disenoprueba.imduyv.gob.mx Open in urlscan Pro
68.65.121.216 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://urlz.fr/kNT6
Effective URL:
https://disenoprueba.imduyv.gob.mx/~wp.php/?url=Ly8vbW9iaWxlZnJhbmNlL2xvZ2luLz8mYW1wO2k9MkNJWU8=
Submission: On February 16 via api (February 16th 2023, 11:05:35 am UTC) from US — Scanned from US

Summary HTTP 65 Redirects Behaviour Indicators

Summary

This website contacted 28 IPs in 5 countries across 32 domains to perform 65 HTTP transactions. The main IP is 68.65.121.216, located in Huntingdon, United States and belongs to NAMECHEAP-NET, US. The main domain is disenoprueba.imduyv.gob.mx.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on July 25th 2022. Valid for: a year.

This is the only time disenoprueba.imduyv.gob.mx was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Facebook (Social Network)

Domain & IP information

	IP Address	AS Autonomous System
1 3	104.21.234.215 104.21.234.215	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	68.65.121.216 68.65.121.216	22612 (NAMECHEAP...) (NAMECHEAP-NET)
1	2607:f8b0:400... 2607:f8b0:4006:820::2008	15169 (GOOGLE) (GOOGLE)
9	2a02:6ea0:c40... 2a02:6ea0:c400::12	60068 (CDN77 ^_^) (CDN77 ^_^)
2	2600:9000:220... 2600:9000:2209:4c00:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
2	54.38.64.100 54.38.64.100	16276 (OVH) (OVH)
1	23.49.251.219 23.49.251.219	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2620:100:a001::c 2620:100:a001::c	19750 (AS-CRITEO) (AS-CRITEO)
2	2606:4700:10:... 2606:4700:10::ac43:db6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	145.239.192.166 145.239.192.166	16276 (OVH) (OVH)
2 8	51.222.39.187 51.222.39.187	16276 (OVH) (OVH)
2	2620:116:800b... 2620:116:800b:21:c1e8:5385:5098:6bf0	14618 (AMAZON-AES) (AMAZON-AES)
1	54.77.197.57 54.77.197.57	16509 (AMAZON-02) (AMAZON-02)
1	54.230.244.195 54.230.244.195	16509 (AMAZON-02) (AMAZON-02)
2	2001:4860:480... 2001:4860:4802:34::178	15169 (GOOGLE) (GOOGLE)
1 1	216.200.232.249 216.200.232.249	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 2	68.67.179.155 68.67.179.155	29990 (ASN-APPNEX) (ASN-APPNEX)
1	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
3 4	142.251.41.2 142.251.41.2	15169 (GOOGLE) (GOOGLE)
1	199.187.193.182 199.187.193.182	47043 (SMARTADSE...) (SMARTADSERVER)
1	52.46.151.131 52.46.151.131	16509 (AMAZON-02) (AMAZON-02)
1	162.248.18.32 162.248.18.32	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	2606:ae80:145... 2606:ae80:1451:11::2040	25751 (VALUECLICK) (VALUECLICK)
1	3.218.90.66 3.218.90.66	14618 (AMAZON-AES) (AMAZON-AES)
2 2	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1	35.211.178.172 35.211.178.172	15169 (GOOGLE) (GOOGLE)
1	2600:9000:21d... 2600:9000:21dd:3e00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4006:81d::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::681a:9a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.22.209.208 52.22.209.208	14618 (AMAZON-AES) (AMAZON-AES)
1	74.119.119.139 74.119.119.139	19750 (AS-CRITEO) (AS-CRITEO)
65	28

3 104.21.234.215 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

urlz.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 68.65.121.216 (Huntingdon, United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: premium41-4.web-hosting.com

disenoprueba.imduyv.gob.mx	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:820::2008 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:6ea0:c400::12 (New York, United States)

ASN60068 (CDN77 ^_^, GB)

ads.themoneytizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2209:4c00:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.quantcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.38.64.100 (France)

ASN16276 (OVH, FR)

c.tmyzer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.49.251.219 (Edison, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-49-251-219.deploy.static.akamaitechnologies.com

ced.sascdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:100:a001::c (United States)

ASN19750 (AS-CRITEO, US)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 145.239.192.166 (France)

ASN16276 (OVH, FR)

tag.leadplace.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 51.222.39.187 (Canada) 2 redirects

ASN16276 (OVH, FR)
PTR: ip187.ip-51-222-39.net

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800b:21:c1e8:5385:5098:6bf0 (United States)

ASN14618 (AMAZON-AES, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.77.197.57 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-197-57.eu-west-1.compute.amazonaws.com

p.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.230.244.195 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-244-195.ewr53.r.cloudfront.net

d2zur9cc2gf1tx.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.200.232.249 (Frederick, United States) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.67.179.155 (North Bergen, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.41.2 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.187.193.182 (Canada)

ASN47043 (SMARTADSERVER, CA)

ssbsync-global.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.46.151.131 (Ashburn, United States)

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.248.18.32 (United States)

ASN62713 (AS-PUBMATIC, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:ae80:1451:11::2040 (United States) 2 redirects

ASN25751 (VALUECLICK, US)

prebid-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.218.90.66 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-218-90-66.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.193.217 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.211.178.172 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21dd:3e00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81d::200a (Nutley, United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:9a9 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.22.209.208 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-209-208.compute-1.amazonaws.com

apis.cmp.quantcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	themoneytizer.com ads.themoneytizer.com — Cisco Umbrella Rank: 31299	269 KB
9	imduyv.gob.mx disenoprueba.imduyv.gob.mx	5 KB
8	onetag-sys.com 2 redirects onetag-sys.com — Cisco Umbrella Rank: 712	4 KB
4	doubleclick.net 3 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 205	1 KB
3	criteo.com gum.criteo.com — Cisco Umbrella Rank: 391 mug.criteo.com — Cisco Umbrella Rank: 2771 Failed	291 B
3	quantcast.com cmp.quantcast.com — Cisco Umbrella Rank: 2810 apis.cmp.quantcast.com — Cisco Umbrella Rank: 6094	49 KB
3	urlz.fr 1 redirects urlz.fr — Cisco Umbrella Rank: 960981	8 KB
2	4dex.io script.4dex.io — Cisco Umbrella Rank: 1984	24 KB
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 295	930 B
2	dotomi.com 2 redirects prebid-match.dotomi.com — Cisco Umbrella Rank: 2277	685 B
2	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 203	2 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	20 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 963 pixel.quantserve.com — Cisco Umbrella Rank: 674	10 KB
2	zeotap.com spl.zeotap.com — Cisco Umbrella Rank: 2520 mwzeom.zeotap.com Failed	22 KB
2	tmyzer.com c.tmyzer.com — Cisco Umbrella Rank: 30483	542 B
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 298	30 KB
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 913	1 KB
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 284	235 B
1	yahoo.com ups.analytics.yahoo.com — Cisco Umbrella Rank: 273	125 B
1	pubmatic.com image8.pubmatic.com — Cisco Umbrella Rank: 621	42 B
1	amazon-adsystem.com s.amazon-adsystem.com — Cisco Umbrella Rank: 274	479 B
1	smartadserver.com ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 1833	75 B
1	rubiconproject.com pixel-eu.rubiconproject.com Failed pixel.rubiconproject.com — Cisco Umbrella Rank: 316	774 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 460	658 B
1	cloudfront.net d2zur9cc2gf1tx.cloudfront.net	26 KB
1	cpx.to p.cpx.to — Cisco Umbrella Rank: 9570 s.cpx.to Failed	2 KB
1	leadplace.fr tag.leadplace.fr — Cisco Umbrella Rank: 33581	6 KB
1	sascdn.com ced.sascdn.com — Cisco Umbrella Rank: 9576	33 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 50	44 KB
0	adleadevent.com Failed adtrack.adleadevent.com Failed
0	sddan.com Failed kvt.sddan.com Failed
0	id5-sync.com Failed id5-sync.com Failed
65	32

