urlscan.io logo urlscan.io
SecurityTrails logo

5229620.fls.doubleclick.net Open in urlscan Pro
172.217.21.198  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://5229620.fls.doubleclick.net/activityi;src=5229620;type=ret;cat=homep0;ord=1;num=527752913285;gtm=2wg9i1;auiddc=1536246295.15...
Effective URL: https://5229620.fls.doubleclick.net/activityi;dc_pre=CLDM1-er7uQCFZTQdwodDLsPFQ;src=5229620;type=ret;cat=homep0;ord=1;num=5277529132...
Submission: On September 26 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 5 countries across 8 domains to perform 10 HTTP transactions. The main IP is 172.217.21.198, located in United States and belongs to GOOGLE - Google LLC, US. The main domain is 5229620.fls.doubleclick.net.
TLS certificate: Issued by GTS CA 1O1 on September 5th 2019. Valid for: 3 months.
This is the only time 5229620.fls.doubleclick.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 172.217.21.198 15169 (GOOGLE)
3 3 104.109.80.223 20940 (AKAMAI-ASN1)
1 2 185.33.223.83 29990 (ASN-APPNEXUS)
1 2 185.33.223.206 29990 (ASN-APPNEXUS)
1 2a00:1450:400... 15169 (GOOGLE)
1 91.228.74.179 27281 (QUANTCAST)
1 92.123.29.184 16625 (AKAMAI-AS)
1 2600:9000:20b... 16509 (AMAZON-02)
2 185.31.128.129 54312 (ROCKETFUEL)
1 91.228.74.207 27281 (QUANTCAST)
10 9
2    172.217.21.198 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s12-in-f198.1e100.net
5229620.fls.doubleclick.net
3    104.109.80.223 (Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a104-109-80-223.deploy.static.akamaitechnologies.com
s.tribalfusion.com
a.tribalfusion.com
2    185.33.223.83 (Netherlands)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
2    185.33.223.206 (Netherlands)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 301.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com
1    2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.com
1    91.228.74.179 (United Kingdom)

ASN27281 (QUANTCAST - Quantcast Corporation, US)
secure.quantserve.com
1    92.123.29.184 (France)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a92-123-29-184.deploy.static.akamaitechnologies.com
c1.rfihub.net
1    2600:9000:20bb:7400:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
rules.quantcount.com
2    185.31.128.129 (Netherlands)

ASN54312 (ROCKETFUEL - Rocket Fuel Inc., US)
a.rfihub.com
20729720p.rfihub.com
1    91.228.74.207 (United Kingdom)

ASN27281 (QUANTCAST - Quantcast Corporation, US)
pixel.quantserve.com
Domain Requested by
2 secure.adnxs.com 1 redirects 5229620.fls.doubleclick.net
2 ib.adnxs.com 1 redirects 5229620.fls.doubleclick.net
2 s.tribalfusion.com 2 redirects
2 5229620.fls.doubleclick.net 1 redirects
1 20729720p.rfihub.com c1.rfihub.net
1 pixel.quantserve.com 5229620.fls.doubleclick.net
1 a.rfihub.com c1.rfihub.net
1 rules.quantcount.com secure.quantserve.com
1 c1.rfihub.net 5229620.fls.doubleclick.net
1 secure.quantserve.com 5229620.fls.doubleclick.net
1 adservice.google.com 5229620.fls.doubleclick.net
1 a.tribalfusion.com 1 redirects
10 12

This site contains no links.

Subject Issuer Validity Valid
*.doubleclick.net
GTS CA 1O1		 2019-09-05 -
2019-11-28		 3 months crt.sh
*.adnxs.com
DigiCert ECC Secure Server CA		 2019-01-23 -
2021-03-08		 2 years crt.sh
*.google.com
GTS CA 1O1		 2019-09-05 -
2019-11-28		 3 months crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2018-10-16 -
2019-10-21		 a year crt.sh
*.rfihub.net
DigiCert SHA2 Secure Server CA		 2019-01-25 -
2020-04-25		 a year crt.sh
*.rfihub.com
DigiCert SHA2 Secure Server CA		 2019-08-27 -
2020-08-31		 a year crt.sh

