Report - urlz.fr/guQu

Report Overview

Submitted URL
urlz.fr/guQu
IP
104.21.234.214
ASN
#13335 CLOUDFLARENET
Submitted
2022-09-05 20:18:30
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	328 B	964 B	104.18.32.68
quantcast.mgr.consensu.org	2151	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	394 B	646 B	143.204.55.76
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.110
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
v.calameo.com	233207	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.6 kB	151 kB	205.185.216.42
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	658 B	1.3 kB	93.184.220.29
ads.themoneytizer.com	28463	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.3 kB	124 kB	185.76.9.14
c.tmyzer.com	26868	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	370 B	264 B	54.38.64.100
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.115
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.3 kB	6.2 kB	23.36.76.226
ad.adxcore.com	302536	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	769 B	22 kB	172.67.42.35
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	44.242.41.15
d.calameo.com	267427	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	416 B	2.3 kB	85.233.202.179
spl.zeotap.com	1638	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	403 B	798 B	172.67.13.182
urlz.fr	403707	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	760 B	1.4 kB	104.21.234.215
confiant-integrations.global.ssl.fastly.net	1577	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	411 B	19 kB	151.101.85.194
s.calameoassets.com	384216	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	853 B	1.7 kB	205.185.216.42
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	54 kB	34.120.237.76
fr.calameo.com	558086	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	980 B	4.4 kB	85.233.202.179
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	662 B	1.4 kB	142.250.74.3
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	365 B	43 kB	142.250.74.72
adaccess.fr	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	354 B	721 B	104.21.76.67

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-05	medium	urlz.fr/guQu	Malware
2022-09-05	medium	urlz.fr/guQu	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (23)

	URL	Size	First Seen	Last Seen
	urlz.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js	12 kB	2023-03-07	2024-05-01
Pretty URL urlz.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-05-01 23:55:37 Times Seen43417 Hash 88a769d2fe35899fd45a332a0a032cc0 514c6c1d8475d17e412849a4c90159517d0fa10a ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142 Loading...

	ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=6	123 kB	2023-03-07	2023-03-17
Pretty URL ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=6 IP 185.76.9.14 ASN #60068 Datacamp Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:59:23 Last Seen2023-03-17 10:36:25 Times Seen1 Hash f12ace29a355d965bed6a341baf339e6 877b13d898392fa015d62046a1f69d0b7350cf89 b6db9a87793726ddc4b5eeced6a6e617a0b3ff690ebca7e3edf6be66d8db6770 Loading...

	ad.adxcore.com/static/js/components/advstlib/advstlib.min.js?c001847fa2	625 kB	2023-03-07	2023-03-17
Pretty URL ad.adxcore.com/static/js/components/advstlib/advstlib.min.js?c001847fa2 IP 172.67.42.35 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:59:23 Last Seen2023-03-17 10:36:25 Times Seen1 Hash 1df7861240420e8462ede6238bd34cbf 5acf0b28abf7e3c6d41c1add6bb6690b9c6644e5 2c41e595ac962985d5269025e9eb6ad77301e11082891f56b28647b3f89280c0 Loading...

	ads.themoneytizer.com/lib_fs_close.js	663 B	2023-03-07	2023-03-17
Pretty URL ads.themoneytizer.com/lib_fs_close.js IP 185.76.9.14 ASN #60068 Datacamp Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:40 Last Seen2023-03-17 10:36:25 Times Seen1 Hash fa1c776343593addba6400fc327cf2b8 94e79768ce18214925ee560f14db407c145b0815 5906e88fb1c8b087fca2c1b1f751e831c19165952ea0e2b2ee066505ff1f41f3 Loading...

	v.calameo.com/8337-000136/pinwheel/viewer/locales/viewer/fr-FR.js	6.1 kB	2023-03-07	2023-03-07
Pretty URL v.calameo.com/8337-000136/pinwheel/viewer/locales/viewer/fr-FR.js IP 205.185.216.42 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:59:23 Last Seen2023-03-07 12:59:23 Times Seen1 Hash 492c8d932c9bd73789e2f90d98c6f900 9c9a597d01eee207b1f27a112bab667735b68734 93d85926cc3b10c2a5cc4ebb88f2387fecd3c14a84939a0d0a61ea4cf7fdcd4d Loading...

	urlz.fr/guQu	5.9 kB	2023-03-07	2023-03-17
Pretty URL urlz.fr/guQu IP 104.21.234.215 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24:51 Last Seen2023-03-17 10:36:25 Times Seen1 Hash c83fbe5441f37183f19a875adbcb62e0 5b0a7291ee0c821e66a2d6b0931759c34ca0f516 a4f777e4e36bbe32e96bba2d57415b5c13260b88b4268a6075d1d8c65ee76c0a Loading...

	ad.adxcore.com/a/init/?site=23152	3.8 kB	2023-03-07	2023-03-07
Pretty URL ad.adxcore.com/a/init/?site=23152 IP 172.67.42.35 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:59:23 Last Seen2023-03-07 12:59:23 Times Seen1 Hash 74ac7305835500a785ca2c7e7c516b34 e9b825be49fa9771d9f29e4590fa3c739678c1f4 db7bb98f2caf4113939c8d8b602f272f8718400032b1e61691a571ca6e9104ca Loading...

	spl.zeotap.com/mapper.js?env=mWeb&eventType=pageview&zdid=1258	62 kB	2023-03-07	2023-03-26
Pretty URL spl.zeotap.com/mapper.js?env=mWeb&eventType=pageview&zdid=1258 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:29 Last Seen2023-03-26 09:14:01 Times Seen2 Hash 2274941132e3cabeb06ba10635e091e1 eae64e2336d41f210e684d766bbc90752b67f25a 52d507688e76dfbe48fce79beb89be7f30101e95e9e06c121c461e30517ab36f Loading...

	fr.calameo.com/read/004771106a6dafc49c057?authid=0OVrErHtp4Zy	374 B	2023-03-07	2023-03-07
Pretty URL fr.calameo.com/read/004771106a6dafc49c057?authid=0OVrErHtp4Zy IP 85.233.202.179 ASN #15830 Telecitygroup International Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:59:23 Last Seen2023-03-07 12:59:23 Times Seen1 Hash d138b0888b91b5484e3c0e01a75fd2cc f54cd34525cb3514e10394b56edbb5d5ce13d7a8 c4252885905fcc37fc952e9c3afa5ce156840fc23d97aa06357545015ea32fe9 Loading...

	v.calameo.com/8337-000136/pinwheel/viewer/scripts/loader.js	297 kB	2023-03-07	2023-03-13
Pretty URL v.calameo.com/8337-000136/pinwheel/viewer/scripts/loader.js IP 205.185.216.42 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:59:23 Last Seen2023-03-13 04:06:13 Times Seen1 Hash c5b13949417a5784eefcce5efc73f85a 05041a345da62c52ca3b7328d339795bc72c8859 7f8d17bd4521f24bcd2d476b647ab9c8c2cbe9e0a1a3d5b21409922bd6e0fd34 Loading...

	ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28	123 kB	2023-03-07	2023-03-17
Pretty URL ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28 IP 185.76.9.14 ASN #60068 Datacamp Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:59:23 Last Seen2023-03-17 10:36:25 Times Seen1 Hash 13e3c3938acf346d8d7e0d8f46737f77 c544b8eafb08a17ba55bee1381003610e0b4edd5 d4a366464a71e2752983c41925d938153923b7189fadacb252527c35eb4ae6d7 Loading...

	quantcast.mgr.consensu.org/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js	3.1 kB	2023-03-07	2023-08-07
Pretty URL quantcast.mgr.consensu.org/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js IP 143.204.55.76 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:28 Last Seen2023-08-07 10:36:38 Times Seen473 Hash c53bd785b1ee57b613221019d7d72626 2988b481a8bdaabbe162c5202c152bb10a402804 ad07c6b24e5575bc7fea432515d21d7ada9aeee0bdd5518b1d5fe24b98a091e3 Loading...

	v.calameo.com/?buildid=8337-000136&html5=true&language=fr&mode=normal&trackersource=calameo&bkcode=004771106a6dafc49c057&authid=0OVrErHtp4Zy	252 B	2023-03-07	2023-03-13
Pretty URL v.calameo.com/?buildid=8337-000136&html5=true&language=fr&mode=normal&trackersource=calameo&bkcode=004771106a6dafc49c057&authid=0OVrErHtp4Zy IP 205.185.216.42 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:59:23 Last Seen2023-03-13 04:06:12 Times Seen1 Hash 57b86e020e59f669108f8c89177b2073 142403f3369e59e76936a8c6d1ae5d6bf6729124 82ddec50cc869d3014393b0ec071a2e7d0d047a67c5ffe7b6f31d963e5f40eb2 Loading...

	ads.themoneytizer.com/s/gen.js?type=1	4.6 kB	2023-03-07	2023-05-10
Pretty URL ads.themoneytizer.com/s/gen.js?type=1 IP 185.76.9.14 ASN #60068 Datacamp Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:28 Last Seen2023-05-10 04:23:40 Times Seen203 Hash 1156186da59547c569b97db1394dab30 af24a6fd41afd44f18a1bf61d1804d1f4cdd2680 292e660b3ce419eb2e8dfc48e1765ea7a095d09160ad3ab7a7aaa4f164d91cf8 Loading...

	ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1	123 kB	2023-03-07	2023-03-17
Pretty URL ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1 IP 185.76.9.14 ASN #60068 Datacamp Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:59:23 Last Seen2023-03-17 10:36:25 Times Seen1 Hash da6a31c43f5aff8db7aa079f1e2fc6cd 3f1247e8b05fe73d5a9776782d8598665aba4baf 55e1c25703b1f93fdb1c6c984ffc24599e19674f127339f52a07fd7d454418d1 Loading...

	urlz.fr/guQu	929 B	2023-03-07	2023-03-07
Pretty URL urlz.fr/guQu IP 104.21.234.215 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:59:23 Last Seen2023-03-07 12:59:23 Times Seen1 Hash 884e6e159b2df45832cf828ce42e2691 160c12295d7233a44c283ef5be0c3ac856c04c51 31c3cf82453b8c3b076472ef46b1649dba47d1cbb0e342dd96205e53bd2a03aa Loading...

	urlz.fr/guQu	195 B	2023-03-07	2024-04-19
Pretty URL urlz.fr/guQu IP 104.21.234.215 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24:51 Last Seen2024-04-19 01:39:50 Times Seen74 Hash d7970d83ece69bf991e507377d441309 6423f1c7ffe41a13593f717e61eea667147b13a2 389cad1ba5355bbe59ed1cf31e34af0f521b5c039f0439d6c2f8ca3e3ff5f9db Loading...

	www.googletagmanager.com/gtag/js?id=UA-162669458-1	108 kB	2023-03-07	2023-03-07
Pretty URL www.googletagmanager.com/gtag/js?id=UA-162669458-1 IP 142.250.74.72 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:59:23 Last Seen2023-03-07 12:59:23 Times Seen1 Hash 446152398969b641ad6a29d248d22037 aff0f4b69004e7a548910fa039ff3f24f02547c0 fde58009d2a135079cf22a5aca1d91b9ea123ae51b5de880b947f46d1d565f31 Loading...

	ads.themoneytizer.com/moneybile.js	39 kB	2023-03-07	2023-11-06
Pretty URL ads.themoneytizer.com/moneybile.js IP 185.76.9.14 ASN #60068 Datacamp Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:28 Last Seen2023-11-06 07:20:59 Times Seen1830 Hash efe528f52c3d05d68794f3f0f8146a8e 577c01fdfae7dcc7e7d23009d74422f61b414783 4006e0481f9cfffd3a579c3dcbdad1b6953e844c1e3c76a8d9f86844c98d87a3 Loading...

	ads.themoneytizer.com/moneybid7_10/build/dist/prebid.js	651 kB	2023-03-07	2023-03-17
Pretty URL ads.themoneytizer.com/moneybid7_10/build/dist/prebid.js IP 185.76.9.14 ASN #60068 Datacamp Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:23:37 Last Seen2023-03-17 10:36:25 Times Seen1 Hash c3100259d7df888c88514533466ee462 52a37b18910068a3cd06526c0364f5906962debe c1939089d7c43970602d16fec45a1a881a1836cd452db4a99f42db3877caedd9 Loading...

	tag.leadplace.fr/libJsLP.js	5.5 kB	2023-03-07	2023-12-06
Pretty URL tag.leadplace.fr/libJsLP.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:29 Last Seen2023-12-06 11:11:01 Times Seen14646 Hash a0c24f993bc0901cfe62d1e801cb2b45 7eb2bdce06161ae486bc8e7ecd0b5c9c4f7b2984 80fccb00db57a177d26368cda09f8a540cf1aa641b8b6837047e86d3bd8d6333 Loading...

	v.calameo.com/?buildid=8337-000136&html5=true&language=fr&mode=normal&trackersource=calameo&bkcode=004771106a6dafc49c057&authid=0OVrErHtp4Zy	124 B	2023-03-07	2023-03-07
Pretty URL v.calameo.com/?buildid=8337-000136&html5=true&language=fr&mode=normal&trackersource=calameo&bkcode=004771106a6dafc49c057&authid=0OVrErHtp4Zy IP 205.185.216.42 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:59:23 Last Seen2023-03-07 13:21:12 Times Seen1 Hash 79dcfdf17a3937ee1fd75888b1e798a2 b4ad7c20a7125186db94944a92f81e41e816919c bd3b79c4752d4379d68fdba6d4cad8374f29364f74ef59863a26d2727c0ea70b Loading...

	d.calameo.com/3.0.0/book.php?callback=_jsonBook&bkcode=004771106a6dafc49c057&authid=0OVrErHtp4Zy	6.8 kB	2023-03-07	2023-03-07
Pretty URL d.calameo.com/3.0.0/book.php?callback=_jsonBook&bkcode=004771106a6dafc49c057&authid=0OVrErHtp4Zy IP 85.233.202.179 ASN #15830 Telecitygroup International Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:59:23 Last Seen2023-03-07 12:59:23 Times Seen1 Hash 72d543098fe8498ecd4cfc627eb3539c 3550653963dc35a6b157624b9029c805fb006ee2 1f8a1323722b33ab2e8f9d31449cee5b9c808661f4903bc9aef1cfe509363899 Loading...

