urlscan.io logo urlscan.io
SecurityTrails logo

www.mgid.com Open in urlscan Pro
104.16.130.5  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://cs-api.postquare.com/gas-api/click.json?spid=705487361&swebid=131559&ssubid=&dpid=-199228&dwebid=199228&wid=90524&ll=...
Effective URL: https://www.mgid.com/ghits/3685525/i/80129/0/src/131559/pp/1/1?h=GrJe0G2lryJuZsc9Hf3iokI7lhT75krHXv3fqa-uNFFLHNgX0n76...
Submission: On July 14 via manual from RO
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 4 countries across 3 domains to perform 2 HTTP transactions. The main IP is 104.16.130.5, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is www.mgid.com.
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on March 13th 2019. Valid for: 6 months.
This is the only time www.mgid.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 95.142.20.17 20645 (PUREPEAK-ASN)
2 3 104.16.130.5 13335 (CLOUDFLAR...)
2 2
Apex Domain
Subdomains		 Transfer
3 mgid.com
www.mgid.com
2 KB
1 postquare.com
cs-api.postquare.com
748 B
0 tagcdn.com Failed
afx.tagcdn.com Failed
2 3
Domain Requested by
3 www.mgid.com 2 redirects
1 cs-api.postquare.com 1 redirects
0 afx.tagcdn.com Failed www.mgid.com
2 3

This site contains no links.

Subject Issuer Validity Valid
ssl382979.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-03-13 -
2019-09-19		 6 months crt.sh

This page contains 1 frames:

Frame: https://afx.tagcdn.com/uredir//172764//da2///%2F%2Fscientificnewsforyou.com%2F49%2Fflexa-op-med-m%2Fgps%2F%3Fac%3Dda2%26aid%3D172764%26custom1%3DDEmgid%26custom2%3D15762459%26hp%3D1%26rfc%3DDE%26rpc%3Dfplo%26token%3Ducim2ui684DA10835DADE
Frame ID: 39CA08669F2102DFF3E183724866C9C2
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://cs-api.postquare.com/gas-api/click.json?spid=705487361&swebid=131559&ssubid=&dpid=-199228&dwebid=... HTTP 302
    https://www.mgid.com/ghits/3857636/i/80129/0/src/131559/pp/4/1?h=i1lAJAL-h2kQCfEGw3Uf4VHTbeeff0PZ... HTTP 301
    http://www.mgid.com/ghits/3685525/i/80129/0/src/131559/pp/1/1?h=GrJe0G2lryJuZsc9Hf3iokI7lhT75krH... HTTP 301
    https://www.mgid.com/ghits/3685525/i/80129/0/src/131559/pp/1/1?h=GrJe0G2lryJuZsc9Hf3iokI7lhT75krH... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