This page contains 2 frames:

Primary Page: https://5229620.fls.doubleclick.net/activityi;dc_pre=CLDM1-er7uQCFZTQdwodDLsPFQ;src=5229620;type=ret;cat=homep0;ord=1;num=527752913285;gtm=2wg9i1;auiddc=1536246295.1569495796;u2=de-de;~oref=https%3A%2F%2Fwww.avg.com%2Fde-de%2Fhomepage
Frame ID: 9F1F839E42E630C54255DB9B7DA6BDD4
Requests: 9 HTTP requests in this frame

Frame: https://20729720p.rfihub.com/ca.html?rfiidc=1040964857776820524&rfiaid=bc4098b553054515856203e355b9fd62&ver=9&rb=25613&ca=20729720&_o=25613&_t=20729720&pe=https%3A%2F%2F5229620.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCLDM1-er7uQCFZTQdwodDLsPFQ%3Bsrc%3D5229620%3Btype%3Dret%3Bcat%3Dhomep0%3Bord%3D1%3Bnum%3D527752913285%3Bgtm%3D2wg9i1%3Bauiddc%3D1536246295.1569495796%3Bu2%3Dde-de%3B%7Eoref%3Dhttps%253A%252F%252Fwww.avg.com%252Fde-de%252Fhomepage&pf=&ra=826536609862389
Frame ID: 7F62696FB1E686BE96FE98E3D71776C0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://5229620.fls.doubleclick.net/activityi;src=5229620;type=ret;cat=homep0;ord=1;num=527752913285;gtm=2wg9i1;... HTTP 302
    https://5229620.fls.doubleclick.net/activityi;dc_pre=CLDM1-er7uQCFZTQdwodDLsPFQ;src=5229620;type=ret;cat=homep0;... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<(?:iframe|img)[^>]+adnxs\.(?:net|com)/i

Page Statistics

10
Requests

100 %
HTTPS

20 %
IPv6

8
Domains

12
Subdomains

9
IPs

5
Countries

18 kB
Transfer

38 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://5229620.fls.doubleclick.net/activityi;src=5229620;type=ret;cat=homep0;ord=1;num=527752913285;gtm=2wg9i1;auiddc=1536246295.1569495796;u2=de-de;~oref=https%3A%2F%2Fwww.avg.com%2Fde-de%2Fhomepage HTTP 302
    https://5229620.fls.doubleclick.net/activityi;dc_pre=CLDM1-er7uQCFZTQdwodDLsPFQ;src=5229620;type=ret;cat=homep0;ord=1;num=527752913285;gtm=2wg9i1;auiddc=1536246295.1569495796;u2=de-de;~oref=https%3A%2F%2Fwww.avg.com%2Fde-de%2Fhomepage Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://s.tribalfusion.com/i.cid?c=699953&d=30&page=landingPage HTTP 302
  • https://s.tribalfusion.com/z/i.cid?c=699953&d=30&page=landingPage HTTP 302
  • https://ib.adnxs.com/getuidu?https://a.tribalfusion.com/i.match?p=b26&u=$UID&redirect=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D305%26code%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://a.tribalfusion.com/i.match?p=b26&u=647602425695158589&redirect=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D305%26code%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://ib.adnxs.com/setuid?entity=305&code=18072662389979498352
Request Chain 1
  • https://secure.adnxs.com/px?id=642242&seg=4185914&t=2 HTTP 302
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D642242%26seg%3D4185914%26t%3D2

