urlscan.io logo urlscan.io
SecurityTrails logo

iborrowdesk.com Open in urlscan Pro
44.229.6.222  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://iborrowdesk.com/
Effective URL: https://iborrowdesk.com/
Submission: On August 26 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 2 countries across 10 domains to perform 14 HTTP transactions. The main IP is 44.229.6.222, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is iborrowdesk.com.
TLS certificate: Issued by R3 on August 11th 2021. Valid for: 3 months.
This is the only time iborrowdesk.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

3    44.229.6.222 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-229-6-222.us-west-2.compute.amazonaws.com
iborrowdesk.com
1    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
1    2600:9000:2190:7e00:f:458e:2a80:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.thisiswaldo.com
1    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2600:9000:2190:c600:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)
quantcast.mgr.consensu.org
3    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
securepubads.g.doubleclick.net
1    54.176.174.48 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-176-174-48.us-west-1.compute.amazonaws.com
ipfind.co
1    2620:116:800d:21:8c6e:cf2c:8d6:9fb5 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
1    2600:9000:211e:9600:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
Domain Requested by
3 securepubads.g.doubleclick.net cdn.thisiswaldo.com
securepubads.g.doubleclick.net
3 iborrowdesk.com 1 redirects iborrowdesk.com
2 quantcast.mgr.consensu.org cdn.thisiswaldo.com
quantcast.mgr.consensu.org
1 www.google-analytics.com iborrowdesk.com
1 rules.quantcount.com secure.quantserve.com
1 secure.quantserve.com quantcast.mgr.consensu.org
1 ipfind.co cdn.thisiswaldo.com
1 fonts.googleapis.com maxcdn.bootstrapcdn.com
1 cdn.thisiswaldo.com iborrowdesk.com
1 maxcdn.bootstrapcdn.com iborrowdesk.com
14 10

This site contains no links.

Subject Issuer Validity Valid
cjmochrie.com
R3		 2021-08-11 -
2021-11-09		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-03-01 -
2022-02-28		 a year crt.sh
cdn.thisiswaldo.com
Go Daddy Secure Certificate Authority - G2		 2021-04-17 -
2022-05-19		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-08-16 -
2021-11-08		 3 months crt.sh
quantcast.mgr.consensu.org
Amazon		 2021-04-24 -
2022-05-23		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-07-26 -
2021-10-18		 3 months crt.sh
ipfind.co
Amazon		 2021-02-02 -
2022-03-03		 a year crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2020-10-02 -
2021-10-07		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://iborrowdesk.com/
Frame ID: AD4A9FE95E65C9CECF8A08905CF26DEC
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

IBorrowDesk

Page URL History Show full URLs

  1. http://iborrowdesk.com/ HTTP 301
    https://iborrowdesk.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /Ubuntu/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • script /\.quantserve\.com\/quant\.js/i

Page Statistics

14
Requests

100 %
HTTPS

70 %
IPv6

10
Domains

10
Subdomains

10
IPs

2
Countries

813 kB
Transfer

2809 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://iborrowdesk.com/ HTTP 301
    https://iborrowdesk.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
iborrowdesk.com/
Redirect Chain
  • http://iborrowdesk.com/
  • https://iborrowdesk.com/
875 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://iborrowdesk.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
44.229.6.222 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-229-6-222.us-west-2.compute.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
39ff67ea80353d70d42d8f83857a13cbbb9f626734c4c1a34c198e767a3f54ba

Request headers

Host
iborrowdesk.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Server
nginx/1.10.3 (Ubuntu)
Date
Thu, 26 Aug 2021 13:31:30 GMT
Content-Type
text/html
Content-Length
875
Last-Modified
Thu, 17 Jun 2021 11:21:12 GMT
Connection
keep-alive
ETag
"60cb3028-36b"
Accept-Ranges
bytes

