www.tessellarte.mx Open in urlscan Pro
192.185.171.202 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.tessellarte.mx/
Submission: On March 07 via api (March 7th 2022, 8:05:55 am UTC) from JP — Scanned from JP

Summary HTTP 36 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 19 IPs in 4 countries across 20 domains to perform 36 HTTP transactions. The main IP is 192.185.171.202, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is www.tessellarte.mx.

This is the only time www.tessellarte.mx was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Telus (Telecommunication)

Domain & IP information

	IP Address	AS Autonomous System
6	192.185.171.202 192.185.171.202	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
2	207.167.198.19 207.167.198.19	852 (TELUS Com...) (TELUS Communications)
3	2600:140b:400... 2600:140b:400:29a::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2620:108:700f... 2620:108:700f::36d6:ef0a	16509 (AMAZON-02) (AMAZON-02)
1 8	52.199.178.1 52.199.178.1	16509 (AMAZON-02) (AMAZON-02)
1	173.222.248.93 173.222.248.93	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3 3	52.76.153.185 52.76.153.185	16509 (AMAZON-02) (AMAZON-02)
1	3.113.78.189 3.113.78.189	16509 (AMAZON-02) (AMAZON-02)
2	52.69.231.227 52.69.231.227	16509 (AMAZON-02) (AMAZON-02)
3 4	172.217.175.66 172.217.175.66	15169 (GOOGLE) (GOOGLE)
1	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
1 1	198.8.71.128 198.8.71.128	54312 (ROCKETFUEL) (ROCKETFUEL)
2 2	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1 1	106.10.236.147 106.10.236.147	56173 (YAHOO-SG3...) (YAHOO-SG3 internet content provider)
1	52.74.118.249 52.74.118.249	16509 (AMAZON-02) (AMAZON-02)
8 8	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
1	69.173.158.64 69.173.158.64	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	23.44.53.47 23.44.53.47	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	103.43.90.55 103.43.90.55	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1	103.231.99.80 103.231.99.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	103.71.26.126 103.71.26.126	132134 (SPOTX-AS-...) (SPOTX-AS-AP SpotXchange)
1	2a03:2880:f10... 2a03:2880:f10f:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
36	19

6 192.185.171.202 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 192-185-171-202.unifiedlayer.com

www.tessellarte.mx	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 207.167.198.19 (Hamilton, Canada)

ASN852 (TELUS Communications, CA)
PTR: webmail2.telus.net

webmail.telus.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:140b:400:29a::1e80 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:108:700f::36d6:ef0a (Boardman, United States)

ASN16509 (AMAZON-02, US)

static.telus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.199.178.1 (Tokyo, Japan) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-199-178-1.ap-northeast-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.222.248.93 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a173-222-248-93.deploy.static.akamaitechnologies.com

fast.telus.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.76.153.185 (Singapore, Singapore) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-76-153-185.ap-southeast-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.113.78.189 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-113-78-189.ap-northeast-1.compute.amazonaws.com

a.telus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.69.231.227 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-69-231-227.ap-northeast-1.compute.amazonaws.com

telus.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.175.66 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: nrt20s20-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.8.71.128 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.40.198 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 106.10.236.147 (Singapore, Singapore) 1 redirects

ASN56173 (YAHOO-SG3 internet content provider, SG)
PTR: spcms.pbp.vip.sg3.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.74.118.249 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-118-249.ap-southeast-1.compute.amazonaws.com

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.66.49 (United States) 8 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.158.64 (Singapore, Singapore)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.44.53.47 (Tokyo, Japan) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-44-53-47.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.43.90.55 (Singapore, Singapore) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 600.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.231.99.80 (Japan)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.71.26.126 (Singapore, Singapore) 1 redirects

ASN132134 (SPOTX-AS-AP SpotXchange, Inc, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f10f:83:face:b00c:0:25de (Tokyo, Japan)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	everesttech.net 11 redirects cm.everesttech.net — Cisco Umbrella Rank: 878 sync-tm.everesttech.net — Cisco Umbrella Rank: 490	2 KB
11	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 184 fast.telus.demdex.net telus.demdex.net — Cisco Umbrella Rank: 321761	17 KB
6	tessellarte.mx www.tessellarte.mx	6 KB
4	doubleclick.net 3 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 176	1 KB
3	telus.com static.telus.com — Cisco Umbrella Rank: 800285 b.telus.com Failed a.telus.com	5 KB
3	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 515	61 KB
2	spotxchange.com 1 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 480	1 KB
2	openx.net 1 redirects us-u.openx.net — Cisco Umbrella Rank: 323	500 B
2	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 205	2 KB
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 496	2 KB
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 293	933 B
2	telus.net webmail.telus.net
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 96	2 KB
1	pubmatic.com image2.pubmatic.com — Cisco Umbrella Rank: 774	546 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 289	753 B
1	adgrx.com cm.adgrx.com — Cisco Umbrella Rank: 1282	353 B
1	yahoo.com 1 redirects cms.analytics.yahoo.com — Cisco Umbrella Rank: 777	832 B
1	rfihub.com 1 redirects p.rfihub.com — Cisco Umbrella Rank: 631	753 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 464	356 B
0	gwallet.com Failed rp.gwallet.com Failed
36	20

	Domain	Requested by
8	sync-tm.everesttech.net	8 redirects
8	dpm.demdex.net	1 redirects assets.adobedtm.com www.tessellarte.mx
6	www.tessellarte.mx	www.tessellarte.mx
4	cm.g.doubleclick.net	3 redirects
3	cm.everesttech.net	3 redirects
3	assets.adobedtm.com	www.tessellarte.mx assets.adobedtm.com
2	sync.search.spotxchange.com	1 redirects
2	us-u.openx.net	1 redirects
2	ib.adnxs.com	1 redirects
2	dsum-sec.casalemedia.com	1 redirects
2	match.adsrvr.org	2 redirects
2	telus.demdex.net	assets.adobedtm.com
2	static.telus.com	www.tessellarte.mx
2	webmail.telus.net	www.tessellarte.mx
1	www.facebook.com
1	image2.pubmatic.com
1	pixel.rubiconproject.com
1	cm.adgrx.com
1	cms.analytics.yahoo.com	1 redirects
1	p.rfihub.com	1 redirects
1	analytics.twitter.com
1	a.telus.com	www.tessellarte.mx
1	fast.telus.demdex.net	assets.adobedtm.com
0	rp.gwallet.com Failed
0	b.telus.com Failed	assets.adobedtm.com
36	25

This site contains links to these domains. Also see Links.