HTTP Transactions (52)

URL IP Response Size

urlz.fr/guQu

104.21.234.215

301 Moved Permanently

0 B

URL HTTP/1.1
urlz.fr/guQu
IP
104.21.234.215:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /guQu HTTP/1.1
Host: urlz.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Mon, 05 Sep 2022 20:18:19 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://urlz.fr/guQu
Expires: Mon, 05 Sep 2022 20:19:19 GMT
Cache-Control: max-age=60
X-FastCGI-Cache: MISS
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=scxXQZnKcZb551fmEyENHDwUYvD0uhOZ4e2vveAzK6IXGtpC8U4zE8VHomru2IsHZkPhb1AuSxUcog0j2xc6rGG%2FSoR22hMOE%2Fo4ilQReuJbXAEy0KGbOM2L"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7461a749ed128e2a-LHR
alt-svc: h2=":443"; ma=60

firefox.settings.services.mozilla.com/v1/

143.204.55.115

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 05 Sep 2022 19:44:57 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 3wcBW-ApYh_Whn4BdIvn7Md9jix6kpXg0uxlOwSUVZS_Qo8MwE9v8g==
Age: 2002

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d931e0142ef5ffe9cdb4c4c6bfcb9bc9
d9c4caf525e8926b042a14f38d374cc4033ed768
f610984fb0a75b3a31424faa860cbc8172c7f21804df1dc14fbb685b7c456f29

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F610984FB0A75B3A31424FAA860CBC8172C7F21804DF1DC14FBB685B7C456F29"
Last-Modified: Sat, 03 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3646
Expires: Mon, 05 Sep 2022 21:19:06 GMT
Date: Mon, 05 Sep 2022 20:18:20 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain

143.204.55.110

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
143.204.55.110:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 05 Sep 2022 01:15:19 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: SpqMkKOreC3s4igZdsX2dOGtW-cSngjggqyZh6Jh8sBBWUh6XD7epA==
age: 68583
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 20:18:20 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

fr.calameo.com/read/004771106a6dafc49c057?authid=0OVrErHtp4Zy

85.233.202.179

200 OK

1.8 kB

URL HTTP/1.1
fr.calameo.com/read/004771106a6dafc49c057?authid=0OVrErHtp4Zy
IP
85.233.202.179:0
ASN
#15830 Telecitygroup International Limited

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (470)
Size
1.8 kB (1845 bytes)
Hash
81524da16480a990a46b451035601a97
2df8564cafdf8fc1af49d97319d0472dfe6dbbea
eb71a93760a2fdb2b5eb04d0ebb9744debb98b0c1e60c1bc91446d51e5ba7f3d

HTTP Headers

GET /read/004771106a6dafc49c057?authid=0OVrErHtp4Zy HTTP/1.1
Host: fr.calameo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://urlz.fr/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Sep 2022 20:18:20 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 1845
Connection: keep-alive
X-Content-Type-Options: nosniff
Last-Modified: Mon, 05 Sep 2022 13:31:47 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Age: 24412
X-Server: CALAMVN01
Cache-Control: max-age=36000
Accept-Ranges: bytes

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
194d72d26ddeaa8a8a266839eb707300
86427a0db92a3b4bd2690ad361109559c7212992
ab77f42ccfa0c649217777139f0d14a6742039596ee37a045c5fe96e7ca32338

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 20:18:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtag/js?id=UA-162669458-1

142.250.74.72

200 OK

42 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=UA-162669458-1
IP
142.250.74.72:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1615)
Size
42 kB (41910 bytes)
Hash
08e282dd45046f09d61ff13532c3357d
80a05e987fb825779422447047e6f1e7d0318121
2f5d2945697bba8c961308f8cf695dec53f55b7eb6fd3f0d9dfd6d3e656e78c9

HTTP Headers

GET /gtag/js?id=UA-162669458-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://urlz.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 05 Sep 2022 20:18:20 GMT
expires: Mon, 05 Sep 2022 20:18:20 GMT
cache-control: private, max-age=900
last-modified: Mon, 05 Sep 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 41910
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
bcbb9bf29f1e0acaa7ac6d6566381370
dec1bea642dffbc11ebd6d65c94f87d6db95703a
b2bf22379151923244cbb9bd62499ded7b6f313a7db77914383bc1e704dd65de

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 20:18:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

v.calameo.com/8337-000136/pinwheel/viewer/scripts/loader.js

205.185.216.42

200 OK

97 kB

URL HTTP/1.1
v.calameo.com/8337-000136/pinwheel/viewer/scripts/loader.js
IP
205.185.216.42:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with very long lines (32002)
Size
97 kB (96681 bytes)
Hash
f7436e30acb31d387a63a90b4f0dec91
8bc17fe1aafda848e7beb74467822860f25fb5bc
2a0674c9d30ee816e466a562b6158bd71ad5ab89e7b165c5bc71d1fc0121fbea

HTTP Headers

GET /8337-000136/pinwheel/viewer/scripts/loader.js HTTP/1.1
Host: v.calameo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fr.calameo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 20:18:20 GMT
Connection: Keep-Alive
ETag: "1652084897"
Cache-Control: max-age=86400
Content-Encoding: gzip
Content-Length: 96681
Content-Type: application/javascript; charset=utf-8
Last-Modified: Mon, 09 May 2022 08:28:17 GMT
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-HW: 1662409100.dop014.sk1.t,1662409100.cds228.sk1.shn,1662409100.dop014.sk1.t,1662409100.cds240.sk1.c