Redirect headers

Server
nginx/1.10.3 (Ubuntu)
Date
Thu, 26 Aug 2021 13:31:29 GMT
Content-Type
text/html
Content-Length
194
Connection
keep-alive
Location
https://iborrowdesk.com/
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootswatch/3.3.6/flatly/ 		124 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootswatch/3.3.6/flatly/bootstrap.min.css
Requested by
Host: iborrowdesk.com
URL: https://iborrowdesk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02fda550d245cfb16ac4baaebc8172c7209003f5475059dade89d5cbee635013
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://iborrowdesk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 13:31:30 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
601, 718, 718
age
11126547
cdn-cachedat
2021-04-13 15:46:27
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:27 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
e4c88c7eca0823c66cd741daebefa9cf
cf-ray
684d6bbc8eead6c9-FRA
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
9754.js
cdn.thisiswaldo.com/static/js/ 		434 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thisiswaldo.com/static/js/9754.js
Requested by
Host: iborrowdesk.com
URL: https://iborrowdesk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:7e00:f:458e:2a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
dc33d7f9304e5b9629dec24f01e0f78e6f84b820f9182262a15930c804a1f425
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://iborrowdesk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 25 Aug 2021 14:18:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 24 Aug 2021 14:08:48 GMT
server
Apache/2.4.29 (Ubuntu)
age
83604
etag
"6c892-5ca4eac2e3549-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 1437ff2cfbc1ea8c7a36e6b0ce6e935a.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
x-amz-cf-id
mumvA8LSpoBvsLLrv4fiwzstF3NPozlk2skIeh7E7yoClQqk0Igr8Q==
main.bundle.js
iborrowdesk.com/static/ 		2 MB
438 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iborrowdesk.com/static/main.bundle.js?c18ab255f9ceb7b04549
Requested by
Host: iborrowdesk.com
URL: https://iborrowdesk.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
44.229.6.222 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-229-6-222.us-west-2.compute.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
94025eac7f7fdcc5ef1ba5ce595a095e0362e4dfdc9cfadc396bb28134a0e1c0

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
iborrowdesk.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://iborrowdesk.com/
Connection
keep-alive
Referer
https://iborrowdesk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Thu, 26 Aug 2021 13:31:30 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 Jun 2021 11:21:12 GMT
Server
nginx/1.10.3 (Ubuntu)
ETag
"60cb3028-6d540"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Content-Length
447808
css
fonts.googleapis.com/ 		2 KB
523 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400,700,400italic
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/bootswatch/3.3.6/flatly/bootstrap.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fa2babd104361e0f02bd3b8579bc96dc8028f4279859bac9e060a803e31c3058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://maxcdn.bootstrapcdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 26 Aug 2021 12:02:50 GMT
server
ESF
date
Thu, 26 Aug 2021 13:31:30 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 26 Aug 2021 13:31:30 GMT
choice.js
quantcast.mgr.consensu.org/choice/fTfJtcPmQDwZG/iborrowdesk.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/choice/fTfJtcPmQDwZG/iborrowdesk.com/choice.js
Requested by
Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/9754.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:c600:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
721390fc1c3df98791759ee1309952bf2548745b76d36e329ed7b9570257dcb3

Request headers

Referer
https://iborrowdesk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Thu, 26 Aug 2021 13:31:30 GMT
content-encoding
br
last-modified
Wed, 10 Feb 2021 19:34:59 GMT
server
AmazonS3
x-amz-cf-pop
ZRH50-C1
etag
W/"3ccc60c7208429761228bbfd09ac79d1"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 8c175d0adc08dac3750e9201b76886e8.cloudfront.net (CloudFront)
cache-control
max-age=900
cross-origin-resource-policy
cross-origin
x-amz-cf-id
yjK8nq2RrXGKgdQklHho0lkc4ooWlwnqcuBei9aj2PGZaVj5RvtxvQ==
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		71 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/9754.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
87ab4ee1712a31df45e51386e478fdd4b5c74b7c384baeb729d224b38fd04279
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iborrowdesk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 13:31:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"969 / 352 of 1000 / last-modified: 1629976524"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25253
x-xss-protection
0
expires
Thu, 26 Aug 2021 13:31:31 GMT
me
ipfind.co/ 		327 B
442 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ipfind.co/me?auth=3757a9b9-5759-4813-bc1a-7fa0b8ba94c1
Requested by
Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/9754.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.176.174.48 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-176-174-48.us-west-1.compute.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
b21a7a0bd0f6ecd0f8e6b1461965e30fd4a8a1d6e9043d558d77d283d2bedfb8

Request headers

Referer
https://iborrowdesk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 13:31:31 GMT
content-encoding
gzip
server
Apache/2.4.18 (Ubuntu)
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://iborrowdesk.com
cache-control
no-cache, private
access-control-allow-credentials
true
content-length
220
quant.js
secure.quantserve.com/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/fTfJtcPmQDwZG/iborrowdesk.com/choice.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
95b17ad661699c049d42195b8ccd1d855045a1fcfbd20d8609a6d87fa5703810

