www.gifimili.com Open in urlscan Pro
62.210.16.62  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://urlz.fr/hF8B Page URL
2. https://www.gifimili.com/gif/2018/03/peinture-doigt-d-honneur.gif?fbclid=IwAR3FiN7AEydEON8fSwDDys1XwSrlOLeLkhOZCPZpkWx1d1lFICjg3RVIj-c Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18

• https://csync-global.smartadserver.com/1097/CookieSync.html HTTP 302
• https://csync-eu.smartadserver.com/1097/CookieSync.html

51 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	hF8B Show response urlz.fr/	9 KB 3 KB	174ms 83ms	Document text/html	104.21.234.214 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://urlz.fr/hF8B Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.234.214 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 18de7354b90bc73dd875b26c782ba1c3ba5783288c11aef97e319393c4f284d6 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language fr-FR,fr;q=0.9 Response headers date Sun, 13 Mar 2022 10:35:30 GMT content-type text/html; charset=UTF-8 expires Sun, 13 Mar 2022 10:36:30 GMT cache-control max-age=60 x-fastcgi-cache EXPIRED cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h0faQbxdNzjY2JVPtOCyDYlXeKamyuRpW8ZJ3rnUzPIh0hC05Gsmnr%2BdkKlCB%2FvqUTXjcGyd7FDiNgR0Kl5cNuqq98GmokhLjq3n8HNXuSRYWXlMN9X1AIGo"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 6eb41f89cbb63af5-CDG content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	rocket-loader.min.js Show response urlz.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/	12 KB 4 KB	42ms 41ms	Script application/javascript	104.21.234.214 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://urlz.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Requested by Host: urlz.fr URL: https://urlz.fr/hF8B Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.234.214 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://urlz.fr/hF8B User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sun, 13 Mar 2022 10:35:30 GMT content-encoding gzip x-content-type-options nosniff last-modified Fri, 11 Mar 2022 12:22:44 GMT server cloudflare etag W/"622b3f14-302c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-frame-options DENY report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YRN3T14A%2FflxlQJ8Kz2xZDwcCc4rMnGvdCv%2BJ0zCJDu7AJciRBi5dnX%2Fc%2B8%2BTr45Ngxw9rv%2FfK9U5oSxfHgvkxBfMM3jtCvF0Sha%2FyBzqPf30A8zuz3VnkPe"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=172800, public nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6eb41f8a7c733af5-CDG vary Accept-Encoding expires Tue, 15 Mar 2022 10:35:30 GMT
GET H/1.1	200 OK	peinture-doigt-d-honneur.gif Show response www.gifimili.com/gif/2018/03/ Frame 0478	200 KB 201 KB	263ms 91ms	Document image/gif	62.210.16.62 Online SAS
General Check archive.org Show headers Download Go to Full URL https://www.gifimili.com/gif/2018/03/peinture-doigt-d-honneur.gif?fbclid=IwAR3FiN7AEydEON8fSwDDys1XwSrlOLeLkhOZCPZpkWx1d1lFICjg3RVIj-c Requested by Host: urlz.fr URL: https://urlz.fr/hF8B Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 62.210.16.62 , France, ASN12876 (Online SAS, FR), Reverse DNS pf-lb-2.online.net Software nginx / Resource Hash b1fb82ba1ef116a746ba92be0cf1252bda73336d630bd22e27f6ee9a11a51d00 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language fr-FR,fr;q=0.9 Referer https://urlz.fr/ Response headers Date Sun, 13 Mar 2022 10:35:30 GMT Content-Type image/gif Content-Length 205105 Connection keep-alive Last-Modified Sat, 10 Mar 2018 09:28:42 GMT ETag "32131-5670b88dd4056" Accept-Ranges bytes Cache-Control max-age=2592000 server nginx
GET H2	200	js Show response www.googletagmanager.com/gtag/	92 KB 37 KB	163ms 59ms	Script application/javascript	142.250.186.40 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-162669458-1 Requested by Host: urlz.fr URL: https://urlz.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.40 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f8.1e100.net Software Google Tag Manager / Resource Hash 63d1682a08928ed17a617168fa444a40073b9daec2c5a4c6c1f16ff6a719098b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://urlz.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sun, 13 Mar 2022 10:35:30 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 36976 x-xss-protection 0 last-modified Sun, 13 Mar 2022 09:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sun, 13 Mar 2022 10:35:30 GMT
