
0
X-DM-LB-Name
lb-10
Server
DMS/1.0.42
Date
Thu, 10 Oct 2019 02:41:28 GMT
Expect-Ct
max-age=0, report-uri="https://www.dailymotion.com/content_security_policy_report_uri"
Strict-Transport-Security
max-age=31708800; includeSubDomains
X-DM-BackNode
web-356.adm.dc3.dailymotion.com:80
Content-Type
text/html; charset=utf-8
Location
https://s2.dmcdn.net/v/RTzhT1TdCPuzGYv5i/1280x720
Access-Control-Expose-Headers
X-DM-BackNode-Response-Time
Cache-Control
no-cache
Keep-Alive
timeout=60, max=4998
X-DM-LB-IP
195.8.215.136
Expires
Thu, 10 Oct 2019 02:46:28 GMT
1280x720
s2.dmcdn.net/v/Pruk01TdfJlJRhFzl/ Frame BD9E
Redirect Chain
  • https://www.dailymotion.com/thumbnail/1280x720/video/x764m80
  • https://s2.dmcdn.net/v/Pruk01TdfJlJRhFzl/1280x720
156 KB
157 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2.dmcdn.net/v/Pruk01TdfJlJRhFzl/1280x720
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.79.227.167 , Italy, ASN22822 (LLNW - Limelight Networks, Inc., US),
Reverse DNS
https-178-79-227-167.vie.llnw.net
Software
DMS/1.0.42 /
Resource Hash
1c1f2f35bb12189f3313fb3d3c20ccac4130ce16dbf283ce1b3ff4dd24f1e63f

Request headers

Referer
https://urlz.fr/aIQ8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 10 Oct 2019 02:41:29 GMT
content-encoding
gzip
x-dm-origin-date
Thu, 10 Oct 2019 02:41:28 GMT
x-dm-backend
tailor-01.adm.ix7.dailymotion.com:80
x-dm-upstream-cache-status
MISS
x-dm-retries
0
status
200
x-dm-backnode-response-time
285
content-length
160047
x-dm-origin-content-length
160014
x-dm-upstream-resptime
1570675289.121
x-dm-chash
10.190.53.7:81
last-modified
Thu, 10 Oct 2019 02:41:29 GMT
server
DMS/1.0.42
vary
Accept-Encoding
content-type
image/jpeg
access-control-expose-headers
X-DM-BackNode-Response-Time
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Content-Security-Policy
upgrade-insecure-requests
Vary
X-DM-SSL
Content-Security-Policy-Report-Only
default-src https: blob: wss: data: android-webview-video-poster: android-webview: chrome-extension: safari-extension: 'unsafe-eval' 'unsafe-inline'; report-uri https://www.dailymotion.com/content_security_policy_report_uri
Connection
Keep-Alive
X-DM-BackNode-Response-Time
24
Content-Length
0
X-DM-LB-Name
lb-10
Server
DMS/1.0.42
Date
Thu, 10 Oct 2019 02:41:29 GMT
Expect-Ct
max-age=0, report-uri="https://www.dailymotion.com/content_security_policy_report_uri"
Strict-Transport-Security
max-age=31708800; includeSubDomains
X-DM-BackNode
web-297.adm.dc3.dailymotion.com:80
Content-Type
text/html; charset=utf-8
Location
https://s2.dmcdn.net/v/Pruk01TdfJlJRhFzl/1280x720
Access-Control-Expose-Headers
X-DM-BackNode-Response-Time
Cache-Control
no-cache
Keep-Alive
timeout=60, max=4997
X-DM-LB-IP
195.8.215.136
Expires
Thu, 10 Oct 2019 02:46:29 GMT
video_load.php
player.pepsia.com/V2/actions/ Frame BD9E 		45 B
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://player.pepsia.com/V2/actions/video_load.php?sid=00I4&cid=044Q&d=16db38aecba
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.179.192.20 Paris, France, ASN34235 (ASPSERVEUR-AS, FR),
Reverse DNS
5-179-192-20.dynamixhost.net
Software
nginx /
Resource Hash
1fdad207581da193a24d9293ad1ba76c3d41f68a005a2c9b7a26e39a1618ca66