Domain
www.telus.com
pwm.telus.net
forum.telus.com

Subject Issuer	Validity	Valid
*.telus.net Go Daddy Secure Certificate Authority - G2	`2020-07-13` - `2022-09-09`	2 years	crt.sh
static.telus.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-29` - `2022-04-29`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-19` - `2022-11-19`	a year	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-24` - `2023-01-23`	a year	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-24` - `2022-03-26`	a year	crt.sh

This page contains 3 frames:

Primary Page: http://www.tessellarte.mx/
Frame ID: 2A2054DC833242B5A7828E2E41C19CA3
Requests: 19 HTTP requests in this frame

Frame: http://fast.telus.demdex.net/dest5.html?d_nsid=0
Frame ID: C52A6412C0B1CBFEAE65E1E49CE9CB10
Requests: 1 HTTP requests in this frame

Frame: https://telus.demdex.net/dest5.html?d_nsid=0
Frame ID: 2DC1C3B514B7707D8D11887A592350FA
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

TELUS Webmail - log inTELUS Webmail - log in

Detected technologies

YouTube (Video Players) Expand

Overall confidence: 100%
Detected patterns

<(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

36
Requests

22 %
HTTPS

13 %
IPv6

20
Domains

25
Subdomains

19
IPs

4
Countries

95 kB
Transfer

225 kB
Size

32
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: http://www.telus.com/

Search URL Search Domain Scan URL

URL: https://pwm.telus.net/public/forgottenpassword
Title: Forgot?

Search URL Search Domain Scan URL

URL: http://forum.telus.com/t5/Neighbourhood-Blog/Passwords-Keeping-Your-Data-Safe/ba-p/62591
Title: Learn more

Search URL Search Domain Scan URL

URL: https://www.telus.com/support/topic/internet#/email
Title: Need help?

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15

http://cm.everesttech.net/cm/dd?d_uuid=76082362606100344671803482922750137522 HTTP 301
https://cm.everesttech.net/cm/dd?d_uuid=76082362606100344671803482922750137522 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YiW84AAAAGVHcwP9 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=YiW84AAAAGVHcwP9

Request Chain 19

https://cm.everesttech.net/cm/dd?d_uuid=66324291360814072032746398548261079489 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YiW84AAAAGVHcwP9&d_uuid=66324291360814072032746398548261079489

Request Chain 20

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NjYzMjQyOTEzNjA4MTQwNzIwMzI3NDYzOTg1NDgyNjEwNzk0ODk= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NjYzMjQyOTEzNjA4MTQwNzIwMzI3NDYzOTg1NDgyNjEwNzk0ODk=&google_tc= HTTP 302
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEFiPbXaqewbYHstULtO7GY8&google_cver=1?gdpr=0&gdpr_consent=

Request Chain 23

https://p.rfihub.com/cm?in=1&pub=7085 HTTP 302
https://dpm.demdex.net/ibs:dpid=1121&dpuuid=1974054388371052961

Request Chain 24

https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1 HTTP 302
https://dpm.demdex.net/ibs:dpid=903&dpuuid=cfeb5721-2c86-497a-aa48-8371aefdca86

Request Chain 25

https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=66324291360814072032746398548261079489&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-gM4GbJZE2pH4BCq081_9jz8bsA78JNJiKO4-~A

Request Chain 27

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WWlXODRBQUFBR1ZIY3dQOQ== HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push=&google_sc=&google_hm=WWlXODRBQUFBR1ZIY3dQOQ==&google_tc=

Request Chain 28

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YiW84AAAAGVHcwP9&expires=90

Request Chain 29

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YiW84AAAAGVHcwP9 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YiW84AAAAGVHcwP9&C=1

Request Chain 30

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
https://ib.adnxs.com/setuid?entity=158&code=YiW84AAAAGVHcwP9 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYiW84AAAAGVHcwP9

Request Chain 31

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YiW84AAAAGVHcwP9 HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YiW84AAAAGVHcwP9

Request Chain 32

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YiW84AAAAGVHcwP9

Request Chain 33

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YiW84AAAAGVHcwP9&img=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YiW84AAAAGVHcwP9&img=1&__user_check__=1&sync_id=68798453-9ded-11ec-99c1-1c459af50407

Request Chain 34

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
https://www.facebook.com/fr/b.php?p=1531105787105294&e=YiW84AAAAGVHcwP9&t=2592000&o=0

36 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.tessellarte.mx/ 16 KB
6 KB 284ms
146ms Document
text/html 192.185.171.202
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://www.tessellarte.mx/
Protocol: HTTP/1.1
Server: 192.185.171.202 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-185-171-202.unifiedlayer.com
Software: Apache /
Resource Hash: 7fdf04ebfa2ed1d7b88d8c8c6000f2c906bc3a58a9a361a876844c3014f1a6d2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9

Response headers

Date: Mon, 07 Mar 2022 08:05:50 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Sat, 04 Jan 2020 22:47:58 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5631
Keep-Alive: timeout=5, max=75
Content-Type: text/html

GET
H/1.1 404
Not Found main.css
webmail.telus.net//css/ 0
0 1261ms
253ms Stylesheet
text/html 207.167.198.19
TELUS Communications

General

Check archive.org

Show headers Download Go to

Full URL: https://webmail.telus.net//css/main.css
Requested by: Host: www.tessellarte.mx
URL: http://www.tessellarte.mx/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 207.167.198.19 Hamilton, Canada, ASN852 (TELUS Communications, CA),
Reverse DNS: webmail2.telus.net
Software: /
Resource Hash

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.tessellarte.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H/1.1 404
Not Found passwordStrength.css
webmail.telus.net//css/ 0
0 1261ms
253ms Stylesheet
text/html 207.167.198.19
TELUS Communications

