![](/screenshots/ba3247b8-91c1-43b5-ae7e-ded7ded7569f.png)
mdquery.com
Open in
urlscan Pro
137.117.17.70
Public Scan
Effective URL: https://mdquery.com/cancelled
Submission: On May 05 via manual from US — Scanned from US
Summary
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on April 10th 2023. Valid for: a year.
This is the only time mdquery.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: waws-prod-bay-003.cloudapp.net
mdquery.com |
ASN15133 (EDGECAST, US)
az416426.vo.msecnd.net |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
dc.services.visualstudio.com |
ASN14618 (AMAZON-AES, US)
d.adroll.com |
ASN32934 (FACEBOOK, US)
connect.facebook.net |
ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net |
ASN15169 (GOOGLE, US)
PTR: yul03s05-in-f2.1e100.net
cm.g.doubleclick.net |
ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
idsync.rlcdn.com |
ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net |
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-218-10.compute-1.amazonaws.com
ups.analytics.yahoo.com |
ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com |
ASN29990 (ASN-APPNEX, US)
PTR: 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-206-186-19.compute-1.amazonaws.com
ipv4.d.adroll.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
23 |
adroll.com
12 redirects
s.adroll.com — Cisco Umbrella Rank: 2409 d.adroll.com — Cisco Umbrella Rank: 1194 ipv4.d.adroll.com — Cisco Umbrella Rank: 11124 |
64 KB |
14 |
mdquery.com
3 redirects
mdquery.com — Cisco Umbrella Rank: 398801 |
613 KB |
2 |
adnxs.com
1 redirects
ib.adnxs.com — Cisco Umbrella Rank: 211 |
2 KB |
2 |
3lift.com
1 redirects
eb2.3lift.com — Cisco Umbrella Rank: 351 |
744 B |
2 |
yahoo.com
1 redirects
ups.analytics.yahoo.com — Cisco Umbrella Rank: 265 |
560 B |
2 |
openx.net
1 redirects
us-u.openx.net — Cisco Umbrella Rank: 439 |
525 B |
2 |
linkedin.com
1 redirects
px.ads.linkedin.com — Cisco Umbrella Rank: 347 |
890 B |
2 |
rlcdn.com
2 redirects
idsync.rlcdn.com — Cisco Umbrella Rank: 372 |
831 B |
2 |
casalemedia.com
1 redirects
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 523 |
2 KB |
2 |
doubleclick.net
2 redirects
cm.g.doubleclick.net — Cisco Umbrella Rank: 215 |
851 B |
2 |
bidswitch.net
1 redirects
x.bidswitch.net — Cisco Umbrella Rank: 299 |
1 KB |
2 |
visualstudio.com
dc.services.visualstudio.com — Cisco Umbrella Rank: 809 |
281 B |
1 |
taboola.com
sync.taboola.com — Cisco Umbrella Rank: 915 |
222 B |
1 |
pubmatic.com
image2.pubmatic.com — Cisco Umbrella Rank: 786 |
496 B |
1 |
outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 743 |
287 B |
1 |
rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 318 |
796 B |
1 |
pippio.com
1 redirects
pippio.com — Cisco Umbrella Rank: 723 |
633 B |
1 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 150 |
28 KB |
1 |
msecnd.net
az416426.vo.msecnd.net — Cisco Umbrella Rank: 2162 |
22 KB |
37 | 19 |
Domain | Requested by | |
---|---|---|
18 | d.adroll.com |
12 redirects
s.adroll.com
az416426.vo.msecnd.net |
14 | mdquery.com |
3 redirects
mdquery.com
|
4 | s.adroll.com |
mdquery.com
s.adroll.com |