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request activityi;dc_pre=CLDM1-er7uQCFZTQdwodDLsPFQ;src=5229620;type=ret;cat=homep0;ord=1;num=527752913285;gtm=2wg9i1;auiddc=1536246295.1569495796;u2=de-de;~oref=https%3A%2F%2Fwww.avg.com%2Fde-de%2Fhomepage
5229620.fls.doubleclick.net/
Redirect Chain
  • https://5229620.fls.doubleclick.net/activityi;src=5229620;type=ret;cat=homep0;ord=1;num=527752913285;gtm=2wg9i1;auiddc=1536246295.1569495796;u2=de-de;~oref=https%3A%2F%2Fwww.avg.com%2Fde-de%2Fhomepage
  • https://5229620.fls.doubleclick.net/activityi;dc_pre=CLDM1-er7uQCFZTQdwodDLsPFQ;src=5229620;type=ret;cat=homep0;ord=1;num=527752913285;gtm=2wg9i1;auiddc=1536246295.1569495796;u2=de-de;~oref=https%3...
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://5229620.fls.doubleclick.net/activityi;dc_pre=CLDM1-er7uQCFZTQdwodDLsPFQ;src=5229620;type=ret;cat=homep0;ord=1;num=527752913285;gtm=2wg9i1;auiddc=1536246295.1569495796;u2=de-de;~oref=https%3A%2F%2Fwww.avg.com%2Fde-de%2Fhomepage
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.21.198 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s12-in-f198.1e100.net
Software
cafe /
Resource Hash
824dde530f255401dfe6fb7bcfe367738b6ac74a058b478ba09d0c4303d423a1
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
5229620.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CLDM1-er7uQCFZTQdwodDLsPFQ;src=5229620;type=ret;cat=homep0;ord=1;num=527752913285;gtm=2wg9i1;auiddc=1536246295.1569495796;u2=de-de;~oref=https%3A%2F%2Fwww.avg.com%2Fde-de%2Fhomepage
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
navigate
sec-fetch-user
?1
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
accept-encoding
gzip, deflate, br
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Thu, 26 Sep 2019 11:04:49 GMT
expires
Thu, 26 Sep 2019 11:04:49 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
1226
x-xss-protection
0
set-cookie
IDE=AHWqTUm2Ep-VH451lfdBz-y_WTWkxAM4IUlgoWg0EJS8z_X_Vt9e3NuPj67rkM8a; expires=Sat, 25-Sep-2021 11:04:49 GMT; path=/; domain=.doubleclick.net; HttpOnly test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

