urlscan.io logo urlscan.io
SecurityTrails logo

mdquery.com Open in urlscan Pro
137.117.17.70  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://mdquery.com/lsu-umcl
Effective URL: https://mdquery.com/cancelled
Submission: On May 05 via manual from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 2 countries across 19 domains to perform 37 HTTP transactions. The main IP is 137.117.17.70, located in San Jose, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is mdquery.com. The Cisco Umbrella rank of the primary domain is 398801.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on April 10th 2023. Valid for: a year.
This is the only time mdquery.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 14 137.117.17.70 8075 (MICROSOFT...)
1 2606:2800:11f... 15133 (EDGECAST)
2 40.78.229.32 8075 (MICROSOFT...)
4 2600:9000:23c... 16509 (AMAZON-02)
12 18 2600:1f18:61c... 14618 (AMAZON-AES)
1 2a03:2880:f01... 32934 (FACEBOOK)
1 2 35.211.178.172 19527 (GOOGLE-2)
2 2 172.217.13.194 15169 (GOOGLE)
1 2 192.40.39.223 27381 (CASALE-MEDIA)
2 2 35.190.60.146 15169 (GOOGLE)
1 1 107.178.254.65 15169 (GOOGLE)
1 2 2620:1ec:21::14 8068 (MICROSOFT...)
1 69.173.151.100 26667 (RUBICONPR...)
1 2 34.98.64.218 396982 (GOOGLE-CL...)
1 70.42.32.31 13789 (INTERNAP-...)
1 162.248.18.37 62713 (AS-PUBMATIC)
1 2 3.225.218.10 14618 (AMAZON-AES)
1 141.226.224.48 200478 (TABOOLA-AS)
1 2 52.223.22.214 16509 (AMAZON-02)
1 2 68.67.179.164 29990 (ASN-APPNEX)
1 52.206.186.19 14618 (AMAZON-AES)
37 18
14    137.117.17.70 (San Jose, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: waws-prod-bay-003.cloudapp.net
mdquery.com
1    2606:2800:11f:17a5:191a:18d5:537:22f9 (United States)

ASN15133 (EDGECAST, US)
az416426.vo.msecnd.net
2    40.78.229.32 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
dc.services.visualstudio.com
4    2600:9000:23cb:6400:6:9280:1080:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.adroll.com
18    2600:1f18:61c0:2204:46e3:4225:7408:118d (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
d.adroll.com
1    2a03:2880:f012:10c:face:b00c:0:3 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    35.211.178.172 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
2    172.217.13.194 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s05-in-f2.1e100.net
cm.g.doubleclick.net
2    192.40.39.223 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
2    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
idsync.rlcdn.com
1    107.178.254.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
2    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
1    70.42.32.31 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com
sync.outbrain.com
1    162.248.18.37 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
2    3.225.218.10 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-218-10.compute-1.amazonaws.com
ups.analytics.yahoo.com
1    141.226.224.48 (United States)

ASN200478 (TABOOLA-AS, IL)
sync.taboola.com
2    52.223.22.214 (United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
2    68.67.179.164 (North Bergen, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
1    52.206.186.19 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-206-186-19.compute-1.amazonaws.com
ipv4.d.adroll.com
Apex Domain
Subdomains		 Transfer
23 adroll.com
s.adroll.com — Cisco Umbrella Rank: 2409
d.adroll.com — Cisco Umbrella Rank: 1194
ipv4.d.adroll.com — Cisco Umbrella Rank: 11124
64 KB
14 mdquery.com
mdquery.com — Cisco Umbrella Rank: 398801
613 KB
2 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 211
2 KB
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 351
744 B
2 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 265
560 B
2 openx.net
us-u.openx.net — Cisco Umbrella Rank: 439
525 B
2 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 347
890 B
2 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 372
831 B
2 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 523
2 KB
2 doubleclick.net
cm.g.doubleclick.net — Cisco Umbrella Rank: 215
851 B
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 299
1 KB
2 visualstudio.com
dc.services.visualstudio.com — Cisco Umbrella Rank: 809
281 B
1 taboola.com
sync.taboola.com — Cisco Umbrella Rank: 915
222 B
1 pubmatic.com
image2.pubmatic.com — Cisco Umbrella Rank: 786
496 B
1 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 743
287 B
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 318
796 B
1 pippio.com
pippio.com — Cisco Umbrella Rank: 723
633 B
1 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 150
28 KB
1 msecnd.net
az416426.vo.msecnd.net — Cisco Umbrella Rank: 2162
22 KB
37 19
Domain Requested by
18 d.adroll.com 12 redirects s.adroll.com
az416426.vo.msecnd.net
14 mdquery.com 3 redirects mdquery.com
4 s.adroll.com mdquery.com
s.adroll.com
2 ib.adnxs.com 1 redirects
2 eb2.3lift.com 1 redirects
2 ups.analytics.yahoo.com 1 redirects
2 us-u.openx.net 1 redirects
2 px.ads.linkedin.com 1 redirects
2 idsync.rlcdn.com 2 redirects
2 dsum-sec.casalemedia.com 1 redirects
2 cm.g.doubleclick.net 2 redirects
2 x.bidswitch.net 1 redirects
2 dc.services.visualstudio.com az416426.vo.msecnd.net
1 ipv4.d.adroll.com
1 sync.taboola.com
1 image2.pubmatic.com
1 sync.outbrain.com
1 pixel.rubiconproject.com
1 pippio.com 1 redirects
1 connect.facebook.net s.adroll.com
1 az416426.vo.msecnd.net mdquery.com
37 21

This site contains links to these domains. Also see Links.

Domain
www.mdquery.com
www.mdstaff.com
Subject Issuer Validity Valid
mdquery.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-04-10 -
2024-04-09		 a year crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2022-07-11 -
2023-07-11		 a year crt.sh
in.applicationinsights.azure.com
Microsoft Azure TLS Issuing CA 06		 2023-02-17 -
2024-02-12		 a year crt.sh
s.adroll.com
Amazon RSA 2048 M02		 2023-02-24 -
2023-08-01		 5 months crt.sh
d.adroll.com
Amazon RSA 2048 M01		 2022-11-08 -
2023-12-07		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-02-11 -
2023-05-12		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://mdquery.com/cancelled
Frame ID: BA2D1AA0FCEC76A7743E2C2F2A5D70C8
Requests: 36 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

MD-Query

Page URL History Show full URLs

  1. http://mdquery.com/lsu-umcl HTTP 301
    https://mdquery.com/lsu-umcl HTTP 302
    https://mdquery.com/app/login.aspx?ID=b6ec7663-d3f5-4ac8-96d7-e0273b4d5056 HTTP 302
    https://mdquery.com/cancelled Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:a|s)\.adroll\.com
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