General

Check archive.org

Show headers Download Go to

Full URL: https://webmail.telus.net//css/passwordStrength.css
Requested by: Host: www.tessellarte.mx
URL: http://www.tessellarte.mx/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 207.167.198.19 Hamilton, Canada, ASN852 (TELUS Communications, CA),
Reverse DNS: webmail2.telus.net
Software: /
Resource Hash

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.tessellarte.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H/1.1 200
OK satelliteLib-a52ff1846227cd72b8a68d1e0351f08aba274184.js Show response
assets.adobedtm.com/6462022b939758565769298a6393ed7a46ee6817/ 114 KB
36 KB 10ms
4ms Script
application/x-javascript 2600:140b:400:29a::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://assets.adobedtm.com/6462022b939758565769298a6393ed7a46ee6817/satelliteLib-a52ff1846227cd72b8a68d1e0351f08aba274184.js
Requested by: Host: www.tessellarte.mx
URL: http://www.tessellarte.mx/
Protocol: HTTP/1.1
Server: 2600:140b:400:29a::1e80 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 517fd6dd3c44b0dc6390330673883e9a345b6b57e449ab5a4fb6bf59328da0c5

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.tessellarte.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 07 Mar 2022 08:05:50 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 Aug 2017 22:25:15 GMT
Server: AkamaiNetStorage
ETag: "a16c54dc0f9fc15461b464dd76f8f774:1501885515"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: http://www.tessellarte.mx
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 36825
Expires: Mon, 07 Mar 2022 09:05:50 GMT

GET
H/1.1 500
Internal Server Error jquery.min.js
www.tessellarte.mx/js/ 0
0 336ms
335ms Script
text/html 192.185.171.202
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://www.tessellarte.mx/js/jquery.min.js
Requested by: Host: www.tessellarte.mx
URL: http://www.tessellarte.mx/
Protocol: HTTP/1.1
Server: 192.185.171.202 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-185-171-202.unifiedlayer.com
Software: Apache /
Resource Hash

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.tessellarte.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 07 Mar 2022 08:05:50 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=utf-8

GET
H/1.1 500
Internal Server Error icheck.min.js
www.tessellarte.mx/js/ 0
0 493ms
356ms Script
text/html 192.185.171.202
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://www.tessellarte.mx/js/icheck.min.js
Requested by: Host: www.tessellarte.mx
URL: http://www.tessellarte.mx/
Protocol: HTTP/1.1
Server: 192.185.171.202 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-185-171-202.unifiedlayer.com
Software: Apache /
Resource Hash

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.tessellarte.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Upgrade: h2,h2c
Date: Mon, 07 Mar 2022 08:05:50 GMT
Server: Apache
Connection: Upgrade, close
Content-Length: 0
Content-Type: text/html; charset=utf-8

GET
H/1.1 500
Internal Server Error pStrength.jquery.js
www.tessellarte.mx/js/ 0
0 505ms
368ms Script
text/html 192.185.171.202
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://www.tessellarte.mx/js/pStrength.jquery.js
Requested by: Host: www.tessellarte.mx
URL: http://www.tessellarte.mx/
Protocol: HTTP/1.1
Server: 192.185.171.202 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-185-171-202.unifiedlayer.com
Software: Apache /
Resource Hash

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.tessellarte.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Upgrade: h2,h2c
Date: Mon, 07 Mar 2022 08:05:50 GMT
Server: Apache
Connection: Upgrade, close
Content-Length: 0
Content-Type: text/html; charset=utf-8

GET
H/1.1 500
Internal Server Error jquery.clientsidecaptcha.js
www.tessellarte.mx/js/ 0
0 501ms
362ms Script
text/html 192.185.171.202
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://www.tessellarte.mx/js/jquery.clientsidecaptcha.js
Requested by: Host: www.tessellarte.mx
URL: http://www.tessellarte.mx/
Protocol: HTTP/1.1
Server: 192.185.171.202 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-185-171-202.unifiedlayer.com
Software: Apache /
Resource Hash

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.tessellarte.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Upgrade: h2,h2c
Date: Mon, 07 Mar 2022 08:05:50 GMT
Server: Apache
Connection: Upgrade, close
Content-Length: 0
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK TELUS-logo.svg
static.telus.com/common/images/header/ 4 KB
2 KB 537ms
140ms Image
image/svg+xml 2620:108:700f::36d6:ef0a
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.telus.com/common/images/header/TELUS-logo.svg
Requested by: Host: www.tessellarte.mx
URL: http://www.tessellarte.mx/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:108:700f::36d6:ef0a Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.1.19 /
Resource Hash: 8c0b230f7dcf65e2f232a2825bc769fb4dcff96982af865b1f6e72a86f196d2b

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.tessellarte.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Mon, 07 Mar 2022 07:47:56 GMT
Content-Encoding: gzip
Last-Modified: Thu, 05 Dec 2013 22:58:36 GMT
Server: nginx/1.1.19
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: keep-alive
Content-Length: 1913
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 500
Internal Server Error refresh.png
www.tessellarte.mx/img/ 0
195 B 490ms
353ms Image
text/html 192.185.171.202
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.tessellarte.mx/img/refresh.png
Requested by: Host: www.tessellarte.mx
URL: http://www.tessellarte.mx/
Protocol: HTTP/1.1
Server: 192.185.171.202 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-185-171-202.unifiedlayer.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.tessellarte.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Upgrade: h2,h2c
Date: Mon, 07 Mar 2022 08:05:50 GMT
Server: Apache
Connection: Upgrade, close
Content-Length: 0
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK TELUS-logo-white.svg
static.telus.com/common/images/footer/ 4 KB
2 KB 583ms
146ms Image
image/svg+xml 2620:108:700f::36d6:ef0a
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.telus.com/common/images/footer/TELUS-logo-white.svg
Requested by: Host: www.tessellarte.mx
URL: http://www.tessellarte.mx/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:108:700f::36d6:ef0a Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.1.19 /
Resource Hash: c4374a0d15e0d271fb8a0113fd31e4eb4a15d8c255a509fe534c16f43024a3dc