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.115

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Mon, 05 Sep 2022 19:38:16 GMT
Expires: Mon, 05 Sep 2022 20:29:58 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ui419phnuBgs6_Okv27QhUcdPznh6vnlMRy5txHFJKooSGjDN6_ldg==
Age: 2404

ocsp.digicert.com/

93.184.220.29

200 OK

312 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
312 B (312 bytes)
Hash
4720ec41641224f963f9924b8d2568d3
5b4265b694bd18480e85c6d109ce41c7a7e93225
b3d62c6bf495f5cb88e684440651edc3ac164ebf71c8410bd8b6117584e2ea9b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3452
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 20:18:20 GMT
Last-Modified: Mon, 05 Sep 2022 19:20:48 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 312

ad.adxcore.com/a/init/?site=23152

172.67.42.35

302 Found

21 kB

URL HTTP/2
ad.adxcore.com/a/init/?site=23152
IP
172.67.42.35:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
21 kB (21414 bytes)
Hash
17151a2e0408935e42a3127e6874561d
00f8c0215e368df7ba4df69728862d8a529444f6
b6b5003724cdc6fd64c4c800a6fcef6fb4ad3efcf27d26cf7acfc16768bf9a2e

HTTP Headers

GET /a/init/?site=23152 HTTP/1.1
Host: ad.adxcore.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://urlz.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
date: Mon, 05 Sep 2022 20:18:20 GMT
content-type: text/html; charset=UTF-8
location: https://adaccess.fr/a/init/index.php?site=23152
cf-cache-status: BYPASS
set-cookie: DYNAMIC=D11; path=/; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7461a74dde00b4f7-OSL
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
350d3cc577167b51a5c6f976a8fcedcf
7c8110ab9e9d11e270bcc462e08bd0c8af8010d0
f8971481912dec4db21107f64283ab57301b1d49204ce029c7c7784fd48a76fc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F8971481912DEC4DB21107F64283AB57301B1D49204CE029C7C7784FD48A76FC"
Last-Modified: Mon, 05 Sep 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5079
Expires: Mon, 05 Sep 2022 21:42:59 GMT
Date: Mon, 05 Sep 2022 20:18:20 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
b57a9dd04797bf34612c80361f1dffb3
56573166d8b9cd9b8dae19fd905e4f3293af306b
b03552109f1e7d1e482aa14614ffb1e38fb53ae4951152aab307b927674dad98

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5539
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 20:18:20 GMT
Last-Modified: Mon, 05 Sep 2022 18:46:01 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471

ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1

185.76.9.14

200 OK

22 kB

URL HTTP/2
ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1
IP
185.76.9.14:0
ASN
#60068 Datacamp Limited

File type
ASCII text, with very long lines (27421)
Size
22 kB (22034 bytes)
Hash
cb4fecd360e1a7b63890b07369060a4c
550ea2db44860956e5fbc059f137a780f7e3ebe3
e6785446a7be5fbb8378ec7b10765bf7e4eb7285a113f49ecf7a903c6b71538f

HTTP Headers

GET /s/requestform.js?siteId=15056&formatId=1 HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://urlz.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 05 Sep 2022 20:18:20 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=86400
x-accel-expires: @1662438653
server: CDN77-Turbo
x-77-nzt: AblMCQ2PvVv/D94AAA
x-77-nzt-ray: GqgFye5HWlc
x-cache: HIT
x-age: 56847
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2

ads.themoneytizer.com/s/gen.js?type=1

185.76.9.14

200 OK

2.2 kB

URL HTTP/2
ads.themoneytizer.com/s/gen.js?type=1
IP
185.76.9.14:0
ASN
#60068 Datacamp Limited

File type
ASCII text, with very long lines (2659)
Size
2.2 kB (2187 bytes)
Hash
d8e667fa80e37622723e3f6a6e16fad9
e253b8868c533497d82fc0aed959f388df7dd636
6055fb44bc2fd72dfd4781d09450088683eec20f9249d9878dfd86cead714e1c

HTTP Headers

GET /s/gen.js?type=1 HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://urlz.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 05 Sep 2022 20:18:20 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=86400
x-accel-expires: @1662437000
server: CDN77-Turbo
x-77-nzt: AblMCQ3iRK7/hOQAAA
x-77-nzt-ray: 0cTa7i5W1EE
x-cache: HIT
x-age: 58500
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2

c.tmyzer.com/c/?s=15056&f=28&fi=99

54.38.64.100

200 OK

0 B

URL HTTP/1.1
c.tmyzer.com/c/?s=15056&f=28&fi=99
IP
54.38.64.100:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /c/?s=15056&f=28&fi=99 HTTP/1.1
Host: c.tmyzer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://urlz.fr
Connection: keep-alive
Referer: https://urlz.fr/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Sep 2022 20:16:47 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Access-Control-Allow-Origin: *
X-IPLB-Request-ID: 5B5A2A9A:8790_36264064:01BB_6316598C_13A0C402:EE4B
X-IPLB-Instance: 41595

fr.calameo.com/read/004771106a6dafc49c057?authid=0OVrErHtp4Zy

85.233.202.179

200 OK

1.8 kB

URL HTTP/1.1
fr.calameo.com/read/004771106a6dafc49c057?authid=0OVrErHtp4Zy
IP
85.233.202.179:0
ASN
#15830 Telecitygroup International Limited

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (470)
Size
1.8 kB (1845 bytes)
Hash
81524da16480a990a46b451035601a97
2df8564cafdf8fc1af49d97319d0472dfe6dbbea
eb71a93760a2fdb2b5eb04d0ebb9744debb98b0c1e60c1bc91446d51e5ba7f3d

HTTP Headers

GET /read/004771106a6dafc49c057?authid=0OVrErHtp4Zy HTTP/1.1
Host: fr.calameo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://urlz.fr/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Sep 2022 20:18:21 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 1845
Connection: keep-alive
X-Content-Type-Options: nosniff
Last-Modified: Mon, 05 Sep 2022 13:31:47 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Age: 24413
X-Server: CALAMVN01
Cache-Control: max-age=36000
Accept-Ranges: bytes

confiant-integrations.global.ssl.fastly.net/6JazTGIJh-hokZ3Hzq9-29PxCyY/gpt_and_prebid/config.js

151.101.85.194

200 OK

19 kB

URL HTTP/1.1
confiant-integrations.global.ssl.fastly.net/6JazTGIJh-hokZ3Hzq9-29PxCyY/gpt_and_prebid/config.js
IP
151.101.85.194:0
ASN
#54113 FASTLY

File type
C source, ASCII text, with very long lines (63895)
Size
19 kB (18712 bytes)
Hash
7d76bd0a3bd6f440d373b579bd74a3ee
f7d13582df04c46b0b905b030c7e51a13ba29d95
de9db902af8ae92e5ce866cae74f6ccfdf0920c266f715e62f227528c164afbb

