connect.themediatrust.com Open in urlscan Pro
4.35.234.213 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://connect.themediatrust.com/d/?a=20384191744&csid=3FhRAbDX28Ya
Submission: On February 27 via manual (February 27th 2020, 9:05:39 am UTC) from SG

Summary HTTP 14 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 10 IPs in 5 countries across 12 domains to perform 14 HTTP transactions. The main IP is 4.35.234.213, located in Pittsburgh, United States and belongs to LEVEL3, US. The main domain is connect.themediatrust.com.
TLS certificate: Issued by Thawte RSA CA 2018 on July 10th 2018. Valid for: 2 years.

This is the only time connect.themediatrust.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	4.35.234.213 4.35.234.213	3356 (LEVEL3) (LEVEL3)
1	209.15.224.17 209.15.224.17	13768 (COGECO-PEER1) (COGECO-PEER1)
2 2	52.215.109.156 52.215.109.156	16509 (AMAZON-02) (AMAZON-02)
5 5	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
2 2	216.58.206.2 216.58.206.2	15169 (GOOGLE) (GOOGLE)
2 2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
2 2	52.57.194.55 52.57.194.55	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.6.252 37.157.6.252	198622 (ADFORM) (ADFORM)
1 1	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81d::200e	15169 (GOOGLE) (GOOGLE)
1	35.227.202.26 35.227.202.26	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	172.217.22.38 172.217.22.38	15169 (GOOGLE) (GOOGLE)
2	172.217.22.66 172.217.22.66	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81a::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:821::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:821::2002	15169 (GOOGLE) (GOOGLE)
14	10

1 4.35.234.213 (Pittsburgh, United States)

ASN3356 (LEVEL3, US)

connect.themediatrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.15.224.17 (Toronto, Canada)

ASN13768 (COGECO-PEER1, CA)

use-tor.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.215.109.156 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-109-156.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.98.67.61 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.206.2 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s20-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.57.194.55 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-194-55.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.252 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)
PTR: s1.adform.net

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

fcmatch.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fcmatch.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.202.26 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 26.202.227.35.bc.googleusercontent.com

sg-gmtdmp.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.22.38 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s16-in-f38.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.22.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s17-in-f66.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	mookie1.com 5 redirects odr.mookie1.com sg-gmtdmp.mookie1.com	3 KB
5	doubleclick.net 2 redirects cm.g.doubleclick.net ad.doubleclick.net googleads4.g.doubleclick.net	14 KB
3	googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	15 KB
3	googletagservices.com www.googletagservices.com	39 KB
3	adsrvr.org 2 redirects use-tor.adsrvr.org match.adsrvr.org	2 KB
2	adform.net 2 redirects c1.adform.net	597 B
2	bidswitch.net 2 redirects x.bidswitch.net	985 B
2	tapad.com 2 redirects pixel.tapad.com	983 B
1	2mdn.net s0.2mdn.net	20 KB
1	youtube.com fcmatch.youtube.com	502 B
1	google.com 1 redirects fcmatch.google.com	466 B
1	themediatrust.com connect.themediatrust.com	1 KB
14	12

	Domain	Requested by
5	odr.mookie1.com	5 redirects
3	www.googletagservices.com	connect.themediatrust.com www.googletagservices.com ad.doubleclick.net
2	tpc.googlesyndication.com	ad.doubleclick.net tpc.googlesyndication.com
2	googleads4.g.doubleclick.net	ad.doubleclick.net
2	c1.adform.net	2 redirects
2	x.bidswitch.net	2 redirects
2	pixel.tapad.com	2 redirects
2	cm.g.doubleclick.net	2 redirects
2	match.adsrvr.org	2 redirects
1	pagead2.googlesyndication.com
1	s0.2mdn.net	connect.themediatrust.com
1	ad.doubleclick.net	www.googletagservices.com
1	sg-gmtdmp.mookie1.com	connect.themediatrust.com
1	fcmatch.youtube.com	connect.themediatrust.com
1	fcmatch.google.com	1 redirects
1	use-tor.adsrvr.org	connect.themediatrust.com
1	connect.themediatrust.com
14	17

This site contains links to these domains. Also see Links.