GET H2	200	requestform.js Show response ads.themoneytizer.com/s/	108 KB 17 KB	144ms 41ms	Script text/html	151.139.128.11 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=6 Requested by Host: urlz.fr URL: https://urlz.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS Software nginx / Resource Hash 7503d1d3bb309926f020e3334e69c5adb6f80f8a0d3a2550be29e7a0bc655b11 Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://urlz.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sun, 13 Mar 2022 10:35:30 GMT content-encoding gzip server nginx x-hw 1647167730.cds215.pa1.hn,1647167730.cds229.pa1.c content-type text/html; charset=UTF-8 access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes content-length 17223
GET H2	200	gen.js Show response ads.themoneytizer.com/s/	4 KB 2 KB	144ms 41ms	Script text/html	151.139.128.11 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://ads.themoneytizer.com/s/gen.js?type=6 Requested by Host: urlz.fr URL: https://urlz.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS Software nginx / Resource Hash 7d2b3e8a1d6b172ea7936a53c5a937dcb7bc22b5bd5be45c048c4af9fca56d66 Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://urlz.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sun, 13 Mar 2022 10:35:30 GMT content-encoding gzip server nginx x-hw 1647167730.cds215.pa1.hn,1647167730.cds214.pa1.c content-type text/html; charset=UTF-8 access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes content-length 2073
GET H2	200	requestform.js Show response ads.themoneytizer.com/s/	115 KB 18 KB	176ms 73ms	Script text/html	151.139.128.11 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28 Requested by Host: urlz.fr URL: https://urlz.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS Software nginx / Resource Hash b0a818a2d619dc15ba42725591c752c02427bef08d1f6dc5848a5dd91bbddc38 Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://urlz.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sun, 13 Mar 2022 10:35:30 GMT content-encoding gzip server nginx x-hw 1647167730.cds215.pa1.hn,1647167730.cds047.pa1.c content-type text/html; charset=UTF-8 access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes content-length 18049
GET H2	200	gen.js Show response ads.themoneytizer.com/s/	4 KB 2 KB	190ms 87ms	Script text/html	151.139.128.11 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://ads.themoneytizer.com/s/gen.js?type=28 Requested by Host: urlz.fr URL: https://urlz.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS Software nginx / Resource Hash 7d2b3e8a1d6b172ea7936a53c5a937dcb7bc22b5bd5be45c048c4af9fca56d66 Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://urlz.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sun, 13 Mar 2022 10:35:30 GMT content-encoding gzip server nginx x-hw 1647167730.cds215.pa1.hn,1647167730.cds223.pa1.c content-type text/html; charset=UTF-8 access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes content-length 2073
GET H2	200	requestform.js Show response ads.themoneytizer.com/s/	115 KB 18 KB	192ms 90ms	Script text/html	151.139.128.11 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1 Requested by Host: urlz.fr URL: https://urlz.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS Software nginx / Resource Hash ca67224c7a9f6ae9a49d2483b11fdb1d05aeefd9fabaffc3cf0ccbd3f20bc0a0 Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://urlz.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sun, 13 Mar 2022 10:35:30 GMT content-encoding gzip server nginx x-hw 1647167730.cds215.pa1.hn,1647167730.cds227.pa1.c content-type text/html; charset=UTF-8 access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes content-length 18038
GET H2	200	gen.js Show response ads.themoneytizer.com/s/	4 KB 2 KB	207ms 104ms	Script text/html	151.139.128.11 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://ads.themoneytizer.com/s/gen.js?type=1 Requested by Host: urlz.fr URL: https://urlz.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS Software nginx / Resource Hash 7d2b3e8a1d6b172ea7936a53c5a937dcb7bc22b5bd5be45c048c4af9fca56d66 Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://urlz.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sun, 13 Mar 2022 10:35:30 GMT content-encoding gzip server nginx x-hw 1647167730.cds215.pa1.hn,1647167730.cds212.pa1.c content-type text/html; charset=UTF-8 access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes content-length 2073