2 | ib.adnxs.com | 1 redirects |
2 | eb2.3lift.com | 1 redirects |
2 | ups.analytics.yahoo.com | 1 redirects |
2 | us-u.openx.net | 1 redirects |
2 | px.ads.linkedin.com | 1 redirects |
2 | idsync.rlcdn.com | 2 redirects |
2 | dsum-sec.casalemedia.com | 1 redirects |
2 | cm.g.doubleclick.net | 2 redirects |
2 | x.bidswitch.net | 1 redirects |
2 | dc.services.visualstudio.com |
az416426.vo.msecnd.net
|
1 | ipv4.d.adroll.com | |
1 | sync.taboola.com | |
1 | image2.pubmatic.com | |
1 | sync.outbrain.com | |
1 | pixel.rubiconproject.com | |
1 | pippio.com | 1 redirects |
1 | connect.facebook.net |
s.adroll.com
|
1 | az416426.vo.msecnd.net |
mdquery.com
|
37 | 21 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.mdquery.com |
www.mdstaff.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
mdquery.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-04-10 - 2024-04-09 |
a year | crt.sh |
*.vo.msecnd.net DigiCert SHA2 Secure Server CA |
2022-07-11 - 2023-07-11 |
a year | crt.sh |
in.applicationinsights.azure.com Microsoft Azure TLS Issuing CA 06 |
2023-02-17 - 2024-02-12 |
a year | crt.sh |
s.adroll.com Amazon RSA 2048 M02 |
2023-02-24 - 2023-08-01 |
5 months | crt.sh |
d.adroll.com Amazon RSA 2048 M01 |
2022-11-08 - 2023-12-07 |
a year | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2023-02-11 - 2023-05-12 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://mdquery.com/cancelled
Frame ID: BA2D1AA0FCEC76A7743E2C2F2A5D70C8
Requests: 36 HTTP requests in this frame
Screenshot
![](/screenshots/ba3247b8-91c1-43b5-ae7e-ded7ded7569f.png)
Page Title
MD-QueryPage URL History Show full URLs
-
http://mdquery.com/lsu-umcl
HTTP 301
https://mdquery.com/lsu-umcl HTTP 302
https://mdquery.com/app/login.aspx?ID=b6ec7663-d3f5-4ac8-96d7-e0273b4d5056 HTTP 302
https://mdquery.com/cancelled Page URL
Detected technologies
![](/vendor/wappa/icons/Bootstrap.png)
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Detected patterns
- (?:a|s)\.adroll\.com
Detected patterns
- adnxs\.(?:net|com)
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Detected patterns
- ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
![](/vendor/wappa/icons/OpenX.png)
Detected patterns
- https?://[^/]*\.openx\.net
![](/vendor/wappa/icons/PubMatic.png)
Detected patterns
- https?://[^/]*\.pubmatic\.com
![](/vendor/wappa/icons/Rubicon Project.png)
Detected patterns
- https?://[^/]*\.rubiconproject\.com
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: Search for MD-Query facilities
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://mdquery.com/lsu-umcl
HTTP 301
https://mdquery.com/lsu-umcl HTTP 302
https://mdquery.com/app/login.aspx?ID=b6ec7663-d3f5-4ac8-96d7-e0273b4d5056 HTTP 302
https://mdquery.com/cancelled Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 21- https://d.adroll.com/cm/b/out?adroll_fpc=69fb2edcd1990cd8a2a4442b0e81da41-1683259061453&pv=63423367545.73001&arrfrr=https%3A%2F%2Fmdquery.com%2Fcancelled&advertisable=DDMSNS4ZLJAKFPHVV756OP HTTP 302
- https://x.bidswitch.net/sync?dsp_id=44&user_id=YTIwZWJkYjI4YmU2NWZlYmJhZTA0NzBmM2ZjMTZjNTY HTTP 302
