match.prod.bidr.io Open in urlscan Pro
52.211.150.253 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://match.prod.bidr.io/cookie-msync?ai=ChMIp5WQ1wEQ4sUBGI_Yy-3VpuUCEgwKCmRlbWFuZGJhc2UaAnBtYACSAQJwbQ==&
Effective URL:
https://match.prod.bidr.io/cookie-msync?ai=ChMIp5WQ1wEQ4sUBGI_Yy-3VpuUCEgwKCmRlbWFuZGJhc2UaAnBtYACSAQJwbQ%3D%3D&_bee_ppp=1
Submission: On October 22 via api (October 22nd 2019, 9:45:07 am UTC) from US

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 10 IPs in 6 countries across 11 domains to perform 11 HTTP transactions. The main IP is 52.211.150.253, located in Dublin, Ireland and belongs to AMAZON-02 - Amazon.com, Inc., US. The main domain is match.prod.bidr.io.
TLS certificate: Issued by Amazon on April 24th 2019. Valid for: a year.

This is the only time match.prod.bidr.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	52.211.150.253 52.211.150.253	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2 2	216.58.205.226 216.58.205.226	15169 (GOOGLE) (GOOGLE - Google LLC)
1 2	34.243.82.109 34.243.82.109	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2.19.42.73 2.19.42.73	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	54.154.68.131 54.154.68.131	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 2	143.204.101.75 143.204.101.75	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC - PubMatic)
1 2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	185.33.223.80 185.33.223.80	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT - The Rubicon Project)
1 2	34.95.120.147 34.95.120.147	15169 (GOOGLE) (GOOGLE - Google LLC)
11	10

3 52.211.150.253 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-211-150-253.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.205.226 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s24-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.243.82.109 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-243-82-109.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.42.73 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-19-42-73.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.154.68.131 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-154-68-131.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.101.75 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-101-75.fra50.r.cloudfront.net

segments.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC - PubMatic, Inc., US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (Ascension Island) 1 redirects

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.223.80 (Netherlands)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 251.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.120.147 (United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: 147.120.95.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	bidr.io 1 redirects match.prod.bidr.io	3 KB
2	openx.net 1 redirects us-u.openx.net	477 B
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com	2 KB
2	company-target.com 1 redirects segments.company-target.com	1 KB
2	demdex.net 1 redirects dpm.demdex.net	1 KB
2	doubleclick.net 2 redirects cm.g.doubleclick.net	1 KB
1	rubiconproject.com pixel.rubiconproject.com	239 B
1	adnxs.com ib.adnxs.com	869 B
1	pubmatic.com image2.pubmatic.com	896 B
1	krxd.net beacon.krxd.net	320 B
1	bluekai.com tags.bluekai.com	729 B
11	11

	Domain	Requested by
3	match.prod.bidr.io	1 redirects match.prod.bidr.io
2	us-u.openx.net	1 redirects match.prod.bidr.io
2	dsum-sec.casalemedia.com	1 redirects match.prod.bidr.io
2	segments.company-target.com	1 redirects match.prod.bidr.io
2	dpm.demdex.net	1 redirects match.prod.bidr.io
2	cm.g.doubleclick.net	2 redirects
1	pixel.rubiconproject.com	match.prod.bidr.io
1	ib.adnxs.com	match.prod.bidr.io
1	image2.pubmatic.com	match.prod.bidr.io
1	beacon.krxd.net	match.prod.bidr.io
1	tags.bluekai.com	match.prod.bidr.io
11	11

This site contains no links.

Subject Issuer	Validity	Valid
*.match.prod.bidr.io Amazon	`2019-04-24` - `2020-05-24`	a year	crt.sh
*.demdex.net DigiCert SHA2 High Assurance Server CA	`2018-01-09` - `2021-02-12`	3 years	crt.sh
odc-prod-01.oracle.com DigiCert ECC Secure Server CA	`2018-12-10` - `2020-03-10`	a year	crt.sh
*.krxd.net DigiCert SHA2 Secure Server CA	`2019-04-11` - `2020-04-11`	a year	crt.sh
*.company-target.com Go Daddy Secure Certificate Authority - G2	`2019-06-19` - `2021-08-18`	2 years	crt.sh
*.pubmatic.com Sectigo RSA Organization Validation Secure Server CA	`2019-02-22` - `2021-02-21`	2 years	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2019-07-17` - `2020-03-09`	8 months	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-01-10` - `2021-01-14`	2 years	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2018-01-04` - `2020-07-09`	3 years	crt.sh