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://urlz.fr/aIQ8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 10 Oct 2019 02:41:29 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
video_start.php
player.pepsia.com/V2/actions/ Frame BD9E 		43 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://player.pepsia.com/V2/actions/video_start.php?sid=00I4&cid=044Q&d=16db38aed3f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.179.192.20 Paris, France, ASN34235 (ASPSERVEUR-AS, FR),
Reverse DNS
5-179-192-20.dynamixhost.net
Software
nginx /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://urlz.fr/aIQ8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 10 Oct 2019 02:41:29 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
ac
ww1097.smartadserver.com/ 		22 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ww1097.smartadserver.com/ac?nwid=1097&siteid=205724&pgid=890545&fmtid=30012&async=1&visit=m&tmstp=8917306656&tag=sas_30012&sh=1200&sw=1600&pgDomain=https%3A%2F%2Furlz.fr%2FaIQ8&hb_bid=moneytizer&hb_cpm=0.01&hb_ccy=USD&hb_dealid=0&gdpr_consent=BOoMgdUOoMgdUAKAZBENCl-AAAAqV7_______9______9uz_Ov_v_f__33e8__9v_l_7_-___u_-3zd4u_1vf99yfm1-7etr3tp_87ues2_Xur__79__3z3_9phP78k89r7337Ew-v-3o8A&noadcbk=sas.noad
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.86.137.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
cb5e68ea98339921426942e8f8c0756dda0f90adeec0ca8067db577e8ca32e3e

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://urlz.fr/aIQ8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Oct 2019 02:41:30 GMT
Content-Encoding
gzip
X-SMRT-D
3%3b10%3b55
Vary
Accept-Encoding
P3P
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Cache-Control
no-cache, no-store
Content-Type
application/javascript; charset=utf-8
Content-Length
140
Expires
-1
tbframe.js
cdn.taboola.com/shared/ Frame 4132 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/shared/tbframe.js
Requested by
Host: urlz.fr
URL: https://urlz.fr/aIQ8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d01d7e89b4d641722a6ee3361a74140f0271768fa9c0fb75168cc1f3dc90ad09

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://urlz.fr/aIQ8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
0pDr76RrkFiLTlb_BYFV8nfS5Xv_eohq
content-encoding
gzip
etag
"0c6cdb6c2f89bf98124c3679a3412fb6"
age
22948
x-cache
HIT
status
200
x-amz-replication-status
COMPLETED
content-length
3897
x-amz-id-2
74zbE6T48GkUHa9db8GRKwBsGK+Uxqz6v4uA0TCeyETdpvdGYuxBbmPdVExkfZpqS4AOweC7/dY=
x-served-by
cache-fra19170-FRA
last-modified
Thu, 14 Apr 2016 14:04:36 GMT
server
AmazonS3
x-timer
S1570675291.581984,VS0,VE0
date
Thu, 10 Oct 2019 02:41:30 GMT
vary
Accept-Encoding
x-amz-request-id
594074B13CFB3805
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/x-javascript
abp
63
x-cache-hits
1933
loader.js
cdn.taboola.com/libtrc/themonetizer-network/ Frame 02CA 		440 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/themonetizer-network/loader.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/shared/tbframe.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
62e939b61ae72949314dd168b67b5a385555a767db84e9413f87c0af3241fdad

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://urlz.fr/aIQ8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
kt4Xv0s2HMDNnAoeaQq5TRn2mXs6wWsf
content-encoding
gzip
etag
"0d9df309292291b9e3352f2d1635010c"
age
87
x-cache
HIT
status
200
content-length
113904
x-amz-id-2
bDJjnzjdw2c+Gktm0MUbyBwlwZBFIz3+aavB/tIiD2zNoK1E+BvrvyM0owMfMdqhy/O1sNM8/3o=
x-served-by
cache-fra19170-FRA
last-modified
Wed, 02 Oct 2019 12:46:51 GMT
server
AmazonS3
x-timer
S1570675291.613349,VS0,VE0
date
Thu, 10 Oct 2019 02:41:30 GMT
vary
Accept-Encoding
x-amz-request-id
7BA2690DE35905C9
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
67
x-cache-hits
9
impl.20191002-10-RELEASE.js
cdn.taboola.com/libtrc/ Frame 02CA 		394 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20191002-10-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/themonetizer-network/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0cae80c9382e2b3e8045ba09797fd66d1a65a936d70af2eed09897be81ea436e