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.tessellarte.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: public
Date: Mon, 07 Mar 2022 07:47:56 GMT
Content-Encoding: gzip
Last-Modified: Thu, 05 Dec 2013 22:58:36 GMT
Server: nginx/1.1.19
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: keep-alive
Content-Length: 1907
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 3 KB
2 KB 11ms
8ms XHR
application/json 52.199.178.1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://dpm.demdex.net/id?d_visid_ver=2.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=67A50FC0539F0BBD0A490D45%40AdobeOrg&d_nsid=0&ts=1646640351726
Requested by: Host: assets.adobedtm.com
URL: http://assets.adobedtm.com/6462022b939758565769298a6393ed7a46ee6817/satelliteLib-a52ff1846227cd72b8a68d1e0351f08aba274184.js
Protocol: HTTP/1.1
Server: 52.199.178.1 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-199-178-1.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: 68fa97192f9006a6185d238f1abd434aaa59ceeb28ef231f8020071d4cda0817

Request headers

Referer: http://www.tessellarte.mx/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-tyo3-1-v027-07f035789.edge-tyo3.demdex.com UNKNOWN
Pragma: no-cache
content-encoding: gzip
X-TID: AGAb4vu3QY8=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: http://www.tessellarte.mx
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 1228
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200
OK dil-contents-5ee0fe83b2600884b99ed28f6109168105d2fb52.js Show response
assets.adobedtm.com/6462022b939758565769298a6393ed7a46ee6817/ 31 KB
11 KB 4ms
4ms Script
application/x-javascript 2600:140b:400:29a::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://assets.adobedtm.com/6462022b939758565769298a6393ed7a46ee6817/dil-contents-5ee0fe83b2600884b99ed28f6109168105d2fb52.js
Requested by: Host: assets.adobedtm.com
URL: http://assets.adobedtm.com/6462022b939758565769298a6393ed7a46ee6817/satelliteLib-a52ff1846227cd72b8a68d1e0351f08aba274184.js
Protocol: HTTP/1.1
Server: 2600:140b:400:29a::1e80 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: e822673ef5c826a33358969138490871efeae176f4e3ccdb8c2a0ca4159d29fc

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.tessellarte.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 07 Mar 2022 08:05:51 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 Aug 2017 22:25:15 GMT
Server: AkamaiNetStorage
ETag: "cd709222a50ed6db4e7ba9a595607dfc:1501885515"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: http://www.tessellarte.mx
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 11023
Expires: Mon, 07 Mar 2022 09:05:51 GMT

GET
H/1.1 200
OK s-code-contents-2f65f9fccbc156c9f9a3f54fbbc01651dc6a39a4.js Show response
assets.adobedtm.com/6462022b939758565769298a6393ed7a46ee6817/ 35 KB
13 KB 6ms
4ms Script
application/x-javascript 2600:140b:400:29a::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://assets.adobedtm.com/6462022b939758565769298a6393ed7a46ee6817/s-code-contents-2f65f9fccbc156c9f9a3f54fbbc01651dc6a39a4.js
Requested by: Host: assets.adobedtm.com
URL: http://assets.adobedtm.com/6462022b939758565769298a6393ed7a46ee6817/satelliteLib-a52ff1846227cd72b8a68d1e0351f08aba274184.js
Protocol: HTTP/1.1
Server: 2600:140b:400:29a::1e80 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: c80222e63b82472ac739234bd849c6672735e1f97ac38ec2c7f660ab35dd237a

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.tessellarte.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 07 Mar 2022 08:05:51 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 Aug 2017 22:25:15 GMT
Server: AkamaiNetStorage
ETag: "63bb9263900aade034670103f172126f:1501885515"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: http://www.tessellarte.mx
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 13171
Expires: Mon, 07 Mar 2022 09:05:51 GMT

GET
H/1.1 200
OK dest5.html Show response
fast.telus.demdex.net/ Frame C52A 7 KB
3 KB 5ms
2ms Document
text/html 173.222.248.93
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://fast.telus.demdex.net/dest5.html?d_nsid=0
Requested by: Host: assets.adobedtm.com
URL: http://assets.adobedtm.com/6462022b939758565769298a6393ed7a46ee6817/satelliteLib-a52ff1846227cd72b8a68d1e0351f08aba274184.js
Protocol: HTTP/1.1
Server: 173.222.248.93 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a173-222-248-93.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.tessellarte.mx/

Response headers

Accept-Ranges: bytes
Content-Type: text/html
ETag: "2c9c2ee145ee280b85a217ad7045fae5:1580750826.437238"
Last-Modified: Mon, 03 Feb 2020 17:27:06 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=21600
Date: Mon, 07 Mar 2022 08:05:51 GMT
Content-Length: 2785
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"

GET id
b.telus.com/ 0
0

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/
Redirect Chain

http://cm.everesttech.net/cm/dd?d_uuid=76082362606100344671803482922750137522
https://cm.everesttech.net/cm/dd?d_uuid=76082362606100344671803482922750137522
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YiW84AAAAGVHcwP9
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=YiW84AAAAGVHcwP9

42 B
943 B

10ms
10ms

Image
image/gif

52.199.178.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=YiW84AAAAGVHcwP9

Requested by

Host: www.tessellarte.mx
URL: http://www.tessellarte.mx/

Protocol

HTTP/1.1

Server

52.199.178.1 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-199-178-1.ap-northeast-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.tessellarte.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

DCS: dcs-prod-tyo3-1-v027-0456cb84f.edge-tyo3.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: hVEma5RTSrc=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-tyo3-1-v027-0d5a5bc6c.edge-tyo3.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: twVMd3wRTvI=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=YiW84AAAAGVHcwP9
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200
OK s63619681181163
a.telus.com/b/ss/teluswebmail/1/JS-2.3.0-D7QN/ 43 B
598 B 9ms
5ms Image
image/gif 3.113.78.189
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://a.telus.com/b/ss/teluswebmail/1/JS-2.3.0-D7QN/s63619681181163?AQB=1&ndh=1&pf=1&t=7%2F2%2F2022%208%3A5%3A51%201%200&D=D%3D&mid=76102629546433973251805861459704186204&aamlh=11&ce=UTF-8&pageName=webmail%2Flogin&g=http%3A%2F%2Fwww.tessellarte.mx%2F&cc=CAD&server=webmail.telus.com&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=67A50FC0539F0BBD0A490D45%40AdobeOrg&AQE=1