Domain
adclick.g.doubleclick.net

Subject Issuer	Validity	Valid
*.themediatrust.com Thawte RSA CA 2018	`2018-07-10` - `2020-07-09`	2 years	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2 years	crt.sh
*.google.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
*.mookie1.com DigiCert SHA2 Secure Server CA	`2019-02-07` - `2020-03-22`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://connect.themediatrust.com/d/?a=20384191744&csid=3FhRAbDX28Ya
Frame ID: 6259312A8073D51CFB441FBF5F075F0B
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: CB412D7905FB50C71C13E746C40C6B0E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Debian (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Debian/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Page Statistics

14
Requests

100 %
HTTPS

35 %
IPv6

12
Domains

17
Subdomains

10
IPs

5
Countries

91 kB
Transfer

189 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsv6saeIT_hdgjS3QwbZXwzL0srxz-o54sgUgHGn6IzJaUgMWEmj-X-mp8FIzD4n95FK9E9qTb-flViJNuhLNG15bQ9XKYM8BPvncKxTEWeZgXLz9nfYFaM6Yi2JFL8mKkkVXHDJREQ&sig=Cg0ArKJSzP-qZRWcqtrh&urlfix=1&adurl=https://insight.adsrvr.org/track/clk%3Fimp%3D00000000-0000-0000-0000-000000000000%26ag%3D%26sfe%3D0%26sig%3DBnkkbWxCFt4NqgjlUj-yZ02ytlmcO3L_lGtIihUpC2I.%26crid%3D8s4tcjep%26cf%3D%26fq%3D0%26td_s%3D%26rcats%3D%26mcat%3D%26mste%3D%26mfld%3D4%26mssi%3D%26mfsi%3D%26sv%3Dnoop%26uhow%3D%26agsa%3D%26rgco%3D%26rgre%3D%26rgme%3D%26rgci%3D%26rgz%3D%26dt%3D%26osf%3D%26os%3D%26br%3D%26svpid%3D%26rlangs%3Den%26mlang%3Den%26did%3D%26rcxt%3D%26tmpc%3D%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26c%3D%26dur%3D%26crrelr%3D%26npt%3D%26r%3Dhttps://www.uobgroup.com/uobgroup/default.page

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://match.adsrvr.org/track/cmf/generic?ttd_pid=mookie-ps&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=mookie-ps&ttd_tpi=1 HTTP 302
https://odr.mookie1.com/t/v2/sync?tagid=V2_2087&src.visitorId=800c6c5d-0e34-4eb8-b936-00d715405964 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dmp&google_hm=MTA4MTAwNDY0ODA5ODg1Njg4MjE&google_cm=&google_tc=&gdpr=0 HTTP 302
https://odr.mookie1.com/t/v2/sync?tagid=V2_2739&src.visitorId=CAESEBqxny9ETeMVavz2ZeD4-Hk&gdpr=0&google_cver=1 HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10524982698941327497&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_2086%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D&gdpr=0 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10524982698941327497&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_2086%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D&gdpr=0 HTTP 302
https://odr.mookie1.com/t/v2?tagid=V2_2086&src.visitorid=48685ec1-5940-11ea-8097-5e042b5043e4 HTTP 302
https://x.bidswitch.net/syncd?dsp_id=419&user_group=1&user_id=10524982698941327497&redir=%2F%2Fodr.mookie1.com%2Ft%2Fv2%2Fsync%3Ftagid%3DV2_790370%26src.visitorId%3D%24%7BBSW_UID%7D&gdpr=0 HTTP 302
https://x.bidswitch.net/ul_cb/syncd?dsp_id=419&user_group=1&user_id=10524982698941327497&redir=%2F%2Fodr.mookie1.com%2Ft%2Fv2%2Fsync%3Ftagid%3DV2_790370%26src.visitorId%3D%24%7BBSW_UID%7D&gdpr=0 HTTP 302
https://odr.mookie1.com/t/v2/sync?tagid=V2_790370&src.visitorId=5d39f58a-ec8c-4f3f-b69e-7ce75ee4a9c2 HTTP 302
https://c1.adform.net/serving/cookie/match?party=1162&cid=10524982698941327497&gdpr=0 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=1162&cid=10524982698941327497&gdpr=0 HTTP 302
https://odr.mookie1.com/t/v2/sync?tagid=V2_514521&src.visitorId=6198298086892538364 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=groupm_adh&google_hm=MTA1MjQ5ODI2OTg5NDEzMjc0OTc&google_cm&gdpr=0 HTTP 302
https://fcmatch.google.com/pixel?google_gm=AMnCDoqEsWA7vVbYv6zuaCJpTWKRrUnfwXS5jCAq-uRSCokSfD6QgRCdKmi9Vl7t0j1BQYnIRC6DAGKsFEmnz9XWZ8Y0IdbY9IBn2EpKj2TVK0bk8cH9U6w HTTP 302
https://fcmatch.youtube.com/pixel?google_gm=AMnCDoqEsWA7vVbYv6zuaCJpTWKRrUnfwXS5jCAq-uRSCokSfD6QgRCdKmi9Vl7t0j1BQYnIRC6DAGKsFEmnz9XWZ8Y0IdbY9IBn2EpKj2TVK0bk8cH9U6w

