URL: https://connect.themediatrust.com/d/?a=20384191744&csid=3FhRAbDX28Ya
Submission: On February 27 via manual from SG

Summary

This website contacted 10 IPs in 5 countries across 12 domains to perform 14 HTTP transactions. The main IP is 4.35.234.213, located in Pittsburgh, United States and belongs to LEVEL3, US. The main domain is connect.themediatrust.com.
TLS certificate: Issued by Thawte RSA CA 2018 on July 10th 2018. Valid for: 2 years.
This is the only time connect.themediatrust.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Domain Requested by
5 odr.mookie1.com 5 redirects
3 www.googletagservices.com connect.themediatrust.com
www.googletagservices.com
ad.doubleclick.net
2 tpc.googlesyndication.com ad.doubleclick.net
tpc.googlesyndication.com
2 googleads4.g.doubleclick.net ad.doubleclick.net
2 c1.adform.net 2 redirects
2 x.bidswitch.net 2 redirects
2 pixel.tapad.com 2 redirects
2 cm.g.doubleclick.net 2 redirects
2 match.adsrvr.org 2 redirects
1 pagead2.googlesyndication.com
1 s0.2mdn.net connect.themediatrust.com
1 ad.doubleclick.net www.googletagservices.com
1 sg-gmtdmp.mookie1.com connect.themediatrust.com
1 fcmatch.youtube.com connect.themediatrust.com
1 fcmatch.google.com 1 redirects
1 use-tor.adsrvr.org connect.themediatrust.com
1 connect.themediatrust.com
14 17

This site contains links to these domains. Also see Links.

Domain
adclick.g.doubleclick.net
Subject Issuer Validity Valid
*.themediatrust.com
Thawte RSA CA 2018
2018-07-10 -
2020-07-09
2 years crt.sh
*.adsrvr.org
Trustwave Organization Validation SHA256 CA, Level 1
2019-03-07 -
2021-04-19
2 years crt.sh
*.google.com
GTS CA 1O1
2020-02-12 -
2020-05-06
3 months crt.sh
*.mookie1.com
DigiCert SHA2 Secure Server CA
2019-02-07 -
2020-03-22
a year crt.sh
*.g.doubleclick.net
GTS CA 1O1
2020-02-12 -
2020-05-06
3 months crt.sh
*.doubleclick.net
GTS CA 1O1
2020-02-12 -
2020-05-06
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1
2020-02-12 -
2020-05-06
3 months crt.sh

This page contains 2 frames:

Primary Page: https://connect.themediatrust.com/d/?a=20384191744&csid=3FhRAbDX28Ya
Frame ID: 6259312A8073D51CFB441FBF5F075F0B
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: CB412D7905FB50C71C13E746C40C6B0E
Requests: 1 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /Debian/i