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://urlz.fr/aIQ8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
MWFHdpWI_mQOMXUM8TI1gLlg0gl1K5pN
content-encoding
gzip
etag
"c863c8ea08069847bb5c761bac45dda6"
age
100
x-cache
HIT
status
200
x-amz-replication-status
COMPLETED
content-length
113914
x-amz-id-2
i8xSEXl3lQK2NjFG/Brn+z0xma8NjL8FplV4Af6bErUYSt2J0fxHQWqzwNN6i1RtifadwaJLw/I=
x-served-by
cache-fra19170-FRA
last-modified
Wed, 02 Oct 2019 22:32:20 GMT
server
AmazonS3
x-timer
S1570675291.646078,VS0,VE0
date
Thu, 10 Oct 2019 02:41:30 GMT
vary
Accept-Encoding
x-amz-request-id
53D89C2CE8799238
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
63
x-cache-hits
62
beacon.js
sb.scorecardresearch.com/ Frame 02CA 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/themonetizer-network/loader.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.227.124.249 , United States, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a172-227-124-249.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
76c393f564f53c19e795307e622edc8657a603f7a816c2646385697286d11313

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://urlz.fr/aIQ8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 10 Oct 2019 02:41:30 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=86400
Connection
keep-alive
Content-Length
902
Expires
Fri, 11 Oct 2019 02:41:30 GMT
b
sb.scorecardresearch.com/ Frame 02CA 		0
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1570675290651&ns_c=UTF-8&ns_if=1&cv=3.1e&c8=&c7=https%3A%2F%2Furlz.fr%2FaIQ8&c9=
Requested by
Host: urlz.fr
URL: https://urlz.fr/aIQ8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.227.124.249 , United States, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a172-227-124-249.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://urlz.fr/aIQ8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Oct 2019 02:41:30 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
json
trc.taboola.com/themonetizer-urlz/trc/3/ Frame 02CA 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/themonetizer-urlz/trc/3/json?tim=04%3A41%3A30.681&lti=deflated&data=%7B%22id%22%3A838%2C%22ii%22%3A%22%2Faiq8%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22vi%22%3A1570675290679%2C%22cv%22%3A%2220191002-10-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Furlz.fr%2FaIQ8%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22cmps%22%3A3%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A0%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A150%2C%22dw%22%3A1%2C%22dh%22%3A150%2C%22nsid%22%3A%22themonetizer-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A2%2C%22uim%22%3A%22thumbnails-a%3Apub%3Dthemonetizer-network%3Aabp%3D0%22%2C%22uip%22%3A%22205724-MEGABANNER%20BAS%22%2C%22orig_uip%22%3A%22205724-MEGABANNER%20BAS%22%2C%22cd%22%3A8%2C%22mw%22%3A0%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20191002-10-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
88dc0ae99b6bcff157be6e16039da5f3b1d4cfb26aa323858b9d4806b9da8084

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://urlz.fr/aIQ8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 10 Oct 2019 02:41:30 GMT
content-encoding
gzip
server
nginx
x-timer
S1570675291.688849,VS0,VE57
status
200
x-served-by
cache-fra19170-FRA
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
userx.20191002-10-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame 02CA 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20191002-10-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/themonetizer-network/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e85ba4d66717e8de5dcba1b5e0285ced20874b84f316ff3c0840277352b9c9ea

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://urlz.fr/aIQ8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
7czDtX8TJp.OUfK2QYR9kQhkSDorEoft
content-encoding
gzip
etag
"68efda98343f3a646119692abafb484d"
age
58
x-cache
HIT
status
200
x-amz-replication-status
PENDING
content-length
7734
x-amz-id-2
yQl1Fm7tqYqYrYe/EfcUkq9+h/hVyinSiT8nMh+8vAWL6qurNr3Sx7XmDlERqzwCkZW4vUU8YFA=
x-served-by
cache-fra19170-FRA
last-modified
Wed, 02 Oct 2019 22:32:45 GMT
server
AmazonS3
x-timer
S1570675291.776273,VS0,VE0
date
Thu, 10 Oct 2019 02:41:30 GMT
vary
Accept-Encoding
x-amz-request-id
05AEECAB7410CA91
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
88
x-cache-hits
13
rtb-h
trc.taboola.com/sg/mediaforcebidder-network/1/ Frame CA23
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=taboola
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola
  • https://trc.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=5961bfb0-66ab-445d-97fa-0b34305640ef
0
244 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=5961bfb0-66ab-445d-97fa-0b34305640ef
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 10 Oct 2019 02:41:31 GMT
via
1.1 varnish
server
nginx
x-timer
S1570675292.932811,VS0,VE10
x-cache
MISS
status
204
x-cache-hits
0
accept-ranges
bytes
x-served-by
cache-fra19170-FRA