37
Requests

68 %
HTTPS

24 %
IPv6

19
Domains

21
Subdomains

18
IPs

2
Countries

725 kB
Transfer

1328 kB
Size

36
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://mdquery.com/lsu-umcl HTTP 301
    https://mdquery.com/lsu-umcl HTTP 302
    https://mdquery.com/app/login.aspx?ID=b6ec7663-d3f5-4ac8-96d7-e0273b4d5056 HTTP 302
    https://mdquery.com/cancelled Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21
  • https://d.adroll.com/cm/b/out?adroll_fpc=69fb2edcd1990cd8a2a4442b0e81da41-1683259061453&pv=63423367545.73001&arrfrr=https%3A%2F%2Fmdquery.com%2Fcancelled&advertisable=DDMSNS4ZLJAKFPHVV756OP HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=44&user_id=YTIwZWJkYjI4YmU2NWZlYmJhZTA0NzBmM2ZjMTZjNTY HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=YTIwZWJkYjI4YmU2NWZlYmJhZTA0NzBmM2ZjMTZjNTY
Request Chain 22
  • https://d.adroll.com/cm/g/out?adroll_fpc=69fb2edcd1990cd8a2a4442b0e81da41-1683259061453&pv=63423367545.73001&arrfrr=https%3A%2F%2Fmdquery.com%2Fcancelled&advertisable=DDMSNS4ZLJAKFPHVV756OP HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=og69sovmX-u64EcPP8FsVg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=artb&google_hm=og69sovmX-u64EcPP8FsVg&google_tc= HTTP 302
  • https://d.adroll.com/cm/g/in
Request Chain 23
  • https://d.adroll.com/cm/index/out?adroll_fpc=69fb2edcd1990cd8a2a4442b0e81da41-1683259061453&pv=63423367545.73001&arrfrr=https%3A%2F%2Fmdquery.com%2Fcancelled&advertisable=DDMSNS4ZLJAKFPHVV756OP HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=YTIwZWJkYjI4YmU2NWZlYmJhZTA0NzBmM2ZjMTZjNTY&expiration=1714795061 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=YTIwZWJkYjI4YmU2NWZlYmJhZTA0NzBmM2ZjMTZjNTY&expiration=1714795061&C=1
Request Chain 24
  • https://d.adroll.com/cm/l/out?adroll_fpc=69fb2edcd1990cd8a2a4442b0e81da41-1683259061453&pv=63423367545.73001&arrfrr=https%3A%2F%2Fmdquery.com%2Fcancelled&advertisable=DDMSNS4ZLJAKFPHVV756OP HTTP 302
  • https://idsync.rlcdn.com/377928.gif?partner_uid=a20ebdb28be65febbae0470f3fc16c56 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CMiIFxIrCicIARDqIhogYTIwZWJkYjI4YmU2NWZlYmJhZTA0NzBmM2ZjMTZjNTYQABoNCLX90aIGEgUI6AcQAEIASgA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=42f56eee8d41b220a949e15800c671e7fb732f4c025ee4d6accae0cff08ad818791426b5417dce21&_=2 HTTP 307
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=42f56eee8d41b220a949e15800c671e7fb732f4c025ee4d6accae0cff08ad818791426b5417dce21&rand=09965905 HTTP 302
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=42f56eee8d41b220a949e15800c671e7fb732f4c025ee4d6accae0cff08ad818791426b5417dce21&rand=09965905&expected_cookie=4c22c2d7-8dd3-4946-8892-ce5c716c6d73
Request Chain 25
  • https://d.adroll.com/cm/n/out?adroll_fpc=69fb2edcd1990cd8a2a4442b0e81da41-1683259061453&pv=63423367545.73001&arrfrr=https%3A%2F%2Fmdquery.com%2Fcancelled&advertisable=DDMSNS4ZLJAKFPHVV756OP HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=YTIwZWJkYjI4YmU2NWZlYmJhZTA0NzBmM2ZjMTZjNTY&expires=365
Request Chain 26
  • https://d.adroll.com/cm/o/out?adroll_fpc=69fb2edcd1990cd8a2a4442b0e81da41-1683259061453&pv=63423367545.73001&arrfrr=https%3A%2F%2Fmdquery.com%2Fcancelled&advertisable=DDMSNS4ZLJAKFPHVV756OP HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537103138&val=a20ebdb28be65febbae0470f3fc16c56&gdpr=0&gdpr_consent= HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=a20ebdb28be65febbae0470f3fc16c56&gdpr=0&gdpr_consent=
Request Chain 27
  • https://d.adroll.com/cm/outbrain/out?adroll_fpc=69fb2edcd1990cd8a2a4442b0e81da41-1683259061453&pv=63423367545.73001&arrfrr=https%3A%2F%2Fmdquery.com%2Fcancelled&advertisable=DDMSNS4ZLJAKFPHVV756OP HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=adroll&uid=YTIwZWJkYjI4YmU2NWZlYmJhZTA0NzBmM2ZjMTZjNTY&gdpr=0&gdpr_consent=
Request Chain 28
  • https://d.adroll.com/cm/pubmatic/out?adroll_fpc=69fb2edcd1990cd8a2a4442b0e81da41-1683259061453&pv=63423367545.73001&arrfrr=https%3A%2F%2Fmdquery.com%2Fcancelled&advertisable=DDMSNS4ZLJAKFPHVV756OP HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=YTIwZWJkYjI4YmU2NWZlYmJhZTA0NzBmM2ZjMTZjNTY&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Request Chain 29
  • https://d.adroll.com/cm/r/out?adroll_fpc=69fb2edcd1990cd8a2a4442b0e81da41-1683259061453&pv=63423367545.73001&arrfrr=https%3A%2F%2Fmdquery.com%2Fcancelled&advertisable=DDMSNS4ZLJAKFPHVV756OP HTTP 302
  • https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=YTIwZWJkYjI4YmU2NWZlYmJhZTA0NzBmM2ZjMTZjNTY&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA HTTP 302
  • https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=YTIwZWJkYjI4YmU2NWZlYmJhZTA0NzBmM2ZjMTZjNTY&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true
Request Chain 30
  • https://d.adroll.com/cm/taboola/out?adroll_fpc=69fb2edcd1990cd8a2a4442b0e81da41-1683259061453&pv=63423367545.73001&arrfrr=https%3A%2F%2Fmdquery.com%2Fcancelled&advertisable=DDMSNS4ZLJAKFPHVV756OP HTTP 302
  • https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=YTIwZWJkYjI4YmU2NWZlYmJhZTA0NzBmM2ZjMTZjNTY
Request Chain 31
  • https://d.adroll.com/cm/triplelift/out?adroll_fpc=69fb2edcd1990cd8a2a4442b0e81da41-1683259061453&pv=63423367545.73001&arrfrr=https%3A%2F%2Fmdquery.com%2Fcancelled&advertisable=DDMSNS4ZLJAKFPHVV756OP HTTP 302
  • https://eb2.3lift.com/xuid?mid=4714&xuid=YTIwZWJkYjI4YmU2NWZlYmJhZTA0NzBmM2ZjMTZjNTY&dongle=c85e HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=YTIwZWJkYjI4YmU2NWZlYmJhZTA0NzBmM2ZjMTZjNTY&dongle=c85e&gdpr=0&cmp_cs=&us_privacy=
Request Chain 32
  • https://d.adroll.com/cm/x/out?adroll_fpc=69fb2edcd1990cd8a2a4442b0e81da41-1683259061453&pv=63423367545.73001&arrfrr=https%3A%2F%2Fmdquery.com%2Fcancelled&advertisable=DDMSNS4ZLJAKFPHVV756OP HTTP 302
  • https://ib.adnxs.com/setuid?entity=172&code=YTIwZWJkYjI4YmU2NWZlYmJhZTA0NzBmM2ZjMTZjNTY HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DYTIwZWJkYjI4YmU2NWZlYmJhZTA0NzBmM2ZjMTZjNTY