- https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=YTIwZWJkYjI4YmU2NWZlYmJhZTA0NzBmM2ZjMTZjNTY
- https://d.adroll.com/cm/g/out?adroll_fpc=69fb2edcd1990cd8a2a4442b0e81da41-1683259061453&pv=63423367545.73001&arrfrr=https%3A%2F%2Fmdquery.com%2Fcancelled&advertisable=DDMSNS4ZLJAKFPHVV756OP HTTP 302
- https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=og69sovmX-u64EcPP8FsVg HTTP 302
- https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=artb&google_hm=og69sovmX-u64EcPP8FsVg&google_tc= HTTP 302
- https://d.adroll.com/cm/g/in
- https://d.adroll.com/cm/index/out?adroll_fpc=69fb2edcd1990cd8a2a4442b0e81da41-1683259061453&pv=63423367545.73001&arrfrr=https%3A%2F%2Fmdquery.com%2Fcancelled&advertisable=DDMSNS4ZLJAKFPHVV756OP HTTP 302
- https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=YTIwZWJkYjI4YmU2NWZlYmJhZTA0NzBmM2ZjMTZjNTY&expiration=1714795061 HTTP 302
- https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=YTIwZWJkYjI4YmU2NWZlYmJhZTA0NzBmM2ZjMTZjNTY&expiration=1714795061&C=1
- https://d.adroll.com/cm/l/out?adroll_fpc=69fb2edcd1990cd8a2a4442b0e81da41-1683259061453&pv=63423367545.73001&arrfrr=https%3A%2F%2Fmdquery.com%2Fcancelled&advertisable=DDMSNS4ZLJAKFPHVV756OP HTTP 302
- https://idsync.rlcdn.com/377928.gif?partner_uid=a20ebdb28be65febbae0470f3fc16c56 HTTP 307
- https://idsync.rlcdn.com/1000.gif?memo=CMiIFxIrCicIARDqIhogYTIwZWJkYjI4YmU2NWZlYmJhZTA0NzBmM2ZjMTZjNTYQABoNCLX90aIGEgUI6AcQAEIASgA HTTP 307
- https://pippio.com/api/sync?pid=5324&it=1&iv=42f56eee8d41b220a949e15800c671e7fb732f4c025ee4d6accae0cff08ad818791426b5417dce21&_=2 HTTP 307
- https://px.ads.linkedin.com/db_sync?pid=10339&puuid=42f56eee8d41b220a949e15800c671e7fb732f4c025ee4d6accae0cff08ad818791426b5417dce21&rand=09965905 HTTP 302
- https://px.ads.linkedin.com/db_sync?pid=10339&puuid=42f56eee8d41b220a949e15800c671e7fb732f4c025ee4d6accae0cff08ad818791426b5417dce21&rand=09965905&expected_cookie=4c22c2d7-8dd3-4946-8892-ce5c716c6d73
- https://d.adroll.com/cm/n/out?adroll_fpc=69fb2edcd1990cd8a2a4442b0e81da41-1683259061453&pv=63423367545.73001&arrfrr=https%3A%2F%2Fmdquery.com%2Fcancelled&advertisable=DDMSNS4ZLJAKFPHVV756OP HTTP 302
- https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=YTIwZWJkYjI4YmU2NWZlYmJhZTA0NzBmM2ZjMTZjNTY&expires=365
- https://d.adroll.com/cm/o/out?adroll_fpc=69fb2edcd1990cd8a2a4442b0e81da41-1683259061453&pv=63423367545.73001&arrfrr=https%3A%2F%2Fmdquery.com%2Fcancelled&advertisable=DDMSNS4ZLJAKFPHVV756OP HTTP 302
- https://us-u.openx.net/w/1.0/sd?id=537103138&val=a20ebdb28be65febbae0470f3fc16c56&gdpr=0&gdpr_consent= HTTP 302
- https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=a20ebdb28be65febbae0470f3fc16c56&gdpr=0&gdpr_consent=
- https://d.adroll.com/cm/outbrain/out?adroll_fpc=69fb2edcd1990cd8a2a4442b0e81da41-1683259061453&pv=63423367545.73001&arrfrr=https%3A%2F%2Fmdquery.com%2Fcancelled&advertisable=DDMSNS4ZLJAKFPHVV756OP HTTP 302
- https://sync.outbrain.com/cookie-sync?p=adroll&uid=YTIwZWJkYjI4YmU2NWZlYmJhZTA0NzBmM2ZjMTZjNTY&gdpr=0&gdpr_consent=
- https://d.adroll.com/cm/pubmatic/out?adroll_fpc=69fb2edcd1990cd8a2a4442b0e81da41-1683259061453&pv=63423367545.73001&arrfrr=https%3A%2F%2Fmdquery.com%2Fcancelled&advertisable=DDMSNS4ZLJAKFPHVV756OP HTTP 302