This page contains 1 frames:

Primary Page: https://match.prod.bidr.io/cookie-msync?ai=ChMIp5WQ1wEQ4sUBGI_Yy-3VpuUCEgwKCmRlbWFuZGJhc2UaAnBtYACSAQJwbQ%3D%3D&_bee_ppp=1
Frame ID: 5AC63FFACF7C22F1E96059EF909E5044
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://match.prod.bidr.io/cookie-msync?ai=ChMIp5WQ1wEQ4sUBGI_Yy-3VpuUCEgwKCmRlbWFuZGJhc2UaAnBtYACSAQJw... HTTP 303
https://match.prod.bidr.io/cookie-msync?ai=ChMIp5WQ1wEQ4sUBGI_Yy-3VpuUCEgwKCmRlbWFuZGJhc2UaAnBtYACSAQJw... Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

html /<(?:iframe|img)[^>]+adnxs\.(?:net|com)/i

Page Statistics

11
Requests

100 %
HTTPS

0 %
IPv6

11
Domains

11
Subdomains

10
IPs

6
Countries

7 kB
Transfer

2 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://match.prod.bidr.io/cookie-msync?ai=ChMIp5WQ1wEQ4sUBGI_Yy-3VpuUCEgwKCmRlbWFuZGJhc2UaAnBtYACSAQJwbQ==& HTTP 303
https://match.prod.bidr.io/cookie-msync?ai=ChMIp5WQ1wEQ4sUBGI_Yy-3VpuUCEgwKCmRlbWFuZGJhc2UaAnBtYACSAQJwbQ%3D%3D&_bee_ppp=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFHZ2JrNjdYWjhBQUVBd19ET3BhQQ&bee_sync_partners=&bee_sync_current_partner=adx&bee_sync_hop_count=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFHZ2JrNjdYWjhBQUVBd19ET3BhQQ&bee_sync_partners=&bee_sync_current_partner=adx&bee_sync_hop_count=1&google_tc= HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=&bee_sync_current_partner=adx&bee_sync_hop_count=1

Request Chain 1

https://dpm.demdex.net/ibs:dpid=275754&dpuuid=AAGgbk67XZ8AAEAw_DOpaA HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=275754&dpuuid=AAGgbk67XZ8AAEAw_DOpaA

Request Chain 4

https://segments.company-target.com/log?vendor=choca&user_id=AAGgbk67XZ8AAEAw_DOpaA HTTP 303
https://segments.company-target.com/validateCookie?vendor=choca&user_id=AAGgbk67XZ8AAEAw_DOpaA&verifyHash=c760dc802fb96fadf1f663d20f85a50363668814

Request Chain 6

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=130&external_user_id=AAGgbk67XZ8AAEAw_DOpaA&expiration=1572947087 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=130&external_user_id=AAGgbk67XZ8AAEAw_DOpaA&expiration=1572947087&C=1

Request Chain 9

https://us-u.openx.net/w/1.0/sd?id=537125688&val=AAGgbk67XZ8AAEAw_DOpaA HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537125688&val=AAGgbk67XZ8AAEAw_DOpaA

11 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request cookie-msync Show response
match.prod.bidr.io/
Redirect Chain

https://match.prod.bidr.io/cookie-msync?ai=ChMIp5WQ1wEQ4sUBGI_Yy-3VpuUCEgwKCmRlbWFuZGJhc2UaAnBtYACSAQJwbQ==&
https://match.prod.bidr.io/cookie-msync?ai=ChMIp5WQ1wEQ4sUBGI_Yy-3VpuUCEgwKCmRlbWFuZGJhc2UaAnBtYACSAQJwbQ%3D%3D&_bee_ppp=1

1 KB
2 KB

30ms
30ms

Document
text/html

52.211.150.253
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://match.prod.bidr.io/cookie-msync?ai=ChMIp5WQ1wEQ4sUBGI_Yy-3VpuUCEgwKCmRlbWFuZGJhc2UaAnBtYACSAQJwbQ%3D%3D&_bee_ppp=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.150.253 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-211-150-253.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 01be5d58fbaeed9f9a1c49cdd57d5fd824a01b19ad107aabd8ca2e1ed600c685