Redirect headers

status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Thu, 26 Sep 2019 11:04:49 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://5229620.fls.doubleclick.net/activityi;dc_pre=CLDM1-er7uQCFZTQdwodDLsPFQ;src=5229620;type=ret;cat=homep0;ord=1;num=527752913285;gtm=2wg9i1;auiddc=1536246295.1569495796;u2=de-de;~oref=https%3A%2F%2Fwww.avg.com%2Fde-de%2Fhomepage
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Thu, 26-Sep-2019 11:19:49 GMT; path=/; domain=.doubleclick.net
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
setuid
ib.adnxs.com/
Redirect Chain
  • https://s.tribalfusion.com/i.cid?c=699953&d=30&page=landingPage
  • https://s.tribalfusion.com/z/i.cid?c=699953&d=30&page=landingPage
  • https://ib.adnxs.com/getuidu?https://a.tribalfusion.com/i.match?p=b26&u=$UID&redirect=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D305%26code%3D%24TF_USER_ID_ENC%24
  • https://a.tribalfusion.com/i.match?p=b26&u=647602425695158589&redirect=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D305%26code%3D%24TF_USER_ID_ENC%24
  • https://ib.adnxs.com/setuid?entity=305&code=18072662389979498352
43 B
994 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=305&code=18072662389979498352
Requested by
Host: 5229620.fls.doubleclick.net
URL: https://5229620.fls.doubleclick.net/activityi;dc_pre=CLDM1-er7uQCFZTQdwodDLsPFQ;src=5229620;type=ret;cat=homep0;ord=1;num=527752913285;gtm=2wg9i1;auiddc=1536246295.1569495796;u2=de-de;~oref=https%3A%2F%2Fwww.avg.com%2Fde-de%2Fhomepage
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.83 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
250.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://5229620.fls.doubleclick.net/activityi;dc_pre=CLDM1-er7uQCFZTQdwodDLsPFQ;src=5229620;type=ret;cat=homep0;ord=1;num=527752913285;gtm=2wg9i1;auiddc=1536246295.1569495796;u2=de-de;~oref=https%3A%2F%2Fwww.avg.com%2Fde-de%2Fhomepage
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 26 Sep 2019 11:04:52 GMT
X-Proxy-Origin
89.38.96.188; 89.38.96.188; 250.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.167:80
AN-X-Request-Uuid
06fac0dc-e526-46eb-9bdf-6a63e2f4563c
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 26 Sep 2019 11:04:50 GMT
x-function
209
x-reuse-index
152
status
302
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://ib.adnxs.com/setuid?entity=305&code=18072662389979498352
cache-control
no-cache, private
content-type
text/html
content-length
36
expires
Thu, 01 Jan 1970 00:00:00 GMT
bounce
secure.adnxs.com/
Redirect Chain
  • https://secure.adnxs.com/px?id=642242&seg=4185914&t=2
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D642242%26seg%3D4185914%26t%3D2
43 B
1016 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D642242%26seg%3D4185914%26t%3D2
Requested by
Host: 5229620.fls.doubleclick.net
URL: https://5229620.fls.doubleclick.net/activityi;dc_pre=CLDM1-er7uQCFZTQdwodDLsPFQ;src=5229620;type=ret;cat=homep0;ord=1;num=527752913285;gtm=2wg9i1;auiddc=1536246295.1569495796;u2=de-de;~oref=https%3A%2F%2Fwww.avg.com%2Fde-de%2Fhomepage
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.206 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
301.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://5229620.fls.doubleclick.net/activityi;dc_pre=CLDM1-er7uQCFZTQdwodDLsPFQ;src=5229620;type=ret;cat=homep0;ord=1;num=527752913285;gtm=2wg9i1;auiddc=1536246295.1569495796;u2=de-de;~oref=https%3A%2F%2Fwww.avg.com%2Fde-de%2Fhomepage
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 26 Sep 2019 11:04:51 GMT
X-Proxy-Origin
89.38.96.188; 89.38.96.188; 301.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.241:80
AN-X-Request-Uuid
bd987656-76d5-4f94-b1f6-445ff2d5412e
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 26 Sep 2019 11:04:51 GMT
X-Proxy-Origin
89.38.96.188; 89.38.96.188; 301.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.235:80
AN-X-Request-Uuid
cc84f6b7-716f-47d6-b22f-9330f3c65ea7
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D642242%26seg%3D4185914%26t%3D2
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dc_pre=CLDM1-er7uQCFZTQdwodDLsPFQ;src=5229620;type=ret;cat=homep0;ord=1;num=527752913285;gtm=2wg9i1;auiddc=*;u2=de-de;~oref=https%3A%2F%2Fwww.avg.com%2Fde-de%2Fhomepage
adservice.google.com/ddm/fls/z/ 		42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CLDM1-er7uQCFZTQdwodDLsPFQ;src=5229620;type=ret;cat=homep0;ord=1;num=527752913285;gtm=2wg9i1;auiddc=*;u2=de-de;~oref=https%3A%2F%2Fwww.avg.com%2Fde-de%2Fhomepage
Requested by
Host: 5229620.fls.doubleclick.net
URL: https://5229620.fls.doubleclick.net/activityi;dc_pre=CLDM1-er7uQCFZTQdwodDLsPFQ;src=5229620;type=ret;cat=homep0;ord=1;num=527752913285;gtm=2wg9i1;auiddc=1536246295.1569495796;u2=de-de;~oref=https%3A%2F%2Fwww.avg.com%2Fde-de%2Fhomepage
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://5229620.fls.doubleclick.net/activityi;dc_pre=CLDM1-er7uQCFZTQdwodDLsPFQ;src=5229620;type=ret;cat=homep0;ord=1;num=527752913285;gtm=2wg9i1;auiddc=1536246295.1569495796;u2=de-de;~oref=https%3A%2F%2Fwww.avg.com%2Fde-de%2Fhomepage
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Sep 2019 11:04:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
aquant.js
secure.quantserve.com/ 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/aquant.js?a=p-GHQ2N9PH9ELYc
Requested by
Host: 5229620.fls.doubleclick.net
URL: https://5229620.fls.doubleclick.net/activityi;dc_pre=CLDM1-er7uQCFZTQdwodDLsPFQ;src=5229620;type=ret;cat=homep0;ord=1;num=527752913285;gtm=2wg9i1;auiddc=1536246295.1569495796;u2=de-de;~oref=https%3A%2F%2Fwww.avg.com%2Fde-de%2Fhomepage
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.179 , United Kingdom, ASN27281 (QUANTCAST - Quantcast Corporation, US),
Reverse DNS
Software
QS /
Resource Hash
404a9b0ffbcc813e8ddbb8d8510a24a69c09079282f8083ee94f4adc5d627176