14 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
connect.themediatrust.com/d/ 2 KB
1 KB 324ms
122ms Document
text/html 4.35.234.213
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://connect.themediatrust.com/d/?a=20384191744&csid=3FhRAbDX28Ya
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 4.35.234.213 Pittsburgh, United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.4.25 (Debian) / PHP/7.0.30-0+deb9u1
Resource Hash: 35fde53f34f20d46cf31d1d7c942935af9f92d9f9090646568c980265597bb04

Request headers

Host: connect.themediatrust.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document

Response headers

Date: Thu, 27 Feb 2020 09:05:20 GMT
Server: Apache/2.4.25 (Debian)
X-Powered-By: PHP/7.0.30-0+deb9u1
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=0
Expires: Thu, 27 Feb 2020 09:05:20 GMT
Content-Length: 830
Connection: close
Content-Type: text/html; charset=UTF-8

GET
H2 200 noop
use-tor.adsrvr.org/bid/feedback/ 807 B
971 B 327ms
108ms Image
image/gif 209.15.224.17
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://use-tor.adsrvr.org/bid/feedback/noop?iid=00000000-0000-0000-0000-000000000000&crid=8s4tcjep&wp=&aid=&wpc=&sfe=0&puid=&tdid=00000000-0000-0000-0000-000000000000&pid=&ag=&sig=BnkkbWxCFt4NqgjlUj-yZ02ytlmcO3L_lGtIihUpC2I.&cf=&fq=0&td_s=&rcats=&mcat=&mste=&mfld=4&mssi=&mfsi=&uhow=&agsa=&rgco=&rgre=&rgme=&rgci=&rgz=&svbttd=0&dt=&osf=&os=&br=&rlangs=en&mlang=en&svpid=&did=&rcxt=&lat=&lon=&tmpc=&daid=&vp=0&osi=&osv=&c=&dur=&crrelr=
Requested by: Host: connect.themediatrust.com
URL: https://connect.themediatrust.com/d/?a=20384191744&csid=3FhRAbDX28Ya
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.15.224.17 Toronto, Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: /
Resource Hash: 3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d

Request headers

Referer: https://connect.themediatrust.com/d/?a=20384191744&csid=3FhRAbDX28Ya
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Thu, 27 Feb 2020 09:05:20 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
status: 200
cache-control: no-cache, must-revalidate
content-type: image/gif
content-length: 807
expires: -1