	Domain	Requested by
9	ads.themoneytizer.com	urlz.fr ads.themoneytizer.com
9	disenoprueba.imduyv.gob.mx	urlz.fr disenoprueba.imduyv.gob.mx
8	onetag-sys.com	2 redirects ads.themoneytizer.com onetag-sys.com
4	cm.g.doubleclick.net	3 redirects onetag-sys.com
3	urlz.fr	1 redirects urlz.fr
2	script.4dex.io	ads.themoneytizer.com script.4dex.io
2	match.adsrvr.org	2 redirects
2	prebid-match.dotomi.com	2 redirects
2	ib.adnxs.com	2 redirects
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	spl.zeotap.com	ads.themoneytizer.com spl.zeotap.com
2	gum.criteo.com	ads.themoneytizer.com
2	c.tmyzer.com	ads.themoneytizer.com
2	cmp.quantcast.com	urlz.fr cmp.quantcast.com
1	pixel.quantserve.com
1	apis.cmp.quantcast.com	cmp.quantcast.com
1	mug.criteo.com
1	ajax.googleapis.com	d2zur9cc2gf1tx.cloudfront.net
1	rules.quantcount.com	secure.quantserve.com
1	x.bidswitch.net	onetag-sys.com
1	ups.analytics.yahoo.com	onetag-sys.com
1	image8.pubmatic.com	onetag-sys.com
1	s.amazon-adsystem.com	onetag-sys.com
1	ssbsync-global.smartadserver.com	onetag-sys.com
1	pixel.rubiconproject.com	onetag-sys.com
1	sync.mathtag.com	1 redirects
1	d2zur9cc2gf1tx.cloudfront.net	ads.themoneytizer.com
1	p.cpx.to	ads.themoneytizer.com
1	secure.quantserve.com	ads.themoneytizer.com
1	tag.leadplace.fr	ads.themoneytizer.com
1	ced.sascdn.com	ads.themoneytizer.com
1	www.googletagmanager.com	urlz.fr
0	s.cpx.to Failed	p.cpx.to
0	adtrack.adleadevent.com Failed	ajax.googleapis.com
0	mwzeom.zeotap.com Failed
0	kvt.sddan.com Failed	ads.themoneytizer.com
0	id5-sync.com Failed	ads.themoneytizer.com
0	pixel-eu.rubiconproject.com Failed	onetag-sys.com
65	38

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-11` - `2023-06-11`	a year	crt.sh
disenoprueba.imduyv.gob.mx Sectigo RSA Domain Validation Secure Server CA	`2022-07-25` - `2023-07-25`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
1266287590.rsc.cdn77.org R3	`2022-12-21` - `2023-03-21`	3 months	crt.sh
cmp.quantcast.com R3	`2023-02-13` - `2023-05-14`	3 months	crt.sh
c.tmyzer.com R3	`2023-01-25` - `2023-04-25`	3 months	crt.sh
*.sascdn.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-08` - `2023-09-11`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-04` - `2023-03-31`	3 months	crt.sh
*.leadplace.fr Gandi Standard SSL CA 2	`2022-09-13` - `2023-09-13`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-28` - `2024-01-28`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.cpx.to R3	`2022-11-28` - `2023-02-26`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-09-27` - `2023-03-22`	6 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-05` - `2023-05-04`	a year	crt.sh
quantserve.com R3	`2023-02-13` - `2023-05-14`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
script.4dex.io Cloudflare Inc ECC CA-3	`2022-11-23` - `2023-11-22`	a year	crt.sh

This page contains 7 frames:

Primary Page: https://disenoprueba.imduyv.gob.mx/~wp.php/?url=Ly8vbW9iaWxlZnJhbmNlL2xvZ2luLz8mYW1wO2k9MkNJWU8=
Frame ID: F66266FEFFE491D2831D0D6B5B2AFE2E
Requests: 41 HTTP requests in this frame

Frame: https://disenoprueba.imduyv.gob.mx/~wp.php/?url=Ly8vbW9iaWxlZnJhbmNlL2xvZ2luLz8mYW1wO2k9MkNJWU8=
Frame ID: 63942D1B27F70F575B0DFBBDE837BCBA
Requests: 1 HTTP requests in this frame

Frame: https://disenoprueba.imduyv.gob.mx/js-rZQiori///mobilefrance/login/?&i=2CIYO
Frame ID: 0FDF7A2BDAE3534C5DA484EEBB0B6152
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1676545529567
Frame ID: C675BE3D3848D3B01D2A032C6DAFC7D1
Requests: 14 HTTP requests in this frame

Frame: https://disenoprueba.imduyv.gob.mx/~wp.php/?url=Ly8vbW9iaWxlZnJhbmNlL2xvZ2luLz8mYW1wO2k9MkNJWU8=
Frame ID: 73062292624E3F587DC70A0227DB776A
Requests: 1 HTTP requests in this frame

Frame: https://disenoprueba.imduyv.gob.mx/js-rZQiori///mobilefrance/login/?&i=2CIYO
Frame ID: B831AFD153D09158DBC0BCBE0776C0BF
Requests: 2 HTTP requests in this frame

Frame: https://disenoprueba.imduyv.gob.mx/js-rZQiori///mobilefrance/login/?&i=2CIYO
Frame ID: 048AB8102AEDD6D1C77320ABF1FE05D3
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login into.......

Page URL History Show full URLs

http://urlz.fr/kNT6 HTTP 301
https://urlz.fr/kNT6 Page URL
https://disenoprueba.imduyv.gob.mx/~wp.php/?url=Ly8vbW9iaWxlZnJhbmNlL2xvZ2luLz8mYW1wO2k9MkNJWU8= Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

65
Requests

75 %
HTTPS

35 %
IPv6

32
Domains

38
Subdomains

28
IPs

5
Countries

553 kB
Transfer

1768 kB
Size

18
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://urlz.fr/kNT6 HTTP 301
https://urlz.fr/kNT6 Page URL
https://disenoprueba.imduyv.gob.mx/~wp.php/?url=Ly8vbW9iaWxlZnJhbmNlL2xvZ2luLz8mYW1wO2k9MkNJWU8= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://urlz.fr/kNT6 HTTP 301
https://urlz.fr/kNT6

Request Chain 30

https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://onetag-sys.com/match/?int_id=1&uid=b01363ee-0dfa-4c00-ab08-eb9c05f58046&gdpr=1&gdpr_consent=

Request Chain 32

https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fonetag-sys.com%252Fmatch%252F%253Fint_id%253D98%2526gdpr%253D1%2526gdpr_consent%253D%2526uid%253D%24UID HTTP 302
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=5761562773493297486

Request Chain 34

https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhlnml94igcXLaJ6iEQxZ2mP0ZVZcgjASfw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhlnml94igcXLaJ6iEQxZ2mP0ZVZcgjASfw&google_tc=

Request Chain 36

https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=5DxRSYrx6CwkDb5vZrJrRg-BJAQGY12SqG5vx_fd6Gw

Request Chain 38

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm=&google_tc= HTTP 302
https://onetag-sys.com/match/?int_id=106&google_gid=CAESECG0k_K3u5hmnUkQjZM_aFw&google_cver=1

Request Chain 39

https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr_consent%3D%26uid%3D HTTP 302
https://prebid-match.dotomi.com/match/bounce/current?DotomiTest=3e9a9194c2d3103e&is_secure=true&version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr_consent%3D%26uid%3D HTTP 302
https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAAMlwvinMEfIQNLgE7iAAAAAAA&expiration=1676631930&is_secure=true

Request Chain 41

https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= HTTP 302
https://onetag-sys.com/match/?int_id=29&uid=49aa6eec-1a90-43fe-af5b-8866ac9b07b3&gdpr=0&gdpr_consent=

Request Chain 49

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Furlz.fr%2F&domain=urlz.fr&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=d5FqgHxDdTBtSTdveUxHcytWcE9SZGVyTjU3NmRDSkk5alNHVkJaTFp2ZHJQcDlHRnZOMHMxdXlmWG1HZ0c0dzlENmNYSnFENTc3VDN3dnQ1ZTh5R2MydFMrdlhlY1hJak1nbmg0ejFmWXBzcXBoNWNLVnpLekkxbjNPR1dtN3RoQmtsZHJHcmcrellMbExBSktLY2xiY2E0aFVGOGNvTXZNOVlDekZkdUdhSEhJcWNDQ2xOb1JndWtkS3VNaVFiTEVmTlk1cit2dTZ2ZlVkeUJsZFo1L05nak1XS21VLzR1blg3WXBDQ1kxREVhMFUwPXw&cppv=2

Request Chain 56

https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&google_hm=NmRmN2FkNzktN2U4YS00ZTY3LTU1NGItMmMyNTc3NTk1ZWNj&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=6df7ad79-7e8a-4e67-554b-2c2577595ecc&reqId=421f2643-d32f-4092-44e2-be07434505c2&zdid=1258 HTTP 302
https://mwzeom.zeotap.com/mw?google_gid=CAESEGVIeIlxKf_Jpl5zCVKeqgc&google_cver=1&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=6df7ad79-7e8a-4e67-554b-2c2577595ecc&reqId=421f2643-d32f-4092-44e2-be07434505c2&zdid=1258