GET H2	200	/ Show response ad.adxcore.com/a/init/	4 KB 2 KB	158ms 48ms	Script application/x-javascript	104.22.48.227 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ad.adxcore.com/a/init/?site=23152 Requested by Host: urlz.fr URL: https://urlz.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.22.48.227 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fc12f0355d2736b035df17c886c5ece9c8c5cc2a94ebfc22a884c001af450ff1 Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://urlz.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sun, 13 Mar 2022 10:35:30 GMT content-encoding gzip cf-cache-status HIT last-modified Sun, 13 Mar 2022 10:30:12 GMT server cloudflare age 318 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/x-javascript; charset=utf-8 cache-control private, max-age=3600, max-age=2592000 accept-ranges bytes cf-ray 6eb41f8b6bfaee8d-CDG content-length 1793 expires Tue, 12 Apr 2022 10:30:12 GMT
GET H2	200	choice.js quantcast.mgr.consensu.org/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/	3 KB 2 KB	156ms 47ms	Script application/javascript	143.204.98.6 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://quantcast.mgr.consensu.org/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js Requested by Host: urlz.fr URL: https://urlz.fr/hF8B Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.98.6 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-98-6.fra50.r.cloudfront.net Software AmazonS3 / Resource Hash Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://urlz.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers x-amz-server-side-encryption AES256 date Sun, 13 Mar 2022 10:34:39 GMT content-encoding gzip last-modified Mon, 13 Sep 2021 14:18:10 GMT server AmazonS3 age 51 etag W/"a7fa5501113779849b63118ade529910" vary Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 9eb0e845437929074828e0cf53f179ae.cloudfront.net (CloudFront) cache-control max-age=900 cross-origin-resource-policy cross-origin x-amz-cf-pop FRA50-C1 x-amz-cf-id gomrWL24GIxamedx9bQ1VcBDvrPlhXEH0Ib8DtlqSI0ODI4BGYUuMQ==
GET H2	200	advstlib.min.js ad.adxcore.com/static/js/components/advstlib/	634 KB 192 KB	57ms 57ms	Script application/javascript	104.22.48.227 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ad.adxcore.com/static/js/components/advstlib/advstlib.min.js?c976cd1754 Requested by Host: ad.adxcore.com URL: https://ad.adxcore.com/a/init/?site=23152 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.22.48.227 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://urlz.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sun, 13 Mar 2022 10:35:30 GMT content-encoding gzip cf-cache-status HIT last-modified Wed, 09 Mar 2022 09:19:17 GMT server cloudflare age 322 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript cache-control max-age=2592000, private cf-ray 6eb41f8cdda4ee8d-CDG expires Tue, 12 Apr 2022 10:30:08 GMT
GET H2	200	adsbygoogle.js pagead2.googlesyndication.com/pagead/js/	28 KB 0	181ms 77ms	Script text/javascript	142.250.186.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Requested by Host: ad.adxcore.com URL: https://ad.adxcore.com/a/init/?site=23152 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://urlz.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sun, 13 Mar 2022 10:35:30 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 53807 x-xss-protection 0 server cafe etag 16834149433280908774 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600 timing-allow-origin * expires Sun, 13 Mar 2022 10:35:30 GMT
GET H2	200	moneybile.js Show response ads.themoneytizer.com/	38 KB 16 KB	41ms 41ms	Script application/javascript	151.139.128.11 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://ads.themoneytizer.com/moneybile.js Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/gen.js?type=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS Software nginx / Resource Hash 4006e0481f9cfffd3a579c3dcbdad1b6953e844c1e3c76a8d9f86844c98d87a3 Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://urlz.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sun, 13 Mar 2022 10:35:30 GMT content-encoding gzip last-modified Fri, 12 Mar 2021 17:07:19 GMT server nginx etag "604b9fc7-981e" x-hw 1647167730.cds215.pa1.hn,1647167730.cds024.pa1.c content-type application/javascript access-control-allow-origin * cache-control max-age=0, public, must-revalidate, proxy-revalidate accept-ranges bytes content-length 16267