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://5229620.fls.doubleclick.net/activityi;dc_pre=CLDM1-er7uQCFZTQdwodDLsPFQ;src=5229620;type=ret;cat=homep0;ord=1;num=527752913285;gtm=2wg9i1;auiddc=1536246295.1569495796;u2=de-de;~oref=https%3A%2F%2Fwww.avg.com%2Fde-de%2Fhomepage
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 26 Sep 2019 11:04:49 GMT
Content-Encoding
gzip
Last-Modified
Thu, 26-Sep-2019 11:04:49 GMT
Server
QS
ETag
M0-e2b9884a
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=604800
Connection
keep-alive
Content-Length
5456
Expires
Thu, 03 Oct 2019 11:04:49 GMT
tc.min.js
c1.rfihub.net/js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1.rfihub.net/js/tc.min.js
Requested by
Host: 5229620.fls.doubleclick.net
URL: https://5229620.fls.doubleclick.net/activityi;dc_pre=CLDM1-er7uQCFZTQdwodDLsPFQ;src=5229620;type=ret;cat=homep0;ord=1;num=527752913285;gtm=2wg9i1;auiddc=1536246295.1569495796;u2=de-de;~oref=https%3A%2F%2Fwww.avg.com%2Fde-de%2Fhomepage
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.123.29.184 , France, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a92-123-29-184.deploy.static.akamaitechnologies.com
Software
Jetty(9.0.6.v20130930) /
Resource Hash
cb2bb21705b9cce9781d02c9223f3344a65bd5314027d11c5a8518ad4bd84e84

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://5229620.fls.doubleclick.net/activityi;dc_pre=CLDM1-er7uQCFZTQdwodDLsPFQ;src=5229620;type=ret;cat=homep0;ord=1;num=527752913285;gtm=2wg9i1;auiddc=1536246295.1569495796;u2=de-de;~oref=https%3A%2F%2Fwww.avg.com%2Fde-de%2Fhomepage
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 26 Sep 2019 11:04:49 GMT
Content-Encoding
gzip
Last-Modified
Fri, 20 Sep 2019 17:37:58 GMT
Server
Jetty(9.0.6.v20130930)
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
public, max-age=3600
Connection
keep-alive
Content-Type
application/x-javascript
Content-Length
6375
Expires
Thu, 26 Sep 2019 12:04:49 GMT
rules-p-GHQ2N9PH9ELYc.js
rules.quantcount.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-GHQ2N9PH9ELYc.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/aquant.js?a=p-GHQ2N9PH9ELYc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20bb:7400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2abab5aeea4d8d420b7fe1b132dc2c293599e34a86a766bdbd33772e59d8fa5d

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://5229620.fls.doubleclick.net/activityi;dc_pre=CLDM1-er7uQCFZTQdwodDLsPFQ;src=5229620;type=ret;cat=homep0;ord=1;num=527752913285;gtm=2wg9i1;auiddc=1536246295.1569495796;u2=de-de;~oref=https%3A%2F%2Fwww.avg.com%2Fde-de%2Fhomepage
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 26 Sep 2019 10:16:21 GMT
content-encoding
gzip
last-modified
Tue, 11 Apr 2017 00:12:02 GMT
server
AmazonS3
age
3177
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
status
200
cache-control
max-age=3600
x-amz-cf-pop
FRA56
x-amz-cf-id
VvFf_-gQTs3MkQKYmK_U9hSNU6vFUG2fm-w2DNDCvk_Wok8jezLGtQ==
via
1.1 ad93a72606d0015c6aa5ceae5dc8a8d5.cloudfront.net (CloudFront)
idr.js
a.rfihub.com/ 		83 B
635 B 		Script
General
Check archive.org
Download Go to
Full URL
https://a.rfihub.com/idr.js?_callback=window.RocketfuelBCP.jsonpCallbacks.request_cmZpSWRJbkNhY2hl
Requested by
Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
185.31.128.129 , Netherlands, ASN54312 (ROCKETFUEL - Rocket Fuel Inc., US),
Reverse DNS
Software
Jetty(9.0.6.v20130930) /
Resource Hash
51fc8f02b6a6252554571ab97e22e5e59eca57a3e4a29c7afe59eec04a61c20e