65 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

kNT6 Show response
urlz.fr/
Redirect Chain

http://urlz.fr/kNT6
https://urlz.fr/kNT6

9 KB
3 KB

882ms
495ms

Document
text/html

104.21.234.215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://urlz.fr/kNT6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.234.215 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e56cc02cf672390d0686324264357c343c9465fc22d93a181d1b8810b6e7e010

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=60
cf-cache-status: DYNAMIC
cf-ray: 79a5cef07fdef7f4-BNA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 16 Feb 2023 11:05:28 GMT
expires: Thu, 16 Feb 2023 11:06:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s%2BOyJacGu8BHrgL5uDYFyC4wX%2FvxH2nDBZ7YEcgbffKpAi57sa928avb3uEa7MjI3weProFj0hA2IebwiGLX4fxv3f17Bi2NIzxwP%2Bq5Txl7wP96RNGmopi3"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-fastcgi-cache: MISS

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 79a5ceec2efdf7e0-BNA
Cache-Control: max-age=60
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Thu, 16 Feb 2023 11:05:27 GMT
Expires: Thu, 16 Feb 2023 11:06:27 GMT
Location: https://urlz.fr/kNT6
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=19S7TeVxwlIhJQXzig4DhQvmtbdGJPcjaoVrOaZXv7Qi2MsvXXge5%2FVFKcbPne2CYZ74aP%2B4oZNSJJkLRGBDuWgAqWGkKxn%2BCzywGp0xCww7HmMCOWwvNnLY"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
X-FastCGI-Cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 rocket-loader.min.js Show response
urlz.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 39ms
37ms Script
application/javascript 104.21.234.215
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://urlz.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: urlz.fr
URL: https://urlz.fr/kNT6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.234.215 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://urlz.fr/kNT6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 11:05:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 15 Feb 2023 11:11:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63ecbdcc-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OT6GihdS9O%2FInpL6rUSrUC3rTI9UB%2Fyunvf9cjz32RAzZcPBUaBxDt%2BRalrXAP02G7IQxFgUze94m3vNdbPQSkDTfFlKvyNZDH42c7VrePBto%2FKKtCih0tmZ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 79a5cef3984df7f4-BNA
expires: Sat, 18 Feb 2023 11:05:28 GMT

GET
H2 200 / Show response
disenoprueba.imduyv.gob.mx/~wp.php/ Frame 6394 614 B
463 B 344ms
120ms Document
text/html 68.65.121.216
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://disenoprueba.imduyv.gob.mx/~wp.php/?url=Ly8vbW9iaWxlZnJhbmNlL2xvZ2luLz8mYW1wO2k9MkNJWU8=
Requested by: Host: urlz.fr
URL: https://urlz.fr/kNT6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.65.121.216 Huntingdon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium41-4.web-hosting.com
Software: LiteSpeed / PHP/7.2.34
Resource Hash: f1957a9789bcf77d119b9c42105aea9e602ad6b1d6e8ed36c883b46c9b33a61d

Request headers

Referer: https://urlz.fr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-length: 295
content-type: text/html; charset=UTF-8
date: Thu, 16 Feb 2023 11:05:29 GMT
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/7.2.34
x-turbo-charged-by: LiteSpeed

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 110 KB
44 KB 147ms
60ms Script
application/javascript 2607:f8b0:4006:820::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-162669458-1

Requested by

Host: urlz.fr
URL: https://urlz.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2008 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8fb4b0d0f63b20d0afeaf87c6013aa73286aa3033c350385af815e7a90bdfb6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://urlz.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 11:05:29 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44199
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 16 Feb 2023 11:05:29 GMT

GET
H2 200 requestform.js Show response
ads.themoneytizer.com/s/ 126 KB
20 KB 157ms
41ms Script
text/html 2a02:6ea0:c400::12
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=6
Requested by: Host: urlz.fr
URL: https://urlz.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::12 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 7cf0e09c27aea4ed89867da9a02466f92e618afc3ced6fcb5959fcdc171c757a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://urlz.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-77-nzt: AVm7sQ8LXtb/AFQAAA
x-accel-expires: @1677128825
date: Thu, 16 Feb 2023 11:05:29 GMT
x-77-pop: newyorkUSNY
content-encoding: gzip
server: CDN77-Turbo
x-77-nzt-ray: 49be1408bab0349df90dee637ece7603
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
x-77-cache: HIT
cache-control: max-age=604800
x-age: 21504

GET
H2 200 gen.js Show response
ads.themoneytizer.com/s/ 5 KB
3 KB 202ms
87ms Script
text/html 2a02:6ea0:c400::12
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/gen.js?type=6
Requested by: Host: urlz.fr
URL: https://urlz.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::12 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 5c6c9afc6dce567139464462a6b912452e6a3dbaad17c3992e3797aee763e923

Request headers

accept-language: en-US,en;q=0.9
Referer: https://urlz.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-77-nzt: AVm7sQ9BaI3/C1UAAA
x-accel-expires: @1677128558
date: Thu, 16 Feb 2023 11:05:29 GMT
x-77-pop: newyorkUSNY
content-encoding: gzip
server: CDN77-Turbo
x-77-nzt-ray: 49be1408bab0349df90dee635af99003
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
x-77-cache: HIT
cache-control: max-age=604800
x-age: 21771

GET
H2 200 requestform.js Show response
ads.themoneytizer.com/s/ 126 KB
20 KB 220ms
106ms Script
text/html 2a02:6ea0:c400::12
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Requested by: Host: urlz.fr
URL: https://urlz.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::12 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 769f55c2eea4e55a83b5dbadeb7b8e81b1e9c838b5050e2dd68fa96c254ae4cc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://urlz.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-77-nzt: AVm7sQ9i/9j/AFQAAA
x-accel-expires: @1677128825
date: Thu, 16 Feb 2023 11:05:29 GMT
x-77-pop: newyorkUSNY
content-encoding: gzip
server: CDN77-Turbo
x-77-nzt-ray: 49be1408bab0349df90dee6301b19603
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
x-77-cache: HIT
cache-control: max-age=604800
x-age: 21504

GET
H2 200 gen.js Show response
ads.themoneytizer.com/s/ 5 KB
3 KB 223ms
110ms Script
text/html 2a02:6ea0:c400::12
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/gen.js?type=28
Requested by: Host: urlz.fr
URL: https://urlz.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::12 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 5c6c9afc6dce567139464462a6b912452e6a3dbaad17c3992e3797aee763e923

Request headers

accept-language: en-US,en;q=0.9
Referer: https://urlz.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-77-nzt: AVm7sQ+qLub/B1UAAA
x-accel-expires: @1677128562
date: Thu, 16 Feb 2023 11:05:29 GMT
x-77-pop: newyorkUSNY
content-encoding: gzip
server: CDN77-Turbo
x-77-nzt-ray: 49be1408bab0349df90dee632546ae03
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
x-77-cache: HIT
cache-control: max-age=604800
x-age: 21767

GET
H2 200 requestform.js Show response
ads.themoneytizer.com/s/ 126 KB
20 KB 244ms
131ms Script
text/html 2a02:6ea0:c400::12
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1
Requested by: Host: urlz.fr
URL: https://urlz.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::12 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: fcf75a271ce175be593c8b1f26f8e651acf9b8d78cdf3de5b85db1aea12da492

Request headers

accept-language: en-US,en;q=0.9
Referer: https://urlz.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-77-nzt: AVm7sQ95Z8L/AFQAAA
x-accel-expires: @1677128825
date: Thu, 16 Feb 2023 11:05:29 GMT
x-77-pop: newyorkUSNY
content-encoding: gzip
server: CDN77-Turbo
x-77-nzt-ray: 49be1408bab0349df90dee632d8eb203
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
x-77-cache: HIT
cache-control: max-age=604800
x-age: 21504

GET
H2 200 gen.js Show response
ads.themoneytizer.com/s/ 5 KB
3 KB 246ms
133ms Script
text/html 2a02:6ea0:c400::12
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/gen.js?type=1
Requested by: Host: urlz.fr
URL: https://urlz.fr/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::12 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 5c6c9afc6dce567139464462a6b912452e6a3dbaad17c3992e3797aee763e923

Request headers

accept-language: en-US,en;q=0.9
Referer: https://urlz.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-77-nzt: AVm7sQ9jXZ7/C1UAAA
x-accel-expires: @1677128558
date: Thu, 16 Feb 2023 11:05:29 GMT
x-77-pop: newyorkUSNY
content-encoding: gzip
server: CDN77-Turbo
x-77-nzt-ray: 49be1408bab0349df90dee63595cc903
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
x-77-cache: HIT
cache-control: max-age=604800
x-age: 21771