Redirect headers

Location
//trc.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=5961bfb0-66ab-445d-97fa-0b34305640ef
Date
Thu, 10 Oct 2019 02:41:31 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
sync.php
pixel.rubiconproject.com/exchange/ Frame CA23 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=16698
Requested by
Host: urlz.fr
URL: https://urlz.fr/aIQ8
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Content-Type
image/gif
/
trc.taboola.com/sg/powerlinksdsp-network/1/rtb-h/ Frame CA23
Redirect Chain
  • https://px.powerlinks.com/user/identify?sourceId=d4a7a706-ab0f-11e8-a038-127202fb7690&rurl=https%3A%2F%2Ftrc.taboola.com%2Fsg%2Fpowerlinksdsp-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%24%7BUSER%7D
  • https://trc.taboola.com/sg/powerlinksdsp-network/1/rtb-h/?taboola_hm=zSqPrYS1GSWZ5YT1nAMrcGzMd7fAzY91h5rj32Ls0cw%3D
45 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/powerlinksdsp-network/1/rtb-h/?taboola_hm=zSqPrYS1GSWZ5YT1nAMrcGzMd7fAzY91h5rj32Ls0cw%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 10 Oct 2019 02:41:31 GMT
via
1.1 varnish
server
nginx
x-timer
S1570675292.938961,VS0,VE9
x-cache
MISS
status
200
x-cache-hits
0
accept-ranges
bytes
x-served-by
cache-fra19170-FRA

Redirect headers

Location
https://trc.taboola.com/sg/powerlinksdsp-network/1/rtb-h/?taboola_hm=zSqPrYS1GSWZ5YT1nAMrcGzMd7fAzY91h5rj32Ls0cw%3D
Date
Thu, 10 Oct 2019 02:41:31 GMT
Server
nginx
Connection
close
Etag
"zSqPrYS1GSWZ5YT1nAMrcGzMd7fAzY91h5rj32Ls0cw="
Content-Length
0
getuidnb
ib.adnxs.com/ Frame CA23 		43 B
693 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuidnb?https://trc.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID
Requested by
Host: urlz.fr
URL: https://urlz.fr/aIQ8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 , Ascension Island, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Oct 2019 02:41:33 GMT
X-Proxy-Origin
185.151.58.113; 185.151.58.113; 539.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.183:80
AN-X-Request-Uuid
97f0c1b4-ed42-429f-9875-1c0cae4afd54
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rtb-h
match.taboola.com/sg/google-network/1/ Frame CA23
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm=&google_sc=&google_tc=
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEGuGFYx4bl4-pJzs15qpY3c&google_cver=1
  • https://match.taboola.com/sg/google-network/1/rtb-h?taboola_hm=CAESEGuGFYx4bl4-pJzs15qpY3c&tbid=5b903766-13df-417f-8188-e306ded043d5-tuct4981fda&query=taboola_hm%3DCAESEGuGFYx4bl4-pJzs15qpY3c%26goo...
0
52 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.taboola.com/sg/google-network/1/rtb-h?taboola_hm=CAESEGuGFYx4bl4-pJzs15qpY3c&tbid=5b903766-13df-417f-8188-e306ded043d5-tuct4981fda&query=taboola_hm%3DCAESEGuGFYx4bl4-pJzs15qpY3c%26google_cver%3D1
Requested by
Host: urlz.fr
URL: https://urlz.fr/aIQ8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.49 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx/1.13.12 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 10 Oct 2019 02:41:30 GMT
via
1.1 varnish
server
nginx/1.13.12
x-timer
S1570675291.871416,VS0,VE9
x-cache
MISS
status
200
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-fra19175-FRA

