urlscan.io logo urlscan.io
SecurityTrails logo

tpc.googlesyndication.com Open in urlscan Pro
142.251.16.132  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://track.fusionmedia.io/4bece058-7cfb-45fb-be97-e24da13a9288/2?wt=https%3A%2F%2Fwww.ulike.com%2F
Effective URL: https://tpc.googlesyndication.com/pimgad/2965810811512308765
Submission: On May 27 via manual from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 4 HTTP transactions. The main IP is 142.251.16.132, located in Farmingdale, United States and belongs to GOOGLE, US. The main domain is tpc.googlesyndication.com. The Cisco Umbrella rank of the primary domain is 164.
TLS certificate: Issued by GTS CA 1C3 on May 6th 2024. Valid for: 3 months.
This is the only time tpc.googlesyndication.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 34.202.14.39 14618 (AMAZON-AES)
1 3 142.251.16.132 15169 (GOOGLE)
4 2
Apex Domain
Subdomains		 Transfer
3 googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 164
2 KB
2 fusionmedia.io
track.fusionmedia.io — Cisco Umbrella Rank: 325508
2 KB
4 2
Domain Requested by
3 tpc.googlesyndication.com 1 redirects track.fusionmedia.io
2 track.fusionmedia.io track.fusionmedia.io
4 2

This site contains no links.

Subject Issuer Validity Valid
track.fusionmedia.io
R3		 2024-04-19 -
2024-07-18		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2024-05-06 -
2024-07-29		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-05-06 -
2024-07-29		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://tpc.googlesyndication.com/pimgad/2965810811512308765
Frame ID: 3D340EDA0E0D5DA8C97AAB1144815628
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

2965810811512308765 (1×1)

Page URL History Show full URLs

  1. https://track.fusionmedia.io/4bece058-7cfb-45fb-be97-e24da13a9288/2?wt=https%3A%2F%2Fwww.ulike.com%2F Page URL
  2. https://track.fusionmedia.io/redirect?target=BASE64aHR0cHM6Ly90cGMuZ29vZ2xlc3luZGljYXRpb24uY29tL3BhZ2VhZC... Page URL
  3. https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKCb86b6VhABGAEoATIIUuhRRH-YF6c HTTP 301
    https://tpc.googlesyndication.com/pimgad/2965810811512308765 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Page Statistics

4
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

3 kB
Transfer

2 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://track.fusionmedia.io/4bece058-7cfb-45fb-be97-e24da13a9288/2?wt=https%3A%2F%2Fwww.ulike.com%2F Page URL
  2. https://track.fusionmedia.io/redirect?target=BASE64aHR0cHM6Ly90cGMuZ29vZ2xlc3luZGljYXRpb24uY29tL3BhZ2VhZC9pbWdhZD9pZD1DSUNBZ0tDYjg2YjZWaEFCR0FFb0FUSUlVdWhSUkgtWUY2Yw&ts=1716841281500&hash=kwSaPlFgQvJITQYMkYQSZGDUtEavFO4gd1ug_vO9P0I&rm=DJ Page URL
  3. https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKCb86b6VhABGAEoATIIUuhRRH-YF6c HTTP 301
    https://tpc.googlesyndication.com/pimgad/2965810811512308765 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

4 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
2
track.fusionmedia.io/4bece058-7cfb-45fb-be97-e24da13a9288/ 		820 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://track.fusionmedia.io/4bece058-7cfb-45fb-be97-e24da13a9288/2?wt=https%3A%2F%2Fwww.ulike.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.202.14.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-14-39.compute-1.amazonaws.com
Software
nginx /
Resource Hash
3601fe57f7fe5ff72fa95ab271952277571fba5c1d133a64dee881eb3796f3a3