37 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request cancelled
mdquery.com/
Redirect Chain
  • http://mdquery.com/lsu-umcl
  • https://mdquery.com/lsu-umcl
  • https://mdquery.com/app/login.aspx?ID=b6ec7663-d3f5-4ac8-96d7-e0273b4d5056
  • https://mdquery.com/cancelled
4 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mdquery.com/cancelled
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
137.117.17.70 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
waws-prod-bay-003.cloudapp.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
acb9f4ca813e3a8518337d7858814b04582f5a212def3da28482b5a16000d33e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private
Content-Encoding
gzip
Content-Length
2199
Content-Type
text/html; charset=utf-8
Date
Fri, 05 May 2023 03:57:38 GMT
Request-Context
appId=cid-v1:1824e66f-002b-4983-a6cc-f73846fe04e4
Server
Microsoft-IIS/10.0
Vary
Accept-Encoding
X-AspNet-Version
4.0.30319
X-AspNetMvc-Version
5.2
X-Powered-By
ASP.NET

Redirect headers

Cache-Control
private
Content-Length
127
Content-Type
text/html; charset=utf-8
Date
Fri, 05 May 2023 03:57:38 GMT
Location
/cancelled
Request-Context
appId=cid-v1:1824e66f-002b-4983-a6cc-f73846fe04e4
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
bootstrap.min.css
mdquery.com/Content/ 		115 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mdquery.com/Content/bootstrap.min.css
Requested by
Host: mdquery.com
URL: https://mdquery.com/cancelled
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
137.117.17.70 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
waws-prod-bay-003.cloudapp.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
82c9ce6e445777a0162351b4330d33d8ec7db27696966c46f9fbbdd609af6355

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mdquery.com/cancelled
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Fri, 05 May 2023 03:57:39 GMT
Content-Encoding
gzip
Last-Modified
Thu, 11 Oct 2018 18:33:16 GMT
Server
Microsoft-IIS/10.0
ETag
"07ee3df9061d41:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
19282
site.css
mdquery.com/Content/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mdquery.com/Content/site.css
Requested by
Host: mdquery.com
URL: https://mdquery.com/cancelled
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
137.117.17.70 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
waws-prod-bay-003.cloudapp.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3400a12bc5495f5f3b3833089acef122db77b360441ed060080ba47202ac861c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mdquery.com/cancelled
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Fri, 05 May 2023 03:57:39 GMT
Content-Encoding
gzip
Last-Modified
Fri, 02 Dec 2022 22:44:01 GMT
Server
Microsoft-IIS/10.0
ETag
"80e68929f6d91:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
1591
modernizr-2.6.2.js
mdquery.com/Scripts/ 		52 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mdquery.com/Scripts/modernizr-2.6.2.js
Requested by
Host: mdquery.com
URL: https://mdquery.com/cancelled
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
137.117.17.70 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
waws-prod-bay-003.cloudapp.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
092eb6b28c378d7c7dc73637028706f2decb775f06103c425317057539f0321f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mdquery.com/cancelled
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Fri, 05 May 2023 03:57:39 GMT
Content-Encoding
gzip
Last-Modified
Thu, 11 Oct 2018 18:33:16 GMT
Server
Microsoft-IIS/10.0
ETag
"921745e09061d41:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
20320
mdquery-text.png
mdquery.com/content/img/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mdquery.com/content/img/mdquery-text.png
Requested by
Host: mdquery.com
URL: https://mdquery.com/cancelled
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
137.117.17.70 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
waws-prod-bay-003.cloudapp.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a2bcb84e4bfb6613b6d973267819646b0dd28b0ab43cab006e2c02a5a61e9ed6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mdquery.com/cancelled
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Fri, 05 May 2023 03:57:39 GMT
Last-Modified
Thu, 11 Oct 2018 18:33:16 GMT
Server
Microsoft-IIS/10.0
ETag
"57542ce09061d41:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
5503
mdstaff-text.sm.png
mdquery.com/content/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mdquery.com/content/img/mdstaff-text.sm.png
Requested by
Host: mdquery.com
URL: https://mdquery.com/cancelled
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
137.117.17.70 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
waws-prod-bay-003.cloudapp.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
928355baa271dcb9f0914016e0b7d8d9833d6cff69ae668e96df1aaf3a7b632b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mdquery.com/cancelled
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Fri, 05 May 2023 03:57:39 GMT
Last-Modified
Thu, 11 Oct 2018 18:33:16 GMT
Server
Microsoft-IIS/10.0
ETag
"acb62ee09061d41:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
3583
jquery-1.10.2.js
mdquery.com/Scripts/ 		277 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mdquery.com/Scripts/jquery-1.10.2.js
Requested by
Host: mdquery.com
URL: https://mdquery.com/cancelled
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
137.117.17.70 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
waws-prod-bay-003.cloudapp.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b5f7cdd311cb6e2578c4e8af41d54235fd38f7b290ffa5d999e9fa6239919b6d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mdquery.com/cancelled
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Fri, 05 May 2023 03:57:39 GMT
Content-Encoding
gzip
Last-Modified
Thu, 11 Oct 2018 18:33:16 GMT
Server
Microsoft-IIS/10.0
ETag
"d1a23ae09061d41:0"
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/x-javascript
Accept-Ranges
bytes
bootstrap.js
mdquery.com/Scripts/ 		60 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mdquery.com/Scripts/bootstrap.js
Requested by
Host: mdquery.com
URL: https://mdquery.com/cancelled
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
137.117.17.70 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
waws-prod-bay-003.cloudapp.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e4732e0234f6357ae1ef82e6d6ff5e1f31f286057894be7be7642252051aee6a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mdquery.com/cancelled
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Fri, 05 May 2023 03:57:39 GMT
Content-Encoding
gzip
Last-Modified
Thu, 11 Oct 2018 18:33:16 GMT
Server
Microsoft-IIS/10.0
ETag
"d1dd35e09061d41:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
16612
respond.js
mdquery.com/Scripts/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mdquery.com/Scripts/respond.js
Requested by
Host: mdquery.com
URL: https://mdquery.com/cancelled
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
137.117.17.70 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
waws-prod-bay-003.cloudapp.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
fa3fe23f45b938ce1340e832ccada1c3ec661b64921ed0dd1c051a0e90a637c7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mdquery.com/cancelled
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Fri, 05 May 2023 03:57:39 GMT
Content-Encoding
gzip
Last-Modified
Thu, 11 Oct 2018 18:33:16 GMT
Server
Microsoft-IIS/10.0
ETag
"921745e09061d41:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
4937
open-sans.regular.ttf
mdquery.com/Content/fonts/ 		212 KB
213 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://mdquery.com/Content/fonts/open-sans.regular.ttf
Requested by
Host: mdquery.com
URL: https://mdquery.com/Content/site.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
137.117.17.70 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
waws-prod-bay-003.cloudapp.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e64e508b2aa2880f907e470c4550980ec4c0694d103a43f36150ac3f93189bee

Request headers

Referer
https://mdquery.com/Content/site.css
Origin
https://mdquery.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Fri, 05 May 2023 03:57:39 GMT
Last-Modified
Thu, 11 Oct 2018 18:33:16 GMT
Server
Microsoft-IIS/10.0
ETag
"c5f229e09061d41:0"
X-Powered-By
ASP.NET
Content-Type
application/octet-stream
Accept-Ranges
bytes
Content-Length
217360
ai.0.js
az416426.vo.msecnd.net/scripts/a/ 		94 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by
Host: mdquery.com
URL: https://mdquery.com/cancelled
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:11f:17a5:191a:18d5:537:22f9 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mic/9B3E) /
Resource Hash
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mdquery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 05 May 2023 03:57:40 GMT
content-encoding
gzip
x-ms-meta-lastmodified
2020-10-01 19:31:04
content-md5
HdY95yzx9wIyQkVEGES+Ew==
age
973
x-cache
HIT
content-length
22495
x-ms-lease-status
unlocked
last-modified
Thu, 11 Mar 2021 07:46:59 GMT
server
ECAcc (mic/9B3E)
etag
0x8D8E461DA1A5889
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
e1f38ca7-001e-004a-3003-7f458f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800
x-ms-version
2009-09-19
expires
Fri, 05 May 2023 04:27:40 GMT
open-sans.light.ttf
mdquery.com/Content/fonts/ 		217 KB
217 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://mdquery.com/Content/fonts/open-sans.light.ttf
Requested by
Host: mdquery.com
URL: https://mdquery.com/Content/site.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
137.117.17.70 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
waws-prod-bay-003.cloudapp.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
cf5f5184c1441a1660aa52526328e9d5c2793e77b6d8d3a3ad654bdb07ab8424