Redirect headers

date
Thu, 10 Oct 2019 02:41:30 GMT
via
1.1 varnish
server
nginx
x-timer
S1570675291.855774,VS0,VE8
x-served-by
cache-fra19170-FRA
status
302
x-cache
MISS
location
https://match.taboola.com/sg/google-network/1/rtb-h?taboola_hm=CAESEGuGFYx4bl4-pJzs15qpY3c&tbid=5b903766-13df-417f-8188-e306ded043d5-tuct4981fda&query=taboola_hm%3DCAESEGuGFYx4bl4-pJzs15qpY3c%26google_cver%3D1
accept-ranges
bytes
content-length
0
x-cache-hits
0
getuidnb
ib.adnxs.com/ Frame CA23 		43 B
692 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuidnb?https://trc.taboola.com/sg/nca-appnexus-network/1/rtb-h/?taboola_hm=$UID
Requested by
Host: urlz.fr
URL: https://urlz.fr/aIQ8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 , Ascension Island, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Oct 2019 02:41:33 GMT
X-Proxy-Origin
185.151.58.113; 185.151.58.113; 539.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.43:80
AN-X-Request-Uuid
2bd7b3e8-9c3a-44f4-bd7a-0e32f637bf23
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rtb-h
match.taboola.com/sg/thetradedesk-network/1/ Frame CA23
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=bc0dbcde-23ee-4fc1-bcc5-de6d68e25efa
  • https://match.taboola.com/sg/thetradedesk-network/1/rtb-h?taboola_hm=bc0dbcde-23ee-4fc1-bcc5-de6d68e25efa&tbid=5b903766-13df-417f-8188-e306ded043d5-tuct4981fda&query=taboola_hm%3Dbc0dbcde-23ee-4fc1...
0
52 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.taboola.com/sg/thetradedesk-network/1/rtb-h?taboola_hm=bc0dbcde-23ee-4fc1-bcc5-de6d68e25efa&tbid=5b903766-13df-417f-8188-e306ded043d5-tuct4981fda&query=taboola_hm%3Dbc0dbcde-23ee-4fc1-bcc5-de6d68e25efa
Requested by
Host: urlz.fr
URL: https://urlz.fr/aIQ8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.49 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx/1.13.12 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 10 Oct 2019 02:41:30 GMT
via
1.1 varnish
server
nginx/1.13.12
x-timer
S1570675291.900730,VS0,VE9
x-cache
MISS
status
200
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-fra19175-FRA

Redirect headers

date
Thu, 10 Oct 2019 02:41:30 GMT
via
1.1 varnish
server
nginx
x-timer
S1570675291.885381,VS0,VE8
x-served-by
cache-fra19170-FRA
status
302
x-cache
MISS
location
https://match.taboola.com/sg/thetradedesk-network/1/rtb-h?taboola_hm=bc0dbcde-23ee-4fc1-bcc5-de6d68e25efa&tbid=5b903766-13df-417f-8188-e306ded043d5-tuct4981fda&query=taboola_hm%3Dbc0dbcde-23ee-4fc1-bcc5-de6d68e25efa
accept-ranges
bytes
content-length
0
x-cache-hits
0
4b560cdd-91f9-422b-adb7-e9dff26bc3ad
www.storygize.net/ccm/ Frame CA23 		0
0
cookiesync
bttrack.com/pixel/ Frame CA23 		0
0
/
cds.taboola.com/ Frame CA23 		0
0
bsw_sync
ads.creative-serving.com/ Frame CA23
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=taboola
  • https://x.bidswitch.net/ul_cb/sync?ssp=taboola
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=taboola&bsw_custom_parameter=b8f95e17-a645-44c1-b32c-b2b641c9e2c0
0
0
available
trc.taboola.com/themonetizer-urlz/log/3/ Frame 02CA 		0
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/themonetizer-urlz/log/3/available?route=AM%3AAM%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20191002-10-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
cors
Referer
https://urlz.fr/aIQ8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Thu, 10 Oct 2019 02:41:30 GMT
via
1.1 varnish
server
nginx
x-timer
S1570675291.784465,VS0,VE9
x-served-by
cache-fra19170-FRA
status
204
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://urlz.fr
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame 02CA 		254 B
659 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/shared/tbframe.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://urlz.fr/aIQ8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via
1.1 varnish
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
age
24571
x-cache
HIT
status
200
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
Vjnfq2okxpLEG/cBVxSfv3DOOCGN7KTpixt29L7DwUhoZL6eRlgDSODZqhfatrYL58q01gaLKf4=
x-served-by
cache-fra19170-FRA
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1570675291.918161,VS0,VE0
date
Thu, 10 Oct 2019 02:41:30 GMT
x-amz-request-id
F6D91014AAA6CDC4
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/png
abp
88
x-cache-hits
11192
12.json
id5-sync.com/g/v1/ 		35 B
267 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v1/12.json?gdpr=0&gdpr_consent=
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_31/build/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.123.232 , France, ASN16276 (OVH, FR),
Reverse DNS
s04.id5-sync.com
Software
/
Resource Hash
6d3ad1cfd3221aa7bffc10ba678fda2d9d94c9aa3b026d45a74fa767763ec1d5