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
no-store, no-cache, pre-check=0, post-check=0
content-length
820
content-type
text/html;charset=UTF-8
date
Mon, 27 May 2024 20:21:21 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
server
nginx
redirect
track.fusionmedia.io/ 		508 B
669 B 		Document
General
Check archive.org
Download Go to
Full URL
https://track.fusionmedia.io/redirect?target=BASE64aHR0cHM6Ly90cGMuZ29vZ2xlc3luZGljYXRpb24uY29tL3BhZ2VhZC9pbWdhZD9pZD1DSUNBZ0tDYjg2YjZWaEFCR0FFb0FUSUlVdWhSUkgtWUY2Yw&ts=1716841281500&hash=kwSaPlFgQvJITQYMkYQSZGDUtEavFO4gd1ug_vO9P0I&rm=DJ
Requested by
Host: track.fusionmedia.io
URL: https://track.fusionmedia.io/4bece058-7cfb-45fb-be97-e24da13a9288/2?wt=https%3A%2F%2Fwww.ulike.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.202.14.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-14-39.compute-1.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
no-store, no-cache, pre-check=0, post-check=0
content-length
508
content-type
text/html;charset=UTF-8
date
Mon, 27 May 2024 20:21:21 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
server
nginx
Primary Request 2965810811512308765
tpc.googlesyndication.com/pimgad/
Redirect Chain
  • https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKCb86b6VhABGAEoATIIUuhRRH-YF6c
  • https://tpc.googlesyndication.com/pimgad/2965810811512308765
70 B
451 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pimgad/2965810811512308765
Requested by
Host: track.fusionmedia.io
URL: https://track.fusionmedia.io/redirect?target=BASE64aHR0cHM6Ly90cGMuZ29vZ2xlc3luZGljYXRpb24uY29tL3BhZ2VhZC9pbWdhZD9pZD1DSUNBZ0tDYjg2YjZWaEFCR0FFb0FUSUlVdWhSUkgtWUY2Yw&ts=1716841281500&hash=kwSaPlFgQvJITQYMkYQSZGDUtEavFO4gd1ug_vO9P0I&rm=DJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.132 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f132.1e100.net
Software
sffe /
Resource Hash
76975ba315befd03dd68246f65598f13854cda92700123dd8a0635fd3baf2b65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://track.fusionmedia.io/redirect?target=BASE64aHR0cHM6Ly90cGMuZ29vZ2xlc3luZGljYXRpb24uY29tL3BhZ2VhZC9pbWdhZD9pZD1DSUNBZ0tDYjg2YjZWaEFCR0FFb0FUSUlVdWhSUkgtWUY2Yw&ts=1716841281500&hash=kwSaPlFgQvJITQYMkYQSZGDUtEavFO4gd1ug_vO9P0I&rm=DJ
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
334266
allow-fenced-frame-automatic-beacons
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-length
70
content-type
image/png
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Thu, 23 May 2024 23:30:16 GMT
expires
Fri, 23 May 2025 23:30:16 GMT
last-modified
Wed, 29 Aug 2018 08:35:45 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0

Redirect headers

age
7630
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=2592000
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 27 May 2024 18:14:12 GMT
expires
Wed, 26 Jun 2024 18:14:12 GMT
location
https://tpc.googlesyndication.com/pimgad/2965810811512308765
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
favicon.ico
tpc.googlesyndication.com/ 		1 KB
909 B 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.16.132 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f132.1e100.net
Software
sffe /
Resource Hash
996993bfeb7cd9c381255c28e21b63f2c391ef090fe0266f016991eb8e3efdd8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://tpc.googlesyndication.com/pimgad/2965810811512308765
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 23 May 2024 18:12:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
353356
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
884
x-xss-protection
0
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/x-icon
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 23 May 2025 18:12:06 GMT

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Domain/Path Name / Value
.track.fusionmedia.io/ Name: 4bece058-7cfb-45fb-be97-e24da13a9288-v4
Value: UTVNn_DHw6EYEypyOEyFwW5jXLBDuQVTgStH0DQqcrc
.track.fusionmedia.io/ Name: cc-v4
Value: mmVnZJa3nLwiyxK2wHjetyq5i8X4cD11%2F4KV8xDY32my8NQJ1zqgyfs4I%2FFSGgqqucosBiMm2QJH7xAnPog49JeHVsoO4IdAnzwRKWwCea2CHzTDqDWJeOTqLvJUd%2Blj072bT8tOLApy2TfG0gw5TQ%3D%3D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

tpc.googlesyndication.com
track.fusionmedia.io
142.251.16.132
34.202.14.39
3601fe57f7fe5ff72fa95ab271952277571fba5c1d133a64dee881eb3796f3a3
76975ba315befd03dd68246f65598f13854cda92700123dd8a0635fd3baf2b65
996993bfeb7cd9c381255c28e21b63f2c391ef090fe0266f016991eb8e3efdd8