5229620.fls.doubleclick.net
Open in
urlscan Pro
172.217.21.198
Public Scan
Effective URL: https://5229620.fls.doubleclick.net/activityi;dc_pre=CLDM1-er7uQCFZTQdwodDLsPFQ;src=5229620;type=ret;cat=homep0;ord=1;num=5277529132...
Submission: On September 26 via api from US
Summary
TLS certificate: Issued by GTS CA 1O1 on September 5th 2019. Valid for: 3 months.
This is the only time 5229620.fls.doubleclick.net was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 2 | 172.217.21.198 172.217.21.198 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
3 3 | 104.109.80.223 104.109.80.223 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 2 | 185.33.223.83 185.33.223.83 | 29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus) | |
1 2 | 185.33.223.206 185.33.223.206 | 29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus) | |
1 | 2a00:1450:400... 2a00:1450:4001:81c::2002 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 91.228.74.179 91.228.74.179 | 27281 (QUANTCAST) (QUANTCAST - Quantcast Corporation) | |
1 | 92.123.29.184 92.123.29.184 | 16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies) | |
1 | 2600:9000:20b... 2600:9000:20bb:7400:6:44e3:f8c0:93a1 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
2 | 185.31.128.129 185.31.128.129 | 54312 (ROCKETFUEL) (ROCKETFUEL - Rocket Fuel Inc.) | |
1 | 91.228.74.207 91.228.74.207 | 27281 (QUANTCAST) (QUANTCAST - Quantcast Corporation) | |
10 | 9 |
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s12-in-f198.1e100.net
5229620.fls.doubleclick.net |
ASN20940 (AKAMAI-ASN1, US)
PTR: a104-109-80-223.deploy.static.akamaitechnologies.com
s.tribalfusion.com | |
a.tribalfusion.com |
ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com |
ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 301.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com |
ASN15169 (GOOGLE - Google LLC, US)
adservice.google.com |
ASN27281 (QUANTCAST - Quantcast Corporation, US)
secure.quantserve.com |
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a92-123-29-184.deploy.static.akamaitechnologies.com
c1.rfihub.net |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
rules.quantcount.com |
ASN54312 (ROCKETFUEL - Rocket Fuel Inc., US)
a.rfihub.com | |
20729720p.rfihub.com |
ASN27281 (QUANTCAST - Quantcast Corporation, US)
pixel.quantserve.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
4 |
adnxs.com
2 redirects
ib.adnxs.com secure.adnxs.com |
4 KB |
3 |
tribalfusion.com
3 redirects
s.tribalfusion.com a.tribalfusion.com |
1 KB |
2 |
rfihub.com
a.rfihub.com 20729720p.rfihub.com |
635 B |
2 |
quantserve.com
secure.quantserve.com pixel.quantserve.com |
6 KB |
2 |
doubleclick.net
1 redirects
5229620.fls.doubleclick.net |
2 KB |
1 |
quantcount.com
rules.quantcount.com |
2 KB |
1 |
rfihub.net
c1.rfihub.net |
7 KB |
1 |
google.com
adservice.google.com |
109 B |
10 | 8 |
Domain | Requested by | |
---|---|---|
2 | secure.adnxs.com |
1 redirects
5229620.fls.doubleclick.net
|
2 | ib.adnxs.com |
1 redirects
5229620.fls.doubleclick.net
|
2 | s.tribalfusion.com | 2 redirects |
2 | 5229620.fls.doubleclick.net | 1 redirects |
1 | 20729720p.rfihub.com |
c1.rfihub.net
|
1 | pixel.quantserve.com |
5229620.fls.doubleclick.net
|
1 | a.rfihub.com |
c1.rfihub.net
|
1 | rules.quantcount.com |
secure.quantserve.com
|
1 | c1.rfihub.net |
5229620.fls.doubleclick.net
|
1 | secure.quantserve.com |
5229620.fls.doubleclick.net
|
1 | adservice.google.com |
5229620.fls.doubleclick.net
|
1 | a.tribalfusion.com | 1 redirects |
10 | 12 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.doubleclick.net GTS CA 1O1 |
2019-09-05 - 2019-11-28 |
3 months | crt.sh |
*.adnxs.com DigiCert ECC Secure Server CA |
2019-01-23 - 2021-03-08 |
2 years | crt.sh |
*.google.com GTS CA 1O1 |
2019-09-05 - 2019-11-28 |
3 months | crt.sh |
*.quantserve.com DigiCert SHA2 High Assurance Server CA |
2018-10-16 - 2019-10-21 |
a year | crt.sh |
*.rfihub.net DigiCert SHA2 Secure Server CA |
2019-01-25 - 2020-04-25 |
a year | crt.sh |
*.rfihub.com DigiCert SHA2 Secure Server CA |