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i

Page Statistics

14
Requests

100 %
HTTPS

35 %
IPv6

12
Domains

17
Subdomains

10
IPs

5
Countries

91 kB
Transfer

189 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=mookie-ps&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=mookie-ps&ttd_tpi=1 HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_2087&src.visitorId=800c6c5d-0e34-4eb8-b936-00d715405964 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dmp&google_hm=MTA4MTAwNDY0ODA5ODg1Njg4MjE&google_cm=&google_tc=&gdpr=0 HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_2739&src.visitorId=CAESEBqxny9ETeMVavz2ZeD4-Hk&gdpr=0&google_cver=1 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10524982698941327497&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_2086%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D&gdpr=0 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10524982698941327497&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_2086%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D&gdpr=0 HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_2086&src.visitorid=48685ec1-5940-11ea-8097-5e042b5043e4 HTTP 302
  • https://x.bidswitch.net/syncd?dsp_id=419&user_group=1&user_id=10524982698941327497&redir=%2F%2Fodr.mookie1.com%2Ft%2Fv2%2Fsync%3Ftagid%3DV2_790370%26src.visitorId%3D%24%7BBSW_UID%7D&gdpr=0 HTTP 302
  • https://x.bidswitch.net/ul_cb/syncd?dsp_id=419&user_group=1&user_id=10524982698941327497&redir=%2F%2Fodr.mookie1.com%2Ft%2Fv2%2Fsync%3Ftagid%3DV2_790370%26src.visitorId%3D%24%7BBSW_UID%7D&gdpr=0 HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790370&src.visitorId=5d39f58a-ec8c-4f3f-b69e-7ce75ee4a9c2 HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=1162&cid=10524982698941327497&gdpr=0 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1162&cid=10524982698941327497&gdpr=0 HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_514521&src.visitorId=6198298086892538364 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=groupm_adh&google_hm=MTA1MjQ5ODI2OTg5NDEzMjc0OTc&google_cm&gdpr=0 HTTP 302
  • https://fcmatch.google.com/pixel?google_gm=AMnCDoqEsWA7vVbYv6zuaCJpTWKRrUnfwXS5jCAq-uRSCokSfD6QgRCdKmi9Vl7t0j1BQYnIRC6DAGKsFEmnz9XWZ8Y0IdbY9IBn2EpKj2TVK0bk8cH9U6w HTTP 302
  • https://fcmatch.youtube.com/pixel?google_gm=AMnCDoqEsWA7vVbYv6zuaCJpTWKRrUnfwXS5jCAq-uRSCokSfD6QgRCdKmi9Vl7t0j1BQYnIRC6DAGKsFEmnz9XWZ8Y0IdbY9IBn2EpKj2TVK0bk8cH9U6w

14 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
connect.themediatrust.com/d/
2 KB
1 KB
Document
General
Full URL
https://connect.themediatrust.com/d/?a=20384191744&csid=3FhRAbDX28Ya
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
4.35.234.213 Pittsburgh, United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.4.25 (Debian) / PHP/7.0.30-0+deb9u1
Resource Hash
35fde53f34f20d46cf31d1d7c942935af9f92d9f9090646568c980265597bb04

Request headers

Host
connect.themediatrust.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document

Response headers

Date
Thu, 27 Feb 2020 09:05:20 GMT
Server
Apache/2.4.25 (Debian)
X-Powered-By
PHP/7.0.30-0+deb9u1
Vary
Accept-Encoding
Content-Encoding
gzip
Cache-Control
max-age=0
Expires
Thu, 27 Feb 2020 09:05:20 GMT
Content-Length
830
Connection
close
Content-Type
text/html; charset=UTF-8
noop
use-tor.adsrvr.org/bid/feedback/
807 B
971 B
Image
General
Full URL
https://use-tor.adsrvr.org/bid/feedback/noop?iid=00000000-0000-0000-0000-000000000000&crid=8s4tcjep&wp=&aid=&wpc=&sfe=0&puid=&tdid=00000000-0000-0000-0000-000000000000&pid=&ag=&sig=BnkkbWxCFt4NqgjlUj-yZ02ytlmcO3L_lGtIihUpC2I.&cf=&fq=0&td_s=&rcats=&mcat=&mste=&mfld=4&mssi=&mfsi=&uhow=&agsa=&rgco=&rgre=&rgme=&rgci=&rgz=&svbttd=0&dt=&osf=&os=&br=&rlangs=en&mlang=en&svpid=&did=&rcxt=&lat=&lon=&tmpc=&daid=&vp=0&osi=&osv=&c=&dur=&crrelr=
Requested by
Host: connect.themediatrust.com
URL: https://connect.themediatrust.com/d/?a=20384191744&csid=3FhRAbDX28Ya
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.15.224.17 Toronto, Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
/
Resource Hash
3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d