Request headers

Sec-Fetch-Mode
cors
Referer
https://urlz.fr/aIQ8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://urlz.fr
Date
Thu, 10 Oct 2019 02:41:30 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Content-Type
text/json;charset=utf-8
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 8809 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_31/build/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.9.13 /
Resource Hash

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
https://urlz.fr/aIQ8
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://urlz.fr/aIQ8

Response headers

Last-Modified
Fri, 20 May 2016 02:07:09 GMT
ETag
"573e714d-3e3"
Server
nginx/1.9.13
Content-Type
text/html
Vary
Accept-Encoding
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Content-Length
506
Cache-Control
max-age=31536000
Expires
Fri, 09 Oct 2020 02:41:30 GMT
Date
Thu, 10 Oct 2019 02:41:30 GMT
Connection
keep-alive
usync.html
eus.rubiconproject.com/ Frame 87A7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_31/build/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.78.125 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
https://urlz.fr/aIQ8
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://urlz.fr/aIQ8

Response headers

Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified
Thu, 03 Oct 2019 21:35:34 GMT
Content-Encoding
gzip
Content-Length
7651
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=18792
Expires
Thu, 10 Oct 2019 07:54:46 GMT
Date
Thu, 10 Oct 2019 02:41:34 GMT
Connection
keep-alive
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame BFAF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_31/build/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.9.13 /
Resource Hash

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
https://urlz.fr/aIQ8
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://urlz.fr/aIQ8

Response headers

Last-Modified
Fri, 20 May 2016 02:07:09 GMT
ETag
"573e714d-3e3"
Server
nginx/1.9.13
Content-Type
text/html
Vary
Accept-Encoding
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Content-Length
506
Cache-Control
max-age=31536000
Expires
Fri, 09 Oct 2020 02:41:30 GMT
Date
Thu, 10 Oct 2019 02:41:30 GMT
Connection
keep-alive
ping_match.gif
pm.w55c.net/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEMSJaj-U53Qk9MRpENwyJpw&google_cver=1
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=be5698d8-6a19-43f7-8dd1-e7e9a6f02403
  • https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D
  • https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=XZ6aXgAAAKphv0zT
  • https://ad.turn.com/r/cs?pid=34
  • https://ads.stickyadstv.com/user-registering?dataProviderId=147&userId=7279824507002327768
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
bb.acesso-online-netbanking.com
URL
https://bb.acesso-online-netbanking.com/pageinicial.php
Domain
bb.acesso-online-netbanking.com
URL
https://bb.acesso-online-netbanking.com/pageinicial.php
Domain
www.storygize.net
URL
https://www.storygize.net/ccm/4b560cdd-91f9-422b-adb7-e9dff26bc3ad?u=5b903766-13df-417f-8188-e306ded043d5-tuct4981fda
Domain
bttrack.com
URL
https://bttrack.com/pixel/cookiesync?source=14b8c562-d12b-418b-b680-ad517d5839ec
Domain
cds.taboola.com
URL
https://cds.taboola.com/?uid=5b903766-13df-417f-8188-e306ded043d5-tuct4981fda&_r=6863995
Domain
ads.creative-serving.com
URL
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=taboola&bsw_custom_parameter=b8f95e17-a645-44c1-b32c-b2b641c9e2c0
Domain
pm.w55c.net
URL
https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_