2019-08-27 - 2020-08-31 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://5229620.fls.doubleclick.net/activityi;dc_pre=CLDM1-er7uQCFZTQdwodDLsPFQ;src=5229620;type=ret;cat=homep0;ord=1;num=527752913285;gtm=2wg9i1;auiddc=1536246295.1569495796;u2=de-de;~oref=https%3A%2F%2Fwww.avg.com%2Fde-de%2Fhomepage
Frame ID: 9F1F839E42E630C54255DB9B7DA6BDD4
Requests: 9 HTTP requests in this frame
Frame:
https://20729720p.rfihub.com/ca.html?rfiidc=1040964857776820524&rfiaid=bc4098b553054515856203e355b9fd62&ver=9&rb=25613&ca=20729720&_o=25613&_t=20729720&pe=https%3A%2F%2F5229620.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCLDM1-er7uQCFZTQdwodDLsPFQ%3Bsrc%3D5229620%3Btype%3Dret%3Bcat%3Dhomep0%3Bord%3D1%3Bnum%3D527752913285%3Bgtm%3D2wg9i1%3Bauiddc%3D1536246295.1569495796%3Bu2%3Dde-de%3B%7Eoref%3Dhttps%253A%252F%252Fwww.avg.com%252Fde-de%252Fhomepage&pf=&ra=826536609862389
Frame ID: 7F62696FB1E686BE96FE98E3D71776C0
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://5229620.fls.doubleclick.net/activityi;src=5229620;type=ret;cat=homep0;ord=1;num=527752913285;gtm=2wg9i1;...
HTTP 302
https://5229620.fls.doubleclick.net/activityi;dc_pre=CLDM1-er7uQCFZTQdwodDLsPFQ;src=5229620;type=ret;cat=homep0;... Page URL
Detected technologies
AppNexus (Advertising Networks) ExpandDetected patterns
- html /<(?:iframe|img)[^>]+adnxs\.(?:net|com)/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://5229620.fls.doubleclick.net/activityi;src=5229620;type=ret;cat=homep0;ord=1;num=527752913285;gtm=2wg9i1;auiddc=1536246295.1569495796;u2=de-de;~oref=https%3A%2F%2Fwww.avg.com%2Fde-de%2Fhomepage
HTTP 302
https://5229620.fls.doubleclick.net/activityi;dc_pre=CLDM1-er7uQCFZTQdwodDLsPFQ;src=5229620;type=ret;cat=homep0;ord=1;num=527752913285;gtm=2wg9i1;auiddc=1536246295.1569495796;u2=de-de;~oref=https%3A%2F%2Fwww.avg.com%2Fde-de%2Fhomepage Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://s.tribalfusion.com/i.cid?c=699953&d=30&page=landingPage HTTP 302
- https://s.tribalfusion.com/z/i.cid?c=699953&d=30&page=landingPage HTTP 302
- https://ib.adnxs.com/getuidu?https://a.tribalfusion.com/i.match?p=b26&u=$UID&redirect=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D305%26code%3D%24TF_USER_ID_ENC%24 HTTP 302
- https://a.tribalfusion.com/i.match?p=b26&u=647602425695158589&redirect=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D305%26code%3D%24TF_USER_ID_ENC%24 HTTP 302
- https://ib.adnxs.com/setuid?entity=305&code=18072662389979498352
- https://secure.adnxs.com/px?id=642242&seg=4185914&t=2 HTTP 302
- https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D642242%26seg%3D4185914%26t%3D2
10 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
activityi;dc_pre=CLDM1-er7uQCFZTQdwodDLsPFQ;src=5229620;type=ret;cat=homep0;ord=1;num=527752913285;gtm=2wg9i1;auiddc=1536246295.1569495796;u2=de-de;~oref=https%3A%2F%2Fwww.avg.com%2Fde-de%2Fhomepage
5229620.fls.doubleclick.net/ Redirect Chain
|
2 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
setuid
ib.adnxs.com/ Redirect Chain
|
43 B 994 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bounce
secure.adnxs.com/ Redirect Chain
|
43 B 1016 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dc_pre=CLDM1-er7uQCFZTQdwodDLsPFQ;src=5229620;type=ret;cat=homep0;ord=1;num=527752913285;gtm=2wg9i1;auiddc=*;u2=de-de;~oref=https%3A%2F%2Fwww.avg.com%2Fde-de%2Fhomepage
adservice.google.com/ddm/fls/z/ |
42 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
aquant.js
secure.quantserve.com/ |
12 KB 6 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tc.min.js
c1.rfihub.net/js/ |
20 KB 7 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rules-p-GHQ2N9PH9ELYc.js
rules.quantcount.com/ |
4 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
idr.js
a.rfihub.com/ |
83 B 635 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pixel;r=347954308;labels=_fp.event.Default;rf=0;a=p-GHQ2N9PH9ELYc;url=https%3A%2F%2F5229620.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCLDM1-er7uQCFZTQdwodDLsPFQ%3Bsrc%3D5229620%3Btype%3Dret%3Bcat%...