Request headers

Referer
https://connect.themediatrust.com/d/?a=20384191744&csid=3FhRAbDX28Ya
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Thu, 27 Feb 2020 09:05:20 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
status
200
cache-control
no-cache, must-revalidate
content-type
image/gif
content-length
807
expires
-1
pixel
fcmatch.youtube.com/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=mookie-ps&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=mookie-ps&ttd_tpi=1
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_2087&src.visitorId=800c6c5d-0e34-4eb8-b936-00d715405964
  • https://cm.g.doubleclick.net/pixel?google_nid=xaxis_dmp&google_hm=MTA4MTAwNDY0ODA5ODg1Njg4MjE&google_cm=&google_tc=&gdpr=0
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_2739&src.visitorId=CAESEBqxny9ETeMVavz2ZeD4-Hk&gdpr=0&google_cver=1
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10524982698941327497&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_2086%26src.visitorid%3D%24%7BTA_DEVI...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10524982698941327497&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_2086%26src.visitorid%3D%24%7BT...
  • https://odr.mookie1.com/t/v2?tagid=V2_2086&src.visitorid=48685ec1-5940-11ea-8097-5e042b5043e4
  • https://x.bidswitch.net/syncd?dsp_id=419&user_group=1&user_id=10524982698941327497&redir=%2F%2Fodr.mookie1.com%2Ft%2Fv2%2Fsync%3Ftagid%3DV2_790370%26src.visitorId%3D%24%7BBSW_UID%7D&gdpr=0
  • https://x.bidswitch.net/ul_cb/syncd?dsp_id=419&user_group=1&user_id=10524982698941327497&redir=%2F%2Fodr.mookie1.com%2Ft%2Fv2%2Fsync%3Ftagid%3DV2_790370%26src.visitorId%3D%24%7BBSW_UID%7D&gdpr=0
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790370&src.visitorId=5d39f58a-ec8c-4f3f-b69e-7ce75ee4a9c2
  • https://c1.adform.net/serving/cookie/match?party=1162&cid=10524982698941327497&gdpr=0
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1162&cid=10524982698941327497&gdpr=0
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_514521&src.visitorId=6198298086892538364
  • https://cm.g.doubleclick.net/pixel?google_nid=groupm_adh&google_hm=MTA1MjQ5ODI2OTg5NDEzMjc0OTc&google_cm&gdpr=0
  • https://fcmatch.google.com/pixel?google_gm=AMnCDoqEsWA7vVbYv6zuaCJpTWKRrUnfwXS5jCAq-uRSCokSfD6QgRCdKmi9Vl7t0j1BQYnIRC6DAGKsFEmnz9XWZ8Y0IdbY9IBn2EpKj2TVK0bk8cH9U6w
  • https://fcmatch.youtube.com/pixel?google_gm=AMnCDoqEsWA7vVbYv6zuaCJpTWKRrUnfwXS5jCAq-uRSCokSfD6QgRCdKmi9Vl7t0j1BQYnIRC6DAGKsFEmnz9XWZ8Y0IdbY9IBn2EpKj2TVK0bk8cH9U6w
170 B
502 B
Image
General
Full URL
https://fcmatch.youtube.com/pixel?google_gm=AMnCDoqEsWA7vVbYv6zuaCJpTWKRrUnfwXS5jCAq-uRSCokSfD6QgRCdKmi9Vl7t0j1BQYnIRC6DAGKsFEmnz9XWZ8Y0IdbY9IBn2EpKj2TVK0bk8cH9U6w
Requested by
Host: connect.themediatrust.com
URL: https://connect.themediatrust.com/d/?a=20384191744&csid=3FhRAbDX28Ya
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://connect.themediatrust.com/d/?a=20384191744&csid=3FhRAbDX28Ya
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 27 Feb 2020 09:05:23 GMT
server
HTTP server (unknown)
x-frame-options
SAMEORIGIN
content-type
image/png
status
200
cache-control
no-cache, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 27 Feb 2020 09:05:23 GMT
server
HTTP server (unknown)
location
https://fcmatch.youtube.com/pixel?google_gm=AMnCDoqEsWA7vVbYv6zuaCJpTWKRrUnfwXS5jCAq-uRSCokSfD6QgRCdKmi9Vl7t0j1BQYnIRC6DAGKsFEmnz9XWZ8Y0IdbY9IBn2EpKj2TVK0bk8cH9U6w
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
status
302
cache-control
no-cache, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
360
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
imp
sg-gmtdmp.mookie1.com/t/v2/
43 B
582 B
Image
General
Full URL
https://sg-gmtdmp.mookie1.com/t/v2/imp?tagid=V2_359&src.rand=%TTD_CACHEBUSTER%&src.campaignID=&src.adgroupID=
Requested by
Host: connect.themediatrust.com
URL: https://connect.themediatrust.com/d/?a=20384191744&csid=3FhRAbDX28Ya
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.227.202.26 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
26.202.227.35.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://connect.themediatrust.com/d/?a=20384191744&csid=3FhRAbDX28Ya
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Thu, 27 Feb 2020 09:05:21 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
dcmads.js
www.googletagservices.com/dcm/
4 KB
2 KB
Script
General
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: connect.themediatrust.com