GET
H2 200 / Show response
disenoprueba.imduyv.gob.mx/js-rZQiori///mobilefrance/login/ Frame 0FDF 2 KB
781 B 109ms
108ms Document
text/html 68.65.121.216
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://disenoprueba.imduyv.gob.mx/js-rZQiori///mobilefrance/login/?&i=2CIYO
Requested by: Host: disenoprueba.imduyv.gob.mx
URL: https://disenoprueba.imduyv.gob.mx/~wp.php/?url=Ly8vbW9iaWxlZnJhbmNlL2xvZ2luLz8mYW1wO2k9MkNJWU8=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.65.121.216 Huntingdon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium41-4.web-hosting.com
Software: LiteSpeed / PHP/7.2.34
Resource Hash: 81e86cfaa335c763504e8c5936b48ced800e8bde96659c7b709563afe4a4bd87

Request headers

Referer: https://disenoprueba.imduyv.gob.mx/~wp.php/?url=Ly8vbW9iaWxlZnJhbmNlL2xvZ2luLz8mYW1wO2k9MkNJWU8=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-length: 613
content-type: text/html; charset=UTF-8
date: Thu, 16 Feb 2023 11:05:29 GMT
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/7.2.34
x-turbo-charged-by: LiteSpeed

GET
H2 200 stylesheet.css
disenoprueba.imduyv.gob.mx/js-rZQiori///mobilefrance/login/ Frame 0FDF 1 KB
632 B 106ms
105ms Stylesheet
text/css 68.65.121.216
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://disenoprueba.imduyv.gob.mx/js-rZQiori///mobilefrance/login/stylesheet.css
Requested by: Host: disenoprueba.imduyv.gob.mx
URL: https://disenoprueba.imduyv.gob.mx/js-rZQiori///mobilefrance/login/?&i=2CIYO
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.65.121.216 Huntingdon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium41-4.web-hosting.com
Software: LiteSpeed /
Resource Hash: 549feae64965edf6cd1bedf9b849f2e5f0b8220cf91edce44d1fe02aa412141d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://disenoprueba.imduyv.gob.mx/js-rZQiori///mobilefrance/login/?&i=2CIYO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 11:05:29 GMT
content-encoding: br
last-modified: Sat, 12 Dec 2020 21:10:20 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 412
expires: Thu, 23 Feb 2023 11:05:29 GMT

GET
H2 200 choice.js Show response
cmp.quantcast.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/ 3 KB
2 KB 171ms
43ms Script
application/javascript 2600:9000:2209:4c00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js
Requested by: Host: urlz.fr
URL: https://urlz.fr/kNT6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2209:4c00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ad07c6b24e5575bc7fea432515d21d7ada9aeee0bdd5518b1d5fe24b98a091e3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://urlz.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 11:05:23 GMT
content-encoding: gzip
via: 1.1 c45a9630d6506aeeffefe81fbc0ed0ae.cloudfront.net (CloudFront)
last-modified: Tue, 28 Jun 2022 13:53:56 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-P1
age: 32
x-amz-server-side-encryption: AES256
etag: W/"c53bd785b1ee57b613221019d7d72626"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
cross-origin-resource-policy: cross-origin
x-amz-cf-id: eM2N9b2q4YffIIVWAy0tqzVsEQ4GfQKAfba_Q8-Whyl_Qj-ZlhfBlA==

GET
H2 200 moneybile.js Show response
ads.themoneytizer.com/ 38 KB
16 KB 55ms
47ms Script
application/javascript 2a02:6ea0:c400::12
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneybile.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::12 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 4006e0481f9cfffd3a579c3dcbdad1b6953e844c1e3c76a8d9f86844c98d87a3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://urlz.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-77-pop: newyorkUSNY
date: Thu, 16 Feb 2023 11:05:29 GMT
content-encoding: gzip
x-cache: HIT
x-77-cache: HIT
x-age: 21771
x-77-nzt: AVm7sQ9f4P3/C1UAAA
pragma: public
x-accel-expires: @1676610158
last-modified: Fri, 12 Mar 2021 17:07:19 GMT
server: CDN77-Turbo
x-77-nzt-ray: 49be1408bab0349df90dee63b7d8ef22
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400, public, no-transform
expires: Fri, 17 Feb 2023 05:02:38 GMT

GET
H/1.1 200
OK /
c.tmyzer.com/c/ 0
271 B 475ms
116ms XHR
text/html 54.38.64.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tmyzer.com/c/?s=15056&f=1&fi=99
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://urlz.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 16 Feb 2023 11:05:29 GMT
Server: nginx
X-IPLB-Request-ID: A75807A2:8BAE_36264064:01BB_63EE0DF9_AD2CBC4:29F04
X-IPLB-Instance: 38431
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK smart.js Show response
ced.sascdn.com/tag/1097/ 97 KB
33 KB 178ms
44ms Script
application/javascript 23.49.251.219
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ced.sascdn.com/tag/1097/smart.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.49.251.219 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-49-251-219.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 876626ded6c9d01e8764f738775f4c00a85312a5a63959ef7547cc6d1af5c506

Request headers

accept-language: en-US,en;q=0.9
Referer: https://urlz.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Thu, 16 Feb 2023 11:05:29 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=7200
Connection: keep-alive
Content-Length: 33218
Expires: Thu, 16 Feb 2023 13:05:29 GMT

GET
H2 200 sync Show response
gum.criteo.com/ 49 B
291 B 126ms
44ms Script
text/javascript 2620:100:a001::c
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://urlz.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 11:05:29 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 614606
expires: 60

GET
H2 200 mapper.js Show response
spl.zeotap.com/ 61 KB
21 KB 207ms
132ms Script
application/javascript 2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/mapper.js?env=mWeb&eventType=pageview&zdid=1258
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52d507688e76dfbe48fce79beb89be7f30101e95e9e06c121c461e30517ab36f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://urlz.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 11:05:29 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://urlz.fr
access-control-allow-credentials: true
cf-ray: 79a5cef85b902231-ORD
access-control-allow-headers: *

GET
H/1.1 200
OK libJsLP.js
tag.leadplace.fr/ 5 KB
6 KB 576ms
115ms Script
application/javascript 145.239.192.166
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.leadplace.fr/libJsLP.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 145.239.192.166 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://urlz.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Thu, 16 Feb 2023 11:05:30 GMT
Last-Modified: Thu, 14 Oct 2021 07:27:53 GMT
Server: nginx/1.20.1
X-IPLB-Request-ID: A75807A2:998E_91EFC0A6:01BB_63EE0DF9_74B00E84:237B7
ETag: "6167dbf9-15ab"
X-IPLB-Instance: 30195
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 5547

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame C675 4 KB
2 KB 149ms
43ms Document
text/html 51.222.39.187
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1676545529567

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.222.39.187 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip187.ip-51-222-39.net

Software

Resource Hash

4f3b45e8341737ae84ac8bf5b77a318d6bf9f3c98f891cbef68bd7a034e8b4c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://urlz.fr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 1415
content-type: text/html
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security: max-age=15552000

GET
H2 200 quant.js Show response
secure.quantserve.com/ 26 KB
10 KB 146ms
44ms Script
application/javascript 2620:116:800b:21:c1e8:5385:5098:6bf0
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800b:21:c1e8:5385:5098:6bf0 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 8bdde2de62dbc0ee6884be879ae01087c577529c8efa022464ad8f96726bce31

Request headers

accept-language: en-US,en;q=0.9
Referer: https://urlz.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 11:05:29 GMT
content-encoding: gzip
etag: "Uc7ci/tysauZvGT38RNrSg=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Thu, 23 Feb 2023 11:05:29 GMT

GET
H/1.1 200
OK px.js
p.cpx.to/p/12773/ 2 KB
2 KB 598ms
140ms Script
application/javascript 54.77.197.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.cpx.to/p/12773/px.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.197.57 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-197-57.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://urlz.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 11:05:29 GMT
cache-control: max-age=2419200, public
Connection: keep-alive
Content-Length: 1990
content-type: application/javascript; charset=UTF-8

GET
H/1.1 200
OK notifyme.js Show response
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/ 25 KB
26 KB 174ms
50ms Script
text/javascript 54.230.244.195
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.244.195 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-244-195.ewr53.r.cloudfront.net
Software: Apache /
Resource Hash: b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213