GET
H2

200

pixel
fcmatch.youtube.com/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=mookie-ps&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=mookie-ps&ttd_tpi=1
https://odr.mookie1.com/t/v2/sync?tagid=V2_2087&src.visitorId=800c6c5d-0e34-4eb8-b936-00d715405964
https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dmp&google_hm=MTA4MTAwNDY0ODA5ODg1Njg4MjE&google_cm=&google_tc=&gdpr=0
https://odr.mookie1.com/t/v2/sync?tagid=V2_2739&src.visitorId=CAESEBqxny9ETeMVavz2ZeD4-Hk&gdpr=0&google_cver=1
https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10524982698941327497&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_2086%26src.visitorid%3D%24%7BTA_DEVI...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10524982698941327497&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_2086%26src.visitorid%3D%24%7BT...
https://odr.mookie1.com/t/v2?tagid=V2_2086&src.visitorid=48685ec1-5940-11ea-8097-5e042b5043e4
https://x.bidswitch.net/syncd?dsp_id=419&user_group=1&user_id=10524982698941327497&redir=%2F%2Fodr.mookie1.com%2Ft%2Fv2%2Fsync%3Ftagid%3DV2_790370%26src.visitorId%3D%24%7BBSW_UID%7D&gdpr=0
https://x.bidswitch.net/ul_cb/syncd?dsp_id=419&user_group=1&user_id=10524982698941327497&redir=%2F%2Fodr.mookie1.com%2Ft%2Fv2%2Fsync%3Ftagid%3DV2_790370%26src.visitorId%3D%24%7BBSW_UID%7D&gdpr=0
https://odr.mookie1.com/t/v2/sync?tagid=V2_790370&src.visitorId=5d39f58a-ec8c-4f3f-b69e-7ce75ee4a9c2
https://c1.adform.net/serving/cookie/match?party=1162&cid=10524982698941327497&gdpr=0
https://c1.adform.net/serving/cookie/match?CC=1&party=1162&cid=10524982698941327497&gdpr=0
https://odr.mookie1.com/t/v2/sync?tagid=V2_514521&src.visitorId=6198298086892538364
https://cm.g.doubleclick.net/pixel?google_nid=groupm_adh&google_hm=MTA1MjQ5ODI2OTg5NDEzMjc0OTc&google_cm&gdpr=0
https://fcmatch.google.com/pixel?google_gm=AMnCDoqEsWA7vVbYv6zuaCJpTWKRrUnfwXS5jCAq-uRSCokSfD6QgRCdKmi9Vl7t0j1BQYnIRC6DAGKsFEmnz9XWZ8Y0IdbY9IBn2EpKj2TVK0bk8cH9U6w
https://fcmatch.youtube.com/pixel?google_gm=AMnCDoqEsWA7vVbYv6zuaCJpTWKRrUnfwXS5jCAq-uRSCokSfD6QgRCdKmi9Vl7t0j1BQYnIRC6DAGKsFEmnz9XWZ8Y0IdbY9IBn2EpKj2TVK0bk8cH9U6w

170 B
502 B

47ms
15ms

Image
image/png

2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fcmatch.youtube.com/pixel?google_gm=AMnCDoqEsWA7vVbYv6zuaCJpTWKRrUnfwXS5jCAq-uRSCokSfD6QgRCdKmi9Vl7t0j1BQYnIRC6DAGKsFEmnz9XWZ8Y0IdbY9IBn2EpKj2TVK0bk8cH9U6w

Requested by

Host: connect.themediatrust.com
URL: https://connect.themediatrust.com/d/?a=20384191744&csid=3FhRAbDX28Ya