HTTP Headers

GET /6JazTGIJh-hokZ3Hzq9-29PxCyY/gpt_and_prebid/config.js HTTP/1.1
Host: confiant-integrations.global.ssl.fastly.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://urlz.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 18712
x-amz-id-2: ELXQ7hOnRXmfe9MIzpefn6h9+e5btKvmiq27wjtqSflGxDLwMfhMhWCxyAkmAe13epVIx/svZQk=
x-amz-request-id: HHXBNHSZ1Y58CK64
Last-Modified: Mon, 05 Sep 2022 20:00:16 GMT
ETag: "7d76bd0a3bd6f440d373b579bd74a3ee"
Cache-Control: public, max-age=900, stale-while-revalidate=3600
Content-Encoding: gzip
Content-Type: text/javascript
Server: AmazonS3
Accept-Ranges: bytes
Date: Mon, 05 Sep 2022 20:18:21 GMT
Via: 1.1 varnish
Age: 433
X-Served-By: cache-bma1679-BMA
X-Cache: HIT
X-Cache-Hits: 22
X-Timer: S1662409101.064424,VS0,VE0

ocsp.sectigo.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
b235894be7f7794235336074f5dbb962
2e89f41286133bc8743a72a7c74d0955c9f1c909
4b5c9452c324b18696743eb81a38acdb3ec11a8e24a0058e9312d934d99e5633

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 20:18:21 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 02 Sep 2022 12:12:02 GMT
Expires: Fri, 09 Sep 2022 12:12:01 GMT
Etag: "2e89f41286133bc8743a72a7c74d0955c9f1c909"
Cache-Control: max-age=315819,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7461a74ffb92b4fa-OSL

v.calameo.com/?buildid=8337-000136&html5=true&language=fr&mode=normal&trackersource=calameo&bkcode=004771106a6dafc49c057&authid=0OVrErHtp4Zy

205.185.216.42

200 OK

697 B

URL HTTP/1.1
v.calameo.com/?buildid=8337-000136&html5=true&language=fr&mode=normal&trackersource=calameo&bkcode=004771106a6dafc49c057&authid=0OVrErHtp4Zy
IP
205.185.216.42:0
ASN
#20446 STACKPATH-CDN

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
697 B (697 bytes)
Hash
351247d837a1c9488906d69cd1f3b744
ebfaa0a939aca96265c36356d2ff3320e588f29f
ee4a10cda11647ef0ce6c245b7d46755b6a59248b49f2ca0b7dbd33d19cb09b3

HTTP Headers

GET /?buildid=8337-000136&html5=true&language=fr&mode=normal&trackersource=calameo&bkcode=004771106a6dafc49c057&authid=0OVrErHtp4Zy HTTP/1.1
Host: v.calameo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fr.calameo.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site

HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 20:18:21 GMT
Connection: Keep-Alive
Accept-Ranges: bytes
Cache-Control: max-age=3600
Content-Encoding: gzip
Content-Length: 697
Content-Type: text/html; charset=UTF-8
X-HW: 1662409100.dop014.sk1.t,1662409100.cds228.sk1.shn,1662409101.dop014.sk1.t,1662409101.cds245.sk1.p

push.services.mozilla.com/

44.242.41.15

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
44.242.41.15:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 0XmSbqWMQJp+deYR10UxNQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 3hCrG34RYVMsVEj+becKzBwuYQc=

ads.themoneytizer.com/lib_fs_close.js

185.76.9.14

200 OK

97 kB

URL HTTP/2
ads.themoneytizer.com/lib_fs_close.js
IP
185.76.9.14:0
ASN
#60068 Datacamp Limited

File type
ASCII text, with CRLF line terminators
Size
97 kB (97001 bytes)
Hash
cfabb2b97f885f3d044cbf8fcbb5fc22
639672d8ac898e01dcb0a3226ecb5d9f4a4ab618
ad9d88f1f29670b1f03a3a60c692a8f1fec9cd808c26bf39c177f0624ba711b6

HTTP Headers

GET /lib_fs_close.js HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://urlz.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Sep 2022 20:18:20 GMT
content-type: application/javascript
last-modified: Tue, 14 Jun 2022 12:21:22 GMT
etag: W/"62a87d42-297"
pragma: public
x-accel-expires: @1663387399
server: CDN77-Turbo
x-77-nzt: AblMCQ27uKz/heQAAA
x-77-nzt-ray: efTczqiGXMU
x-cache: HIT
x-age: 58501
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2

v.calameo.com/?buildid=8337-000136&html5=true&language=fr&mode=normal&trackersource=calameo&bkcode=004771106a6dafc49c057&authid=0OVrErHtp4Zy

205.185.216.42

200 OK

697 B

URL HTTP/1.1
v.calameo.com/?buildid=8337-000136&html5=true&language=fr&mode=normal&trackersource=calameo&bkcode=004771106a6dafc49c057&authid=0OVrErHtp4Zy
IP
205.185.216.42:0
ASN
#20446 STACKPATH-CDN

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
697 B (697 bytes)
Hash
351247d837a1c9488906d69cd1f3b744
ebfaa0a939aca96265c36356d2ff3320e588f29f
ee4a10cda11647ef0ce6c245b7d46755b6a59248b49f2ca0b7dbd33d19cb09b3

HTTP Headers

GET /?buildid=8337-000136&html5=true&language=fr&mode=normal&trackersource=calameo&bkcode=004771106a6dafc49c057&authid=0OVrErHtp4Zy HTTP/1.1
Host: v.calameo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fr.calameo.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site

HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 20:18:21 GMT
Connection: Keep-Alive
Cache-Control: max-age=3600
Content-Encoding: gzip
Content-Length: 697
Content-Type: text/html; charset=UTF-8
Accept-Ranges: bytes
X-HW: 1662409101.dop219.sk1.t,1662409101.cds024.sk1.shn,1662409101.dop219.sk1.t,1662409101.cds245.sk1.c

s.calameoassets.com/pinwheel/8337-b04dd1/platform/img/favicon/favicon-16x16.png

205.185.216.42

200 OK

250 B

URL HTTP/1.1
s.calameoassets.com/pinwheel/8337-b04dd1/platform/img/favicon/favicon-16x16.png
IP
205.185.216.42:0
ASN
#20446 STACKPATH-CDN

File type
PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Size
250 B (250 bytes)
Hash
16122aa57da82ffdbffb50dfb91b43d2
ee52be043aa2b70447aa6de7b725c7a1c2dbe6aa
271c5a91d33fc85d6f5295a5140a81edc841236fcf2e705ad5a9efbb47a511f6

HTTP Headers

GET /pinwheel/8337-b04dd1/platform/img/favicon/favicon-16x16.png HTTP/1.1
Host: s.calameoassets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fr.calameo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 20:18:21 GMT
Connection: Keep-Alive
ETag: "1655372877"
Cache-Control: max-age=25817301
Content-Length: 250
Content-Type: image/png
Last-Modified: Thu, 16 Jun 2022 09:47:57 GMT
Accept-Ranges: bytes
X-HW: 1662409101.dop215.sk1.t,1662409101.cds247.sk1.shn,1662409101.cds247.sk1.c

s.calameoassets.com/pinwheel/8337-b04dd1/platform/img/favicon/android-chrome-192x192.png