URL: https://connect.themediatrust.com/d/?a=20384191744&csid=3FhRAbDX28Ya
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc0069dab5b1c410fc8bb1a109f8ceb4792e4780bbe7ea9e969662a7d6e49915
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://connect.themediatrust.com/d/?a=20384191744&csid=3FhRAbDX28Ya
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 27 Feb 2020 08:35:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 24 Oct 2019 14:04:48 GMT
server
sffe
age
1804
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=3600
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
2032
x-xss-protection
0
expires
Thu, 27 Feb 2020 09:35:16 GMT
impl_v55.js
www.googletagservices.com/dcm/
22 KB
9 KB
Script
General
Full URL
https://www.googletagservices.com/dcm/impl_v55.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0ec7c1eac6e0f82237b25ed509bf0e48b3cd7f9d989e8e8cac94e8b39edcca46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://connect.themediatrust.com/d/?a=20384191744&csid=3FhRAbDX28Ya
Sec-Fetch-Dest
script
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Thu, 27 Feb 2020 00:33:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 21 Oct 2019 14:05:29 GMT
server
sffe
age
30740
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
9535
x-xss-protection
0
expires
Fri, 26 Feb 2021 00:33:00 GMT
B23430584.259352196;dc_ver=55.153;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=2157244650;ord=g5uvik;click=https%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3D00000000-0000-0000-0000-000000000000%26a...
ad.doubleclick.net/ddm/adj/N1088238.3507436DBMXAXISSINGAPOR/
25 KB
13 KB
Script
General
Full URL
https://ad.doubleclick.net/ddm/adj/N1088238.3507436DBMXAXISSINGAPOR/B23430584.259352196;dc_ver=55.153;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=2157244650;ord=g5uvik;click=https%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3D00000000-0000-0000-0000-000000000000%26ag%3D%26sfe%3D0%26sig%3DBnkkbWxCFt4NqgjlUj-yZ02ytlmcO3L_lGtIihUpC2I.%26crid%3D8s4tcjep%26cf%3D%26fq%3D0%26td_s%3D%26rcats%3D%26mcat%3D%26mste%3D%26mfld%3D4%26mssi%3D%26mfsi%3D%26sv%3Dnoop%26uhow%3D%26agsa%3D%26rgco%3D%26rgre%3D%26rgme%3D%26rgci%3D%26rgz%3D%26dt%3D%26osf%3D%26os%3D%26br%3D%26svpid%3D%26rlangs%3Den%26mlang%3Den%26did%3D%26rcxt%3D%26tmpc%3D%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26c%3D%26dur%3D%26crrelr%3D%26npt%3D%26r%3D;dc_rfl=0,https%3A%2F%2Fconnect.themediatrust.com%2Fd%2F%3Fa%3D20384191744%26csid%3D3FhRAbDX28Ya$0;xdt=0;crlt=FWsf.(L1jS;sttr=11;prcl=s?
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v55.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s16-in-f38.1e100.net
Software
cafe /
Resource Hash
fdde4e098e2557bb3f30aa4a8d4de1986948cbed2b82d625fe68f287ea761807
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://connect.themediatrust.com/d/?a=20384191744&csid=3FhRAbDX28Ya
Sec-Fetch-Dest
script
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma
no-cache
date
Thu, 27 Feb 2020 09:05:20 GMT
content-encoding
br
x-content-type-options
nosniff
content-type
text/javascript; charset=UTF-8
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
12318
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
lidar.js
www.googletagservices.com/activeview/js/current/
75 KB
27 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/lidar.js?cache=r20110914
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1088238.3507436DBMXAXISSINGAPOR/B23430584.259352196;dc_ver=55.153;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=2157244650;ord=g5uvik;click=https%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3D00000000-0000-0000-0000-000000000000%26ag%3D%26sfe%3D0%26sig%3DBnkkbWxCFt4NqgjlUj-yZ02ytlmcO3L_lGtIihUpC2I.%26crid%3D8s4tcjep%26cf%3D%26fq%3D0%26td_s%3D%26rcats%3D%26mcat%3D%26mste%3D%26mfld%3D4%26mssi%3D%26mfsi%3D%26sv%3Dnoop%26uhow%3D%26agsa%3D%26rgco%3D%26rgre%3D%26rgme%3D%26rgci%3D%26rgz%3D%26dt%3D%26osf%3D%26os%3D%26br%3D%26svpid%3D%26rlangs%3Den%26mlang%3Den%26did%3D%26rcxt%3D%26tmpc%3D%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26c%3D%26dur%3D%26crrelr%3D%26npt%3D%26r%3D;dc_rfl=0,https%3A%2F%2Fconnect.themediatrust.com%2Fd%2F%3Fa%3D20384191744%26csid%3D3FhRAbDX28Ya$0;xdt=0;crlt=FWsf.(L1jS;sttr=11;prcl=s?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
72595d24a89bf8ee5b3187f79a4fba97152f7512e0c78794be455b9e557cd388