GET		/ c.tmyzer.com/c/	0 0
GET		smart.js ced.sascdn.com/tag/1097/	0 0
GET H2	200	sync gum.criteo.com/	49 B 372 B	142ms 47ms	Script text/javascript	178.250.2.146 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://urlz.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sun, 13 Mar 2022 10:35:30 GMT content-encoding gzip vary Accept-Encoding content-type text/javascript; charset=utf-8 cache-control private, max-age=3600 server-processing-duration-in-ticks 3787 strict-transport-security max-age=31536000; preload; content-length 165 expires 60
GET		CookieSync.html csync-eu.smartadserver.com/1097/ Redirect Chain https://csync-global.smartadserver.com/1097/CookieSync.html https://csync-eu.smartadserver.com/1097/CookieSync.html	0 0
GET H2	200	mapper.js spl.zeotap.com/	61 KB 20 KB	135ms 48ms	Script application/javascript	172.67.13.182 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://spl.zeotap.com/mapper.js?env=mWeb&eventType=pageview&zdid=1258 Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.13.182 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://urlz.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sun, 13 Mar 2022 10:35:30 GMT via 1.1 google cf-cache-status HIT age 4832 cf-polished origSize=62056 content-encoding br last-modified Sun, 13 Mar 2022 09:14:58 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin, Accept-Encoding content-type application/javascript access-control-allow-origin https://onepiece-streaming.co access-control-allow-credentials true cf-ray 6eb41f8d580a3b49-CDG access-control-allow-headers * cf-bgj minify
GET		libJsLP.js tag.leadplace.fr/	0 0
GET H2	200	/ onetag-sys.com/usync/ Frame E8FD	3 KB 0	151ms 48ms	Document text/html	51.89.9.254 OVH
General Check archive.org Show headers Download Go to Full URL https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1647167730670 Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR), Reverse DNS ip254.ip-51-89-9.eu Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language fr-FR,fr;q=0.9 Referer https://urlz.fr/ Response headers p3p CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR' content-type text/html cache-control no-transform, no-cache content-encoding gzip content-length 1364 strict-transport-security max-age=15552000
GET H2	200	quant.js secure.quantserve.com/	24 KB 10 KB	168ms 56ms	Script application/javascript	91.228.74.136 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://secure.quantserve.com/quant.js Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 91.228.74.136 , United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://urlz.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sun, 13 Mar 2022 10:35:30 GMT content-encoding gzip etag "yoD6mq4JTyPdtDBolW+GUg==" vary Accept-Encoding content-type application/javascript cache-control private, max-age=604800 cross-origin-resource-policy cross-origin accept-ranges bytes expires Sun, 20 Mar 2022 10:35:30 GMT
GET		px.js p.cpx.to/p/12773/	0 0
GET H/1.1	200 OK	notifyme.js d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/	25 KB 26 KB	162ms 52ms	Script text/javascript	143.204.101.219 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 143.204.101.219 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-101-219.fra50.r.cloudfront.net Software Apache / Resource Hash Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://urlz.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sun, 13 Mar 2022 01:49:09 GMT Via 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront) Last-Modified Mon, 18 Feb 2019 16:54:28 GMT Server Apache Age 31582 X-Cache Hit from cloudfront Content-Type text/javascript Connection keep-alive X-Amz-Cf-Pop FRA50-C1 Accept-Ranges bytes Content-Length 25704 X-Amz-Cf-Id 2qkyAdVyHJj9aaZ7h_QBfIZmRxDz6Z-EKmjAUdN1umQ1YMope0wyqA==
GET		186329-261067657875242.js js-sec.indexww.com/ht/p/	0 0