205.185.216.42

200 OK

800 B

URL HTTP/1.1
s.calameoassets.com/pinwheel/8337-b04dd1/platform/img/favicon/android-chrome-192x192.png
IP
205.185.216.42:0
ASN
#20446 STACKPATH-CDN

File type
PNG image data, 192 x 192, 8-bit colormap, non-interlaced\012- data
Size
800 B (800 bytes)
Hash
caac63c7d5424fc65a3eeecf0b2fd2ac
e260be9bfeb8fbc22bff27fbfad4ab43364bc5ae
f486938db8ff05f08b92509b53633501915ad225472f931e7b8569ec983b1199

HTTP Headers

GET /pinwheel/8337-b04dd1/platform/img/favicon/android-chrome-192x192.png HTTP/1.1
Host: s.calameoassets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fr.calameo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 20:18:21 GMT
Connection: Keep-Alive
ETag: "1634119817"
Cache-Control: max-age=3246783
Content-Length: 800
Content-Type: image/png
Last-Modified: Wed, 13 Oct 2021 10:10:17 GMT
Accept-Ranges: bytes
X-HW: 1662409101.dop022.sk1.t,1662409101.cds207.sk1.shn,1662409101.dop022.sk1.t,1662409101.cds071.sk1.c

v.calameo.com/8337-000136/pinwheel/viewer/css/main.css

205.185.216.42

200 OK

49 kB

URL HTTP/1.1
v.calameo.com/8337-000136/pinwheel/viewer/css/main.css
IP
205.185.216.42:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with very long lines (65536), with no line terminators
Size
49 kB (48563 bytes)
Hash
dc6da7725cb9c5de3f124953ad84a450
a9227a0fb965fb7325b92e14a136de90b08f3ae0
c8b0822389d65f61e63dd836e32603b248286c1382c32263eb44eca31572f6f3

HTTP Headers

GET /8337-000136/pinwheel/viewer/css/main.css HTTP/1.1
Host: v.calameo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://v.calameo.com/?buildid=8337-000136&html5=true&language=fr&mode=normal&trackersource=calameo&bkcode=004771106a6dafc49c057&authid=0OVrErHtp4Zy
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 20:18:21 GMT
Connection: Keep-Alive
ETag: "1653389093"
Cache-Control: max-age=86400
Content-Encoding: gzip
Content-Length: 48563
Content-Type: text/css
Last-Modified: Tue, 24 May 2022 10:44:53 GMT
Accept-Ranges: bytes
X-HW: 1662409101.dop219.sk1.t,1662409101.cds024.sk1.shn,1662409101.dop219.sk1.t,1662409101.cds222.sk1.c

d.calameo.com/3.0.0/book.php?callback=_jsonBook&bkcode=004771106a6dafc49c057&authid=0OVrErHtp4Zy

85.233.202.179

200 OK

2.0 kB

URL HTTP/1.1
d.calameo.com/3.0.0/book.php?callback=_jsonBook&bkcode=004771106a6dafc49c057&authid=0OVrErHtp4Zy
IP
85.233.202.179:0
ASN
#15830 Telecitygroup International Limited

File type
HTML document, ASCII text, with very long lines (6771), with no line terminators
Size
2.0 kB (2009 bytes)
Hash
09fa83c7188e35cda8f643fb19fbb5bc
c59190c81669dbff5e03b84457133063485746fb
6d6ba2c1c368a3562de0ac5a338bc53fc91d7d333af48f4b6ae71096688fff56

HTTP Headers

GET /3.0.0/book.php?callback=_jsonBook&bkcode=004771106a6dafc49c057&authid=0OVrErHtp4Zy HTTP/1.1
Host: d.calameo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://v.calameo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Sep 2022 20:18:21 GMT
Content-Type: application/javascript
Content-Length: 2009
Connection: keep-alive
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Age: 0
X-Server: CALAMVN02
Cache-Control: no-store, no-cache, must-revalidate
Accept-Ranges: bytes

v.calameo.com/8337-000136/pinwheel/viewer/locales/viewer/fr-FR.js

205.185.216.42

200 OK

2.3 kB

URL HTTP/1.1
v.calameo.com/8337-000136/pinwheel/viewer/locales/viewer/fr-FR.js
IP
205.185.216.42:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with very long lines (5943)
Size
2.3 kB (2272 bytes)
Hash
d6fd2dca45650dd7127819f1485ac527
3219cc6beeb0f7a25185ec056a526848eca177ee
5d96a576b2e2f4bba7dd307152607984bb2d2d9236e1b5158f908ad37183a95e

HTTP Headers

GET /8337-000136/pinwheel/viewer/locales/viewer/fr-FR.js HTTP/1.1
Host: v.calameo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://v.calameo.com/?buildid=8337-000136&html5=true&language=fr&mode=normal&trackersource=calameo&bkcode=004771106a6dafc49c057&authid=0OVrErHtp4Zy
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 20:18:21 GMT
Connection: Keep-Alive
ETag: "1653389093"
Cache-Control: max-age=86400
Content-Encoding: gzip
Content-Length: 2272
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 24 May 2022 10:44:53 GMT
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
X-HW: 1662409101.dop219.sk1.t,1662409101.cds024.sk1.shn,1662409101.dop219.sk1.t,1662409101.cds201.sk1.c

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12054
Expires: Mon, 05 Sep 2022 23:39:16 GMT
Date: Mon, 05 Sep 2022 20:18:22 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12054
Expires: Mon, 05 Sep 2022 23:39:16 GMT
Date: Mon, 05 Sep 2022 20:18:22 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12054
Expires: Mon, 05 Sep 2022 23:39:16 GMT
Date: Mon, 05 Sep 2022 20:18:22 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12054
Expires: Mon, 05 Sep 2022 23:39:16 GMT
Date: Mon, 05 Sep 2022 20:18:22 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12054
Expires: Mon, 05 Sep 2022 23:39:16 GMT
Date: Mon, 05 Sep 2022 20:18:22 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa7142280-0dbd-4c8e-a960-d357c9143af6.jpeg

34.120.237.76

200 OK

5.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa7142280-0dbd-4c8e-a960-d357c9143af6.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.7 kB (5652 bytes)
Hash
10318189f33f071dda64249ab9c8c5bb
e5b5b649a243e5c004d9923d19d4421d1ea96d23
3e775a1990e4d185024faf2fdff7a5eb9063f7ee19784f32fb4f7f10643c8102