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://connect.themediatrust.com/d/?a=20384191744&csid=3FhRAbDX28Ya
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Feb 2020 09:05:23 GMT
server: HTTP server (unknown)
x-frame-options: SAMEORIGIN
content-type: image/png
status: 200
cache-control: no-cache, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 27 Feb 2020 09:05:23 GMT
server: HTTP server (unknown)
location: https://fcmatch.youtube.com/pixel?google_gm=AMnCDoqEsWA7vVbYv6zuaCJpTWKRrUnfwXS5jCAq-uRSCokSfD6QgRCdKmi9Vl7t0j1BQYnIRC6DAGKsFEmnz9XWZ8Y0IdbY9IBn2EpKj2TVK0bk8cH9U6w
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
status: 302
cache-control: no-cache, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 360
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 imp
sg-gmtdmp.mookie1.com/t/v2/ 43 B
582 B 392ms
296ms Image
image/gif 35.227.202.26
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sg-gmtdmp.mookie1.com/t/v2/imp?tagid=V2_359&src.rand=%TTD_CACHEBUSTER%&src.campaignID=&src.adgroupID=
Requested by: Host: connect.themediatrust.com
URL: https://connect.themediatrust.com/d/?a=20384191744&csid=3FhRAbDX28Ya
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.227.202.26 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 26.202.227.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://connect.themediatrust.com/d/?a=20384191744&csid=3FhRAbDX28Ya
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Thu, 27 Feb 2020 09:05:21 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 dcmads.js Show response
www.googletagservices.com/dcm/ 4 KB
2 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: connect.themediatrust.com
URL: https://connect.themediatrust.com/d/?a=20384191744&csid=3FhRAbDX28Ya

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc0069dab5b1c410fc8bb1a109f8ceb4792e4780bbe7ea9e969662a7d6e49915

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://connect.themediatrust.com/d/?a=20384191744&csid=3FhRAbDX28Ya
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 27 Feb 2020 08:35:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 24 Oct 2019 14:04:48 GMT
server: sffe
age: 1804
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2032
x-xss-protection: 0
expires: Thu, 27 Feb 2020 09:35:16 GMT

GET
H2 200 impl_v55.js Show response
www.googletagservices.com/dcm/ 22 KB
9 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v55.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ec7c1eac6e0f82237b25ed509bf0e48b3cd7f9d989e8e8cac94e8b39edcca46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://connect.themediatrust.com/d/?a=20384191744&csid=3FhRAbDX28Ya
Sec-Fetch-Dest: script
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Thu, 27 Feb 2020 00:33:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 21 Oct 2019 14:05:29 GMT
server: sffe
age: 30740
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9535
x-xss-protection: 0
expires: Fri, 26 Feb 2021 00:33:00 GMT

GET
H2 200 B23430584.259352196;dc_ver=55.153;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=2157244650;ord=g5uvik;click=https%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3D00000000-0000-0000-0000-000000000000%26a... Show response
ad.doubleclick.net/ddm/adj/N1088238.3507436DBMXAXISSINGAPOR/ 25 KB
13 KB 143ms
64ms Script
text/javascript 172.217.22.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N1088238.3507436DBMXAXISSINGAPOR/B23430584.259352196;dc_ver=55.153;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=2157244650;ord=g5uvik;click=https%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3D00000000-0000-0000-0000-000000000000%26ag%3D%26sfe%3D0%26sig%3DBnkkbWxCFt4NqgjlUj-yZ02ytlmcO3L_lGtIihUpC2I.%26crid%3D8s4tcjep%26cf%3D%26fq%3D0%26td_s%3D%26rcats%3D%26mcat%3D%26mste%3D%26mfld%3D4%26mssi%3D%26mfsi%3D%26sv%3Dnoop%26uhow%3D%26agsa%3D%26rgco%3D%26rgre%3D%26rgme%3D%26rgci%3D%26rgz%3D%26dt%3D%26osf%3D%26os%3D%26br%3D%26svpid%3D%26rlangs%3Den%26mlang%3Den%26did%3D%26rcxt%3D%26tmpc%3D%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26c%3D%26dur%3D%26crrelr%3D%26npt%3D%26r%3D;dc_rfl=0,https%3A%2F%2Fconnect.themediatrust.com%2Fd%2F%3Fa%3D20384191744%26csid%3D3FhRAbDX28Ya$0;xdt=0;crlt=FWsf.(L1jS;sttr=11;prcl=s?