Request headers

Referer
https://mdquery.com/Content/site.css
Origin
https://mdquery.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Fri, 05 May 2023 03:57:39 GMT
Last-Modified
Thu, 11 Oct 2018 18:33:16 GMT
Server
Microsoft-IIS/10.0
ETag
"c5f229e09061d41:0"
X-Powered-By
ASP.NET
Content-Type
application/octet-stream
Accept-Ranges
bytes
Content-Length
222412
track
dc.services.visualstudio.com/v2/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.78.229.32 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,sdk-context
Access-Control-Request-Method
POST
Origin
https://mdquery.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
content-length
0
date
Fri, 05 May 2023 03:57:40 GMT
x-content-type-options
nosniff
track
dc.services.visualstudio.com/v2/ 		96 B
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.78.229.32 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
81450af5838a7a2e01daa400c289e9aa77a1c32d691b8d903a4638029a916f5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://mdquery.com/
accept-language
en-US,en;q=0.9
Sdk-Context
appId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-type
application/json

Response headers

x-ms-session-id
1C8956AD-BD01-4471-96D3-68ED2A36D64E
strict-transport-security
max-age=31536000
date
Fri, 05 May 2023 03:57:40 GMT
x-content-type-options
nosniff
access-control-max-age
3600
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context
content-length
96
roundtrip.js
s.adroll.com/j/ 		67 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/roundtrip.js
Requested by
Host: mdquery.com
URL: https://mdquery.com/cancelled
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23cb:6400:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
46fb5dc9bc2c62510524ff7d023d1acdd98a693e2c4c6bc6adbe8dce242d5246

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mdquery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

X-Amz-Version-Id
t2odp6E0L3gMv4oaa6APyl80R6IDi46D
Content-Encoding
gzip
Via
1.1 005b0f8dc37e46fc9bdc40ea2ce8a602.cloudfront.net (CloudFront)
Date
Fri, 05 May 2023 03:47:18 GMT
Age
623
X-Amz-Cf-Pop
JFK50-P1
X-Amz-Server-Side-Encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Thu, 27 Apr 2023 15:01:40 GMT
Server
AmazonS3
Etag
W/"ad8051d4b1764868cb152a1dc4edad0b"
Vary
Accept-Encoding
Access-Control-Max-Age
600
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
fNrFchjSmQtK8EO7ABWZJwAwuvFTQkOgZG0zAEgg44kBS40SDRYDiw==
roundtrip.js
s.adroll.com/j/DDMSNS4ZLJAKFPHVV756OP/ 		91 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/DDMSNS4ZLJAKFPHVV756OP/roundtrip.js
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23cb:6400:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4a600eb3e8dff54d9ed0d8fa03313d14be479a65dc110834481c129e06313b00

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mdquery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

X-Amz-Version-Id
DHl6_W2EW7iHzcFw.3GIEcf4zH2IoSSz
Content-Encoding
gzip
Via
1.1 005b0f8dc37e46fc9bdc40ea2ce8a602.cloudfront.net (CloudFront)
Date
Fri, 05 May 2023 03:57:41 GMT
Age
2
X-Amz-Cf-Pop
JFK50-P1
X-Amz-Server-Side-Encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Thu, 04 May 2023 11:54:45 GMT
Server
AmazonS3
Etag
W/"ea058f91ac241e1c1467f24448899932"
Vary
Accept-Encoding
Access-Control-Max-Age
600
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
e-lA-KsIIEeXKh1rgpYLJkIvIZnhFgHKFBqkZGBuf_JeYW9H5-kAVA==
index.js
s.adroll.com/j/exp/DDMSNS4ZLJAKFPHVV756OP/ 		38 B
772 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/exp/DDMSNS4ZLJAKFPHVV756OP/index.js
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/DDMSNS4ZLJAKFPHVV756OP/roundtrip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23cb:6400:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e6c19d4ee9832249a4a542057fe1cda984efb525973cb294831ec5ecc42367f7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mdquery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Thu, 04 May 2023 11:01:53 GMT
X-Amz-Version-Id
a0ORsVPxv7Kk_onbY2dOf4lTqwcrc9Dj
Via
1.1 005b0f8dc37e46fc9bdc40ea2ce8a602.cloudfront.net (CloudFront)
Age
60948
X-Amz-Cf-Pop
JFK50-P1
X-Amz-Server-Side-Encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
38
Last-Modified
Tue, 21 Mar 2023 16:33:47 GMT
Server
AmazonS3
Etag
"f5a64db38c4218cefe3f9d7531faf9a1"
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
nrxGYjRTvRpY43yhfT4jSMFvbRkjDeUcOAllLl00_VNm4GQqNo0lBw==
DDMSNS4ZLJAKFPHVV756OP
d.adroll.com/consent/check/ 		455 B
940 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d.adroll.com/consent/check/DDMSNS4ZLJAKFPHVV756OP?pv=63423367545.73001&arrfrr=https%3A%2F%2Fmdquery.com%2Fcancelled&_s=112d0fc7cdad6483172ecbdc135712c0&_b=2
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/DDMSNS4ZLJAKFPHVV756OP/roundtrip.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:61c0:2204:46e3:4225:7408:118d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
f9e00a2a5b09bc5b352f404a29a7d321595540473b71af7eab2c7b96bc37e24c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mdquery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-type
application/javascript
pragma
no-cache
date
Fri, 05 May 2023 03:57:41 GMT
cache-control
no-store, no-cache, must-revalidate
server
nginx/1.22.1
content-length
455
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
fbevents.js
connect.facebook.net/en_US/ 		105 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/DDMSNS4ZLJAKFPHVV756OP/roundtrip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9f7b103418c76d3c630fa9ac6128249bebab1e97454948c2fcfc22fc88f4ea3a
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mdquery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 05 May 2023 03:57:41 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27428
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
UhnXVdPraBjzu+FcYPrc+ikFLAkKYKPqYGWITJ62u3Z0JCT8teE4AwVxXz0p0avsDmZ4tldCABq9oCxRNWcG9g==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
sendrolling.js
s.adroll.com/j/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/sendrolling.js
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/DDMSNS4ZLJAKFPHVV756OP/roundtrip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23cb:6400:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0e5cf82e4a17e79c80c6f17c3fff873756de944e1301fa01c1d03aba1e359669

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mdquery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