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa7142280-0dbd-4c8e-a960-d357c9143af6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5652
x-amzn-requestid: 05fffcb2-43c0-4acf-81b2-1b914459e1e9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X5wwHErUIAMFmNw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6313c800-47fe166763992ab271a87aa4;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 21:32:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: nJTKTh88iyFXAiPJ-tCCEbqBo3A1cuTj2gCbfHkaVZ1WcgMOTyFfVg==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Sep 2022 23:06:26 GMT
age: 76316
etag: "e5b5b649a243e5c004d9923d19d4421d1ea96d23"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F326e03cd-e1aa-45a4-8a6b-bdd21f21012c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.4 kB (5377 bytes)
Hash
c4b2d6a516e93799b54fe2bbd6630f86
b5a7380f294876dd308c7fde294f36a425c1be01
7463878d8967ff31d7ce20d5a4408c23ad59123032a990c21a47df0881edcb86

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F326e03cd-e1aa-45a4-8a6b-bdd21f21012c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5377
x-amzn-requestid: 2adc68e8-1889-4233-8ac4-e2a8d44ccbdd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X_4XzF1FoAMF3AA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63163a98-5918897d7de556f75bbfab34;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 18:06:16 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: DpNb6dBygeDbRbFWIkeXYVddcgxlSVuq4y73JvG315Xp-wkwiDhZyQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 18:06:16 GMT
age: 7926
etag: "b5a7380f294876dd308c7fde294f36a425c1be01"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F022243d2-ac74-4a81-b31f-104b203bf550.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.5 kB (5459 bytes)
Hash
7fe061740ad833cfe7ff0fe078d6810d
15d0fc3fdced758b5797361bae0fd53341e0581d
5409b6775bca5afd03901975c61c27f267efe2c8a8e739f05ebc52a938c5a368

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F022243d2-ac74-4a81-b31f-104b203bf550.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5459
x-amzn-requestid: a75bf8a5-dc96-4a88-9de5-b79d1d62ff21
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XxB_bFMFoAMFkEg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631049fc-2685c90962d8af5f4a7b5908;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 05:58:20 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: YqgTII0TYwznz5DfHLFpfzTPh08akwJSWc3wIf-YpBgUrs84AYM2Yw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Sep 2022 22:15:00 GMT
age: 79402
etag: "15d0fc3fdced758b5797361bae0fd53341e0581d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69b1e092-41e6-4f1e-b330-193f7dd11afc.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.8 kB (7830 bytes)
Hash
290f6551c5ac539ea60810b135750f17
3633391a8dd87ef10fcb0d04d7b309738affc4a7
d94d133faaf232cf15b5c3f38f5b45d87d70bce0668d607b5c66a8d3f836540f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69b1e092-41e6-4f1e-b330-193f7dd11afc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7830
x-amzn-requestid: c56af3b5-2c48-4243-b220-d56a9be47990
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X9Ey3H4JoAMFiMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63151b45-23ec24d867e3e5906fffa1a6;Sampled=0
x-amzn-remapped-date: Sun, 04 Sep 2022 21:40:21 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: fpKQlxOtyRwaZk2FUf11J62jlqcAvXgOQT-ipFQm6qW-dMHyXaEnNg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Sep 2022 21:49:31 GMT
age: 80931
etag: "3633391a8dd87ef10fcb0d04d7b309738affc4a7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13d7f0db-89d6-4166-b182-85e35e518df9.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.5 kB (8469 bytes)
Hash
30bf854fd3e27e2313a3d26fc43b9990
032acf1bfb0c8e2cbce8f2ff4d2964424b044951
7641be64dd25487edf4f845d1fbb0b07daa80fa8fb58863dd09081d9d169bd13

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13d7f0db-89d6-4166-b182-85e35e518df9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8469
x-amzn-requestid: de0e8998-4a52-4651-bcd6-3068c50193b6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X9Ey2Eq4oAMFZlQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63151b45-15da44d87bf486cb1738fe18;Sampled=0
x-amzn-remapped-date: Sun, 04 Sep 2022 21:40:21 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: nqxzicnkQPrjStpPaMIZAukyjtUBQaXfuxWzIs77YGDyJmnirlMsxw==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Sep 2022 21:54:51 GMT
age: 80611
etag: "032acf1bfb0c8e2cbce8f2ff4d2964424b044951"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

15 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F514b7fbd-ae99-4219-bd03-50e907f92b7b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
15 kB (14855 bytes)
Hash
ca50f9c56ff869b0b63ca71b1a9f8170
13b16ca74113dfd52ccf23e6bb39307fc713f984
76b85dd7e018ab4b3d4b2610f90dbca61d0f05d38a3b905fee789af131ae7538

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F514b7fbd-ae99-4219-bd03-50e907f92b7b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 14855
x-amzn-requestid: 65cf850b-227a-4318-a00e-d7cd4ef81489
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X5wjuGtpoAMFvvA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6313c7b1-54bc36741984491b0509d173;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 21:31:29 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: M9Y8U9vqVs1ATiPP9jLPybTJ-xwC--5oiRUpj9-imTWfh6_rmtL5Kw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 14:38:13 GMT
age: 20409
etag: "13b16ca74113dfd52ccf23e6bb39307fc713f984"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28

185.76.9.14

200 OK

0 B

URL HTTP/2
ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
IP
185.76.9.14:0
ASN
#60068 Datacamp Limited

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /s/requestform.js?siteId=15056&formatId=28 HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://urlz.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 05 Sep 2022 20:18:20 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=86400
x-accel-expires: @1662438653
server: CDN77-Turbo
x-77-nzt: AblMCQ3Pb5D/D94AAA
x-77-nzt-ray: wdbCIExn95c
x-cache: HIT
x-age: 56847
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2

urlz.fr/guQu

104.21.234.215

200 OK

0 B

URL HTTP/2
urlz.fr/guQu
IP
104.21.234.215:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /guQu HTTP/1.1
Host: urlz.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Mon, 05 Sep 2022 20:18:20 GMT
content-type: text/html; charset=UTF-8
expires: Mon, 05 Sep 2022 20:19:20 GMT
cache-control: max-age=60
x-fastcgi-cache: MISS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ReRjZT5WFnIzmTWheJeefKGldkHzWZ2s%2Be02oLXVMrAAuzk00X0KIM%2BkrwjXx3HYWAKXC77H1uvI3hqsLFm1qWBYJNtGMAxBbXtKiKGQRU0BdxnlW4IQazx3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7461a74bd8277705-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ads.themoneytizer.com/s/gen.js?type=28

185.76.9.14

200 OK

0 B

URL HTTP/2
ads.themoneytizer.com/s/gen.js?type=28
IP
185.76.9.14:0
ASN
#60068 Datacamp Limited