- https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=YTIwZWJkYjI4YmU2NWZlYmJhZTA0NzBmM2ZjMTZjNTY&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
- https://d.adroll.com/cm/r/out?adroll_fpc=69fb2edcd1990cd8a2a4442b0e81da41-1683259061453&pv=63423367545.73001&arrfrr=https%3A%2F%2Fmdquery.com%2Fcancelled&advertisable=DDMSNS4ZLJAKFPHVV756OP HTTP 302
- https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=YTIwZWJkYjI4YmU2NWZlYmJhZTA0NzBmM2ZjMTZjNTY&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA HTTP 302
- https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=YTIwZWJkYjI4YmU2NWZlYmJhZTA0NzBmM2ZjMTZjNTY&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true
- https://d.adroll.com/cm/taboola/out?adroll_fpc=69fb2edcd1990cd8a2a4442b0e81da41-1683259061453&pv=63423367545.73001&arrfrr=https%3A%2F%2Fmdquery.com%2Fcancelled&advertisable=DDMSNS4ZLJAKFPHVV756OP HTTP 302
- https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=YTIwZWJkYjI4YmU2NWZlYmJhZTA0NzBmM2ZjMTZjNTY
- https://d.adroll.com/cm/triplelift/out?adroll_fpc=69fb2edcd1990cd8a2a4442b0e81da41-1683259061453&pv=63423367545.73001&arrfrr=https%3A%2F%2Fmdquery.com%2Fcancelled&advertisable=DDMSNS4ZLJAKFPHVV756OP HTTP 302
- https://eb2.3lift.com/xuid?mid=4714&xuid=YTIwZWJkYjI4YmU2NWZlYmJhZTA0NzBmM2ZjMTZjNTY&dongle=c85e HTTP 302
- https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=YTIwZWJkYjI4YmU2NWZlYmJhZTA0NzBmM2ZjMTZjNTY&dongle=c85e&gdpr=0&cmp_cs=&us_privacy=
- https://d.adroll.com/cm/x/out?adroll_fpc=69fb2edcd1990cd8a2a4442b0e81da41-1683259061453&pv=63423367545.73001&arrfrr=https%3A%2F%2Fmdquery.com%2Fcancelled&advertisable=DDMSNS4ZLJAKFPHVV756OP HTTP 302
- https://ib.adnxs.com/setuid?entity=172&code=YTIwZWJkYjI4YmU2NWZlYmJhZTA0NzBmM2ZjMTZjNTY HTTP 307
- https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DYTIwZWJkYjI4YmU2NWZlYmJhZTA0NzBmM2ZjMTZjNTY
37 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
cancelled
mdquery.com/ Redirect Chain
|
4 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.css
mdquery.com/Content/ |
115 KB 19 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
site.css
mdquery.com/Content/ |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
modernizr-2.6.2.js
mdquery.com/Scripts/ |
52 KB 20 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mdquery-text.png
mdquery.com/content/img/ |
5 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mdstaff-text.sm.png
mdquery.com/content/img/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-1.10.2.js
mdquery.com/Scripts/ |
277 KB 108 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.js
mdquery.com/Scripts/ |
60 KB 17 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
respond.js
mdquery.com/Scripts/ |
10 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
open-sans.regular.ttf
mdquery.com/Content/fonts/ |
212 KB 213 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ai.0.js
az416426.vo.msecnd.net/scripts/a/ |
94 KB 22 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
open-sans.light.ttf
mdquery.com/Content/fonts/ |
217 KB 217 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
track
dc.services.visualstudio.com/v2/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
track
dc.services.visualstudio.com/v2/ |
96 B 281 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
roundtrip.js
s.adroll.com/j/ |
67 KB 22 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
roundtrip.js
s.adroll.com/j/DDMSNS4ZLJAKFPHVV756OP/ |
91 KB 28 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index.js
s.adroll.com/j/exp/DDMSNS4ZLJAKFPHVV756OP/ |
38 B 772 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
DDMSNS4ZLJAKFPHVV756OP
d.adroll.com/consent/check/ |
455 B 940 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
105 KB 28 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sendrolling.js
s.adroll.com/j/ |
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
F2P3DP3DXRF25FEAISNZT6
d.adroll.com/segment/DDMSNS4ZLJAKFPHVV756OP/ |
42 B 941 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
F2P3DP3DXRF25FEAISNZT6
d.adroll.com/onp/DDMSNS4ZLJAKFPHVV756OP/ |
42 B 551 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sync
x.bidswitch.net/ul_cb/ Redirect Chain
|
43 B 510 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
in
d.adroll.com/cm/g/ Redirect Chain
|
42 B 552 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rum
dsum-sec.casalemedia.com/ Redirect Chain
|
43 B 766 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
db_sync
px.ads.linkedin.com/ Redirect Chain
|
0 142 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tap.php
pixel.rubiconproject.com/ Redirect Chain
|
42 B 796 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sd
us-u.openx.net/w/1.0/ Redirect Chain
|
43 B 180 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cookie-sync
sync.outbrain.com/ Redirect Chain
|
0 287 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Pug
image2.pubmatic.com/AdServer/ Redirect Chain
|
42 B 496 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sync
ups.analytics.yahoo.com/ups/55980/ Redirect Chain
|
0 121 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rtb-h
sync.taboola.com/sg/adroll-network/1/ Redirect Chain
|
0 222 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
xuid
eb2.3lift.com/ Redirect Chain
|
37 B 355 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bounce
ib.adnxs.com/ Redirect Chain
|
43 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
F2P3DP3DXRF25FEAISNZT6
ipv4.d.adroll.com/seg4/DDMSNS4ZLJAKFPHVV756OP/ |
42 B 587 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
F2P3DP3DXRF25FEAISNZT6
d.adroll.com/onp/DDMSNS4ZLJAKFPHVV756OP/ |
42 B 570 B |
Ping
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
F2P3DP3DXRF25FEAISNZT6
d.adroll.com/onp/DDMSNS4ZLJAKFPHVV756OP/ |
42 B 570 B |
Ping
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