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v55.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s16-in-f38.1e100.net

Software

cafe /

Resource Hash

fdde4e098e2557bb3f30aa4a8d4de1986948cbed2b82d625fe68f287ea761807

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://connect.themediatrust.com/d/?a=20384191744&csid=3FhRAbDX28Ya
Sec-Fetch-Dest: script
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma: no-cache
date: Thu, 27 Feb 2020 09:05:20 GMT
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=UTF-8
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 12318
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 lidar.js Show response
www.googletagservices.com/activeview/js/current/ 75 KB
27 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/lidar.js?cache=r20110914

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1088238.3507436DBMXAXISSINGAPOR/B23430584.259352196;dc_ver=55.153;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=2157244650;ord=g5uvik;click=https%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3D00000000-0000-0000-0000-000000000000%26ag%3D%26sfe%3D0%26sig%3DBnkkbWxCFt4NqgjlUj-yZ02ytlmcO3L_lGtIihUpC2I.%26crid%3D8s4tcjep%26cf%3D%26fq%3D0%26td_s%3D%26rcats%3D%26mcat%3D%26mste%3D%26mfld%3D4%26mssi%3D%26mfsi%3D%26sv%3Dnoop%26uhow%3D%26agsa%3D%26rgco%3D%26rgre%3D%26rgme%3D%26rgci%3D%26rgz%3D%26dt%3D%26osf%3D%26os%3D%26br%3D%26svpid%3D%26rlangs%3Den%26mlang%3Den%26did%3D%26rcxt%3D%26tmpc%3D%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26c%3D%26dur%3D%26crrelr%3D%26npt%3D%26r%3D;dc_rfl=0,https%3A%2F%2Fconnect.themediatrust.com%2Fd%2F%3Fa%3D20384191744%26csid%3D3FhRAbDX28Ya$0;xdt=0;crlt=FWsf.(L1jS;sttr=11;prcl=s?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72595d24a89bf8ee5b3187f79a4fba97152f7512e0c78794be455b9e557cd388

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://connect.themediatrust.com/d/?a=20384191744&csid=3FhRAbDX28Ya
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 27 Feb 2020 09:05:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1582753860897921"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27938
x-xss-protection: 0
expires: Thu, 27 Feb 2020 09:05:20 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ 0
658 B 111ms
43ms Other
image/gif 172.217.22.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv6saeIT_hdgjS3QwbZXwzL0srxz-o54sgUgHGn6IzJaUgMWEmj-X-mp8FIzD4n95FK9E9qTb-flViJNuhLNG15bQ9XKYM8BPvncKxTEWeZgXLz9nfYFaM6Yi2JFL8mKkkVXHDJREQ&sig=Cg0ArKJSzDCUawmwTrB6EAE&urlfix=1&omid=0&rm=1&ctpt=2&cstd=0&cisv=r20200224.99204&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s17-in-f66.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://connect.themediatrust.com/d/?a=20384191744&csid=3FhRAbDX28Ya
Origin: https://connect.themediatrust.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 27 Feb 2020 09:05:21 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ 41 KB
15 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://connect.themediatrust.com/d/?a=20384191744&csid=3FhRAbDX28Ya
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 27 Feb 2020 07:42:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 May 2018 20:45:00 GMT
server: sffe
age: 5000
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
expires: Fri, 26 Feb 2021 07:42:00 GMT

GET
H2 200 728x90.jpg
s0.2mdn.net/9267732/ 20 KB
20 KB 125ms
103ms Image
image/jpeg 2a00:1450:4001:821::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9267732/728x90.jpg

Requested by

Host: connect.themediatrust.com
URL: https://connect.themediatrust.com/d/?a=20384191744&csid=3FhRAbDX28Ya

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8c69babbb9bb46c3afeafa919260cdede7cadc76b04bdda9292d5cd62e23d58b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://connect.themediatrust.com/d/?a=20384191744&csid=3FhRAbDX28Ya
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 27 Feb 2020 09:05:21 GMT
x-content-type-options: nosniff
last-modified: Thu, 31 Oct 2019 03:39:13 GMT
server: sffe
access-control-allow-origin: *
content-type: image/jpeg
status: 200
cache-control: public, max-age=86400
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 20530
x-xss-protection: 0
expires: Fri, 28 Feb 2020 09:05:21 GMT

GET
H2 200 Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame CB41 0
0 6ms
5ms Document
text/html 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://connect.themediatrust.com/d/?a=20384191744&csid=3FhRAbDX28Ya
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://connect.themediatrust.com/d/?a=20384191744&csid=3FhRAbDX28Ya