Request headers

accept-language: en-US,en;q=0.9
Referer: https://urlz.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Thu, 16 Feb 2023 08:19:50 GMT
Via: 1.1 0146c8129cacdacca96753291cf27ec4.cloudfront.net (CloudFront)
Last-Modified: Mon, 18 Feb 2019 16:54:28 GMT
Server: Apache
X-Amz-Cf-Pop: EWR53-P1
Age: 9939
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 25704
X-Amz-Cf-Id: tTX52Pp74xlWl0DlpDmfiUlRZtXrmt-tGe72YpQDbL__Vl09EU3p9Q==

GET
H2 200 prebid.js Show response
ads.themoneytizer.com/moneybid7_35/build/dist/ 587 KB
185 KB 52ms
51ms Script
application/javascript 2a02:6ea0:c400::12
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneybid7_35/build/dist/prebid.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::12 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 9c9758144bcd45ed42a41b65ef12341715aaaeb03d994141718f1b6aef9dc8a0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://urlz.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-77-pop: newyorkUSNY
date: Thu, 16 Feb 2023 11:05:29 GMT
content-encoding: gzip
x-cache: HIT
x-77-cache: HIT
x-age: 21770
x-77-nzt: AVm7sQ+tOUX/ClUAAA
pragma: public
x-accel-expires: @1676610159
last-modified: Mon, 06 Feb 2023 22:21:08 GMT
server: CDN77-Turbo
x-77-nzt-ray: 49be1408bab0349df90dee633edb6c23
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400, public, no-transform
expires: Fri, 17 Feb 2023 05:02:39 GMT

GET
H/1.1 200
OK /
c.tmyzer.com/c/ 0
271 B 476ms
121ms XHR
text/html 54.38.64.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tmyzer.com/c/?s=15056&f=28&fi=99
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://urlz.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 16 Feb 2023 11:05:29 GMT
Server: nginx
X-IPLB-Request-ID: A75807A2:8BB2_36264064:01BB_63EE0DF9_AD51867:2273B
X-IPLB-Instance: 41595
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET /
c.tmyzer.com/c/ 0
0

GET
H2 200 lib_fs_close.js Show response
ads.themoneytizer.com/ 667 B
778 B 67ms
64ms Script
application/javascript 2a02:6ea0:c400::12
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/lib_fs_close.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::12 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: e5014bac0fa3e49a6eab8b146d9d57d5ef82b624aa3593900ce1cac72cb97882

Request headers

accept-language: en-US,en;q=0.9
Referer: https://urlz.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-77-pop: newyorkUSNY
date: Thu, 16 Feb 2023 11:05:29 GMT
content-encoding: gzip
x-cache: HIT
x-77-cache: HIT
x-age: 21770
x-77-nzt: AVm7sQ+8agv/ClUAAA
pragma: public
x-accel-expires: @1676610159
last-modified: Thu, 19 Jan 2023 15:05:03 GMT
server: CDN77-Turbo
x-77-nzt-ray: 49be1408bab0349df90dee63f4215525
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400, public, no-transform
expires: Fri, 17 Feb 2023 05:02:39 GMT

GET
H2 200 / Show response
disenoprueba.imduyv.gob.mx/~wp.php/ Frame 7306 614 B
463 B 115ms
101ms Document
text/html 68.65.121.216
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://disenoprueba.imduyv.gob.mx/~wp.php/?url=Ly8vbW9iaWxlZnJhbmNlL2xvZ2luLz8mYW1wO2k9MkNJWU8=
Requested by: Host: urlz.fr
URL: https://urlz.fr/kNT6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.65.121.216 Huntingdon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium41-4.web-hosting.com
Software: LiteSpeed / PHP/7.2.34
Resource Hash: f1957a9789bcf77d119b9c42105aea9e602ad6b1d6e8ed36c883b46c9b33a61d

Request headers

Referer: https://urlz.fr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-length: 295
content-type: text/html; charset=UTF-8
date: Thu, 16 Feb 2023 11:05:29 GMT
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/7.2.34
x-turbo-charged-by: LiteSpeed

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 90ms
25ms Script
text/javascript 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-162669458-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://urlz.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 16 Feb 2023 09:57:22 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 4087
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Thu, 16 Feb 2023 11:57:22 GMT

GET
H2 200 /
disenoprueba.imduyv.gob.mx/js-rZQiori///mobilefrance/login/ Frame B831 2 KB
781 B 107ms
102ms Document
text/html 68.65.121.216
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://disenoprueba.imduyv.gob.mx/js-rZQiori///mobilefrance/login/?&i=2CIYO
Requested by: Host: disenoprueba.imduyv.gob.mx
URL: https://disenoprueba.imduyv.gob.mx/~wp.php/?url=Ly8vbW9iaWxlZnJhbmNlL2xvZ2luLz8mYW1wO2k9MkNJWU8=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.65.121.216 Huntingdon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium41-4.web-hosting.com
Software: LiteSpeed / PHP/7.2.34
Resource Hash

Request headers

Referer: https://disenoprueba.imduyv.gob.mx/~wp.php/?url=Ly8vbW9iaWxlZnJhbmNlL2xvZ2luLz8mYW1wO2k9MkNJWU8=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-length: 613
content-type: text/html; charset=UTF-8
date: Thu, 16 Feb 2023 11:05:29 GMT
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/7.2.34
x-turbo-charged-by: LiteSpeed

GET
H2

200

/
onetag-sys.com/match/ Frame C675
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
https://onetag-sys.com/match/?int_id=1&uid=b01363ee-0dfa-4c00-ab08-eb9c05f58046&gdpr=1&gdpr_consent=

0
291 B

52ms
52ms

Image
text/plain

51.222.39.187
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=1&uid=b01363ee-0dfa-4c00-ab08-eb9c05f58046&gdpr=1&gdpr_consent=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1676545529567

Protocol

Server

51.222.39.187 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip187.ip-51-222-39.net

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date: Thu, 16 Feb 2023 11:05:29 GMT
Server: MT3 457 2362390 master ord-pixel-x58 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://onetag-sys.com/match/?int_id=1&uid=b01363ee-0dfa-4c00-ab08-eb9c05f58046&gdpr=1&gdpr_consent=
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 16 Feb 2023 11:05:28 GMT

GET sync.php
pixel-eu.rubiconproject.com/exchange/ Frame C675 0
0

GET
H2

200

/
onetag-sys.com/match/ Frame C675
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fonetag-sys.com%252Fmatch%252F%253Fint_id%253D98%2526gdpr%253D1%2526gdpr_consent%253D%2526uid%253D%24UID
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=5761562773493297486

0
291 B

51ms
43ms

Image
text/plain

51.222.39.187
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=5761562773493297486

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1676545529567

Protocol

Server

51.222.39.187 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip187.ip-51-222-39.net

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date: Thu, 16 Feb 2023 11:05:29 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 167.88.7.162; 167.88.7.162; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: b11786be-9f43-4f83-86b8-994f3ed6d1a2
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=5761562773493297486
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame C675 42 B
774 B 278ms
48ms Image
image/gif 69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=5DxRSYrx6CwkDb5vZrJrRg-BJAQGY12SqG5vx_fd6Gw
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1676545529567
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: e1bddfc34a927e97bda010c0d8a62b62
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame C675
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhlnml94igcXLaJ6iEQxZ2mP0ZVZcgjASfw
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhlnml94igcXLaJ6iEQxZ2mP0ZVZcgjASfw&google_tc=

170 B
243 B

58ms
55ms

Image
image/png

142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhlnml94igcXLaJ6iEQxZ2mP0ZVZcgjASfw&google_tc=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1676545529567

Protocol

Server

142.251.41.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Feb 2023 11:05:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Feb 2023 11:05:29 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABhlnml94igcXLaJ6iEQxZ2mP0ZVZcgjASfw&google_tc=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 318
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK sync
ssbsync-global.smartadserver.com/api/ Frame C675 0
75 B 394ms
55ms Image
text/plain 199.187.193.182
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1676545529567
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.187.193.182 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 11:05:29 GMT
content-length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame C675
Redirect Chain

https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=5DxRSYrx6CwkDb5vZrJrRg-BJAQGY12SqG5vx_fd6Gw

43 B
479 B

219ms
50ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=5DxRSYrx6CwkDb5vZrJrRg-BJAQGY12SqG5vx_fd6Gw

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1676545529567

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 16 Feb 2023 11:05:30 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 82MVPFA5NW52CY8CABAK
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=5DxRSYrx6CwkDb5vZrJrRg-BJAQGY12SqG5vx_fd6Gw
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2 200 ImgSync
image8.pubmatic.com/AdServer/ Frame C675 0
42 B 161ms
47ms Image
text/plain 162.248.18.32
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1676545529567
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.248.18.32 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 11:05:29 GMT
content-length: 0