42 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless object| html5 object| Modernizr object| appInsights function| $ function| jQuery object| jQuery110206762608480724326 object| AI object| Microsoft function| __extends function| _endsWith object| respond string| adroll_adv_id string| adroll_pix_id boolean| __adroll_loaded boolean| __adroll_v1_to_v2_shim string| adroll_version object| adroll boolean| adroll_optout object| adroll_loaded function| __adroll__ string| adroll_sid object| dataLayer object| __adroll function| __cmp function| __tcfapi boolean| adroll_sendrolling_cross_device object| adroll_form_fields undefined| adroll_tpc_callback object| adroll_exp_list object| __adroll_consent_data boolean| __adroll_consent boolean| __adroll_consent_is_gdpr string| __adroll_consent_user_country string| __adroll_consent_adv_country number| adroll_lex33_called function| fbq function| _fbq object| __adroll_pxl_assistant_track string| adroll_seg_eid string| adroll_rule_type function| __adroll_idem036 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.mdquery.com/ | Name: ARRAffinity Value: eb0215f43a7fdf079429ba39da6cd0de66afa6b4085fd1016024d539de9de1b3 |
|
.mdquery.com/ | Name: ARRAffinitySameSite Value: eb0215f43a7fdf079429ba39da6cd0de66afa6b4085fd1016024d539de9de1b3 |
|
mdquery.com/ | Name: ASP.NET_SessionId Value: xfg3yaslko2om4bpfgbqidca |
|
mdquery.com/ | Name: ai_user Value: mp2Wz|2023-05-05T03:57:40.331Z |
|
mdquery.com/ | Name: ai_session Value: gd9y|1683259060734|1683259060734 |
|
.mdquery.com/ | Name: __adroll_fpc Value: 69fb2edcd1990cd8a2a4442b0e81da41-1683259061453 |
|
.mdquery.com/ | Name: __ar_v4 Value: %7CDDMSNS4ZLJAKFPHVV756OP%3A20230504%3A1%7CF2P3DP3DXRF25FEAISNZT6%3A20230504%3A1 |
|
.openx.net/ | Name: i Value: 06ecf000-5ccd-485c-8594-99f8f737e5d1|1683259061 |
|
.rlcdn.com/ | Name: rlas3 Value: 2w2y2QvO4yqY/69c3mAtc8CZD6HBkllL/9/7fz2oXgA= |
|
.3lift.com/ | Name: tluid Value: 2471721333778741195735 |
|
.rlcdn.com/ | Name: pxrc Value: CLX90aIGEgUI6AcQABIFCOhHEAA= |
|
.bidswitch.net/ | Name: tuuid Value: 94960e71-2c8e-43be-bb4b-24d588303b59 |
|
.bidswitch.net/ | Name: c Value: 1683259061 |
|
.bidswitch.net/ | Name: tuuid_lu Value: 1683259061 |
|
.yahoo.com/ | Name: A3 Value: d=AQABBLV-VGQCEEq42BNmnfxPvoMIPJ3eqckFEgEBAQHQVWReZNxH0iMA_eMAAA&S=AQAAAvBvsE9WSZyCCyeQeGUxlxs |
|
.rubiconproject.com/ | Name: khaos Value: LHA0ZGGC-5-D4SS |
|
.rubiconproject.com/ | Name: audit Value: 1|EtCd/01kTAQHLkYuqw+3abFYXrHGwdr5BxCpw1v3J+U8fCYmOTvXg5OmweUZH+GMBMF7BSmLw4tw0S94mtzOH6X03m07ywdlM/uPx/DKN35nJ6XCorPF+S984N3RgyQA5isaxxWqdzVxcQ76YbBh9SpMSLtQVH34YLSAYnyO5nKGf0VK27DdNj+sFLB/WmBAiyTz+DOnHeDc6UO785F0Pw== |
|
.adnxs.com/ | Name: uuid2 Value: 8450844810267298513 |
|
.pubmatic.com/ | Name: KRTBCOOKIE_10 Value: 22808-YTIwZWJkYjI4YmU2NWZlYmJhZTA0NzBmM2ZjMTZjNTY&KRTB&22883-YTIwZWJkYjI4YmU2NWZlYmJhZTA0NzBmM2ZjMTZjNTY |
|
.pubmatic.com/ | Name: PugT Value: 1683259061 |
|
.taboola.com/ | Name: t_gid Value: e1090173-2622-4f33-8afe-310fab06856a-tuctb4e0435 |
|
.analytics.yahoo.com/ | Name: IDSYNC Value: 1770~2bgr |
|
.casalemedia.com/ | Name: CMID Value: ZFR.tcHXLLE-7eOHOpegNAAA |
|
.casalemedia.com/ | Name: CMPS Value: 3823 |
|
.casalemedia.com/ | Name: CMPRO Value: 3823 |
|
.doubleclick.net/ | Name: IDE Value: AHWqTUnaff0Def_bNGdXxuROOru8LSkHB5lbLd3SEGulng8kB3GC5_C7LeoJtBJLeSA |
|