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://5229620.fls.doubleclick.net/activityi;dc_pre=CLDM1-er7uQCFZTQdwodDLsPFQ;src=5229620;type=ret;cat=homep0;ord=1;num=527752913285;gtm=2wg9i1;auiddc=1536246295.1569495796;u2=de-de;~oref=https%3A%2F%2Fwww.avg.com%2Fde-de%2Fhomepage
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Expires
Tue, 20 Oct 2020 11:04:49 GMT
Cache-Control
public, max-age=33696000
Server
Jetty(9.0.6.v20130930)
Content-Type
application/javascript
Content-Length
83
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel;r=347954308;labels=_fp.event.Default;rf=0;a=p-GHQ2N9PH9ELYc;url=https%3A%2F%2F5229620.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCLDM1-er7uQCFZTQdwodDLsPFQ%3Bsrc%3D5229620%3Btype%3Dret%3Bcat%...
pixel.quantserve.com/ 		35 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=347954308;labels=_fp.event.Default;rf=0;a=p-GHQ2N9PH9ELYc;url=https%3A%2F%2F5229620.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCLDM1-er7uQCFZTQdwodDLsPFQ%3Bsrc%3D5229620%3Btype%3Dret%3Bcat%3Dhomep0%3Bord%3D1%3Bnum%3D527752913285%3Bgtm%3D2wg9i1%3Bauiddc%3D1536246295.1569495796%3Bu2%3Dde-de%3B~oref%3Dhttps%253A%252F%252Fwww.avg.com%252Fde-de%252Fhomepage;fpan=u;fpa=;ns=0;ce=1;qjs=1;qv=4c19192-20180628134937;cm=;ref=;je=0;sr=1600x1200x24;enc=n;dst=1;et=1569495889531;tzo=-120;ogl=
Requested by
Host: 5229620.fls.doubleclick.net
URL: https://5229620.fls.doubleclick.net/activityi;dc_pre=CLDM1-er7uQCFZTQdwodDLsPFQ;src=5229620;type=ret;cat=homep0;ord=1;num=527752913285;gtm=2wg9i1;auiddc=1536246295.1569495796;u2=de-de;~oref=https%3A%2F%2Fwww.avg.com%2Fde-de%2Fhomepage
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.207 , United Kingdom, ASN27281 (QUANTCAST - Quantcast Corporation, US),
Reverse DNS
Software
QS /
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://5229620.fls.doubleclick.net/activityi;dc_pre=CLDM1-er7uQCFZTQdwodDLsPFQ;src=5229620;type=ret;cat=homep0;ord=1;num=527752913285;gtm=2wg9i1;auiddc=1536246295.1569495796;u2=de-de;~oref=https%3A%2F%2Fwww.avg.com%2Fde-de%2Fhomepage
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 26 Sep 2019 11:04:49 GMT
Server
QS
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
Cache-Control
private, no-cache, no-store, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
Fri, 04 Aug 1978 12:00:00 GMT
Cookie set ca.html
20729720p.rfihub.com/ Frame 7F62 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://20729720p.rfihub.com/ca.html?rfiidc=1040964857776820524&rfiaid=bc4098b553054515856203e355b9fd62&ver=9&rb=25613&ca=20729720&_o=25613&_t=20729720&pe=https%3A%2F%2F5229620.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCLDM1-er7uQCFZTQdwodDLsPFQ%3Bsrc%3D5229620%3Btype%3Dret%3Bcat%3Dhomep0%3Bord%3D1%3Bnum%3D527752913285%3Bgtm%3D2wg9i1%3Bauiddc%3D1536246295.1569495796%3Bu2%3Dde-de%3B%7Eoref%3Dhttps%253A%252F%252Fwww.avg.com%252Fde-de%252Fhomepage&pf=&ra=826536609862389
Requested by
Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
185.31.128.129 , Netherlands, ASN54312 (ROCKETFUEL - Rocket Fuel Inc., US),
Reverse DNS
Software
Jetty(9.0.6.v20130930) /
Resource Hash