2
Requests

50 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

4
Countries

1 kB
Transfer

1 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://cs-api.postquare.com/gas-api/click.json?spid=705487361&swebid=131559&ssubid=&dpid=-199228&dwebid=199228&wid=90524&ll=8&target=https%3A%2F%2Fwww.mgid.com%2Fghits%2F3857636%2Fi%2F80129%2F0%2Fsrc%2F131559%2Fpp%2F4%2F1%3Fh%3Di1lAJAL-h2kQCfEGw3Uf4VHTbeeff0PZieWzVYuFwXpdolkkGywOOBqcPxeyS422%26rid%3Dcadfd572-a62b-11e9-a302-e4434b3ed018%26tt%3DDirect&rectype=4&posttype=2&reqp=E345CXmZrbO4BBHmUo9JTMOcPNGtXboUoHvv5A%253D%253D&reqid=94827080-1ec9-4993-b5e1-1585d4d50359&c=Mi44MjAwMDAy&widprfl=-1&url=pl5dorDYsqrwjU0gDl2TCQ6FTuhXycf76PaCGV2mU%252FZ4W%252FOBtojveFLQrAMw%252BJUH5sLhq7MWCwrpM0jdhrhz6Xky%252BW10xZqUvxKvB2s5Mgl%252FP1dCalSZUWHbI4u7I1WclDgR%252FSF3n0%252BhuexTHkDFwfBDRc81UWf8QD%252Bqelgvg57Mxah6RIopyDH88PdJnphmrQfHM3UvwexW4f7dGSebhAiWREdgxy%252BEA9GESNGH%252BWvCmKbX2HvCGRJUeK8NxbLQ891%252FrqfLuBWBojV%252F&sessid=15b049f0-c847-c591-8970-0279df97cfda HTTP 302
    https://www.mgid.com/ghits/3857636/i/80129/0/src/131559/pp/4/1?h=i1lAJAL-h2kQCfEGw3Uf4VHTbeeff0PZieWzVYuFwXpdolkkGywOOBqcPxeyS422&rid=cadfd572-a62b-11e9-a302-e4434b3ed018&tt=Direct&eng_source=131559&eng_subid=null&eng_click=437e1cd24f3842c9b489bde58f03e5bb HTTP 301
    http://www.mgid.com/ghits/3685525/i/80129/0/src/131559/pp/1/1?h=GrJe0G2lryJuZsc9Hf3iokI7lhT75krHXv3fqa-uNFFLHNgX0n764hUh1MVATkzo&rid=cadfd572-a62b-11e9-a302-e4434b3ed018&tt=Direct&eng_click=437e1cd24f3842c9b489bde58f03e5bb&eng_source=131559&eng_subid=null&similar=3857636&ts=&tt=Direct HTTP 301
    https://www.mgid.com/ghits/3685525/i/80129/0/src/131559/pp/1/1?h=GrJe0G2lryJuZsc9Hf3iokI7lhT75krHXv3fqa-uNFFLHNgX0n764hUh1MVATkzo&rid=cadfd572-a62b-11e9-a302-e4434b3ed018&tt=Direct&eng_click=437e1cd24f3842c9b489bde58f03e5bb&eng_source=131559&eng_subid=null&similar=3857636&ts=&tt=Direct Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://track.makeitbig.info/click.php?c=55&key=da85k4uz09o00obtnr55j656&widget_id=56995760s131559&teaser_id=3685525&campaign_id=602556&click_id=fa88437d99edd0e3f33696cd13b166e3&fa88437d99edd0e3f33696cd13b166e3&utm_medium=cpc&utm_source=mgid.com&utm_campaign=FlexaDE&utm_term=56995760s131559&utm_content=3685525 HTTP 302
  • http://dahit.co/9geyAM?aid=172764&token=ucim2ui684DA10835DADE&rfc=DE&custom1=DEmgid&custom2=15762459 HTTP 302
  • https://scientificnewsforyou.com/49/flexa-op-med-m/gps/?ac=da2&aid=172764&custom1=DEmgid&custom2=15762459&hp=1&rfc=DE&rpc=fplo&token=ucim2ui684DA10835DADE HTTP 302
  • https://afx.tagcdn.com/uredir//172764//da2///%2F%2Fscientificnewsforyou.com%2F49%2Fflexa-op-med-m%2Fgps%2F%3Fac%3Dda2%26aid%3D172764%26custom1%3DDEmgid%26custom2%3D15762459%26hp%3D1%26rfc%3DDE%26rpc%3Dfplo%26token%3Ducim2ui684DA10835DADE

2 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 1
www.mgid.com/ghits/3685525/i/80129/0/src/131559/pp/1/
Redirect Chain
  • https://cs-api.postquare.com/gas-api/click.json?spid=705487361&swebid=131559&ssubid=&dpid=-199228&dwebid=199228&wid=90524&ll=8&target=https%3A%2F%2Fwww.mgid.com%2Fghits%2F3857636%2Fi%2F80129%2F0%2F...
  • https://www.mgid.com/ghits/3857636/i/80129/0/src/131559/pp/4/1?h=i1lAJAL-h2kQCfEGw3Uf4VHTbeeff0PZieWzVYuFwXpdolkkGywOOBqcPxeyS422&rid=cadfd572-a62b-11e9-a302-e4434b3ed018&tt=Direct&eng_source=13155...
  • http://www.mgid.com/ghits/3685525/i/80129/0/src/131559/pp/1/1?h=GrJe0G2lryJuZsc9Hf3iokI7lhT75krHXv3fqa-uNFFLHNgX0n764hUh1MVATkzo&rid=cadfd572-a62b-11e9-a302-e4434b3ed018&tt=Direct&eng_click=437e1cd...
  • https://www.mgid.com/ghits/3685525/i/80129/0/src/131559/pp/1/1?h=GrJe0G2lryJuZsc9Hf3iokI7lhT75krHXv3fqa-uNFFLHNgX0n764hUh1MVATkzo&rid=cadfd572-a62b-11e9-a302-e4434b3ed018&tt=Direct&eng_click=437e1c...
890 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.mgid.com/ghits/3685525/i/80129/0/src/131559/pp/1/1?h=GrJe0G2lryJuZsc9Hf3iokI7lhT75krHXv3fqa-uNFFLHNgX0n764hUh1MVATkzo&rid=cadfd572-a62b-11e9-a302-e4434b3ed018&tt=Direct&eng_click=437e1cd24f3842c9b489bde58f03e5bb&eng_source=131559&eng_subid=null&similar=3857636&ts=&tt=Direct
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.130.5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
www.mgid.com
:scheme
https
:path
/ghits/3685525/i/80129/0/src/131559/pp/1/1?h=GrJe0G2lryJuZsc9Hf3iokI7lhT75krHXv3fqa-uNFFLHNgX0n764hUh1MVATkzo&rid=cadfd572-a62b-11e9-a302-e4434b3ed018&tt=Direct&eng_click=437e1cd24f3842c9b489bde58f03e5bb&eng_source=131559&eng_subid=null&similar=3857636&ts=&tt=Direct
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
referer
https://www.btolat.com/