Verdicts & Comments Add Verdict or Comment

132 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| __cfQR function| confiantWrap number| themoneytizer_async object| geo object| node object| excludeconfiant object| eucountries object| _captifyAnalytics object| sas object| generic function| criteoCallback object| criteo_gum object| pwidget_config function| loadScriptTemelio function| whenFormatFctDefined function| whenDefined object| tagsObject string| website number| random undefined| pubstack object| target object| cs object| notifyme object| tmzr object| d object| pbs object| format_size object| format_size_ix object| format_size_rubicon object| format_criteo object| format_pulsepoint object| between_w object| between_h object| counter_refresh object| smart_prebid2 object| notvisibleloop string| crtg_content object| mydiv object| creatediv undefined| paragraphs undefined| counter undefined| temp undefined| myP undefined| myPNumber undefined| coeffFilterBegin undefined| coeffFilterEnd undefined| filterBegin undefined| filterEnd undefined| limitPargraphs undefined| filteringParagraphs undefined| number undefined| divs undefined| coeffFilterBeginDiv undefined| filterBeginDiv function| isEmpty function| Getsize function| GetsizeRubicon function| GetPulseSize function| Timeout function| checkVisibility3 function| refreshSlot undefined| convertHtmlToText object| _qevents boolean| moneycaching boolean| confiant object| params number| nugg function| Adcall_30012 string| Noowho_ref string| page boolean| timepast object| iframe boolean| __cfRLUnblockHandlers function| VisSense function| MobileDetect object| md function| quantserve function| __qc object| ezt object| _qoptions function| tmzrChunk object| __core-js_shared__ function| JSEncrypt object| invibes object| placementBids undefined| Adcall_48311 undefined| Adcall_26325 undefined| Adcall_26328 object| pubstack_publica number| bidder_geo object| _clrm boolean| tmcredentials string| moneytizergeo object| pp object| libJsLeadPlace function| __cmp undefined| $ undefined| jQuery object| Pepsia function| PepsiaPlayerAsync string| k object| data undefined| bid undefined| vastUrl object| targetingParams undefined| Adcall_video object| freewheelssp_cache object| sas_ads boolean| sas_ajax object| sas_manager object| sas_unrenderedFormats undefined| sas_callAd undefined| sas_callAds function| sas_render function| SmartAdServerAjaxOneCall function| SmartAdServer_iframe function| SmartAdServer function| SmartAdServerAjax function| sas_gcf function| sas_appendToContainer function| sascc function| sasmobile function| sas_addCleanListener function| sas_cleanAds function| sas_cleanAd number| sas_renderMode object| getBidResponsesForAdUnitCode string| bidcache object| TRC number| taboola_view_id