Requested by

Host: www.tessellarte.mx
URL: http://www.tessellarte.mx/

Protocol

HTTP/1.1

Server

3.113.78.189 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-113-78-189.ap-northeast-1.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.tessellarte.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 08:05:51 GMT
x-content-type-options: nosniff
x-c: main-1585.I7afc85.M0-540
p3p: CP="This is not a P3P policy"
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Tue, 08 Mar 2022 08:05:51 GMT
server: jag
xserver: anedge-55ffccf6c-zq6x2
etag: 3536133228745261056-4619452359920537838
vary: *
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Sun, 06 Mar 2022 08:05:51 GMT

GET
H/1.1 200
OK dest5.html Show response
telus.demdex.net/ Frame 2DC1 7 KB
3 KB 38ms
16ms Document
text/html 52.69.231.227
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://telus.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: http://assets.adobedtm.com/6462022b939758565769298a6393ed7a46ee6817/dil-contents-5ee0fe83b2600884b99ed28f6109168105d2fb52.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.69.231.227 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-69-231-227.ap-northeast-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.tessellarte.mx/

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Mon, 7 Mar 2022 08:05:52 GMT
DCS: dcs-prod-tyo3-1-v027-068a040fd.edge-tyo3.demdex.com UNKNOWN
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Fri, 4 Mar 2022 17:38:55 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: SPfaBfcXT6w=
Content-Length: 2791
Connection: keep-alive

POST
H/1.1 200
OK event Show response
telus.demdex.net/ 3 KB
2 KB 10ms
10ms XHR
application/json 52.69.231.227
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://telus.demdex.net/event?_ts=1646640352232

Requested by

Host: assets.adobedtm.com
URL: http://assets.adobedtm.com/6462022b939758565769298a6393ed7a46ee6817/dil-contents-5ee0fe83b2600884b99ed28f6109168105d2fb52.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.69.231.227 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-69-231-227.ap-northeast-1.compute.amazonaws.com

Software

Resource Hash

8d66e0e596eebb4deeb393140bcb5651a424598aff3d36e46cd263867f860938

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://www.tessellarte.mx/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-tyo3-1-v027-0192dad64.edge-tyo3.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: y4xS7aDjRwY=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: http://www.tessellarte.mx
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 1134
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=YiW84AAAAGVHcwP9&d_uuid=66324291360814072032746398548261079489
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=66324291360814072032746398548261079489
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YiW84AAAAGVHcwP9&d_uuid=66324291360814072032746398548261079489

0
834 B

10ms
10ms

Image
text/plain

52.199.178.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=YiW84AAAAGVHcwP9&d_uuid=66324291360814072032746398548261079489

Protocol

HTTP/1.1

Server

52.199.178.1 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-199-178-1.ap-northeast-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://www.tessellarte.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

DCS: dcs-prod-tyo3-1-v027-0192dad64.edge-tyo3.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: aQgLsmIGRO8=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=YiW84AAAAGVHcwP9&d_uuid=66324291360814072032746398548261079489
Date: Mon, 07 Mar 2022 08:05:52 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1

200
OK

ibs:dpid=771&dpuuid=CAESEFiPbXaqewbYHstULtO7GY8&google_cver=1
dpm.demdex.net/ Frame 2DC1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NjYzMjQyOTEzNjA4MTQwNzIwMzI3NDYzOTg1NDgyNjEwNzk0ODk=
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NjYzMjQyOTEzNjA4MTQwNzIwMzI3NDYzOTg1NDgyNjEwNzk0ODk=&google_tc=
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEFiPbXaqewbYHstULtO7GY8&google_cver=1?gdpr=0&gdpr_consent=

42 B
943 B

6ms
6ms

Image
image/gif

52.199.178.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEFiPbXaqewbYHstULtO7GY8&google_cver=1?gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Server

52.199.178.1 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-199-178-1.ap-northeast-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://telus.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

DCS: dcs-prod-tyo3-1-v027-056e4f8b4.edge-tyo3.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 1oTXc1qBSq4=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Mon, 07 Mar 2022 08:05:52 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEFiPbXaqewbYHstULtO7GY8&google_cver=1?gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct
analytics.twitter.com/i/ Frame 2DC1 43 B
356 B 107ms
101ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?p_user_id=66324291360814072032746398548261079489&p_id=38594

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_m /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://telus.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-response-time: 99
date: Mon, 07 Mar 2022 08:05:51 GMT
server: tsa_m
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 340a612f53de49a5b524809b35b520554d517d1cdc7f129c66eb735da58f6d6a
content-length: 43

GET p50
rp.gwallet.com/r1/cm/ Frame 2DC1 0
0

GET
H/1.1

200
OK

ibs:dpid=1121&dpuuid=1974054388371052961
dpm.demdex.net/ Frame 2DC1
Redirect Chain

https://p.rfihub.com/cm?in=1&pub=7085
https://dpm.demdex.net/ibs:dpid=1121&dpuuid=1974054388371052961

42 B
943 B

8ms
7ms

Image
image/gif

52.199.178.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=1121&dpuuid=1974054388371052961

Protocol

HTTP/1.1

Server

52.199.178.1 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-199-178-1.ap-northeast-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://telus.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

DCS: dcs-prod-tyo3-1-v027-0ba6ff05d.edge-tyo3.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: nz0gTZxLQHA=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=1121&dpuuid=1974054388371052961
Date: Mon, 07 Mar 2022 08:05:52 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ibs:dpid=903&dpuuid=cfeb5721-2c86-497a-aa48-8371aefdca86
dpm.demdex.net/ Frame 2DC1
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1
https://dpm.demdex.net/ibs:dpid=903&dpuuid=cfeb5721-2c86-497a-aa48-8371aefdca86

42 B
943 B

7ms
7ms

Image
image/gif

52.199.178.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=903&dpuuid=cfeb5721-2c86-497a-aa48-8371aefdca86

Protocol

HTTP/1.1

Server

52.199.178.1 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-199-178-1.ap-northeast-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://telus.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

DCS: dcs-prod-tyo3-2-v027-065d324d7.edge-tyo3.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: qXZcOGWlQd8=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Mon, 07 Mar 2022 08:05:52 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://dpm.demdex.net/ibs:dpid=903&dpuuid=cfeb5721-2c86-497a-aa48-8371aefdca86
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 189