Request headers

Host
20729720p.rfihub.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
https://5229620.fls.doubleclick.net/activityi;dc_pre=CLDM1-er7uQCFZTQdwodDLsPFQ;src=5229620;type=ret;cat=homep0;ord=1;num=527752913285;gtm=2wg9i1;auiddc=1536246295.1569495796;u2=de-de;~oref=https%3A%2F%2Fwww.avg.com%2Fde-de%2Fhomepage
Accept-Encoding
gzip, deflate, br
Cookie
rud=H4sIAAAAAAAAAOMSNjQwMbA0M7EwNTc3N7MwMjA1MhHiM9QN9zUw8bd0Ni_yT4qQ4jU0NbM0sTS1sLA0tTQDAGbRlyM0AAAA; ruds=H4sIAAAAAAAAAOMSNjQwMbA0M7EwNTc3N7MwMjA1MhHiM9QN9zUw8bd0Ni_yT4oAAK2pwO4lAAAA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://5229620.fls.doubleclick.net/activityi;dc_pre=CLDM1-er7uQCFZTQdwodDLsPFQ;src=5229620;type=ret;cat=homep0;ord=1;num=527752913285;gtm=2wg9i1;auiddc=1536246295.1569495796;u2=de-de;~oref=https%3A%2F%2Fwww.avg.com%2Fde-de%2Fhomepage

Response headers

P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie
rud=H4sIAAAAAAAAAOMSNjQwMbA0M7EwNTc3N7MwMjA1MhHiM9QN9zUw8bd0Ni_yT4qQ4jU0NbM0sTS1sLA0tTQDAGbRlyM0AAAA;Path=/;Domain=.rfihub.com;Expires=Tue, 20-Oct-2020 11:04:49 GMT ruds=H4sIAAAAAAAAAOMSNjQwMbA0M7EwNTc3N7MwMjA1MhHiM9QN9zUw8bd0Ni_yT4oAAK2pwO4lAAAA;Path=/;Domain=.rfihub.com eud=H4sIAAAAAAAAAJvFyGtoamZpYmlqYWFpbmC0Co1_Co3_Co3_C43fxITKn4TGn4XGX4TGX4XG34TG34XG_4RuPjOaeSyo_Fto_E2saOZzo_kPjb9IGJX_CI0PAAzTC2xQAQAA;Path=/;Domain=.rfihub.com;Expires=Tue, 20-Oct-2020 11:04:49 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
no-cache
Content-Type
text/html
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Transfer-Encoding
chunked
Server
Jetty(9.0.6.v20130930)

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| ezt function| _rfi function| quantserve function| __qc object| _qevents object| _qoptions function| extend function| RocketfuelBCPInclude function| RocketfuelBCPClass function| RocketfuelUtils object| RocketfuelBCP

5 Cookies

Domain/Path Name / Value
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAAAFMScM02LNO3BAPfzKAM0yxeQ1MzSxNLUwsLoJDJLEYkvrmB0So0_ik0_is0_i80fhMTKn8SGn8WGn8RGn8VGn8TGn8XGv8TuvnMaOaxoPJvIfMtTYw3saKZz43mPzT-ImFU_iM0PgCdbvDbcQEAAA
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAAAFMScM02LNO3BAPfzKAMUy0mVwMAl4mYkxYAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAAAOMSNjQwMbA0M7EwNTc3N7MwMjA1MhHiM9QN9zUw8bd0Ni_yT4oAAK2pwO4lAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAAAOMSNjQwMbA0M7EwNTc3N7MwMjA1MhHiM9QN9zUw8bd0Ni_yT4qQ4jU0NbM0sTS1sLA0tTQDAGbRlyM0AAAA
.doubleclick.net/ Name: IDE
Value: AHWqTUm2Ep-VH451lfdBz-y_WTWkxAM4IUlgoWg0EJS8z_X_Vt9e3NuPj67rkM8a

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0