Request headers

Host: match.prod.bidr.io
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: none
Accept-Encoding: gzip, deflate, br
Cookie: checkForPermission=ok
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1

Response headers

cache-control: no-cache, must-revalidate
content-type: text/html; charset=utf-8
Date: Tue, 22 Oct 2019 09:44:47 GMT
Server: nginx
set-cookie: bito=AAGgbk67XZ8AAEAw_DOpaA; Domain=bidr.io; expires=Fri, 20 Nov 2020 05:44:47 GMT; Path=/; SameSite=None checkForPermission=; Domain=bidr.io; expires=Thu, 01 May 2008 00:00:00 GMT; Path=/; SameSite=None
Content-Length: 1450
Connection: keep-alive

Redirect headers

Date: Tue, 22 Oct 2019 09:44:47 GMT
location: https://match.prod.bidr.io/cookie-msync?ai=ChMIp5WQ1wEQ4sUBGI_Yy-3VpuUCEgwKCmRlbWFuZGJhc2UaAnBtYACSAQJwbQ%3D%3D&_bee_ppp=1
Server: nginx
set-cookie: checkForPermission=ok; Domain=bidr.io; expires=Tue, 22 Oct 2019 09:54:47 GMT; Path=/; SameSite=None
Content-Length: 0
Connection: keep-alive

GET
H/1.1

200
OK

adx
match.prod.bidr.io/cookie-sync/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFHZ2JrNjdYWjhBQUVBd19ET3BhQQ&bee_sync_partners=&bee_sync_current_partner=adx&bee_sync_hop_count=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFHZ2JrNjdYWjhBQUVBd19ET3BhQQ&bee_sync_partners=&bee_sync_current_partner=adx&bee_sync_hop_count=1&google_tc=
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=&bee_sync_current_partner=adx&bee_sync_hop_count=1

43 B
367 B

30ms
29ms

Image
image/gif

52.211.150.253
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=&bee_sync_current_partner=adx&bee_sync_hop_count=1
Requested by: Host: match.prod.bidr.io
URL: https://match.prod.bidr.io/cookie-msync?ai=ChMIp5WQ1wEQ4sUBGI_Yy-3VpuUCEgwKCmRlbWFuZGJhc2UaAnBtYACSAQJwbQ%3D%3D&_bee_ppp=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.150.253 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-211-150-253.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://match.prod.bidr.io/cookie-msync?ai=ChMIp5WQ1wEQ4sUBGI_Yy-3VpuUCEgwKCmRlbWFuZGJhc2UaAnBtYACSAQJwbQ%3D%3D&_bee_ppp=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
Date: Tue, 22 Oct 2019 09:44:48 GMT
Server: nginx
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
content-type: image/gif
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 22 Oct 2019 09:44:48 GMT
server: HTTP server (unknown)
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=&bee_sync_current_partner=adx&bee_sync_hop_count=1
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 316
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/
Redirect Chain

https://dpm.demdex.net/ibs:dpid=275754&dpuuid=AAGgbk67XZ8AAEAw_DOpaA
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=275754&dpuuid=AAGgbk67XZ8AAEAw_DOpaA

42 B
840 B

33ms
33ms

Image
image/gif

34.243.82.109
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=275754&dpuuid=AAGgbk67XZ8AAEAw_DOpaA

Requested by

Host: match.prod.bidr.io
URL: https://match.prod.bidr.io/cookie-msync?ai=ChMIp5WQ1wEQ4sUBGI_Yy-3VpuUCEgwKCmRlbWFuZGJhc2UaAnBtYACSAQJwbQ%3D%3D&_bee_ppp=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.243.82.109 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-34-243-82-109.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://match.prod.bidr.io/cookie-msync?ai=ChMIp5WQ1wEQ4sUBGI_Yy-3VpuUCEgwKCmRlbWFuZGJhc2UaAnBtYACSAQJwbQ%3D%3D&_bee_ppp=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v048-0b73edff1.edge-irl1.demdex.com 5.61.0.20191015084456 3ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: uZc7NKipSPA=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: to2JGSo9QyU=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=275754&dpuuid=AAGgbk67XZ8AAEAw_DOpaA
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK 35244
tags.bluekai.com/site/ 62 B
729 B 185ms
168ms Image
image/gif 2.19.42.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/35244?id=AAGgbk67XZ8AAEAw_DOpaA
Requested by: Host: match.prod.bidr.io
URL: https://match.prod.bidr.io/cookie-msync?ai=ChMIp5WQ1wEQ4sUBGI_Yy-3VpuUCEgwKCmRlbWFuZGJhc2UaAnBtYACSAQJwbQ%3D%3D&_bee_ppp=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.19.42.73 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-19-42-73.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://match.prod.bidr.io/cookie-msync?ai=ChMIp5WQ1wEQ4sUBGI_Yy-3VpuUCEgwKCmRlbWFuZGJhc2UaAnBtYACSAQJwbQ%3D%3D&_bee_ppp=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 22 Oct 2019 09:44:48 GMT
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
BK-Server: a97e
Content-Type: image/gif