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.adnxs.com
ads.avocet.io
ads.creative-serving.com
ads.stickyadstv.com
ads.themoneytizer.com
adtrack.adleadevent.com
ajax.cloudflare.com
ajax.googleapis.com
api.dmcdn.net
bb.acesso-online-netbanking.com
bttrack.com
c.tmyzer.com
c1.adform.net
cdn.taboola.com
cds.taboola.com
ced-ns.sascdn.com
cm.g.doubleclick.net
d2zur9cc2gf1tx.cloudfront.net
dmp.truoptik.com
eus.rubiconproject.com
fastlane.rubiconproject.com
g.tmyzer.com
gum.criteo.com
ib.adnxs.com
ice.360yield.com
id5-sync.com
image2.pubmatic.com
match.adsrvr.org
match.taboola.com
maxcdn.bootstrapcdn.com
p.cpx.to
pixel.quantserve.com
pixel.rubiconproject.com
player.pepsia.com
pm.w55c.net
pool.grid-data.bidswitch.net
px.powerlinks.com
rtb-csync.smartadserver.com
rtb.mfadsrvr.com
rules.quantcount.com
s.cpx.to
s1.dmcdn.net
s2.dmcdn.net
sb.scorecardresearch.com
secure.adnxs.com
secure.quantserve.com
tag.contextweb.com
tag.leadplace.fr
trc.taboola.com
urlz.fr
ww1097.smartadserver.com
www.dailymotion.com
www.google-analytics.com
www.noowho.com
www.storygize.net
ads.creative-serving.com
bb.acesso-online-netbanking.com
bttrack.com
cds.taboola.com
pm.w55c.net
www.storygize.net
104.109.78.125
104.16.92.60
13.224.196.26
145.239.193.145
145.239.193.51
151.101.14.2
151.101.14.49
151.139.241.23
172.217.21.226
172.227.124.249
178.79.227.167
178.79.227.76
18.185.45.212
18.196.229.216
185.33.223.203
185.64.189.110
185.86.137.110
185.86.137.32
195.8.215.136
2.18.232.130
2.18.234.233
2001:4de0:ac19::1:b:3a
2600:9000:20eb:f400:6:44e3:f8c0:93a1
2606:4700:31::681f:bb2
2606:4700::6813:c697
2a00:1450:4001:808::200a
2a00:1450:4001:824::200e
2a02:2638::1c
3.120.61.28
37.157.4.41
37.252.173.27
40.113.136.100
5.179.192.20
52.208.204.25
52.214.1.180
52.28.33.202
54.154.201.99
54.192.94.143
54.247.83.136
54.36.123.232
54.38.64.100
68.232.35.16
69.173.144.142
69.173.144.165
74.214.194.132
91.228.74.225
91.228.74.236
94.23.196.203
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
0988a26d874f464954145e52c7c4d9aef4fb0c7abcb8f4c097d6b5a6a6d140c5
0cae80c9382e2b3e8045ba09797fd66d1a65a936d70af2eed09897be81ea436e
1aa092da3c4c7cfa17ea0a1a695f3c98e49e5ad40fb8054f7f2c0508b640bf50
1c1f2f35bb12189f3313fb3d3c20ccac4130ce16dbf283ce1b3ff4dd24f1e63f
1cccb3ab463e4419ccdcbdd2864aecc8237cfb1a5dae7ff47262beb5cad2c0bc
1fdad207581da193a24d9293ad1ba76c3d41f68a005a2c9b7a26e39a1618ca66
2324249a43c3de291bc7cbb9a7a86da1e6bff239a717d52b538b20e1b5d994ad
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe
2c0b1cf6965cedd6fdc86718ff298f16a50ad29397c68cb6b4de5c0954f98728
36f73cae67e598e6197f2775abf8413a60d544753d8c56975e9907bfaa652839
404a9b0ffbcc813e8ddbb8d8510a24a69c09079282f8083ee94f4adc5d627176
46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d43898ccca52e66ac9d5d3df286128ec6c685e38241f6f402ab253affa3c6cd
516ca70e25b9ee95d6377f304ef8f3061e765bdccfbcf14d8fff0584f8a09560
59e3eb4959e6c6cb2eda31794bb44bd6a5c51d55e473d24e480d94bd14e2026e
62e939b61ae72949314dd168b67b5a385555a767db84e9413f87c0af3241fdad
6a233c93b0d174a786835303eb1532c0606b246062c4ea03277c83aed3a57c10
6d3ad1cfd3221aa7bffc10ba678fda2d9d94c9aa3b026d45a74fa767763ec1d5
759d88dd7c8fa0d1e31323bd2ebf3f238156fdcbd1ed108215f69fece482d0c2
7665c874bc98e44bd494def2883069f2f4c14cdef48d52d517cbbfce75440f37
76c393f564f53c19e795307e622edc8657a603f7a816c2646385697286d11313
7ebb1042972496d60bb6555b9622f7e23201bbfe5d25b33d1096f1b61d659045
7fbb7d33f5aa50badbad918f76e0029c07053cfe6f5e90c5638a91d208413dd0
8176ae793c1dafd15ebc48725d38dd24be5bf810008618a326a1ffbb1fa6f00a
87d0504a593794695c2f77db0efde1f65e73a7086abf260f07f491482517cd07
88dc0ae99b6bcff157be6e16039da5f3b1d4cfb26aa323858b9d4806b9da8084
8c8543047af01eee8aec752d049f35aff3abc468628af82f9585117411786d8c
90e6f92e956b0b2b6e655f63d36cd44cef727f54c2b2a175ab5144de14ba2a31
94666aec361fee9a9294bb32a5bc11867e479d41c199dd6ec8053122ae105a4b
973882eab6c20a250c714237a2bb60b2c3844b651a73c0ae0e73dff79f515453
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213
b7e8bae3caf2afa8ae360a578e22d2762532e88fec661f2c4f966d0a0703452e
bc668e376652343280e84405e0dd10fcbf8e4147e7c3bf1ace3d1820aac78f68
be8a7fe1ef033461f7404927671330ae45f6c3f654583825ac5f5ba0d1bd2d3d
bf0e17523e8f57ccb02223b6e5adea462a5479afc4e79d9cbf80ca7f6186dc69
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
cb5e68ea98339921426942e8f8c0756dda0f90adeec0ca8067db577e8ca32e3e
ccde9faf873bc4246586183037236cd8bf86b82e6fae9a272c991e543a768089
d01d7e89b4d641722a6ee3361a74140f0271768fa9c0fb75168cc1f3dc90ad09
d406f42a088a14459471e30acb1a1c3f856b1f76331473847663a63ba2921250
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dccff4268cf23b61b45aeb89e063cb102cdf9a862e1c25bd2104aaf135a914d3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e74d4b9c447f963778d2309bf36b2c9acd06d8c7096f9a98b28643cae53f426b
e85ba4d66717e8de5dcba1b5e0285ced20874b84f316ff3c0840277352b9c9ea
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c