GET H2	200	prebid.js ads.themoneytizer.com/moneybid6_13/build/dist/	657 KB 196 KB	42ms 41ms	Script application/javascript	151.139.128.11 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://ads.themoneytizer.com/moneybid6_13/build/dist/prebid.js Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS Software nginx / Resource Hash Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://urlz.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sun, 13 Mar 2022 10:35:30 GMT content-encoding gzip last-modified Thu, 03 Mar 2022 08:51:50 GMT server nginx etag "622081a6-a4431" x-hw 1647167730.cds215.pa1.hn,1647167730.cds038.pa1.c content-type application/javascript access-control-allow-origin * cache-control max-age=0, public, must-revalidate, proxy-revalidate accept-ranges bytes content-length 200349
GET		/ c.tmyzer.com/c/	0 0
GET		/ c.tmyzer.com/c/	0 0
GET H2	200	lib_fs_close.js ads.themoneytizer.com/	339 B 327 B	108ms 108ms	Script application/javascript	151.139.128.11 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://ads.themoneytizer.com/lib_fs_close.js Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS Software nginx / Resource Hash Request headers Accept-Language fr-FR,fr;q=0.9 Referer https://urlz.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sun, 13 Mar 2022 10:35:30 GMT content-encoding gzip last-modified Wed, 23 Feb 2022 15:04:32 GMT server nginx etag "62164d00-153" x-hw 1647167730.cds215.pa1.hn,1647167730.cds034.pa1.c content-type application/javascript access-control-allow-origin * cache-control max-age=0, public, must-revalidate, proxy-revalidate accept-ranges bytes content-length 220
GET H/1.1	200 OK	peinture-doigt-d-honneur.gif www.gifimili.com/gif/2018/03/ Frame 51A7	200 KB 201 KB	55ms 55ms	Document image/gif	62.210.16.62 Online SAS
General Check archive.org Show headers Download Go to Full URL https://www.gifimili.com/gif/2018/03/peinture-doigt-d-honneur.gif?fbclid=IwAR3FiN7AEydEON8fSwDDys1XwSrlOLeLkhOZCPZpkWx1d1lFICjg3RVIj-c Requested by Host: urlz.fr URL: https://urlz.fr/hF8B Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 62.210.16.62 , France, ASN12876 (Online SAS, FR), Reverse DNS pf-lb-2.online.net Software nginx / Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language fr-FR,fr;q=0.9 Referer https://urlz.fr/ Response headers Date Sun, 13 Mar 2022 10:35:30 GMT Content-Type image/gif Content-Length 205105 Connection keep-alive Last-Modified Sat, 10 Mar 2018 09:28:42 GMT ETag "32131-5670b88dd4056" Accept-Ranges bytes Cache-Control max-age=2592000 server nginx
GET		analytics.js www.google-analytics.com/	0 0
GET H/1.1	200 OK	Primary Request peinture-doigt-d-honneur.gif Show response www.gifimili.com/gif/2018/03/	200 KB 201 KB	76ms 76ms	Document image/gif	62.210.16.62 Online SAS
General Check archive.org Show headers Download Go to Full URL https://www.gifimili.com/gif/2018/03/peinture-doigt-d-honneur.gif?fbclid=IwAR3FiN7AEydEON8fSwDDys1XwSrlOLeLkhOZCPZpkWx1d1lFICjg3RVIj-c Requested by Host: urlz.fr URL: https://urlz.fr/hF8B Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 62.210.16.62 , France, ASN12876 (Online SAS, FR), Reverse DNS pf-lb-2.online.net Software nginx / Resource Hash b1fb82ba1ef116a746ba92be0cf1252bda73336d630bd22e27f6ee9a11a51d00 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language fr-FR,fr;q=0.9 Referer https://urlz.fr/ Response headers Date Sun, 13 Mar 2022 10:35:30 GMT Content-Type image/gif Content-Length 205105 Connection keep-alive Last-Modified Sat, 10 Mar 2018 09:28:42 GMT ETag "32131-5670b88dd4056" Accept-Ranges bytes Cache-Control max-age=2592000 server nginx
GET		apstag.js c.amazon-adsystem.com/aax2/	0 0
GET		/ l.adxcore.com/log/site/	0 0
GET		cmp2.js quantcast.mgr.consensu.org/tcfv2/	0 0
GET		/ spl.zeotap.com/	0 0
GET		img sync.mathtag.com/sync/ Frame E8FD	0 0
GET		sync.php pixel-eu.rubiconproject.com/exchange/ Frame E8FD	0 0
GET		match dmp.adform.net/serving/cookie/ Frame E8FD	0 0
GET		getuid ib.adnxs.com/ Frame E8FD	0 0
GET		tap.php pixel.rubiconproject.com/ Frame E8FD	0 0
GET		sync pixel.advertising.com/ups/58198/ Frame E8FD	0 0
GET		/ onetag-sys.com/match/ Frame E8FD	0 0
GET		sync ssbsync-global.smartadserver.com/api/ Frame E8FD	0 0
GET		711916.gif id.rlcdn.com/ Frame E8FD	0 0
GET		ImgSync image8.pubmatic.com/AdServer/ Frame E8FD	0 0
GET		pixel cm.g.doubleclick.net/ Frame E8FD	0 0
GET		occ ups.analytics.yahoo.com/ups/58488/ Frame E8FD	0 0
GET		generic match.adsrvr.org/track/cmf/ Frame E8FD	0 0
GET		sync x.bidswitch.net/ Frame E8FD	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