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /s/gen.js?type=28 HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://urlz.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 05 Sep 2022 20:18:20 GMT
content-type: text/html; charset=UTF-8
cache-control: public, max-age=86400
x-accel-expires: @1662437000
server: CDN77-Turbo
x-77-nzt: AblMCQ2VCof/hOQAAA
x-77-nzt-ray: DsNbcY36roA
x-cache: HIT
x-age: 58500
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2

adaccess.fr/a/init/index.php?site=23152

104.21.76.67

200 OK

0 B

URL HTTP/2
adaccess.fr/a/init/index.php?site=23152
IP
104.21.76.67:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /a/init/index.php?site=23152 HTTP/1.1
Host: adaccess.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://urlz.fr/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 05 Sep 2022 20:18:20 GMT
content-type: application/json
p3p: CP="CUR ADM OUR NOR STA NID"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 847
last-modified: Mon, 05 Sep 2022 20:04:13 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E%2BhRieOAaP1ceSQx9vd0cVsp1g0gnpvXZEffprXsczBTn6hMui9i%2B73ztq2ksitekO7%2FwbgjRebCNFqZNYrqh%2Fz3h74ZRcDB1TCsjQBBZVannvjNmSi82BV51ihw1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7461a74ec9d1b50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ads.themoneytizer.com/s/gen.js?type=6

185.76.9.14

200 OK

0 B

URL HTTP/2
ads.themoneytizer.com/s/gen.js?type=6
IP
185.76.9.14:0
ASN
#60068 Datacamp Limited

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /s/gen.js?type=6 HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://urlz.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 05 Sep 2022 20:18:20 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=86400
x-accel-expires: @1662437000
server: CDN77-Turbo
x-77-nzt: AblMCQ0XhTn/hOQAAA
x-77-nzt-ray: 4o5XQt3Ovf4
x-cache: HIT
x-age: 58500
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2

ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=6

185.76.9.14

200 OK

0 B

URL HTTP/2
ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=6
IP
185.76.9.14:0
ASN
#60068 Datacamp Limited

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /s/requestform.js?siteId=15056&formatId=6 HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://urlz.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 05 Sep 2022 20:18:20 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=86400
x-accel-expires: @1662438653
server: CDN77-Turbo
x-77-nzt: AblMCQ378RD/D94AAA
x-77-nzt-ray: C/V+iAHZwdM
x-cache: HIT
x-age: 56847
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2

spl.zeotap.com/?env=mWeb&eventType=pageview&zdid=1258

172.67.13.182

200 OK

0 B

URL HTTP/2
spl.zeotap.com/?env=mWeb&eventType=pageview&zdid=1258
IP
172.67.13.182:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /?env=mWeb&eventType=pageview&zdid=1258 HTTP/1.1
Host: spl.zeotap.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://urlz.fr
Connection: keep-alive
Referer: https://urlz.fr/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Sep 2022 20:18:20 GMT
content-type: text/html
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://urlz.fr
set-cookie: zc=d02a6bb6-415d-4c74-6654-c9100132b748; Path=/; Domain=.zeotap.com; Max-Age=31536000; SameSite=None; Secure
zsc=%23%02%11%C2%22%5B%19a%9D%EB%EF%D5m%8B%CD%E0%04%DD%132%AD%9Bu%7D%C2l%D6%07%7FL%86%8D%2C2%88%EB%C0%00%CA%11%9F%8F%7F0%11%EC%5D%07%AD%60%99%19%FD.%DEMl%FC%CF%12%DC%0B%B9%C8F%A2T%5C%D2%28%0EGC%C2%90%FE%9B%FC%CA%86%0B%22%92MSI%CE%3C%C8%CB%08%262%A9%B6w%17%2C%A9%BA; Path=/; Domain=.zeotap.com; Max-Age=86400; SameSite=None; Secure
vary: Origin
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7461a7502d580b45-OSL
content-encoding: br
X-Firefox-Spdy: h2

ads.themoneytizer.com/moneybid7_10/build/dist/prebid.js

185.76.9.14

200 OK

0 B

URL HTTP/2
ads.themoneytizer.com/moneybid7_10/build/dist/prebid.js
IP
185.76.9.14:0
ASN
#60068 Datacamp Limited

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /moneybid7_10/build/dist/prebid.js HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://urlz.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Sep 2022 20:18:20 GMT
content-type: application/javascript
last-modified: Mon, 29 Aug 2022 15:28:00 GMT
etag: W/"630cdb00-9eed6"
pragma: public
x-accel-expires: @1663387399
server: CDN77-Turbo
x-77-nzt: AblMCQ1xvST/heQAAA
x-77-nzt-ray: QgyY6ypXPbY
x-cache: HIT
x-age: 58501
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2

quantcast.mgr.consensu.org/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js

143.204.55.76

200 OK

0 B

URL HTTP/2
quantcast.mgr.consensu.org/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js
IP
143.204.55.76:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js HTTP/1.1
Host: quantcast.mgr.consensu.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://urlz.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 28 Jun 2022 13:53:56 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
cross-origin-resource-policy: cross-origin
content-encoding: br
date: Mon, 05 Sep 2022 20:17:36 GMT
cache-control: max-age=900
etag: W/"c53bd785b1ee57b613221019d7d72626"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: wUxFJZr-uG3b0tTffHtqsk9h37OHE62i-CK0NaKs8FVoJ7t3hJ7gyw==
age: 45
X-Firefox-Spdy: h2

ads.themoneytizer.com/moneybile.js

185.76.9.14

200 OK

0 B

URL HTTP/2
ads.themoneytizer.com/moneybile.js
IP
185.76.9.14:0
ASN
#60068 Datacamp Limited

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /moneybile.js HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://urlz.fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Sep 2022 20:18:20 GMT
content-type: application/javascript
last-modified: Fri, 12 Mar 2021 17:07:19 GMT
expires: Tue, 06 Sep 2022 04:03:19 GMT
cache-control: max-age=86400, public, no-transform
pragma: public
x-accel-expires: @1662436999
server: CDN77-Turbo
x-77-nzt: AblMCQ3A+Tz/heQAAA
x-77-nzt-ray: TK+UkChEt2A
x-cache: HIT
x-age: 58501
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2

ad.adxcore.com/static/js/components/advstlib/advstlib.min.js?c001847fa2

172.67.42.35

200 OK

0 B

URL HTTP/2
ad.adxcore.com/static/js/components/advstlib/advstlib.min.js?c001847fa2
IP
172.67.42.35:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /static/js/components/advstlib/advstlib.min.js?c001847fa2 HTTP/1.1
Host: ad.adxcore.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://urlz.fr/
Cookie: DYNAMIC=D11
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Sep 2022 20:18:20 GMT
content-type: application/javascript
last-modified: Wed, 13 Jul 2022 13:01:13 GMT
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=2592000
expires: Wed, 05 Oct 2022 20:00:44 GMT
cf-cache-status: HIT
age: 1056
server: cloudflare
cf-ray: 7461a74f7841b4f7-OSL
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (23)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations