dmp.theadex.com - urlscan.io

Summary

This website contacted 2 IPs in 3 countries across 6 domains to perform 6 HTTP transactions. The main IP is 89.163.159.104, located in Cloppenburg, Germany and belongs to MYLOC-AS IP Backbone of myLoc managed IT AG, DE. The main domain is dmp.theadex.com.
TLS certificate: Issued by GeoTrust RSA CA 2018 on October 11th 2019. Valid for: 2 years.

This is the only time dmp.theadex.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	89.163.159.104 89.163.159.104	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	13.224.198.128 13.224.198.128	16509 (AMAZON-02) (AMAZON-02)
2 2	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
1	154.57.158.52 154.57.158.52	26558 (FREEWHEEL) (FREEWHEEL)
2 2	52.19.114.209 52.19.114.209	16509 (AMAZON-02) (AMAZON-02)
6	2

5 89.163.159.104 (Cloppenburg, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

dmp.theadex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.198.128 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-224-198-128.fra2.r.cloudfront.net

audex.userreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.130 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f130.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 154.57.158.52 (United States)

ASN26558 (FREEWHEEL, US)

7cf90.v.fwmrm.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.19.114.209 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-114-209.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	theadex.com dmp.theadex.com	2 KB
2	adsrvr.org 2 redirects match.adsrvr.org	927 B
2	doubleclick.net 2 redirects cm.g.doubleclick.net	623 B
1	fwmrm.net 7cf90.v.fwmrm.net	374 B
1	userreport.com 1 redirects audex.userreport.com	886 B
1	adition.com 1 redirects dsp.adfarm1.adition.com	477 B
6	6

	Domain	Requested by
5	dmp.theadex.com	dmp.theadex.com
2	match.adsrvr.org	2 redirects
2	cm.g.doubleclick.net	2 redirects
1	7cf90.v.fwmrm.net	dmp.theadex.com
1	audex.userreport.com	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
6	6

This site contains no links.

Subject Issuer	Validity	Valid
*.theadex.com GeoTrust RSA CA 2018	`2019-10-11` - `2021-10-10`	2 years	crt.sh
*.v.fwmrm.net DigiCert SHA2 High Assurance Server CA	`2017-11-01` - `2021-01-13`	3 years	crt.sh

This page contains 1 frames:

Primary Page: https://dmp.theadex.com/r/338/929/?c=4228725296495311408
Frame ID: 93C6EB26D814332781FD8D6E3648F0F3
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

6
Requests

100 %
HTTPS

0 %
IPv6

6
Domains

6
Subdomains

2
IPs

3
Countries

2 kB
Transfer

1 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.theadex.com%2Fd%2F338%2Fi%2F2.gif%3Faxd_pid%3D14%26axd_fuid%3D%25%25COOKIE%25%25%26c%3D4228725296495311408 HTTP 302
https://dmp.theadex.com/d/338/i/2.gif?axd_pid=14&axd_fuid=6838581082023000210&c=4228725296495311408

Request Chain 1

https://audex.userreport.com/sync/put/adex?adexid=4228725296495311408&redir=https%3A%2F%2Fdmp.theadex.com%2Fd%2F338%2Fi%2F2.gif%3Faxd_pid%3D216%26axd_fuid%3D%25s%26c%3D4228725296495311408 HTTP 302
https://dmp.theadex.com/d/338/i/2.gif?axd_pid=216&axd_fuid=be1becb2-11f1e12ced0b-eff379541c6a&c=4228725296495311408

Request Chain 2

https://cm.g.doubleclick.net/pixel?google_sc&google_nid=theadex_dmp&google_cm&axd_cuid=338&c=4228725296495311408 HTTP 302
https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=theadex_dmp&google_cm=&axd_cuid=338&c=4228725296495311408&google_tc= HTTP 302
https://dmp.theadex.com/d/cm.gif?axd_pid=8&axd_fuid=CAESEDBoOBANz-IXnoyLenRkukg&google_cver=1&axd_cuid=338&c=4228725296495311408

Request Chain 4

https://match.adsrvr.org/track/cmf/generic?ttd_pid=theadex&ttd_puid=338&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=theadex&ttd_puid=338&ttd_tpi=1 HTTP 302
https://dmp.theadex.com/d/cm.gif?axd_cuid=338&axd_pid=12&axd_fuid=938c8a33-9e52-476a-83a4-e3642713afc7