X-Amz-Version-Id
wG3UJevK_dyyBSOJeVU2_V1xC3jx_aLw
Content-Encoding
gzip
Via
1.1 005b0f8dc37e46fc9bdc40ea2ce8a602.cloudfront.net (CloudFront)
Date
Thu, 04 May 2023 14:59:43 GMT
Age
46679
X-Amz-Cf-Pop
JFK50-P1
X-Amz-Server-Side-Encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Thu, 30 Jun 2022 21:48:50 GMT
Server
AmazonS3
Etag
W/"9f2aa6ae991d93164d9512029d813cad"
Vary
Accept-Encoding
Access-Control-Max-Age
600
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET
Access-Control-Allow-Credentials
false
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
t_6FRenSOw2LnhC36kyS3511n87Eap3pDPIM93BTJRdLSJuszzxhNQ==
F2P3DP3DXRF25FEAISNZT6
d.adroll.com/segment/DDMSNS4ZLJAKFPHVV756OP/ 		42 B
941 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.adroll.com/segment/DDMSNS4ZLJAKFPHVV756OP/F2P3DP3DXRF25FEAISNZT6?adroll_fpc=69fb2edcd1990cd8a2a4442b0e81da41-1683259061453&pv=63423367545.73001&arrfrr=https%3A%2F%2Fmdquery.com%2Fcancelled&cookie=&adroll_s_ref=&keyw=&adroll_external_data=&adroll_version=2.0
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:61c0:2204:46e3:4225:7408:118d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mdquery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Fri, 05 May 2023 03:57:41 GMT
x-segment-display-name
Visitors to Unsegmented Pages
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
x-rule-type
p
content-length
42
pragma
no-cache
x-conversion-value
0.0
server
nginx/1.22.1
x-rule
*
x-segment-eid
T7CB3QPUYFFOBBVLBC5CBX
content-type
image/gif
access-control-allow-origin
https://mdquery.com
access-control-expose-headers
X-Conversion-Value, X-Conversion-Currency, X-Advertisable-Eid, X-Segment-Eid, X-Rule-Type, X-Pixel-Eid
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
access-control-request-methods
GET
x-pixel-eid
F2P3DP3DXRF25FEAISNZT6
x-segment-name
*
access-control-allow-headers
*
x-advertisable-eid
DDMSNS4ZLJAKFPHVV756OP
x-conversion-currency
F2P3DP3DXRF25FEAISNZT6
d.adroll.com/onp/DDMSNS4ZLJAKFPHVV756OP/ 		42 B
551 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/onp/DDMSNS4ZLJAKFPHVV756OP/F2P3DP3DXRF25FEAISNZT6?adroll_fpc=69fb2edcd1990cd8a2a4442b0e81da41-1683259061453&arrfrr=https%3A%2F%2Fmdquery.com%2Fcancelled&pv=63423367545.73001&ev=t%3Dtop%26f%3D0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:61c0:2204:46e3:4225:7408:118d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mdquery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 May 2023 03:57:41 GMT
server
nginx/1.22.1
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate
x-advertisable-eid
DDMSNS4ZLJAKFPHVV756OP
content-length
42
sync
x.bidswitch.net/ul_cb/
Redirect Chain
  • https://d.adroll.com/cm/b/out?adroll_fpc=69fb2edcd1990cd8a2a4442b0e81da41-1683259061453&pv=63423367545.73001&arrfrr=https%3A%2F%2Fmdquery.com%2Fcancelled&advertisable=DDMSNS4ZLJAKFPHVV756OP
  • https://x.bidswitch.net/sync?dsp_id=44&user_id=YTIwZWJkYjI4YmU2NWZlYmJhZTA0NzBmM2ZjMTZjNTY
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=YTIwZWJkYjI4YmU2NWZlYmJhZTA0NzBmM2ZjMTZjNTY
43 B
510 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=YTIwZWJkYjI4YmU2NWZlYmJhZTA0NzBmM2ZjMTZjNTY
Protocol
HTTP/1.1
Server
35.211.178.172 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mdquery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Fri, 05 May 2023 03:57:41 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=YTIwZWJkYjI4YmU2NWZlYmJhZTA0NzBmM2ZjMTZjNTY
Date
Fri, 05 May 2023 03:57:41 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
in
d.adroll.com/cm/g/
Redirect Chain
  • https://d.adroll.com/cm/g/out?adroll_fpc=69fb2edcd1990cd8a2a4442b0e81da41-1683259061453&pv=63423367545.73001&arrfrr=https%3A%2F%2Fmdquery.com%2Fcancelled&advertisable=DDMSNS4ZLJAKFPHVV756OP
  • https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=og69sovmX-u64EcPP8FsVg
  • https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=artb&google_hm=og69sovmX-u64EcPP8FsVg&google_tc=
  • https://d.adroll.com/cm/g/in
42 B
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/g/in
Protocol
H2
Server
2600:1f18:61c0:2204:46e3:4225:7408:118d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mdquery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 May 2023 03:57:41 GMT
server
nginx/1.22.1
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate
content-length
42
x-result
g.-1.-1.-1

Redirect headers

pragma
no-cache
date
Fri, 05 May 2023 03:57:41 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://d.adroll.com/cm/g/in
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
225
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/
Redirect Chain
  • https://d.adroll.com/cm/index/out?adroll_fpc=69fb2edcd1990cd8a2a4442b0e81da41-1683259061453&pv=63423367545.73001&arrfrr=https%3A%2F%2Fmdquery.com%2Fcancelled&advertisable=DDMSNS4ZLJAKFPHVV756OP
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=YTIwZWJkYjI4YmU2NWZlYmJhZTA0NzBmM2ZjMTZjNTY&expiration=1714795061
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=YTIwZWJkYjI4YmU2NWZlYmJhZTA0NzBmM2ZjMTZjNTY&expiration=1714795061&C=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=YTIwZWJkYjI4YmU2NWZlYmJhZTA0NzBmM2ZjMTZjNTY&expiration=1714795061&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mdquery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 05 May 2023 03:57:41 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 05 May 2023 03:57:41 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
/rum?cm_dsp_id=105&external_user_id=YTIwZWJkYjI4YmU2NWZlYmJhZTA0NzBmM2ZjMTZjNTY&expiration=1714795061&C=1
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
0
Expires
0
db_sync
px.ads.linkedin.com/
Redirect Chain
  • https://d.adroll.com/cm/l/out?adroll_fpc=69fb2edcd1990cd8a2a4442b0e81da41-1683259061453&pv=63423367545.73001&arrfrr=https%3A%2F%2Fmdquery.com%2Fcancelled&advertisable=DDMSNS4ZLJAKFPHVV756OP
  • https://idsync.rlcdn.com/377928.gif?partner_uid=a20ebdb28be65febbae0470f3fc16c56
  • https://idsync.rlcdn.com/1000.gif?memo=CMiIFxIrCicIARDqIhogYTIwZWJkYjI4YmU2NWZlYmJhZTA0NzBmM2ZjMTZjNTYQABoNCLX90aIGEgUI6AcQAEIASgA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=42f56eee8d41b220a949e15800c671e7fb732f4c025ee4d6accae0cff08ad818791426b5417dce21&_=2
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=42f56eee8d41b220a949e15800c671e7fb732f4c025ee4d6accae0cff08ad818791426b5417dce21&rand=09965905
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=42f56eee8d41b220a949e15800c671e7fb732f4c025ee4d6accae0cff08ad818791426b5417dce21&rand=09965905&expected_cookie=4c22c2d7-8dd3-4946-8892-ce5c716c6d73
0
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=42f56eee8d41b220a949e15800c671e7fb732f4c025ee4d6accae0cff08ad818791426b5417dce21&rand=09965905&expected_cookie=4c22c2d7-8dd3-4946-8892-ce5c716c6d73
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mdquery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Fri, 05 May 2023 03:57:41 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 80E845B45BA14A378708E84FC5C82705 Ref B: MIAEDGE1515 Ref C: 2023-05-05T03:57:42Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX66kp3D5gaVbDZWezCAg==