c.tmyzer.com

URL

https://c.tmyzer.com/c/?s=15056&f=1&fi=99

Domain

ced.sascdn.com

URL

https://ced.sascdn.com/tag/1097/smart.js

Domain

csync-eu.smartadserver.com

URL

https://csync-eu.smartadserver.com/1097/CookieSync.html

Domain

tag.leadplace.fr

URL

https://tag.leadplace.fr/libJsLP.js

Domain

p.cpx.to

URL

https://p.cpx.to/p/12773/px.js

Domain

js-sec.indexww.com

URL

https://js-sec.indexww.com/ht/p/186329-261067657875242.js

Domain

c.tmyzer.com

URL

https://c.tmyzer.com/c/?s=15056&f=28&fi=99

Domain

c.tmyzer.com

URL

https://c.tmyzer.com/c/?s=15056&f=6&fi=99

Domain

www.google-analytics.com

URL

https://www.google-analytics.com/analytics.js

Domain

c.amazon-adsystem.com

URL

https://c.amazon-adsystem.com/aax2/apstag.js

Domain

l.adxcore.com

URL

https://l.adxcore.com/log/site/?siteid=23152&a=pap&device=DESK&cb=0.9223533289804584&ref=https%3A%2F%2Furlz.fr%2FhF8B

Domain

quantcast.mgr.consensu.org

URL

https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.themoneytizer.com

Domain

spl.zeotap.com

URL

https://spl.zeotap.com/?env=mWeb&eventType=pageview&zdid=1258

Domain

sync.mathtag.com

URL

https://sync.mathtag.com/sync/img?mt_exid=75&redir=%2F%2Fonetag-sys.com%2Fsync%2Fi%2C1%2F%5BMM_UUID%5D

Domain

pixel-eu.rubiconproject.com

URL

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag

Domain

dmp.adform.net

URL

https://dmp.adform.net/serving/cookie/match?party=1167&cid=kFm6mRjWqKnK8AxRYx_Xegxu8eH6g_xkaLRtwKwhh00

Domain

ib.adnxs.com

URL

https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID

Domain

pixel.rubiconproject.com

URL

https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=kFm6mRjWqKnK8AxRYx_Xegxu8eH6g_xkaLRtwKwhh00