GET
H/1.1

200
OK

ibs:dpid=30646
dpm.demdex.net/ Frame 2DC1
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=66324291360814072032746398548261079489&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-gM4GbJZE2pH4BCq081_9jz8bsA78JNJiKO4-~A

42 B
943 B

9ms
9ms

Image
image/gif

52.199.178.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-gM4GbJZE2pH4BCq081_9jz8bsA78JNJiKO4-~A

Protocol

HTTP/1.1

Server

52.199.178.1 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-199-178-1.ap-northeast-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://telus.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

DCS: dcs-prod-tyo3-2-v027-07e7b262f.edge-tyo3.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 2BKDEePHQ5M=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date: Mon, 07 Mar 2022 08:05:52 GMT
via: http/1.1 spdc0102.pbp.sg3.yahoo.com (ApacheTrafficServer)
server: ATS
age: 0
strict-transport-security: max-age=31536000
content-type: text/html;charset=utf-8
location: https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-gM4GbJZE2pH4BCq081_9jz8bsA78JNJiKO4-~A
content-length: 0

GET
H/1.1 200
OK bridge
cm.adgrx.com/ Frame 2DC1 0
353 B 223ms
74ms Image
text/plain 52.74.118.249
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adgrx.com/bridge?AG_PID=adobe_aam&AG_SETCOOKIE
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.74.118.249 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-74-118-249.ap-southeast-1.compute.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://telus.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 07 Mar 2022 08:05:52 GMT
server: Cowboy
P3P: CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Connection: keep-alive
X-RealServer-NX: aws-apsoutheast1b-delivery-2
Content-Length: 0
Expires: Thu, 23 Sep 2004 17:42:04 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2DC1
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WWlXODRBQUFBR1ZIY3dQOQ==
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push=&google_sc=&google_hm=WWlXODRBQUFBR1ZIY3dQOQ==&google_tc=

170 B
188 B

156ms
156ms

Image
image/png

172.217.175.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push=&google_sc=&google_hm=WWlXODRBQUFBR1ZIY3dQOQ==&google_tc=

Protocol

Server

172.217.175.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s20-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://telus.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 08:05:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 07 Mar 2022 08:05:52 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push=&google_sc=&google_hm=WWlXODRBQUFBR1ZIY3dQOQ==&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 345
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 2DC1
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YiW84AAAAGVHcwP9&expires=90

42 B
753 B

324ms
80ms

Image
image/gif

69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YiW84AAAAGVHcwP9&expires=90
Protocol: HTTP/1.1
Server: 69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://telus.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 548ddf114c6f6bfbb66a4cdeb6a219f4
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 07 Mar 2022 08:05:52 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1646640352.378291,VS0,VE0
x-served-by: cache-nrt18320-NRT
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YiW84AAAAGVHcwP9&expires=90
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 2DC1
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YiW84AAAAGVHcwP9
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YiW84AAAAGVHcwP9&C=1

43 B
1001 B

64ms
64ms

Image
image/gif

23.44.53.47
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YiW84AAAAGVHcwP9&C=1
Protocol: HTTP/1.1
Server: 23.44.53.47 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-53-47.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://telus.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 07 Mar 2022 08:05:52 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 07 Mar 2022 08:05:52 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 07 Mar 2022 08:05:52 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YiW84AAAAGVHcwP9&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 279
Expires: Mon, 07 Mar 2022 08:05:52 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame 2DC1
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
https://ib.adnxs.com/setuid?entity=158&code=YiW84AAAAGVHcwP9
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYiW84AAAAGVHcwP9

43 B
1 KB

75ms
75ms

Image
image/gif

103.43.90.55
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYiW84AAAAGVHcwP9

Protocol

HTTP/1.1

Server

103.43.90.55 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

600.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://telus.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 07 Mar 2022 08:05:52 GMT
X-Proxy-Origin: 31.204.145.169; 31.204.145.169; 600.bm-nginx-loadbalancer.mgmt.sin3; adnxs.com
AN-X-Request-Uuid: e1936c06-bd9d-45d2-b485-2dcc20fa5d4c
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 07 Mar 2022 08:05:52 GMT
X-Proxy-Origin: 31.204.145.169; 31.204.145.169; 600.bm-nginx-loadbalancer.mgmt.sin3; adnxs.com
AN-X-Request-Uuid: a24d63c0-9841-4e56-8dae-4dd57492297e
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYiW84AAAAGVHcwP9
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 2DC1
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YiW84AAAAGVHcwP9
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YiW84AAAAGVHcwP9

43 B
180 B

38ms
38ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YiW84AAAAGVHcwP9
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/17.2.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://telus.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Mar 2022 08:05:52 GMT
via: 1.1 google
server: OXGW/17.2.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YiW84AAAAGVHcwP9
date: Mon, 07 Mar 2022 08:05:52 GMT
via: 1.1 google
server: OXGW/17.2.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 2DC1
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YiW84AAAAGVHcwP9

1 B
546 B

9ms
3ms

Image
text/html

103.231.99.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YiW84AAAAGVHcwP9
Protocol: H2
Server: 103.231.99.80 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://telus.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 01:38:54 GMT
cache-control: no-store, no-cache, private
x-lat: ty6pug013:0:371
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Mon, 07 Mar 2022 08:05:52 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1646640352.432455,VS0,VE0
x-served-by: cache-nrt18320-NRT
x-cache: HIT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YiW84AAAAGVHcwP9
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame 2DC1
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YiW84AAAAGVHcwP9&img=1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YiW84AAAAGVHcwP9&img=1&__user_check__=1&sync_id=68798453-9ded-11ec-99c1-1c459af50407

43 B
548 B

81ms
81ms

Image
image/gif

103.71.26.126
SPOTX-AS-AP SpotX...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YiW84AAAAGVHcwP9&img=1&__user_check__=1&sync_id=68798453-9ded-11ec-99c1-1c459af50407
Protocol: HTTP/1.1
Server: 103.71.26.126 Singapore, Singapore, ASN132134 (SPOTX-AS-AP SpotXchange, Inc, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://telus.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 07 Mar 2022 08:05:52 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 58
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Mon, 07 Mar 2022 08:05:52 GMT
Server: nginx
Location: /partner?adv_id=6409&uid=YiW84AAAAGVHcwP9&img=1&__user_check__=1&sync_id=68798453-9ded-11ec-99c1-1c459af50407
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 94
Connection: keep-alive
Content-Length: 0