Request headers

Referer
https://iborrowdesk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 13:31:30 GMT
content-encoding
gzip
etag
"lp772EpWKwf8Kq7YKMhbuw=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
expires
Thu, 02 Sep 2021 13:31:30 GMT
cmp2.js
quantcast.mgr.consensu.org/tcfv2/ 		178 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=iborrowdesk.com
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/fTfJtcPmQDwZG/iborrowdesk.com/choice.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:c600:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
50620886c101862d378bb6aafe054417e7b0b8a0892b55e15fbf0f745936a797

Request headers

Referer
https://iborrowdesk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 13:31:01 GMT
content-encoding
gzip
age
29
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-max-age
86400
access-control-allow-origin
*
last-modified
Thu, 29 Jul 2021 15:24:18 GMT
server
AmazonS3
etag
W/"b1b5d6c1aaffca164d90c41bda6397b2"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
via
1.1 8c175d0adc08dac3750e9201b76886e8.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-meta-qc-ineu
True
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
yDH6VT9xTSj_VYl-qZ8K9FE4eP96SOXVsgS8_A6cCSnw__1AWW4Ljw==
rules-p-fTfJtcPmQDwZG.js
rules.quantcount.com/ 		2 B
345 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-fTfJtcPmQDwZG.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:9600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://iborrowdesk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 12:57:24 GMT
via
1.1 6c7a5d26be7fb35284e54d321f16b6f7.cloudfront.net (CloudFront)
server
AmazonS3
age
2046
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
cross-origin-resource-policy
cross-origin
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA56-C2
content-length
2
x-amz-cf-id
ntLec_U7bQXVdOOpKsWAQMpNBRBGiv7skHQ1K89jvQsJY-POeO4y3A==
pubads_impl_2021082301.js
securepubads.g.doubleclick.net/gpt/ 		331 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082301.js?31062373
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
8d37f23647537d48ee4f0c05b8acdf093cb828fe3c5703653aedfdd5f88cde2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iborrowdesk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 26 Aug 2021 13:31:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 23 Aug 2021 08:38:25 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
118555
x-xss-protection
0
expires
Thu, 26 Aug 2021 13:31:31 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		97 B
111 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=iborrowdesk.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
45eb582df1e3297645e6e06446ad5633d84be7012985bf74495f217924361901
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iborrowdesk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 26 Aug 2021 13:31:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
86
x-xss-protection
0
expires
Thu, 26 Aug 2021 13:31:31 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: iborrowdesk.com
URL: https://iborrowdesk.com/static/main.bundle.js?c18ab255f9ceb7b04549
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://iborrowdesk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
6900
date
Thu, 26 Aug 2021 11:36:31 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Thu, 26 Aug 2021 13:36:31 GMT

Verdicts & Comments Add Verdict or Comment

146 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| adDomainCheck function| waldoIsInArray function| waldoInitScripts function| waldoSetTagsOnPage function| isElementInViewport function| isElementInViewport2 function| waldoInitScroll function| waldoSlotRenderEnded function| waldoInitGPT function| waldoInitGPTSingleSlot function| waldoAddSelectMediaCookie function| fetchHeaderBids function| waldoTriggerHB function| waldoAddCloseBtn function| waldoPassbackCheck function| waldoAdxClickFraud function| waldoAdxClickFraudRefresh function| waldoClickFraudNetworkWide function| waldoDelayAdClicks function| waldoInitTags function| hbRefreshBid function| waldoApplyBidGeoRestrictions function| hbRandomMinMaxRefreshMulti function| hbRandomMinMaxRefresh function| hbRandomMinMaxRefreshOnView function| getRandomNumber function| waldoGeoBidsCheck function| waldoGetUserData function| waldoLoadSlot function| waldoCreateCookie function| waldoReadCookie function| waldoEmailDetected function| waldoRecordImpression function| waldoAddCCPAWidget function| waldoSetPbjsUSPString number| refEn string| updateDate number| tagsInitDone object| gptAdSlots string| adDomain object| waldoBreakpoints number| domainValid number| PREBID_TIMEOUT number| interstitialDone object| waldoTimeOuts object| waldoAdRefreshes object| waldoAdXRefreshes object| allAdUnits object| blockAdsOn number| adTagsInitFlag number| siteId number| bidDivAvailable object| waldoTagsStatus object| googletag object| pbjs number| switchUserSync number| waldoImpressionDone string| blockedPageAds number| waldoGDPR object| waldoCountry object| waldoContinent object| waldoDataPointsDone number| closeBtnAdded object| unlimitedRefGeos object| waldoBlockRequestGeos object| waldoNoRefreshGeos object| waldoRefreshOnScollGeos object| waldoGPTSlots object| waldoTagsOnPage object| waldoSlotIds object| waldoDefinedSlots object| waldoAdUnitsAddedToPbjs object| waldoAdRefreshesOnView number| waldoCCPAWidgetAdded undefined| oriRenderAd undefined| waldoVideoSlot number| cmpVersion number| cmpFailureTimeout string| webInterstitialAdId object| waldoScrollSticky number| adTagsInitFinished number| adxOrderId number| enVariableHeightFix number| delayAdClicks number| allowAdClicks object| delayAdClickTimers number| delayAdClickSecs boolean| loadedOnAction boolean| loadOnAction boolean| waldoScrollRefreshEnabled boolean| waldoBlockRequests boolean| waldoNoRefresh number| waldoDisableGeoRestrictions object| countriesToExclude number| browserWidth object| adUnits object| passbackAdUnits undefined| affiliateBanners number| waldoCheckIndividualImps string| waldoOriPathName object| waldo function| __tcfapi function| __uspapi function| pbjsChunk object| _pbjsGlobals function| JSEncrypt object| ADAGIO object| mnet string| nobidVersion object| nobid object| _clrm object| _qevents function| quantserve function| __qc object| ezt object| _qoptions function| qtrack object| regeneratorRuntime function| __tcfapiui string| pubcidCookie object| ggeac object| google_js_reporting_queue function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing string| GoogleAnalyticsObject function| ga function| _ object| d3 number| index object| google_tag_data object| gaplugins object| gaGlobal object| gaData