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://connect.themediatrust.com/d/?a=20384191744&csid=3FhRAbDX28Ya
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 27 Feb 2020 09:05:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1582753860897921"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
27938
x-xss-protection
0
expires
Thu, 27 Feb 2020 09:05:20 GMT
view
googleads4.g.doubleclick.net/pcs/
0
658 B
Other
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv6saeIT_hdgjS3QwbZXwzL0srxz-o54sgUgHGn6IzJaUgMWEmj-X-mp8FIzD4n95FK9E9qTb-flViJNuhLNG15bQ9XKYM8BPvncKxTEWeZgXLz9nfYFaM6Yi2JFL8mKkkVXHDJREQ&sig=Cg0ArKJSzDCUawmwTrB6EAE&urlfix=1&omid=0&rm=1&ctpt=2&cstd=0&cisv=r20200224.99204&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1088238.3507436DBMXAXISSINGAPOR/B23430584.259352196;dc_ver=55.153;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=2157244650;ord=g5uvik;click=https%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3D00000000-0000-0000-0000-000000000000%26ag%3D%26sfe%3D0%26sig%3DBnkkbWxCFt4NqgjlUj-yZ02ytlmcO3L_lGtIihUpC2I.%26crid%3D8s4tcjep%26cf%3D%26fq%3D0%26td_s%3D%26rcats%3D%26mcat%3D%26mste%3D%26mfld%3D4%26mssi%3D%26mfsi%3D%26sv%3Dnoop%26uhow%3D%26agsa%3D%26rgco%3D%26rgre%3D%26rgme%3D%26rgci%3D%26rgz%3D%26dt%3D%26osf%3D%26os%3D%26br%3D%26svpid%3D%26rlangs%3Den%26mlang%3Den%26did%3D%26rcxt%3D%26tmpc%3D%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26c%3D%26dur%3D%26crrelr%3D%26npt%3D%26r%3D;dc_rfl=0,https%3A%2F%2Fconnect.themediatrust.com%2Fd%2F%3Fa%3D20384191744%26csid%3D3FhRAbDX28Ya$0;xdt=0;crlt=FWsf.(L1jS;sttr=11;prcl=s?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s17-in-f66.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://connect.themediatrust.com/d/?a=20384191744&csid=3FhRAbDX28Ya
Origin
https://connect.themediatrust.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 27 Feb 2020 09:05:21 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
private
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
UFYwWwmt.js
tpc.googlesyndication.com/sodar/
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1088238.3507436DBMXAXISSINGAPOR/B23430584.259352196;dc_ver=55.153;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=2157244650;ord=g5uvik;click=https%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3D00000000-0000-0000-0000-000000000000%26ag%3D%26sfe%3D0%26sig%3DBnkkbWxCFt4NqgjlUj-yZ02ytlmcO3L_lGtIihUpC2I.%26crid%3D8s4tcjep%26cf%3D%26fq%3D0%26td_s%3D%26rcats%3D%26mcat%3D%26mste%3D%26mfld%3D4%26mssi%3D%26mfsi%3D%26sv%3Dnoop%26uhow%3D%26agsa%3D%26rgco%3D%26rgre%3D%26rgme%3D%26rgci%3D%26rgz%3D%26dt%3D%26osf%3D%26os%3D%26br%3D%26svpid%3D%26rlangs%3Den%26mlang%3Den%26did%3D%26rcxt%3D%26tmpc%3D%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26c%3D%26dur%3D%26crrelr%3D%26npt%3D%26r%3D;dc_rfl=0,https%3A%2F%2Fconnect.themediatrust.com%2Fd%2F%3Fa%3D20384191744%26csid%3D3FhRAbDX28Ya$0;xdt=0;crlt=FWsf.(L1jS;sttr=11;prcl=s?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://connect.themediatrust.com/d/?a=20384191744&csid=3FhRAbDX28Ya
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 27 Feb 2020 07:42:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 May 2018 20:45:00 GMT
server
sffe
age
5000
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
15207
x-xss-protection
0
expires
Fri, 26 Feb 2021 07:42:00 GMT
728x90.jpg
s0.2mdn.net/9267732/
20 KB
20 KB
Image
General
Full URL
https://s0.2mdn.net/9267732/728x90.jpg
Requested by
Host: connect.themediatrust.com
URL: https://connect.themediatrust.com/d/?a=20384191744&csid=3FhRAbDX28Ya
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8c69babbb9bb46c3afeafa919260cdede7cadc76b04bdda9292d5cd62e23d58b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://connect.themediatrust.com/d/?a=20384191744&csid=3FhRAbDX28Ya
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 27 Feb 2020 09:05:21 GMT
x-content-type-options
nosniff
last-modified
Thu, 31 Oct 2019 03:39:13 GMT
server
sffe
access-control-allow-origin
*
content-type
image/jpeg
status
200
cache-control
public, max-age=86400
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
20530
x-xss-protection
0
expires
Fri, 28 Feb 2020 09:05:21 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame CB41
0
0
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://connect.themediatrust.com/d/?a=20384191744&csid=3FhRAbDX28Ya
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://connect.themediatrust.com/d/?a=20384191744&csid=3FhRAbDX28Ya