GET
H2

200

b.php
www.facebook.com/fr/ Frame 2DC1
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
https://www.facebook.com/fr/b.php?p=1531105787105294&e=YiW84AAAAGVHcwP9&t=2592000&o=0

43 B
2 KB

141ms
136ms

Image
image/gif

2a03:2880:f10f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/fr/b.php?p=1531105787105294&e=YiW84AAAAGVHcwP9&t=2592000&o=0

Protocol

Server

2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://telus.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 00:05:52 PST
content-encoding: br
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-fb-rlafr: 0
pragma: public
x-fb-debug: xwwChK1FR0FS0Zj7U2ekJykIzVt2T0TmThLwpdwaul1+At7QJSp5epMAK2CkrZuFtWF7XdG/+93a7hp9QsUdeA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
strict-transport-security: max-age=15552000; preload
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: image/gif
vary: Accept-Encoding
cache-control: public, max-age=0
expires: Mon, 07 Mar 2022 00:05:52 PST

Redirect headers

pragma: no-cache
date: Mon, 07 Mar 2022 08:05:52 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1646640352.462330,VS0,VE0
x-served-by: cache-nrt18320-NRT
x-cache: HIT
location: https://www.facebook.com/fr/b.php?p=1531105787105294&e=YiW84AAAAGVHcwP9&t=2592000&o=0
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: b.telus.com
URL: http://b.telus.com/id?d_visid_ver=2.3.0&d_fieldgroup=A&mcorgid=67A50FC0539F0BBD0A490D45%40AdobeOrg&mid=76102629546433973251805861459704186204&ts=1646640351745

Domain: rp.gwallet.com
URL: https://rp.gwallet.com/r1/cm/p50

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Telus (Telecommunication)

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

32 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.tessellarte.mx/	1969-12-31 23:59:59	Name: AMCVS_67A50FC0539F0BBD0A490D45%40AdobeOrg Value: 1
.tessellarte.mx/	1969-12-31 23:59:59	Name: s_cc Value: true
.everesttech.net/	1970-01-20 10:09:36	Name: everest_g_v2 Value: g_surferid~YiW84AAAAGVHcwP9
.demdex.net/	1970-01-20 05:43:12	Name: demdex Value: 66324291360814072032746398548261079489
.dpm.demdex.net/	1970-01-20 05:43:12	Name: dpm Value: 66324291360814072032746398548261079489
.tessellarte.mx/	1970-01-20 18:56:38	Name: AMCV_67A50FC0539F0BBD0A490D45%40AdobeOrg Value: -894706358%7CMCIDTS%7C19059%7CMCMID%7C76102629546433973251805861459704186204%7CMCAAMLH-1647245151%7C11%7CMCAAMB-1647245151%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1646647551s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19066%7CvVersion%7C2.3.0
.demdex.net/	1970-01-20 05:43:12	Name: DST Value:
.telus.demdex.net/	1970-01-20 05:43:12	Name: telus Value: 66324291360814072032746398548261079489
.everesttech.net/	1970-01-20 02:08:38	Name: ev_sync_dd Value: 20220307
.adsrvr.org/	1970-01-20 10:09:36	Name: TDID Value: cfeb5721-2c86-497a-aa48-8371aefdca86
.adsrvr.org/	1970-01-20 10:09:36	Name: TDCPM Value: CAESEgoDYWFtEgsI-ITiy-qGwDoQBRgFIAEoAjILCN624_iAh8A6EAU4AQ..
.twitter.com/	1970-01-20 18:55:12	Name: personalization_id Value: "v1_oORiedZ5/I1RORKxXTXRdw=="
.pubmatic.com/	1970-01-20 03:33:36	Name: KRTBCOOKIE_218 Value: 4056-YiW84AAAAGVHcwP9&KRTB&22978-YiW84AAAAGVHcwP9&KRTB&23194-YiW84AAAAGVHcwP9&KRTB&23209-YiW84AAAAGVHcwP9
.pubmatic.com/	1970-01-20 02:07:12	Name: PugT Value: 1646617134
.pubmatic.com/	1970-01-20 03:33:36	Name: PUBMDCID Value: 6
.demdex.net/	1970-01-20 05:43:12	Name: dextp Value: 771-1-1646640352246\|1123-1-1646640352261\|1127-1-1646640352276\|1121-1-1646640352300\|903-1-1646640352309\|30646-1-1646640352324\|58342-1-1646640352342\|144230-1-1646640352355\|144231-1-1646640352372\|144232-1-1646640352386\|144233-1-1646640352401\|144234-1-1646640352415\|144235-1-1646640352430\|144236-1-1646640352445\|144237-1-1646640352460
.openx.net/	1970-01-20 10:09:36	Name: i Value: 12e241dc-0029-4c4b-bd1a-924a386fb481\|1646640352
.casalemedia.com/	1970-01-20 10:09:36	Name: CMID Value: YiW84Ar2qlpeOe69MEPMYAAA
.casalemedia.com/	1970-01-20 03:33:36	Name: CMPS Value: 851
.casalemedia.com/	1970-01-20 03:33:36	Name: CMPRO Value: 841
.casalemedia.com/	1970-01-20 10:09:36	Name: CMRUM3 Value: 586225bce02760YiW84AAAAGVHcwP9
.casalemedia.com/	1970-01-20 01:25:26	Name: CMST Value: YiW84GIlvOAA
.yahoo.com/	1970-01-20 10:09:57	Name: A3 Value: d=AQABBOC8JWICELdnR4jcMGMunOf_FNVUB3oFEgEBAQEOJ2IvYgAAAAAA_eMAAA&S=AQAAAmdcJZMF7L1JeUAG6sYKPDE
.doubleclick.net/	1970-01-20 18:55:12	Name: IDE Value: AHWqTUlPzOVfdUz_gs4D1C7Bg-FaKHtSr3k8b1TwDmwUS-IpBRaGwYMh29ce39dvreg
.adnxs.com/	1970-01-20 03:33:36	Name: uuid2 Value: 4489452429733556730
.rubiconproject.com/	1970-01-20 10:09:36	Name: khaos Value: L0GF5FOA-24-DOL0
.rubiconproject.com/	1970-01-20 10:09:36	Name: audit Value: 1\|RTKVfUJgsVC5fCrti6C7wp/KbYcGkDGMxQngA1jmGGENIXVBPorKWk1KK5FC/lAKoEu7luZ+IAuM1KxoLazIt8oW2SgbbjsrEOjxxX8e+bMLly4b39C45/Tns/RjwXM3BH+1y/trqzB/6K+MJaMXAo76/Gy8ewrDCOeqF/Dn4Co=
.rfihub.com/	1970-01-20 10:45:36	Name: eud Value: H4sIAAAAAAAAAFvFxGtoZmJmZmJgbGpkZmEBAIBlqsoQAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAAAOMSNrQ0NzEwNTG2sDA2NzQwNbI0MxTiM9Q1ivTIyTBzdC5JdC0BAOL7vtwlAAAA
.rfihub.com/	1970-01-20 10:45:36	Name: rud Value: H4sIAAAAAAAAAOMSNrQ0NzEwNTG2sDA2NzQwNbI0MxTiM9Q1ivTIyTBzdC5JdC2R4jU0MzEzMzEwNjUys7AAADmNAEM0AAAA
.spotxchange.com/	1970-01-20 10:09:40	Name: audience Value: 68798414-9ded-11ec-99c1-1c459af50407
.adnxs.com/	1970-01-20 03:33:36	Name: anj Value: dTM7k!M4.FErk#WF']wIg2E?]tDhZv!]tbPl1MwL(!R7qUY$*sa>tgf(DiPD/fWf@%=a+HH)KKT9RFMZ9bmtwgM/]vGiOaRLH]<-3jy1642tv0!<MKl<L<do