GET
H2

200

/
onetag-sys.com/match/ Frame C675
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm=&google_tc=
https://onetag-sys.com/match/?int_id=106&google_gid=CAESECG0k_K3u5hmnUkQjZM_aFw&google_cver=1

0
291 B

45ms
44ms

Image
text/plain

51.222.39.187
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=106&google_gid=CAESECG0k_K3u5hmnUkQjZM_aFw&google_cver=1

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1676545529567

Protocol

Server

51.222.39.187 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip187.ip-51-222-39.net

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Thu, 16 Feb 2023 11:05:30 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=106&google_gid=CAESECG0k_K3u5hmnUkQjZM_aFw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 298
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
onetag-sys.com/match/ Frame C675
Redirect Chain

https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
https://prebid-match.dotomi.com/match/bounce/current?DotomiTest=3e9a9194c2d3103e&is_secure=true&version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdp...
https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAAMlwvinMEfIQNLgE7iAAAAAAA&expiration=1676631930&is_secure=true

0
291 B

46ms
43ms

Image
text/plain

51.222.39.187
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAAMlwvinMEfIQNLgE7iAAAAAAA&expiration=1676631930&is_secure=true

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1676545529567

Protocol

Server

51.222.39.187 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip187.ip-51-222-39.net

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Thu, 16 Feb 2023 11:05:30 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAAMlwvinMEfIQNLgE7iAAAAAAA&expiration=1676631930&is_secure=true
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H2 204 occ
ups.analytics.yahoo.com/ups/58488/ Frame C675 0
125 B 181ms
50ms Image
text/plain 3.218.90.66
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1676545529567

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.218.90.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-218-90-66.compute-1.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 11:05:29 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

/
onetag-sys.com/match/ Frame C675
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
https://onetag-sys.com/match/?int_id=29&uid=49aa6eec-1a90-43fe-af5b-8866ac9b07b3&gdpr=0&gdpr_consent=

0
291 B

50ms
43ms

Image
text/plain

51.222.39.187
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=29&uid=49aa6eec-1a90-43fe-af5b-8866ac9b07b3&gdpr=0&gdpr_consent=

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1676545529567

Protocol

Server

51.222.39.187 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip187.ip-51-222-39.net

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Thu, 16 Feb 2023 11:05:29 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://onetag-sys.com/match/?int_id=29&uid=49aa6eec-1a90-43fe-af5b-8866ac9b07b3&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 233

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame C675 43 B
235 B 178ms
51ms Image
image/gif 35.211.178.172
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1676545529567
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 172.178.211.35.bc.googleusercontent.com
Software: nginx /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Thu, 16 Feb 2023 11:05:30 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 cmp2.js Show response
cmp.quantcast.com/tcfv2/42/ 177 KB
47 KB 51ms
49ms Script
text/javascript 2600:9000:2209:4c00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/tcfv2/42/cmp2.js?referer=www.themoneytizer.com
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2209:4c00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0dbe8557cf989bc417149292624d7cbf6bdfdbb38de706b401ab705933a7a9e1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://urlz.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 15:32:40 GMT
content-encoding: gzip
via: 1.1 c45a9630d6506aeeffefe81fbc0ed0ae.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-P1
age: 156770
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 05 Jul 2022 18:40:24 GMT
server: AmazonS3
etag: W/"59be037dc1c45f10dd05d31809da5dc3"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=172800
vary: Accept-Encoding
x-amz-cf-id: to2bthRK2k_mJaYHK3eBasyJGWFxF8crIANH3rW5aFTc7UOVUotJkw==

GET
H2 200 rules-p-6Fv0cGNfc_bw8.js
rules.quantcount.com/ 1 KB
1 KB 151ms
41ms Script
application/javascript 2600:9000:21dd:3e00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21dd:3e00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://urlz.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 10:24:46 GMT
content-encoding: gzip
via: 1.1 d8231fd704ad0bc5e49083372d79c2c0.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C2
age: 2444
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Thu, 13 Oct 2022 22:35:53 GMT
server: AmazonS3
etag: W/"1f431dc94c1f033d6666f0fe637e2d7b"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-id: Ru9ix730cByfoyDgNFk2Txvp_U79UR-ar8lBFtfxQ7p0okqjHIEFFA==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
201 B 35ms
33ms XHR
text/plain 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1919508931&t=pageview&_s=1&dl=https%3A%2F%2Furlz.fr%2FkNT6&ul=en-us&de=UTF-8&dt=Login%20into.......&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1900034570&gjid=1160067980&cid=382324029.1676545530&tid=UA-162669458-1&_gid=110274495.1676545530&_r=1&gtm=457e32f0&z=1207853029

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://urlz.fr/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Feb 2023 11:05:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://urlz.fr
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.0.0/ 84 KB
30 KB 137ms
45ms Script
text/javascript 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js

Requested by

Host: d2zur9cc2gf1tx.cloudfront.net
URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://urlz.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 02:23:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 117695
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30186
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Feb 2024 02:23:54 GMT

GET
H2 200 /
spl.zeotap.com/ 298 B
601 B 135ms
133ms XHR
text/html 2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/?env=mWeb&eventType=pageview&zdid=1258
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/mapper.js?env=mWeb&eventType=pageview&zdid=1258
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://urlz.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 11:05:29 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: text/html
access-control-allow-origin: https://urlz.fr
access-control-allow-credentials: true
cf-ray: 79a5cef9bd002231-ORD
access-control-allow-headers: *

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 142ms
38ms Preflight
application/json 2620:100:a001::c
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Furlz.fr%2F&domain=urlz.fr&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://urlz.fr
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://urlz.fr
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Thu, 16 Feb 2023 11:05:29 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 241164
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET

sid
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Furlz.fr%2F&domain=urlz.fr&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=d5FqgHxDdTBtSTdveUxHcytWcE9SZGVyTjU3NmRDSkk5alNHVkJaTFp2ZHJQcDlHRnZOMHMxdXlmWG1HZ0c0dzlENmNYSnFENTc3VDN3dnQ1ZTh5R2MydFMrdlhlY1hJak1nbmg0ejFmWXBzcXBoNWNLVnpLekkxbjNPR1...

0
0

POST prebid
id5-sync.com/api/config/ 0
0

GET
H/1.1 200
OK localstore.js
script.4dex.io/ 483 B
1023 B 137ms
34ms Script
application/javascript 2606:4700:20::681a:9a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid7_35/build/dist/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://urlz.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Thu, 16 Feb 2023 11:05:30 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Last-Modified: Wed, 23 Nov 2022 15:43:18 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 1776433
ETag: W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kdnCsBmwA3kC%2Fb5D5axlZpsUgU9pCfUT7aKJGVGweytsCiCs%2BE5dx5B2wA5Clky5ZY2NFI2jMWgepy%2FdUOW1t%2BFQ3RCsjEPQdEVxrRyN9odfztqyYVqFqxOmrE9%2BOuhou4azZgKfNYkfXmLe"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1800
Connection: keep-alive
CF-RAY: 79a5cefacf642bef-ORD

GET 9.gif
id5-sync.com/i/12/ 0
0

GET
H2 200 stylesheet.css
disenoprueba.imduyv.gob.mx/js-rZQiori///mobilefrance/login/ Frame B831 1 KB
632 B 120ms
118ms Stylesheet
text/css 68.65.121.216
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://disenoprueba.imduyv.gob.mx/js-rZQiori///mobilefrance/login/stylesheet.css
Requested by: Host: disenoprueba.imduyv.gob.mx
URL: https://disenoprueba.imduyv.gob.mx/js-rZQiori///mobilefrance/login/?&i=2CIYO
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.65.121.216 Huntingdon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium41-4.web-hosting.com
Software: LiteSpeed /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://disenoprueba.imduyv.gob.mx/js-rZQiori///mobilefrance/login/?&i=2CIYO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 11:05:30 GMT
content-encoding: br
last-modified: Sat, 12 Dec 2020 21:10:20 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 412
expires: Thu, 23 Feb 2023 11:05:30 GMT

GET
H2 200 geoip
apis.cmp.quantcast.com/ 53 B
174 B 163ms
44ms XHR
application/json 52.22.209.208
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://apis.cmp.quantcast.com/geoip
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/42/cmp2.js?referer=www.themoneytizer.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.209.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-209-208.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: application/json, text/plain, */*
Referer: https://urlz.fr/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 16 Feb 2023 11:05:30 GMT
content-type: application/json; charset=utf-8
content-length: 53
x-geo-ip-version: 1.2

GET s
kvt.sddan.com/api/v1/public/p/29567/d/50/ 0
0

GET

mw
mwzeom.zeotap.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&google_hm=NmRmN2FkNzktN2U4YS00ZTY3LTU1NGItMmMyNTc3NTk1ZWNj&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=6df7ad79-7e8a-4e67-55...
https://mwzeom.zeotap.com/mw?google_gid=CAESEGVIeIlxKf_Jpl5zCVKeqgc&google_cver=1&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=6df7ad79-7e8a-4e67-554b-2c2577595ecc&reqId=421f2643-d32f-4092-44e...