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
8395
date
Thu, 27 Feb 2020 07:42:27 GMT
expires
Fri, 26 Feb 2021 07:42:27 GMT
last-modified
Wed, 09 May 2018 20:45:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
4974
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
view
googleads4.g.doubleclick.net/pcs/
0
57 B
Other
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv6saeIT_hdgjS3QwbZXwzL0srxz-o54sgUgHGn6IzJaUgMWEmj-X-mp8FIzD4n95FK9E9qTb-flViJNuhLNG15bQ9XKYM8BPvncKxTEWeZgXLz9nfYFaM6Yi2JFL8mKkkVXHDJREQ&sig=Cg0ArKJSzDCUawmwTrB6EAE&urlfix=1&omid=0&rm=1&ctpt=134&vt=11&dtpt=132&dett=2&cstd=0&cisv=r20200224.99204&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1088238.3507436DBMXAXISSINGAPOR/B23430584.259352196;dc_ver=55.153;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=2157244650;ord=g5uvik;click=https%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3D00000000-0000-0000-0000-000000000000%26ag%3D%26sfe%3D0%26sig%3DBnkkbWxCFt4NqgjlUj-yZ02ytlmcO3L_lGtIihUpC2I.%26crid%3D8s4tcjep%26cf%3D%26fq%3D0%26td_s%3D%26rcats%3D%26mcat%3D%26mste%3D%26mfld%3D4%26mssi%3D%26mfsi%3D%26sv%3Dnoop%26uhow%3D%26agsa%3D%26rgco%3D%26rgre%3D%26rgme%3D%26rgci%3D%26rgz%3D%26dt%3D%26osf%3D%26os%3D%26br%3D%26svpid%3D%26rlangs%3Den%26mlang%3Den%26did%3D%26rcxt%3D%26tmpc%3D%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26c%3D%26dur%3D%26crrelr%3D%26npt%3D%26r%3D;dc_rfl=0,https%3A%2F%2Fconnect.themediatrust.com%2Fd%2F%3Fa%3D20384191744%26csid%3D3FhRAbDX28Ya$0;xdt=0;crlt=FWsf.(L1jS;sttr=11;prcl=s?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s17-in-f66.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://connect.themediatrust.com/d/?a=20384191744&csid=3FhRAbDX28Ya
Origin
https://connect.themediatrust.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 27 Feb 2020 09:05:21 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
private
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/
42 B
110 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu1flww0J5-qPMUhQ5wFU-wzB1ppjR_pK0UlodvqRtDT9Mn8ZIWauqDgscEU9vB2QNew3kihj-5Mg&sig=Cg0ArKJSzI0Vz1J96gfkEAE&id=lidar2&adk=2157244650&p=11,428,101,1156&tos=1008,0,0,0,0&mtos=1008,1008,1008,1008,1008&mcvt=1008&rs=5&tfs=2973&tls=3981&mc=1&lte=-1&bas=0&bac=0&met=no&avms=nio&niot_obs=2867&niot_cbk=2874&btr=0&lm=4&msd=0&bs=1600,1200&ps=1600,1200&ss=1600,1200&tt=1128&pt=2853&bin=2&deb=1-1-1-11-0-0-11-0-0-0&tvt=1112&url=https%3A%2F%2Fconnect.themediatrust.com%2Fd%2F%3Fa%3D20384191744%26csid%3D3FhRAbDX28Ya&itpl=32&r=v&v=20200226
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://connect.themediatrust.com/d/?a=20384191744&csid=3FhRAbDX28Ya
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Thu, 27 Feb 2020 09:05:25 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| dcmads function| Goog_Common_getAdAdapterInstance object| goog_ddm_ps function| clsn object| dicnf function| btrp function| pdib3 function| vv function| stcc object| GoogleTyFxhY object| google_js_reporting_queue number| __google_lidar_ function| __google_lidar_radf_ number| __google_lidar_adblocks_count_ object| google_image_requests