Redirect headers

date
Fri, 05 May 2023 03:57:41 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: BDA305DC7ECD435DBACB394C628E4F4D Ref B: MIAEDGE1515 Ref C: 2023-05-05T03:57:42Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
location
/db_sync?pid=10339&puuid=42f56eee8d41b220a949e15800c671e7fb732f4c025ee4d6accae0cff08ad818791426b5417dce21&rand=09965905&expected_cookie=4c22c2d7-8dd3-4946-8892-ce5c716c6d73
x-li-proto
http/2
content-length
0
x-li-uuid
AAX66kp1iiO6Op53ji/IKQ==
tap.php
pixel.rubiconproject.com/
Redirect Chain
  • https://d.adroll.com/cm/n/out?adroll_fpc=69fb2edcd1990cd8a2a4442b0e81da41-1683259061453&pv=63423367545.73001&arrfrr=https%3A%2F%2Fmdquery.com%2Fcancelled&advertisable=DDMSNS4ZLJAKFPHVV756OP
  • https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=YTIwZWJkYjI4YmU2NWZlYmJhZTA0NzBmM2ZjMTZjNTY&expires=365
42 B
796 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=YTIwZWJkYjI4YmU2NWZlYmJhZTA0NzBmM2ZjMTZjNTY&expires=365
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mdquery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
d67ad46d58ddbab9fb03c088eabaaff8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=YTIwZWJkYjI4YmU2NWZlYmJhZTA0NzBmM2ZjMTZjNTY&expires=365
pragma
no-cache
date
Fri, 05 May 2023 03:57:41 GMT
cache-control
no-store, no-cache, must-revalidate
server
nginx/1.22.1
content-length
124
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
sd
us-u.openx.net/w/1.0/
Redirect Chain
  • https://d.adroll.com/cm/o/out?adroll_fpc=69fb2edcd1990cd8a2a4442b0e81da41-1683259061453&pv=63423367545.73001&arrfrr=https%3A%2F%2Fmdquery.com%2Fcancelled&advertisable=DDMSNS4ZLJAKFPHVV756OP
  • https://us-u.openx.net/w/1.0/sd?id=537103138&val=a20ebdb28be65febbae0470f3fc16c56&gdpr=0&gdpr_consent=
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=a20ebdb28be65febbae0470f3fc16c56&gdpr=0&gdpr_consent=
43 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=a20ebdb28be65febbae0470f3fc16c56&gdpr=0&gdpr_consent=
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mdquery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 May 2023 03:57:41 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=a20ebdb28be65febbae0470f3fc16c56&gdpr=0&gdpr_consent=
date
Fri, 05 May 2023 03:57:41 GMT
via
1.1 google
server
OXGW/0.0.0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
cookie-sync
sync.outbrain.com/
Redirect Chain
  • https://d.adroll.com/cm/outbrain/out?adroll_fpc=69fb2edcd1990cd8a2a4442b0e81da41-1683259061453&pv=63423367545.73001&arrfrr=https%3A%2F%2Fmdquery.com%2Fcancelled&advertisable=DDMSNS4ZLJAKFPHVV756OP
  • https://sync.outbrain.com/cookie-sync?p=adroll&uid=YTIwZWJkYjI4YmU2NWZlYmJhZTA0NzBmM2ZjMTZjNTY&gdpr=0&gdpr_consent=
0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=adroll&uid=YTIwZWJkYjI4YmU2NWZlYmJhZTA0NzBmM2ZjMTZjNTY&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
70.42.32.31 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mdquery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Fri, 05 May 2023 03:57:41 GMT
Cache-Control
no-cache
X-TraceId
ab2a8c8082cefe7e8e22de6a302a9637
Content-Length
0

Redirect headers

location
https://sync.outbrain.com/cookie-sync?p=adroll&uid=YTIwZWJkYjI4YmU2NWZlYmJhZTA0NzBmM2ZjMTZjNTY&gdpr=0&gdpr_consent=
pragma
no-cache
date
Fri, 05 May 2023 03:57:41 GMT
cache-control
no-store, no-cache, must-revalidate
server
nginx/1.22.1
content-length
121
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Pug
image2.pubmatic.com/AdServer/
Redirect Chain
  • https://d.adroll.com/cm/pubmatic/out?adroll_fpc=69fb2edcd1990cd8a2a4442b0e81da41-1683259061453&pv=63423367545.73001&arrfrr=https%3A%2F%2Fmdquery.com%2Fcancelled&advertisable=DDMSNS4ZLJAKFPHVV756OP
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=YTIwZWJkYjI4YmU2NWZlYmJhZTA0NzBmM2ZjMTZjNTY&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXy...
42 B
496 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=YTIwZWJkYjI4YmU2NWZlYmJhZTA0NzBmM2ZjMTZjNTY&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mdquery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 05 May 2023 03:57:41 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=YTIwZWJkYjI4YmU2NWZlYmJhZTA0NzBmM2ZjMTZjNTY&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
pragma
no-cache
date
Fri, 05 May 2023 03:57:41 GMT
cache-control
no-store, no-cache, must-revalidate
server
nginx/1.22.1
content-length
212
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
sync
ups.analytics.yahoo.com/ups/55980/
Redirect Chain
  • https://d.adroll.com/cm/r/out?adroll_fpc=69fb2edcd1990cd8a2a4442b0e81da41-1683259061453&pv=63423367545.73001&arrfrr=https%3A%2F%2Fmdquery.com%2Fcancelled&advertisable=DDMSNS4ZLJAKFPHVV756OP
  • https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=YTIwZWJkYjI4YmU2NWZlYmJhZTA0NzBmM2ZjMTZjNTY&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
  • https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=YTIwZWJkYjI4YmU2NWZlYmJhZTA0NzBmM2ZjMTZjNTY&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true
0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=YTIwZWJkYjI4YmU2NWZlYmJhZTA0NzBmM2ZjMTZjNTY&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true
Protocol
H2
Server
3.225.218.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-218-10.compute-1.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mdquery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Fri, 05 May 2023 03:57:41 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=YTIwZWJkYjI4YmU2NWZlYmJhZTA0NzBmM2ZjMTZjNTY&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true
date
Fri, 05 May 2023 03:57:41 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rtb-h
sync.taboola.com/sg/adroll-network/1/
Redirect Chain
  • https://d.adroll.com/cm/taboola/out?adroll_fpc=69fb2edcd1990cd8a2a4442b0e81da41-1683259061453&pv=63423367545.73001&arrfrr=https%3A%2F%2Fmdquery.com%2Fcancelled&advertisable=DDMSNS4ZLJAKFPHVV756OP
  • https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=YTIwZWJkYjI4YmU2NWZlYmJhZTA0NzBmM2ZjMTZjNTY
0
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=YTIwZWJkYjI4YmU2NWZlYmJhZTA0NzBmM2ZjMTZjNTY
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mdquery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Fri, 05 May 2023 03:57:41 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
67843