0
0

GET notifyme.php
adtrack.adleadevent.com/ 0
0

GET
H2 200 Primary Request / Show response
disenoprueba.imduyv.gob.mx/~wp.php/ 614 B
463 B 119ms
116ms Document
text/html 68.65.121.216
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://disenoprueba.imduyv.gob.mx/~wp.php/?url=Ly8vbW9iaWxlZnJhbmNlL2xvZ2luLz8mYW1wO2k9MkNJWU8=
Requested by: Host: urlz.fr
URL: https://urlz.fr/kNT6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.65.121.216 Huntingdon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium41-4.web-hosting.com
Software: LiteSpeed / PHP/7.2.34
Resource Hash: f1957a9789bcf77d119b9c42105aea9e602ad6b1d6e8ed36c883b46c9b33a61d

Request headers

Referer: https://urlz.fr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-length: 295
content-type: text/html; charset=UTF-8
date: Thu, 16 Feb 2023 11:05:30 GMT
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/7.2.34
x-turbo-charged-by: LiteSpeed

GET
H/1.1 200
OK adagio.js
script.4dex.io/ 74 KB
23 KB 83ms
33ms Fetch
application/javascript 2606:4700:20::681a:9a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://urlz.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Thu, 16 Feb 2023 11:05:30 GMT
Content-Encoding: br
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 1821844
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 15:43:17 GMT
Server: cloudflare
ETag: W/"c56b6332dacf72f135afcd153ae22448"
Vary: Origin, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gGWoDX7CXpysU8zl5q%2BgJQW0SffnrRRNchvMiGbJ9YZBwnXdRPboDzc5W9G8E7LHDVDdnn17%2FH0YEnFfz42SfUlAzerru94gm%2FH5fNfUxwZ3hefoeA4%2BAXVKrGHq0n73aEHAbLHCo8g3eWCI"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers
Cache-Control: public, max-age=1800
CF-RAY: 79a5cefb8e432279-ORD

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 156ms
44ms Preflight
application/json 74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=d5FqgHxDdTBtSTdveUxHcytWcE9SZGVyTjU3NmRDSkk5alNHVkJaTFp2ZHJQcDlHRnZOMHMxdXlmWG1HZ0c0dzlENmNYSnFENTc3VDN3dnQ1ZTh5R2MydFMrdlhlY1hJak1nbmg0ejFmWXBzcXBoNWNLVnpLekkxbjNPR1dtN3RoQmtsZHJHcmcrellMbExBSktLY2xiY2E0aFVGOGNvTXZNOVlDekZkdUdhSEhJcWNDQ2xOb1JndWtkS3VNaVFiTEVmTlk1cit2dTZ2ZlVkeUJsZFo1L05nak1XS21VLzR1blg3WXBDQ1kxREVhMFUwPXw&cppv=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Thu, 16 Feb 2023 11:05:30 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 254719
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 pixel;r=842853184;labels=Categories.hobbiesandinterests;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Furlz.fr%2FkNT6;uht=2;fpan=1;fpa=P0-1199729496-1676545529803;pbc=;ns=0;ce=1;qjs=1;qv=255ce5d6-2023021...
pixel.quantserve.com/ 35 B
371 B 64ms
46ms Image
image/gif 2620:116:800b:21:c1e8:5385:5098:6bf0
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=842853184;labels=Categories.hobbiesandinterests;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Furlz.fr%2FkNT6;uht=2;fpan=1;fpa=P0-1199729496-1676545529803;pbc=;ns=0;ce=1;qjs=1;qv=255ce5d6-20230215103031;cm=;gdpr=0;us_privacy=1---;ref=;d=urlz.fr;dst=0;et=1676545529958;tzo=0;ogl=;ses=f8553aef-e571-4c9e-88ab-0db63ddf9dc1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800b:21:c1e8:5385:5098:6bf0 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-US,en;q=0.9
Referer: https://urlz.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Feb 2023 11:05:30 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET fire.js
s.cpx.to/ 0
0

GET
H2 200 / Show response
disenoprueba.imduyv.gob.mx/js-rZQiori///mobilefrance/login/ Frame 048A 2 KB
781 B 117ms
117ms Document
text/html 68.65.121.216
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://disenoprueba.imduyv.gob.mx/js-rZQiori///mobilefrance/login/?&i=2CIYO
Requested by: Host: disenoprueba.imduyv.gob.mx
URL: https://disenoprueba.imduyv.gob.mx/~wp.php/?url=Ly8vbW9iaWxlZnJhbmNlL2xvZ2luLz8mYW1wO2k9MkNJWU8=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.65.121.216 Huntingdon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium41-4.web-hosting.com
Software: LiteSpeed / PHP/7.2.34
Resource Hash: 81e86cfaa335c763504e8c5936b48ced800e8bde96659c7b709563afe4a4bd87

Request headers

Referer: https://disenoprueba.imduyv.gob.mx/~wp.php/?url=Ly8vbW9iaWxlZnJhbmNlL2xvZ2luLz8mYW1wO2k9MkNJWU8=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-length: 613
content-type: text/html; charset=UTF-8
date: Thu, 16 Feb 2023 11:05:30 GMT
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/7.2.34
x-turbo-charged-by: LiteSpeed

GET
H2 200 stylesheet.css
disenoprueba.imduyv.gob.mx/js-rZQiori///mobilefrance/login/ Frame 048A 1 KB
632 B 96ms
95ms Stylesheet
text/css 68.65.121.216
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://disenoprueba.imduyv.gob.mx/js-rZQiori///mobilefrance/login/stylesheet.css
Requested by: Host: disenoprueba.imduyv.gob.mx
URL: https://disenoprueba.imduyv.gob.mx/js-rZQiori///mobilefrance/login/?&i=2CIYO
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.65.121.216 Huntingdon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium41-4.web-hosting.com
Software: LiteSpeed /
Resource Hash: 549feae64965edf6cd1bedf9b849f2e5f0b8220cf91edce44d1fe02aa412141d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://disenoprueba.imduyv.gob.mx/js-rZQiori///mobilefrance/login/?&i=2CIYO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 11:05:30 GMT
content-encoding: br
last-modified: Sat, 12 Dec 2020 21:10:20 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 412
expires: Thu, 23 Feb 2023 11:05:30 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: c.tmyzer.com
URL: https://c.tmyzer.com/c/?s=15056&f=6&fi=99

Domain: pixel-eu.rubiconproject.com
URL: https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=

Domain: mug.criteo.com
URL: https://mug.criteo.com/sid?cpp=d5FqgHxDdTBtSTdveUxHcytWcE9SZGVyTjU3NmRDSkk5alNHVkJaTFp2ZHJQcDlHRnZOMHMxdXlmWG1HZ0c0dzlENmNYSnFENTc3VDN3dnQ1ZTh5R2MydFMrdlhlY1hJak1nbmg0ejFmWXBzcXBoNWNLVnpLekkxbjNPR1dtN3RoQmtsZHJHcmcrellMbExBSktLY2xiY2E0aFVGOGNvTXZNOVlDekZkdUdhSEhJcWNDQ2xOb1JndWtkS3VNaVFiTEVmTlk1cit2dTZ2ZlVkeUJsZFo1L05nak1XS21VLzR1blg3WXBDQ1kxREVhMFUwPXw&cppv=2

Domain: id5-sync.com
URL: https://id5-sync.com/api/config/prebid

Domain: id5-sync.com
URL: https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent=

Domain: kvt.sddan.com
URL: https://kvt.sddan.com/api/v1/public/p/29567/d/50/s?callback=&gdpr=&gdpr_consent=&url=https%3A%2F%2Furlz.fr%2FkNT6

Domain: mwzeom.zeotap.com
URL: https://mwzeom.zeotap.com/mw?google_gid=CAESEGVIeIlxKf_Jpl5zCVKeqgc&google_cver=1&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=6df7ad79-7e8a-4e67-554b-2c2577595ecc&reqId=421f2643-d32f-4092-44e2-be07434505c2&zdid=1258