.adnxs.com/ | Name: anj Value: dTM7k!M4/rD>6NRF']wIg2In<kEeTk!]tbPl@/@8$-^=$U_hsvF9iMiA-E/CZg*I>[3*K6@+0z/A'92JYShi??r-@%@3mKs@3lqcYvpUw*HoBN3If)y3KL9D3I?+B6zuen |
|
.pippio.com/ | Name: did Value: Z71NLCRJOCeKH253 |
|
.pippio.com/ | Name: didts Value: 1683259061 |
|
.pippio.com/ | Name: nnls Value: |
|
.pippio.com/ | Name: pxrc Value: CLX90aIGEgYIgr0rEAA= |
|
.d.adroll.com/ | Name: __adroll Value: a20ebdb28be65febbae0470f3fc16c56-g_1683259061-a_1683259061 |
|
.adroll.com/ | Name: __adroll_shared Value: a20ebdb28be65febbae0470f3fc16c56-g_1683259061-a_1683259061 |
|
.linkedin.com/ | Name: li_sugr Value: 4c22c2d7-8dd3-4946-8892-ce5c716c6d73 |
|
.linkedin.com/ | Name: bcookie Value: "v=2&24d6940f-03b7-4c29-8b8d-8f0ce3da6449" |
|
.linkedin.com/ | Name: lidc Value: "b=VGST09:s=V:r=V:a=V:p=V:g=2574:u=1:x=1:i=1683259062:t=1683345462:v=2:sig=AQHV-_GuqlkwQE-ldMLrBmTKfOs3f1zV" |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
az416426.vo.msecnd.net
cm.g.doubleclick.net
connect.facebook.net
d.adroll.com
dc.services.visualstudio.com
dsum-sec.casalemedia.com
eb2.3lift.com
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
ipv4.d.adroll.com
mdquery.com
pippio.com
pixel.rubiconproject.com
px.ads.linkedin.com
s.adroll.com
sync.outbrain.com
sync.taboola.com
ups.analytics.yahoo.com
us-u.openx.net
x.bidswitch.net
107.178.254.65
137.117.17.70
141.226.224.48
162.248.18.37
172.217.13.194
192.40.39.223
2600:1f18:61c0:2204:46e3:4225:7408:118d
2600:9000:23cb:6400:6:9280:1080:93a1
2606:2800:11f:17a5:191a:18d5:537:22f9
2620:1ec:21::14
2a03:2880:f012:10c:face:b00c:0:3
3.225.218.10
34.98.64.218
35.190.60.146
35.211.178.172
40.78.229.32
52.206.186.19
52.223.22.214
68.67.179.164
69.173.151.100
70.42.32.31
092eb6b28c378d7c7dc73637028706f2decb775f06103c425317057539f0321f
0e5cf82e4a17e79c80c6f17c3fff873756de944e1301fa01c1d03aba1e359669
3400a12bc5495f5f3b3833089acef122db77b360441ed060080ba47202ac861c
46fb5dc9bc2c62510524ff7d023d1acdd98a693e2c4c6bc6adbe8dce242d5246
4a600eb3e8dff54d9ed0d8fa03313d14be479a65dc110834481c129e06313b00
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
81450af5838a7a2e01daa400c289e9aa77a1c32d691b8d903a4638029a916f5c
82c9ce6e445777a0162351b4330d33d8ec7db27696966c46f9fbbdd609af6355
928355baa271dcb9f0914016e0b7d8d9833d6cff69ae668e96df1aaf3a7b632b
9f7b103418c76d3c630fa9ac6128249bebab1e97454948c2fcfc22fc88f4ea3a
a2bcb84e4bfb6613b6d973267819646b0dd28b0ab43cab006e2c02a5a61e9ed6
acb9f4ca813e3a8518337d7858814b04582f5a212def3da28482b5a16000d33e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b5f7cdd311cb6e2578c4e8af41d54235fd38f7b290ffa5d999e9fa6239919b6d
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
cf5f5184c1441a1660aa52526328e9d5c2793e77b6d8d3a3ad654bdb07ab8424
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4732e0234f6357ae1ef82e6d6ff5e1f31f286057894be7be7642252051aee6a
e64e508b2aa2880f907e470c4550980ec4c0694d103a43f36150ac3f93189bee
e6c19d4ee9832249a4a542057fe1cda984efb525973cb294831ec5ecc42367f7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f9e00a2a5b09bc5b352f404a29a7d321595540473b71af7eab2c7b96bc37e24c
fa3fe23f45b938ce1340e832ccada1c3ec661b64921ed0dd1c051a0e90a637c7