6 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response dmp.theadex.com/r/338/929/	946 B 536 B	58ms 16ms	Document text/html	89.163.159.104 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Full URL https://dmp.theadex.com/r/338/929/?c=4228725296495311408 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 89.163.159.104 Cloppenburg, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS Software nginx / Resource Hash `390285cd36c631a4db89e8b710d9dcdf0f5574e1c6e345951d52d69551fbbb0e` Request headers :method GET :authority dmp.theadex.com :scheme https :path /r/338/929/?c=4228725296495311408 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 server nginx date Mon, 15 Jun 2020 14:27:15 GMT content-type text/html; charset=UTF-8 p3p CP="CAO PSA OUR" access-control-allow-credentials true content-encoding gzip
GET H2	200	2.gif dmp.theadex.com/d/338/i/ Redirect Chain https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.theadex.com%2Fd%2F338%2Fi%2F2.gif%3Faxd_pid%3D14%26axd_fuid%3D%25%25COOKIE%25%25%26c%3D4228725296495311408 https://dmp.theadex.com/d/338/i/2.gif?axd_pid=14&axd_fuid=6838581082023000210&c=4228725296495311408	36 B 377 B	17ms 17ms	Image image/gif	89.163.159.104 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Show image Full URL https://dmp.theadex.com/d/338/i/2.gif?axd_pid=14&axd_fuid=6838581082023000210&c=4228725296495311408 Requested by Host: dmp.theadex.com URL: https://dmp.theadex.com/r/338/929/?c=4228725296495311408 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 89.163.159.104 Cloppenburg, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS Software nginx / Resource Hash `204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223` Request headers Referer https://dmp.theadex.com/r/338/929/?c=4228725296495311408 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Mon, 15 Jun 2020 14:27:15 GMT server nginx p3p CP="CAO PSAa PSDa IVAa IVDa OUR UNI COM NAV" status 200 cache-control no-store, no-cache, must-revalidate access-control-allow-credentials true content-type image/gif content-length 36 expires 0 Redirect headers Location https://dmp.theadex.com/d/338/i/2.gif?axd_pid=14&axd_fuid=6838581082023000210&c=4228725296495311408 Date Mon, 15 Jun 2020 14:27:15 GMT Server nginx Connection keep-alive Transfer-Encoding chunked p3p policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
GET H2	200	2.gif dmp.theadex.com/d/338/i/ Redirect Chain https://audex.userreport.com/sync/put/adex?adexid=4228725296495311408&redir=https%3A%2F%2Fdmp.theadex.com%2Fd%2F338%2Fi%2F2.gif%3Faxd_pid%3D216%26axd_fuid%3D%25s%26c%3D4228725296495311408 https://dmp.theadex.com/d/338/i/2.gif?axd_pid=216&axd_fuid=be1becb2-11f1e12ced0b-eff379541c6a&c=4228725296495311408	36 B 388 B	17ms 17ms	Image image/gif	89.163.159.104 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Show image Full URL https://dmp.theadex.com/d/338/i/2.gif?axd_pid=216&axd_fuid=be1becb2-11f1e12ced0b-eff379541c6a&c=4228725296495311408 Requested by Host: dmp.theadex.com URL: https://dmp.theadex.com/r/338/929/?c=4228725296495311408 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 89.163.159.104 Cloppenburg, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS Software nginx / Resource Hash `204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223` Request headers Referer https://dmp.theadex.com/r/338/929/?c=4228725296495311408 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Mon, 15 Jun 2020 14:27:15 GMT server nginx p3p CP="CAO PSAa PSDa IVAa IVDa OUR UNI COM NAV" status 200 cache-control no-store, no-cache, must-revalidate access-control-allow-credentials true content-type image/gif content-length 36 expires 0 Redirect headers Date Mon, 15 Jun 2020 14:27:15 GMT Via 1.1 0f538ee832e1105649039b38ce89e883.cloudfront.net (CloudFront) Server nginx/1.16.1 X-Amz-Cf-Pop FRA2-C1 X-Powered-By Express X-Cache Miss from cloudfront Content-Type text/plain; charset=utf-8 Location https://dmp.theadex.com/d/338/i/2.gif?axd_pid=216&axd_fuid=be1becb2-11f1e12ced0b-eff379541c6a&c=4228725296495311408 Cache-Control s-maxage=0, max-age=43200 Connection keep-alive Content-Length 137 X-Amz-Cf-Id oY6U04cl4TrvYMGG7gIdAy-2jV1JtY2afUPkcpn85cNe2hF6ccV2ag==
GET H2	200	cm.gif dmp.theadex.com/d/ Redirect Chain https://cm.g.doubleclick.net/pixel?google_sc&google_nid=theadex_dmp&google_cm&axd_cuid=338&c=4228725296495311408 https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=theadex_dmp&google_cm=&axd_cuid=338&c=4228725296495311408&google_tc= https://dmp.theadex.com/d/cm.gif?axd_pid=8&axd_fuid=CAESEDBoOBANz-IXnoyLenRkukg&google_cver=1&axd_cuid=338&c=4228725296495311408	36 B 377 B	20ms 19ms	Image image/gif	89.163.159.104 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Show image Full URL https://dmp.theadex.com/d/cm.gif?axd_pid=8&axd_fuid=CAESEDBoOBANz-IXnoyLenRkukg&google_cver=1&axd_cuid=338&c=4228725296495311408 Requested by Host: dmp.theadex.com URL: https://dmp.theadex.com/r/338/929/?c=4228725296495311408 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 89.163.159.104 Cloppenburg, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS Software nginx / Resource Hash `204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223` Request headers Referer https://dmp.theadex.com/r/338/929/?c=4228725296495311408 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Mon, 15 Jun 2020 14:27:15 GMT server nginx p3p CP="CAO PSAa PSDa IVAa IVDa OUR UNI COM NAV" status 200 cache-control no-store, no-cache, must-revalidate access-control-allow-credentials true content-type image/gif content-length 36 expires 0 Redirect headers pragma no-cache date Mon, 15 Jun 2020 14:27:15 GMT server HTTP server (unknown) status 302 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://dmp.theadex.com/d/cm.gif?axd_pid=8&axd_fuid=CAESEDBoOBANz-IXnoyLenRkukg&google_cver=1&axd_cuid=338&c=4228725296495311408 cache-control no-cache, must-revalidate content-type text/html; charset=UTF-8 alt-svc h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 341 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	u 7cf90.v.fwmrm.net/ad/	0 374 B	55ms 14ms	Image text/html	154.57.158.52 FREEWHEEL
General Check archive.org Show headers Download Go to Show image Full URL https://7cf90.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fdmp.theadex.com%2Fd%2F338%2Fi%2F2.gif%3Faxd_pid%3D140%26axd_fuid%3D%23%7Buser.id%7D%26c%3D4228725296495311408 Requested by Host: dmp.theadex.com URL: https://dmp.theadex.com/r/338/929/?c=4228725296495311408 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 154.57.158.52 , United States, ASN26558 (FREEWHEEL, US), Reverse DNS Software FWS / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://dmp.theadex.com/r/338/929/?c=4228725296495311408 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Mon, 15 Jun 2020 14:27:14 GMT Server FWS P3P policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID" Cache-Control no-store Content-Type text/html Content-Length 0 Expires 0
GET H2	200	cm.gif dmp.theadex.com/d/ Redirect Chain https://match.adsrvr.org/track/cmf/generic?ttd_pid=theadex&ttd_puid=338&ttd_tpi=1 https://match.adsrvr.org/track/cmb/generic?ttd_pid=theadex&ttd_puid=338&ttd_tpi=1 https://dmp.theadex.com/d/cm.gif?axd_cuid=338&axd_pid=12&axd_fuid=938c8a33-9e52-476a-83a4-e3642713afc7	36 B 398 B	18ms 17ms	Image image/gif	89.163.159.104 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Show image Full URL https://dmp.theadex.com/d/cm.gif?axd_cuid=338&axd_pid=12&axd_fuid=938c8a33-9e52-476a-83a4-e3642713afc7 Requested by Host: dmp.theadex.com URL: https://dmp.theadex.com/r/338/929/?c=4228725296495311408 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 89.163.159.104 Cloppenburg, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS Software nginx / Resource Hash `204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223` Request headers Referer https://dmp.theadex.com/r/338/929/?c=4228725296495311408 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Mon, 15 Jun 2020 14:27:15 GMT server nginx p3p CP="CAO PSAa PSDa IVAa IVDa OUR UNI COM NAV" status 200 cache-control no-store, no-cache, must-revalidate access-control-allow-credentials true content-type image/gif content-length 36 expires 0 Redirect headers pragma no-cache date Mon, 15 Jun 2020 14:27:15 GMT x-aspnet-version 4.0.30319 status 302 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV" location https://dmp.theadex.com/d/cm.gif?axd_cuid=338&axd_pid=12&axd_fuid=938c8a33-9e52-476a-83a4-e3642713afc7 cache-control private,no-cache, must-revalidate content-type text/html content-length 235