Domain: adtrack.adleadevent.com
URL: https://adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7

Domain: s.cpx.to
URL: https://s.cpx.to/fire.js?pid=12773&ref=&url=https%3A%2F%2Furlz.fr%2FkNT6&hn_ver=40&fid=8d0031cc-658c-4ee5-becf-56e686a4493e&dsp=pub_common&dsp_uid=e131e5e0-a37b-40a3-830f-50c2e801fd3b

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Facebook (Social Network)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| oncontentvisibilityautostatechange

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.onetag-sys.com/	1970-01-20 19:18:25	Name: OTP Value: 5DxRSYrx6CwkDb5vZrJrRg-BJAQGY12SqG5vx_fd6Gw
.urlz.fr/	1970-01-20 19:18:25	Name: _ga Value: GA1.2.382324029.1676545530
.urlz.fr/	1970-01-20 09:43:51	Name: _gid Value: GA1.2.110274495.1676545530
.urlz.fr/	1970-01-20 09:42:25	Name: _gat_gtag_UA_162669458_1 Value: 1
.mathtag.com/	1970-01-20 19:08:20	Name: uuid Value: b01363ee-0dfa-4c00-ab08-eb9c05f58046
urlz.fr/	1970-01-20 10:25:37	Name: _pbjs_userid_consent_data Value: 6683316680106290
.urlz.fr/	1970-01-20 10:22:44	Name: sharedid Value: 5c395352-c560-42c7-9529-78397a66614c
.adnxs.com/	1970-01-20 11:52:01	Name: uuid2 Value: 5761562773493297486
.adsrvr.org/	1970-01-20 18:28:01	Name: TDID Value: 49aa6eec-1a90-43fe-af5b-8866ac9b07b3
.zeotap.com/	1970-01-20 18:28:01	Name: zc Value: 6df7ad79-7e8a-4e67-554b-2c2577595ecc
.zeotap.com/	1970-01-20 09:43:51	Name: zsc Value: %27%FE%8F%C3%3E%F6%93%FEa%BE%B9t%BC%3D%BC%808g%2B%1B%F2~%03%C9%A6%7B+l%5D%D2%A7%3F%8C%AC%1C%0Cm%C5_%B2%BCm%AE%B3%89i%2F%96%27%DF%26%FDf%0Di%86%40l%DA%9B%CD%F3%CE%CA%BA%B7F%26%AC%87yjEh%A5t%90X%B4%EC%AC%A9%05
.adsrvr.org/	1970-01-20 18:28:01	Name: TDCPM Value: CAEYBSABKAIyCwj0vtCmjobIOxAFOAE.
.dotomi.com/	1970-01-20 09:42:25	Name: DotomiTest Value: 3e9a9194c2d3103e
.rubiconproject.com/	1970-01-20 18:28:01	Name: khaos Value: LE6ZX682-N-CDOL
.rubiconproject.com/	1970-01-20 18:28:01	Name: audit Value: 1\|OLYu9p0g8fPRIOGFWva538nnH/L3JH+gcg0oWILRrGvbv+B75popqnS2sxwDU2PXJ/WPNPw6clGM1KxoLazIt6NWShwHx7KI6rocrMY9/A/Vgd/ddViNLSKp4wR9W3r1i2VIOGCftNcyO5U++0bjFRIIZL1+7upeuTPhrNnJEHwBvowLBvvr8c9sdGeFC9lF
.doubleclick.net/	1970-01-20 19:18:25	Name: IDE Value: AHWqTUmfeXd4ylQKlRB0dq-lzJtWMblu2Y7Td4_QvsAOi6n6Xbp5sXafsQVTAfRc5AY
.quantserve.com/	1970-01-20 19:12:39	Name: mc Value: 63ee0dfa-2958c-d1106-1fab1
.urlz.fr/	1970-01-20 19:06:54	Name: __qca Value: P0-1199729496-1676545529803

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.themoneytizer.com
adtrack.adleadevent.com
ajax.googleapis.com
apis.cmp.quantcast.com
c.tmyzer.com
ced.sascdn.com
cm.g.doubleclick.net
cmp.quantcast.com
d2zur9cc2gf1tx.cloudfront.net
disenoprueba.imduyv.gob.mx
gum.criteo.com
ib.adnxs.com
id5-sync.com
image8.pubmatic.com
kvt.sddan.com
match.adsrvr.org
mug.criteo.com
mwzeom.zeotap.com
onetag-sys.com
p.cpx.to
pixel-eu.rubiconproject.com
pixel.quantserve.com
pixel.rubiconproject.com
prebid-match.dotomi.com
rules.quantcount.com
s.amazon-adsystem.com
s.cpx.to
script.4dex.io
secure.quantserve.com
spl.zeotap.com
ssbsync-global.smartadserver.com
sync.mathtag.com
tag.leadplace.fr
ups.analytics.yahoo.com
urlz.fr
www.google-analytics.com
www.googletagmanager.com
x.bidswitch.net
adtrack.adleadevent.com
c.tmyzer.com
id5-sync.com
kvt.sddan.com
mug.criteo.com
mwzeom.zeotap.com
pixel-eu.rubiconproject.com
s.cpx.to
104.21.234.215
142.251.41.2
145.239.192.166
15.197.193.217
162.248.18.32
199.187.193.182
2001:4860:4802:34::178
216.200.232.249
23.49.251.219
2600:9000:21dd:3e00:6:44e3:f8c0:93a1
2600:9000:2209:4c00:9:46dc:4700:93a1
2606:4700:10::ac43:db6
2606:4700:20::681a:9a9
2606:ae80:1451:11::2040
2607:f8b0:4006:81d::200a
2607:f8b0:4006:820::2008
2620:100:a001::c
2620:116:800b:21:c1e8:5385:5098:6bf0
2a02:6ea0:c400::12
3.218.90.66
35.211.178.172
51.222.39.187
52.22.209.208
52.46.151.131
54.230.244.195
54.38.64.100
54.77.197.57
68.65.121.216
68.67.179.155
69.173.151.100
74.119.119.139
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
0dbe8557cf989bc417149292624d7cbf6bdfdbb38de706b401ab705933a7a9e1
4006e0481f9cfffd3a579c3dcbdad1b6953e844c1e3c76a8d9f86844c98d87a3
4f3b45e8341737ae84ac8bf5b77a318d6bf9f3c98f891cbef68bd7a034e8b4c5
52d507688e76dfbe48fce79beb89be7f30101e95e9e06c121c461e30517ab36f
549feae64965edf6cd1bedf9b849f2e5f0b8220cf91edce44d1fe02aa412141d
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5c6c9afc6dce567139464462a6b912452e6a3dbaad17c3992e3797aee763e923
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
769f55c2eea4e55a83b5dbadeb7b8e81b1e9c838b5050e2dd68fa96c254ae4cc
7cf0e09c27aea4ed89867da9a02466f92e618afc3ced6fcb5959fcdc171c757a
81e86cfaa335c763504e8c5936b48ced800e8bde96659c7b709563afe4a4bd87
876626ded6c9d01e8764f738775f4c00a85312a5a63959ef7547cc6d1af5c506
8bdde2de62dbc0ee6884be879ae01087c577529c8efa022464ad8f96726bce31
8fb4b0d0f63b20d0afeaf87c6013aa73286aa3033c350385af815e7a90bdfb6f
9c9758144bcd45ed42a41b65ef12341715aaaeb03d994141718f1b6aef9dc8a0
ad07c6b24e5575bc7fea432515d21d7ada9aeee0bdd5518b1d5fe24b98a091e3
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
e5014bac0fa3e49a6eab8b146d9d57d5ef82b624aa3593900ce1cac72cb97882
e56cc02cf672390d0686324264357c343c9465fc22d93a181d1b8810b6e7e010
f1957a9789bcf77d119b9c42105aea9e602ad6b1d6e8ed36c883b46c9b33a61d
fcf75a271ce175be593c8b1f26f8e651acf9b8d78cdf3de5b85db1aea12da492

disenoprueba.imduyv.gob.mx Open in urlscan Pro 68.65.121.216 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

65 Requests

75 %HTTPS

35 %IPv6

32 Domains

38 Subdomains

28 IPs

5 Countries

553 kBTransfer

1768 kBSize

18 Cookies

0 Outgoing links

Page URL History

Redirected requests

65 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

disenoprueba.imduyv.gob.mx Open in urlscan Pro
68.65.121.216 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

65
Requests

75 %
HTTPS

35 %
IPv6

32
Domains

38
Subdomains

28
IPs

5
Countries

553 kB
Transfer

1768 kB
Size

18
Cookies

65 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!