Response headers

status
200
date
Sun, 14 Jul 2019 14:21:46 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=ddeb9ea7020abe3b8922aaa164185a4151563114103; expires=Mon, 13-Jul-20 14:21:43 GMT; path=/; domain=.mgid.com; HttpOnly; Secure muidn=j6eHu8AFRtl7;Domain=.mgid.com;Secure;SameSite=None;Path=/;Expires=Tue, 19-Jan-2038 03:14:08 GMT; mgid=3685525; expires=Mon, 15-Jul-2019 14:21:46 GMT; Max-Age=86400; path=/; domain=.mgid.com; HttpOnly mtid=80129; expires=Mon, 15-Jul-2019 14:21:46 GMT; Max-Age=86400; path=/; domain=.mgid.com; HttpOnly mtuid=56995760s131559; expires=Mon, 15-Jul-2019 14:21:46 GMT; Max-Age=86400; path=/; domain=.mgid.com; HttpOnly mstatus=0; expires=Mon, 15-Jul-2019 14:21:46 GMT; Max-Age=86400; path=/; domain=.mgid.com; HttpOnly mghd=track.makeitbig.info; expires=Mon, 15-Jul-2019 14:21:46 GMT; Max-Age=86400; path=/; domain=.mgid.com; HttpOnly
vary
Accept-Encoding
x-mg-time
1563114106401
x-mg-transit-referer
-
access-control-allow-credentials
true
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
pragma
no-cache
cache-control
no-cache
expires
Thu, 01 Jan 1970 00:00:01 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4f6425085aa09be5-AMS
content-encoding
br

Redirect headers

Date
Sun, 14 Jul 2019 14:21:42 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=3600
Expires
Sun, 14 Jul 2019 15:21:42 GMT
Location
https://www.mgid.com/ghits/3685525/i/80129/0/src/131559/pp/1/1?h=GrJe0G2lryJuZsc9Hf3iokI7lhT75krHXv3fqa-uNFFLHNgX0n764hUh1MVATkzo&rid=cadfd572-a62b-11e9-a302-e4434b3ed018&tt=Direct&eng_click=437e1cd24f3842c9b489bde58f03e5bb&eng_source=131559&eng_subid=null&similar=3857636&ts=&tt=Direct
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
4f642507aa76c769-AMS
%2F%2Fscientificnewsforyou.com%2F49%2Fflexa-op-med-m%2Fgps%2F%3Fac%3Dda2%26aid%3D172764%26custom1%3DDEmgid%26custom2%3D15762459%26hp%3D1%26rfc%3DDE%26rpc%3Dfplo%26token%3Ducim2ui684DA10835DADE
afx.tagcdn.com/uredir//172764//da2///
Redirect Chain
  • http://track.makeitbig.info/click.php?c=55&key=da85k4uz09o00obtnr55j656&widget_id=56995760s131559&teaser_id=3685525&campaign_id=602556&click_id=fa88437d99edd0e3f33696cd13b166e3&fa88437d99edd0e3f336...
  • http://dahit.co/9geyAM?aid=172764&token=ucim2ui684DA10835DADE&rfc=DE&custom1=DEmgid&custom2=15762459
  • https://scientificnewsforyou.com/49/flexa-op-med-m/gps/?ac=da2&aid=172764&custom1=DEmgid&custom2=15762459&hp=1&rfc=DE&rpc=fplo&token=ucim2ui684DA10835DADE
  • https://afx.tagcdn.com/uredir//172764//da2///%2F%2Fscientificnewsforyou.com%2F49%2Fflexa-op-med-m%2Fgps%2F%3Fac%3Dda2%26aid%3D172764%26custom1%3DDEmgid%26custom2%3D15762459%26hp%3D1%26rfc%3DDE%26rp...
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
afx.tagcdn.com
URL
https://afx.tagcdn.com/uredir//172764//da2///%2F%2Fscientificnewsforyou.com%2F49%2Fflexa-op-med-m%2Fgps%2F%3Fac%3Dda2%26aid%3D172764%26custom1%3DDEmgid%26custom2%3D15762459%26hp%3D1%26rfc%3DDE%26rpc%3Dfplo%26token%3Ducim2ui684DA10835DADE

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Domain/Path Name / Value
.mgid.com/ Name: mghd
Value: track.makeitbig.info
.mgid.com/ Name: mtuid
Value: 56995760s131559
.mgid.com/ Name: mtid
Value: 80129
.mgid.com/ Name: mgid
Value: 3685525
.mgid.com/ Name: mstatus
Value: 0
.mgid.com/ Name: muidn
Value: j6eHu8AFRtl7
.mgid.com/ Name: __cfduid
Value: ddeb9ea7020abe3b8922aaa164185a4151563114103

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

afx.tagcdn.com
cs-api.postquare.com
www.mgid.com
afx.tagcdn.com
104.16.130.5
95.142.20.17