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.theadex.com/	1970-01-19 12:26:47	Name: tis Value: EP8%3A2472%7CEP216%3A2472%7CEP12%3A2472
			.theadex.com/	1970-01-19 12:26:47	Name: axd Value: 4228725296495311408

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7cf90.v.fwmrm.net
audex.userreport.com
cm.g.doubleclick.net
dmp.theadex.com
dsp.adfarm1.adition.com
match.adsrvr.org
13.224.198.128
154.57.158.52
216.58.212.130
52.19.114.209
85.114.159.93
89.163.159.104
204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223
390285cd36c631a4db89e8b710d9dcdf0f5574e1c6e345951d52d69551fbbb0e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

dmp.theadex.com Open in urlscan Pro 89.163.159.104 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

6 Requests

100 %HTTPS

0 %IPv6

6 Domains

6 Subdomains

2 IPs

3 Countries

2 kBTransfer

1 kBSize

2 Cookies

0 Outgoing links

Redirected requests

6 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

2 Cookies

Indicators

dmp.theadex.com Open in urlscan Pro
89.163.159.104 Public Scan

Screenshot
Live screenshot

Full Image

6
Requests

100 %
HTTPS

0 %
IPv6

6
Domains

6
Subdomains

2
IPs

3
Countries

2 kB
Transfer

1 kB
Size

2
Cookies

6 HTTP transactions
0 data transactions