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 8395
date: Thu, 27 Feb 2020 07:42:27 GMT
expires: Fri, 26 Feb 2021 07:42:27 GMT
last-modified: Wed, 09 May 2018 20:45:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 4974
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ 0
57 B 41ms
40ms Other
image/gif 172.217.22.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s17-in-f66.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://connect.themediatrust.com/d/?a=20384191744&csid=3FhRAbDX28Ya
Origin: https://connect.themediatrust.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 27 Feb 2020 09:05:21 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ 42 B
110 B 15ms
14ms Image
image/gif 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu1flww0J5-qPMUhQ5wFU-wzB1ppjR_pK0UlodvqRtDT9Mn8ZIWauqDgscEU9vB2QNew3kihj-5Mg&sig=Cg0ArKJSzI0Vz1J96gfkEAE&id=lidar2&adk=2157244650&p=11,428,101,1156&tos=1008,0,0,0,0&mtos=1008,1008,1008,1008,1008&mcvt=1008&rs=5&tfs=2973&tls=3981&mc=1&lte=-1&bas=0&bac=0&met=no&avms=nio&niot_obs=2867&niot_cbk=2874&btr=0&lm=4&msd=0&bs=1600,1200&ps=1600,1200&ss=1600,1200&tt=1128&pt=2853&bin=2&deb=1-1-1-11-0-0-11-0-0-0&tvt=1112&url=https%3A%2F%2Fconnect.themediatrust.com%2Fd%2F%3Fa%3D20384191744%26csid%3D3FhRAbDX28Ya&itpl=32&r=v&v=20200226

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://connect.themediatrust.com/d/?a=20384191744&csid=3FhRAbDX28Ya
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Thu, 27 Feb 2020 09:05:25 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
c1.adform.net
cm.g.doubleclick.net
connect.themediatrust.com
fcmatch.google.com
fcmatch.youtube.com
googleads4.g.doubleclick.net
match.adsrvr.org
odr.mookie1.com
pagead2.googlesyndication.com
pixel.tapad.com
s0.2mdn.net
sg-gmtdmp.mookie1.com
tpc.googlesyndication.com
use-tor.adsrvr.org
www.googletagservices.com
x.bidswitch.net
172.217.22.38
172.217.22.66
209.15.224.17
216.58.206.2
2a00:1450:4001:808::2002
2a00:1450:4001:80b::200e
2a00:1450:4001:81a::2001
2a00:1450:4001:81d::200e
2a00:1450:4001:821::2002
2a00:1450:4001:821::2006
34.98.67.61
35.227.202.26
35.227.248.159
37.157.6.252
4.35.234.213
52.215.109.156
52.57.194.55
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ec7c1eac6e0f82237b25ed509bf0e48b3cd7f9d989e8e8cac94e8b39edcca46
35fde53f34f20d46cf31d1d7c942935af9f92d9f9090646568c980265597bb04
3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
72595d24a89bf8ee5b3187f79a4fba97152f7512e0c78794be455b9e557cd388
8c69babbb9bb46c3afeafa919260cdede7cadc76b04bdda9292d5cd62e23d58b
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
cc0069dab5b1c410fc8bb1a109f8ceb4792e4780bbe7ea9e969662a7d6e49915
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fdde4e098e2557bb3f30aa4a8d4de1986948cbed2b82d625fe68f287ea761807

connect.themediatrust.com Open in urlscan Pro 4.35.234.213 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

14 Requests

100 %HTTPS

35 %IPv6

12 Domains

17 Subdomains

10 IPs

5 Countries

91 kBTransfer

189 kBSize

0 Cookies

1 Outgoing links

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

0 Cookies

Indicators

connect.themediatrust.com Open in urlscan Pro
4.35.234.213 Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

100 %
HTTPS

35 %
IPv6

12
Domains

17
Subdomains

10
IPs

5
Countries

91 kB
Transfer

189 kB
Size

0
Cookies

14 HTTP transactions
0 data transactions