5 Cookies

Domain/Path Name / Value
.iborrowdesk.com/ Name: _ga
Value: GA1.2.544377423.1629984692
iborrowdesk.com/ Name: waldo_continent
Value: EU
.iborrowdesk.com/ Name: _gid
Value: GA1.2.995514181.1629984692
iborrowdesk.com/ Name: waldo_region
Value: 78
iborrowdesk.com/ Name: waldo_country
Value: PL

4 Console Messages

Source Level URL
Text
console-api log URL: https://cdn.thisiswaldo.com/static/js/9754.js(Line 35)
Message:
triggered on event listener
console-api error URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=iborrowdesk.com(Line 1)
Message:
TypeError: Cannot read property 'getItem' of null
console-api log URL: https://cdn.thisiswaldo.com/static/js/9754.js(Line 34)
Message:
sending ad server request
console-api warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082301.js?31062373(Line 6)
Message:
[GPT] Invalid arguments: PubAdsService.refresh().

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.thisiswaldo.com
fonts.googleapis.com
iborrowdesk.com
ipfind.co
maxcdn.bootstrapcdn.com
quantcast.mgr.consensu.org
rules.quantcount.com
secure.quantserve.com
securepubads.g.doubleclick.net
www.google-analytics.com
142.250.186.66
2600:9000:211e:9600:6:44e3:f8c0:93a1
2600:9000:2190:7e00:f:458e:2a80:93a1
2600:9000:2190:c600:9:46dc:4700:93a1
2606:4700::6812:acf
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::200a
44.229.6.222
54.176.174.48
02fda550d245cfb16ac4baaebc8172c7209003f5475059dade89d5cbee635013
39ff67ea80353d70d42d8f83857a13cbbb9f626734c4c1a34c198e767a3f54ba
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45eb582df1e3297645e6e06446ad5633d84be7012985bf74495f217924361901
50620886c101862d378bb6aafe054417e7b0b8a0892b55e15fbf0f745936a797
721390fc1c3df98791759ee1309952bf2548745b76d36e329ed7b9570257dcb3
87ab4ee1712a31df45e51386e478fdd4b5c74b7c384baeb729d224b38fd04279
8d37f23647537d48ee4f0c05b8acdf093cb828fe3c5703653aedfdd5f88cde2d
94025eac7f7fdcc5ef1ba5ce595a095e0362e4dfdc9cfadc396bb28134a0e1c0
95b17ad661699c049d42195b8ccd1d855045a1fcfbd20d8609a6d87fa5703810
b21a7a0bd0f6ecd0f8e6b1461965e30fd4a8a1d6e9043d558d77d283d2bedfb8
dc33d7f9304e5b9629dec24f01e0f78e6f84b820f9182262a15930c804a1f425
fa2babd104361e0f02bd3b8579bc96dc8028f4279859bac9e060a803e31c3058
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62