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://www.tessellarte.mx/js/jquery.min.js Message: Failed to load resource: the server responded with a status of 500 (Internal Server Error)
network	error	URL: http://www.tessellarte.mx/img/refresh.png Message: Failed to load resource: the server responded with a status of 500 (Internal Server Error)
network	error	URL: http://www.tessellarte.mx/js/icheck.min.js Message: Failed to load resource: the server responded with a status of 500 (Internal Server Error)
network	error	URL: http://www.tessellarte.mx/js/jquery.clientsidecaptcha.js Message: Failed to load resource: the server responded with a status of 500 (Internal Server Error)
network	error	URL: http://www.tessellarte.mx/js/pStrength.jquery.js Message: Failed to load resource: the server responded with a status of 500 (Internal Server Error)
network	error	URL: https://webmail.telus.net//css/main.css Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://webmail.telus.net//css/passwordStrength.css Message: Failed to load resource: the server responded with a status of 404 (Not Found)
javascript	error	URL: http://www.tessellarte.mx/ Message: Access to XMLHttpRequest at 'http://b.telus.com/id?d_visid_ver=2.3.0&d_fieldgroup=A&mcorgid=67A50FC0539F0BBD0A490D45%40AdobeOrg&mid=76102629546433973251805861459704186204&ts=1646640351745' from origin 'http://www.tessellarte.mx' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: http://b.telus.com/id?d_visid_ver=2.3.0&d_fieldgroup=A&mcorgid=67A50FC0539F0BBD0A490D45%40AdobeOrg&mid=76102629546433973251805861459704186204&ts=1646640351745 Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.telus.com
analytics.twitter.com
assets.adobedtm.com
b.telus.com
cm.adgrx.com
cm.everesttech.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
dpm.demdex.net
dsum-sec.casalemedia.com
fast.telus.demdex.net
ib.adnxs.com
image2.pubmatic.com
match.adsrvr.org
p.rfihub.com
pixel.rubiconproject.com
rp.gwallet.com
static.telus.com
sync-tm.everesttech.net
sync.search.spotxchange.com
telus.demdex.net
us-u.openx.net
webmail.telus.net
www.facebook.com
www.tessellarte.mx
b.telus.com
rp.gwallet.com
103.231.99.80
103.43.90.55
103.71.26.126
104.244.42.67
106.10.236.147
151.101.66.49
172.217.175.66
173.222.248.93
192.185.171.202
198.8.71.128
207.167.198.19
23.44.53.47
2600:140b:400:29a::1e80
2620:108:700f::36d6:ef0a
2a03:2880:f10f:83:face:b00c:0:25de
3.113.78.189
34.98.64.218
52.199.178.1
52.223.40.198
52.69.231.227
52.74.118.249
52.76.153.185
69.173.158.64
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
517fd6dd3c44b0dc6390330673883e9a345b6b57e449ab5a4fb6bf59328da0c5
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
68fa97192f9006a6185d238f1abd434aaa59ceeb28ef231f8020071d4cda0817
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7fdf04ebfa2ed1d7b88d8c8c6000f2c906bc3a58a9a361a876844c3014f1a6d2
8c0b230f7dcf65e2f232a2825bc769fb4dcff96982af865b1f6e72a86f196d2b
8d66e0e596eebb4deeb393140bcb5651a424598aff3d36e46cd263867f860938
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
c4374a0d15e0d271fb8a0113fd31e4eb4a15d8c255a509fe534c16f43024a3dc
c80222e63b82472ac739234bd849c6672735e1f97ac38ec2c7f660ab35dd237a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e822673ef5c826a33358969138490871efeae176f4e3ccdb8c2a0ca4159d29fc
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

www.tessellarte.mx Open in urlscan Pro 192.185.171.202 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

36 Requests

22 %HTTPS

13 %IPv6

20 Domains

25 Subdomains

19 IPs

4 Countries

95 kBTransfer

225 kBSize

32 Cookies

4 Outgoing links

Redirected requests

36 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

www.tessellarte.mx Open in urlscan Pro
192.185.171.202 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

36
Requests

22 %
HTTPS

13 %
IPv6

20
Domains

25
Subdomains

19
IPs

4
Countries

95 kB
Transfer

225 kB
Size

32
Cookies

36 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!