Redirect headers

location
https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=YTIwZWJkYjI4YmU2NWZlYmJhZTA0NzBmM2ZjMTZjNTY
pragma
no-cache
date
Fri, 05 May 2023 03:57:41 GMT
cache-control
no-store, no-cache, must-revalidate
server
nginx/1.22.1
content-length
111
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
xuid
eb2.3lift.com/
Redirect Chain
  • https://d.adroll.com/cm/triplelift/out?adroll_fpc=69fb2edcd1990cd8a2a4442b0e81da41-1683259061453&pv=63423367545.73001&arrfrr=https%3A%2F%2Fmdquery.com%2Fcancelled&advertisable=DDMSNS4ZLJAKFPHVV756OP
  • https://eb2.3lift.com/xuid?mid=4714&xuid=YTIwZWJkYjI4YmU2NWZlYmJhZTA0NzBmM2ZjMTZjNTY&dongle=c85e
  • https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=YTIwZWJkYjI4YmU2NWZlYmJhZTA0NzBmM2ZjMTZjNTY&dongle=c85e&gdpr=0&cmp_cs=&us_privacy=
37 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=YTIwZWJkYjI4YmU2NWZlYmJhZTA0NzBmM2ZjMTZjNTY&dongle=c85e&gdpr=0&cmp_cs=&us_privacy=
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mdquery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 05 May 2023 03:57:41 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
/xuid?ld=1&mid=4714&xuid=YTIwZWJkYjI4YmU2NWZlYmJhZTA0NzBmM2ZjMTZjNTY&dongle=c85e&gdpr=0&cmp_cs=&us_privacy=
date
Fri, 05 May 2023 03:57:41 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
bounce
ib.adnxs.com/
Redirect Chain
  • https://d.adroll.com/cm/x/out?adroll_fpc=69fb2edcd1990cd8a2a4442b0e81da41-1683259061453&pv=63423367545.73001&arrfrr=https%3A%2F%2Fmdquery.com%2Fcancelled&advertisable=DDMSNS4ZLJAKFPHVV756OP
  • https://ib.adnxs.com/setuid?entity=172&code=YTIwZWJkYjI4YmU2NWZlYmJhZTA0NzBmM2ZjMTZjNTY
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DYTIwZWJkYjI4YmU2NWZlYmJhZTA0NzBmM2ZjMTZjNTY
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DYTIwZWJkYjI4YmU2NWZlYmJhZTA0NzBmM2ZjMTZjNTY
Protocol
HTTP/1.1
Server
68.67.179.164 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mdquery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 05 May 2023 03:57:41 GMT
AN-X-Request-Uuid
c40f5e16-ca07-4f77-bab0-c1d4ba20e34b
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
38.132.118.68; 38.132.118.68; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 05 May 2023 03:57:41 GMT
AN-X-Request-Uuid
3d3b8a7d-57dc-45f4-988e-2c8681f845da
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DYTIwZWJkYjI4YmU2NWZlYmJhZTA0NzBmM2ZjMTZjNTY
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
38.132.118.68; 38.132.118.68; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
F2P3DP3DXRF25FEAISNZT6
ipv4.d.adroll.com/seg4/DDMSNS4ZLJAKFPHVV756OP/ 		42 B
587 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ipv4.d.adroll.com/seg4/DDMSNS4ZLJAKFPHVV756OP/F2P3DP3DXRF25FEAISNZT6?adroll_fpc=69fb2edcd1990cd8a2a4442b0e81da41-1683259061453&pv=63423367545.73001&arrfrr=https%3A%2F%2Fmdquery.com%2Fcancelled&cookie=&adroll_s_ref=&keyw=&adroll_external_data=&adroll_version=2.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.186.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-186-19.compute-1.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mdquery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Fri, 05 May 2023 03:57:41 GMT
x-segment-display-name
Visitors to Unsegmented Pages
x-rule-type
p
content-length
42
pragma
no-cache
x-conversion-value
0.0
server
nginx/1.22.1
x-rule
*
x-segment-eid
T7CB3QPUYFFOBBVLBC5CBX
content-type
image/gif
access-control-allow-origin
access-control-expose-headers
X-Conversion-Value, X-Conversion-Currency, X-Advertisable-Eid, X-Segment-Eid, X-Rule-Type, X-Pixel-Eid
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
access-control-request-methods
GET
x-pixel-eid
F2P3DP3DXRF25FEAISNZT6
x-segment-name
*
access-control-allow-headers
*
x-advertisable-eid
DDMSNS4ZLJAKFPHVV756OP
x-conversion-currency
F2P3DP3DXRF25FEAISNZT6
d.adroll.com/onp/DDMSNS4ZLJAKFPHVV756OP/ 		42 B
570 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://d.adroll.com/onp/DDMSNS4ZLJAKFPHVV756OP/F2P3DP3DXRF25FEAISNZT6?adroll_fpc=69fb2edcd1990cd8a2a4442b0e81da41-1683259061453&pv=63423367545.73001&arrfrr=https%3A%2F%2Fmdquery.com%2Fcancelled&ev=f%3D828%26ft%3Dpreconsent
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/DDMSNS4ZLJAKFPHVV756OP/roundtrip.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:61c0:2204:46e3:4225:7408:118d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mdquery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 May 2023 03:57:42 GMT
server
nginx/1.22.1
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate
x-advertisable-eid
DDMSNS4ZLJAKFPHVV756OP
content-length
42
F2P3DP3DXRF25FEAISNZT6
d.adroll.com/onp/DDMSNS4ZLJAKFPHVV756OP/ 		42 B
570 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://d.adroll.com/onp/DDMSNS4ZLJAKFPHVV756OP/F2P3DP3DXRF25FEAISNZT6?adroll_fpc=69fb2edcd1990cd8a2a4442b0e81da41-1683259061453&pv=63423367545.73001&arrfrr=https%3A%2F%2Fmdquery.com%2Fcancelled&ev=f%3D631%26ft%3Dprepixel
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/DDMSNS4ZLJAKFPHVV756OP/roundtrip.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:61c0:2204:46e3:4225:7408:118d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mdquery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 May 2023 03:57:42 GMT
server
nginx/1.22.1
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate
x-advertisable-eid
DDMSNS4ZLJAKFPHVV756OP
content-length
42

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| html5 object| Modernizr object| appInsights function| $ function| jQuery object| jQuery110206762608480724326 object| AI object| Microsoft function| __extends function| _endsWith object| respond string| adroll_adv_id string| adroll_pix_id boolean| __adroll_loaded boolean| __adroll_v1_to_v2_shim string| adroll_version object| adroll boolean| adroll_optout object| adroll_loaded function| __adroll__ string| adroll_sid object| dataLayer object| __adroll function| __cmp function| __tcfapi boolean| adroll_sendrolling_cross_device object| adroll_form_fields undefined| adroll_tpc_callback object| adroll_exp_list object| __adroll_consent_data boolean| __adroll_consent boolean| __adroll_consent_is_gdpr string| __adroll_consent_user_country string| __adroll_consent_adv_country number| adroll_lex33_called function| fbq function| _fbq object| __adroll_pxl_assistant_track string| adroll_seg_eid string| adroll_rule_type function| __adroll_idem0