pixel.quantserve.com/ |
35 B 494 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
ca.html
20729720p.rfihub.com/ Frame 7F62 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
13 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate object| ezt function| _rfi function| quantserve function| __qc object| _qevents object| _qoptions function| extend function| RocketfuelBCPInclude function| RocketfuelBCPClass function| RocketfuelUtils object| RocketfuelBCP5 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.rfihub.com/ | Name: eud Value: H4sIAAAAAAAAAFMScM02LNO3BAPfzKAM0yxeQ1MzSxNLUwsLoJDJLEYkvrmB0So0_ik0_is0_i80fhMTKn8SGn8WGn8RGn8VGn8TGn8XGv8TuvnMaOaxoPJvIfMtTYw3saKZz43mPzT-ImFU_iM0PgCdbvDbcQEAAA |
|
.rfihub.com/ | Name: euds Value: H4sIAAAAAAAAAFMScM02LNO3BAPfzKAMUy0mVwMAl4mYkxYAAAA |
|
.rfihub.com/ | Name: ruds Value: H4sIAAAAAAAAAOMSNjQwMbA0M7EwNTc3N7MwMjA1MhHiM9QN9zUw8bd0Ni_yT4oAAK2pwO4lAAAA |
|
.rfihub.com/ | Name: rud Value: H4sIAAAAAAAAAOMSNjQwMbA0M7EwNTc3N7MwMjA1MhHiM9QN9zUw8bd0Ni_yT4qQ4jU0NbM0sTS1sLA0tTQDAGbRlyM0AAAA |
|
.doubleclick.net/ | Name: IDE Value: AHWqTUm2Ep-VH451lfdBz-y_WTWkxAM4IUlgoWg0EJS8z_X_Vt9e3NuPj67rkM8a |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=21600 |
X-Content-Type-Options | nosniff |
X-Xss-Protection | 0 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
20729720p.rfihub.com
5229620.fls.doubleclick.net
a.rfihub.com
a.tribalfusion.com
adservice.google.com
c1.rfihub.net
ib.adnxs.com
pixel.quantserve.com
rules.quantcount.com
s.tribalfusion.com
secure.adnxs.com
secure.quantserve.com
104.109.80.223
172.217.21.198
185.31.128.129
185.33.223.206
185.33.223.83
2600:9000:20bb:7400:6:44e3:f8c0:93a1
2a00:1450:4001:81c::2002
91.228.74.179
91.228.74.207
92.123.29.184
2abab5aeea4d8d420b7fe1b132dc2c293599e34a86a766bdbd33772e59d8fa5d
404a9b0ffbcc813e8ddbb8d8510a24a69c09079282f8083ee94f4adc5d627176
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
51fc8f02b6a6252554571ab97e22e5e59eca57a3e4a29c7afe59eec04a61c20e
824dde530f255401dfe6fb7bcfe367738b6ac74a058b478ba09d0c4303d423a1
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
cb2bb21705b9cce9781d02c9223f3344a65bd5314027d11c5a8518ad4bd84e84
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629