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
c1.adform.net
cm.g.doubleclick.net
connect.themediatrust.com
fcmatch.google.com
fcmatch.youtube.com
googleads4.g.doubleclick.net
match.adsrvr.org
odr.mookie1.com
pagead2.googlesyndication.com
pixel.tapad.com
s0.2mdn.net
sg-gmtdmp.mookie1.com
tpc.googlesyndication.com
use-tor.adsrvr.org
www.googletagservices.com
x.bidswitch.net
172.217.22.38
172.217.22.66
209.15.224.17
216.58.206.2
2a00:1450:4001:808::2002
2a00:1450:4001:80b::200e
2a00:1450:4001:81a::2001
2a00:1450:4001:81d::200e
2a00:1450:4001:821::2002
2a00:1450:4001:821::2006
34.98.67.61
35.227.202.26
35.227.248.159
37.157.6.252
4.35.234.213
52.215.109.156
52.57.194.55
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ec7c1eac6e0f82237b25ed509bf0e48b3cd7f9d989e8e8cac94e8b39edcca46
35fde53f34f20d46cf31d1d7c942935af9f92d9f9090646568c980265597bb04
3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
72595d24a89bf8ee5b3187f79a4fba97152f7512e0c78794be455b9e557cd388
8c69babbb9bb46c3afeafa919260cdede7cadc76b04bdda9292d5cd62e23d58b
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
cc0069dab5b1c410fc8bb1a109f8ceb4792e4780bbe7ea9e969662a7d6e49915
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fdde4e098e2557bb3f30aa4a8d4de1986948cbed2b82d625fe68f287ea761807