36 Cookies

Domain/Path Name / Value
.mdquery.com/ Name: ARRAffinity
Value: eb0215f43a7fdf079429ba39da6cd0de66afa6b4085fd1016024d539de9de1b3
.mdquery.com/ Name: ARRAffinitySameSite
Value: eb0215f43a7fdf079429ba39da6cd0de66afa6b4085fd1016024d539de9de1b3
mdquery.com/ Name: ASP.NET_SessionId
Value: xfg3yaslko2om4bpfgbqidca
mdquery.com/ Name: ai_user
Value: mp2Wz|2023-05-05T03:57:40.331Z
mdquery.com/ Name: ai_session
Value: gd9y|1683259060734|1683259060734
.mdquery.com/ Name: __adroll_fpc
Value: 69fb2edcd1990cd8a2a4442b0e81da41-1683259061453
.mdquery.com/ Name: __ar_v4
Value: %7CDDMSNS4ZLJAKFPHVV756OP%3A20230504%3A1%7CF2P3DP3DXRF25FEAISNZT6%3A20230504%3A1
.openx.net/ Name: i
Value: 06ecf000-5ccd-485c-8594-99f8f737e5d1|1683259061
.rlcdn.com/ Name: rlas3
Value: 2w2y2QvO4yqY/69c3mAtc8CZD6HBkllL/9/7fz2oXgA=
.3lift.com/ Name: tluid
Value: 2471721333778741195735
.rlcdn.com/ Name: pxrc
Value: CLX90aIGEgUI6AcQABIFCOhHEAA=
.bidswitch.net/ Name: tuuid
Value: 94960e71-2c8e-43be-bb4b-24d588303b59
.bidswitch.net/ Name: c
Value: 1683259061
.bidswitch.net/ Name: tuuid_lu
Value: 1683259061
.yahoo.com/ Name: A3
Value: d=AQABBLV-VGQCEEq42BNmnfxPvoMIPJ3eqckFEgEBAQHQVWReZNxH0iMA_eMAAA&S=AQAAAvBvsE9WSZyCCyeQeGUxlxs
.rubiconproject.com/ Name: khaos
Value: LHA0ZGGC-5-D4SS
.rubiconproject.com/ Name: audit
Value: 1|EtCd/01kTAQHLkYuqw+3abFYXrHGwdr5BxCpw1v3J+U8fCYmOTvXg5OmweUZH+GMBMF7BSmLw4tw0S94mtzOH6X03m07ywdlM/uPx/DKN35nJ6XCorPF+S984N3RgyQA5isaxxWqdzVxcQ76YbBh9SpMSLtQVH34YLSAYnyO5nKGf0VK27DdNj+sFLB/WmBAiyTz+DOnHeDc6UO785F0Pw==
.adnxs.com/ Name: uuid2
Value: 8450844810267298513
.pubmatic.com/ Name: KRTBCOOKIE_10
Value: 22808-YTIwZWJkYjI4YmU2NWZlYmJhZTA0NzBmM2ZjMTZjNTY&KRTB&22883-YTIwZWJkYjI4YmU2NWZlYmJhZTA0NzBmM2ZjMTZjNTY
.pubmatic.com/ Name: PugT
Value: 1683259061
.taboola.com/ Name: t_gid
Value: e1090173-2622-4f33-8afe-310fab06856a-tuctb4e0435
.analytics.yahoo.com/ Name: IDSYNC
Value: 1770~2bgr
.casalemedia.com/ Name: CMID
Value: ZFR.tcHXLLE-7eOHOpegNAAA
.casalemedia.com/ Name: CMPS
Value: 3823
.casalemedia.com/ Name: CMPRO
Value: 3823
.doubleclick.net/ Name: IDE
Value: AHWqTUnaff0Def_bNGdXxuROOru8LSkHB5lbLd3SEGulng8kB3GC5_C7LeoJtBJLeSA
.adnxs.com/ Name: anj
Value: dTM7k!M4/rD>6NRF']wIg2In<kEeTk!]tbPl@/@8$-^=$U_hsvF9iMiA-E/CZg*I>[3*K6@+0z/A'92JYShi??r-@%@3mKs@3lqcYvpUw*HoBN3If)y3KL9D3I?+B6zuen
.pippio.com/ Name: did
Value: Z71NLCRJOCeKH253
.pippio.com/ Name: didts
Value: 1683259061
.pippio.com/ Name: nnls
Value:
.pippio.com/ Name: pxrc
Value: CLX90aIGEgYIgr0rEAA=
.d.adroll.com/ Name: __adroll
Value: a20ebdb28be65febbae0470f3fc16c56-g_1683259061-a_1683259061
.adroll.com/ Name: __adroll_shared
Value: a20ebdb28be65febbae0470f3fc16c56-g_1683259061-a_1683259061
.linkedin.com/ Name: li_sugr
Value: 4c22c2d7-8dd3-4946-8892-ce5c716c6d73
.linkedin.com/ Name: bcookie
Value: "v=2&24d6940f-03b7-4c29-8b8d-8f0ce3da6449"
.linkedin.com/ Name: lidc
Value: "b=VGST09:s=V:r=V:a=V:p=V:g=2574:u=1:x=1:i=1683259062:t=1683345462:v=2:sig=AQHV-_GuqlkwQE-ldMLrBmTKfOs3f1zV"

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

az416426.vo.msecnd.net
cm.g.doubleclick.net
connect.facebook.net
d.adroll.com
dc.services.visualstudio.com
dsum-sec.casalemedia.com
eb2.3lift.com
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
ipv4.d.adroll.com
mdquery.com
pippio.com
pixel.rubiconproject.com
px.ads.linkedin.com
s.adroll.com
sync.outbrain.com
sync.taboola.com
ups.analytics.yahoo.com
us-u.openx.net
x.bidswitch.net
107.178.254.65
137.117.17.70
141.226.224.48
162.248.18.37
172.217.13.194
192.40.39.223
2600:1f18:61c0:2204:46e3:4225:7408:118d
2600:9000:23cb:6400:6:9280:1080:93a1
2606:2800:11f:17a5:191a:18d5:537:22f9
2620:1ec:21::14
2a03:2880:f012:10c:face:b00c:0:3
3.225.218.10
34.98.64.218
35.190.60.146
35.211.178.172
40.78.229.32
52.206.186.19
52.223.22.214
68.67.179.164
69.173.151.100
70.42.32.31
092eb6b28c378d7c7dc73637028706f2decb775f06103c425317057539f0321f
0e5cf82e4a17e79c80c6f17c3fff873756de944e1301fa01c1d03aba1e359669
3400a12bc5495f5f3b3833089acef122db77b360441ed060080ba47202ac861c
46fb5dc9bc2c62510524ff7d023d1acdd98a693e2c4c6bc6adbe8dce242d5246
4a600eb3e8dff54d9ed0d8fa03313d14be479a65dc110834481c129e06313b00
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
81450af5838a7a2e01daa400c289e9aa77a1c32d691b8d903a4638029a916f5c
82c9ce6e445777a0162351b4330d33d8ec7db27696966c46f9fbbdd609af6355
928355baa271dcb9f0914016e0b7d8d9833d6cff69ae668e96df1aaf3a7b632b
9f7b103418c76d3c630fa9ac6128249bebab1e97454948c2fcfc22fc88f4ea3a
a2bcb84e4bfb6613b6d973267819646b0dd28b0ab43cab006e2c02a5a61e9ed6
acb9f4ca813e3a8518337d7858814b04582f5a212def3da28482b5a16000d33e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b5f7cdd311cb6e2578c4e8af41d54235fd38f7b290ffa5d999e9fa6239919b6d
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
cf5f5184c1441a1660aa52526328e9d5c2793e77b6d8d3a3ad654bdb07ab8424
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4732e0234f6357ae1ef82e6d6ff5e1f31f286057894be7be7642252051aee6a
e64e508b2aa2880f907e470c4550980ec4c0694d103a43f36150ac3f93189bee
e6c19d4ee9832249a4a542057fe1cda984efb525973cb294831ec5ecc42367f7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f9e00a2a5b09bc5b352f404a29a7d321595540473b71af7eab2c7b96bc37e24c
fa3fe23f45b938ce1340e832ccada1c3ec661b64921ed0dd1c051a0e90a637c7