Domain

pixel.advertising.com

URL

https://pixel.advertising.com/ups/58198/sync?&gdpr=1&gdpr_consent=&redir=true

Domain

onetag-sys.com

URL

https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1

Domain

ssbsync-global.smartadserver.com

URL

https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]

Domain

id.rlcdn.com

URL

https://id.rlcdn.com/711916.gif?ct=4&cv=

Domain

image8.pubmatic.com

URL

https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID

Domain

cm.g.doubleclick.net

URL

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm

Domain

ups.analytics.yahoo.com

URL

https://ups.analytics.yahoo.com/ups/58488/occ

Domain

match.adsrvr.org

URL

https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=

Domain

x.bidswitch.net

URL

https://x.bidswitch.net/sync?ssp=onetag

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.onetag-sys.com/	1970-01-20 19:03:59	Name: OTP Value: kFm6mRjWqKnK8AxRYx_Xegxu8eH6g_xkaLRtwKwhh00

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.adxcore.com
ads.themoneytizer.com
c.amazon-adsystem.com
c.tmyzer.com
ced.sascdn.com
cm.g.doubleclick.net
csync-eu.smartadserver.com
d2zur9cc2gf1tx.cloudfront.net
dmp.adform.net
gum.criteo.com
ib.adnxs.com
id.rlcdn.com
image8.pubmatic.com
js-sec.indexww.com
l.adxcore.com
match.adsrvr.org
onetag-sys.com
p.cpx.to
pagead2.googlesyndication.com
pixel-eu.rubiconproject.com
pixel.advertising.com
pixel.rubiconproject.com
quantcast.mgr.consensu.org
secure.quantserve.com
spl.zeotap.com
ssbsync-global.smartadserver.com
sync.mathtag.com
tag.leadplace.fr
ups.analytics.yahoo.com
urlz.fr
www.gifimili.com
www.google-analytics.com
www.googletagmanager.com
x.bidswitch.net
c.amazon-adsystem.com
c.tmyzer.com
ced.sascdn.com
cm.g.doubleclick.net
csync-eu.smartadserver.com
dmp.adform.net
ib.adnxs.com
id.rlcdn.com
image8.pubmatic.com
js-sec.indexww.com
l.adxcore.com
match.adsrvr.org
onetag-sys.com
p.cpx.to
pixel-eu.rubiconproject.com
pixel.advertising.com
pixel.rubiconproject.com
quantcast.mgr.consensu.org
spl.zeotap.com
ssbsync-global.smartadserver.com
sync.mathtag.com
tag.leadplace.fr
ups.analytics.yahoo.com
www.google-analytics.com
x.bidswitch.net
104.21.234.214
104.22.48.227
142.250.186.40
142.250.186.98
143.204.101.219
143.204.98.6
151.139.128.11
172.67.13.182
178.250.2.146
51.89.9.254
62.210.16.62
91.228.74.136
18de7354b90bc73dd875b26c782ba1c3ba5783288c11aef97e319393c4f284d6
4006e0481f9cfffd3a579c3dcbdad1b6953e844c1e3c76a8d9f86844c98d87a3
63d1682a08928ed17a617168fa444a40073b9daec2c5a4c6c1f16ff6a719098b
7503d1d3bb309926f020e3334e69c5adb6f80f8a0d3a2550be29e7a0bc655b11
7d2b3e8a1d6b172ea7936a53c5a937dcb7bc22b5bd5be45c048c4af9fca56d66
b0a818a2d619dc15ba42725591c752c02427bef08d1f6dc5848a5dd91bbddc38
b1fb82ba1ef116a746ba92be0cf1252bda73336d630bd22e27f6ee9a11a51d00
ca67224c7a9f6ae9a49d2483b11fdb1d05aeefd9fabaffc3cf0ccbd3f20bc0a0
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
fc12f0355d2736b035df17c886c5ece9c8c5cc2a94ebfc22a884c001af450ff1