GET
H2 204 usermatch.gif
beacon.krxd.net/ 0
320 B 88ms
29ms Image
text/plain 54.154.68.131
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=beeswax&partner_uid=AAGgbk67XZ8AAEAw_DOpaA
Requested by: Host: match.prod.bidr.io
URL: https://match.prod.bidr.io/cookie-msync?ai=ChMIp5WQ1wEQ4sUBGI_Yy-3VpuUCEgwKCmRlbWFuZGJhc2UaAnBtYACSAQJwbQ%3D%3D&_bee_ppp=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.68.131 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-154-68-131.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://match.prod.bidr.io/cookie-msync?ai=ChMIp5WQ1wEQ4sUBGI_Yy-3VpuUCEgwKCmRlbWFuZGJhc2UaAnBtYACSAQJwbQ%3D%3D&_bee_ppp=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 204
date: Tue, 22 Oct 2019 09:44:48 GMT
cache-control: private, no-cache, no-store
x-request-time: D=26 t=1571737488
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
x-served-by: beacon-n008-dub-prod.krxd.net

GET
H/1.1

200
OK

validateCookie
segments.company-target.com/
Redirect Chain

https://segments.company-target.com/log?vendor=choca&user_id=AAGgbk67XZ8AAEAw_DOpaA
https://segments.company-target.com/validateCookie?vendor=choca&user_id=AAGgbk67XZ8AAEAw_DOpaA&verifyHash=c760dc802fb96fadf1f663d20f85a50363668814

26 B
390 B

108ms
107ms

Image
image/gif

143.204.101.75
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://segments.company-target.com/validateCookie?vendor=choca&user_id=AAGgbk67XZ8AAEAw_DOpaA&verifyHash=c760dc802fb96fadf1f663d20f85a50363668814
Requested by: Host: match.prod.bidr.io
URL: https://match.prod.bidr.io/cookie-msync?ai=ChMIp5WQ1wEQ4sUBGI_Yy-3VpuUCEgwKCmRlbWFuZGJhc2UaAnBtYACSAQJwbQ%3D%3D&_bee_ppp=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.75 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-101-75.fra50.r.cloudfront.net
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer: https://match.prod.bidr.io/cookie-msync?ai=ChMIp5WQ1wEQ4sUBGI_Yy-3VpuUCEgwKCmRlbWFuZGJhc2UaAnBtYACSAQJwbQ%3D%3D&_bee_ppp=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 22 Oct 2019 09:44:48 GMT
Via: 1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA50-C1
Vary: Origin
X-Cache: Miss from cloudfront
Content-Type: image/gif
Connection: keep-alive
trace-id: f040fe0601f4c512
Content-Length: 26
X-Amz-Cf-Id: 0FuhtLLJjWjsUzeK8KZuFfSjqZee0ocBnxi4jb9trZ4D5f-HSBm2Lw==

Redirect headers

Date: Tue, 22 Oct 2019 09:44:48 GMT
Via: 1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA50-C1
Vary: Origin
X-Cache: Miss from cloudfront
Location: /validateCookie?vendor=choca&user_id=AAGgbk67XZ8AAEAw_DOpaA&verifyHash=c760dc802fb96fadf1f663d20f85a50363668814
Connection: keep-alive
trace-id: 2de31e12bc09685b
Content-Length: 0
X-Amz-Cf-Id: 8oW1EWnacrSPy5UC_i1lHXCtsouOHM_rn9J4csUSP4c5cP0pLlVRiQ==

GET
H/1.1 200
OK Pug
image2.pubmatic.com/AdServer/ 42 B
896 B 51ms
12ms Image
image/gif 185.64.189.110
PubMatic

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAGgbk67XZ8AAEAw_DOpaA
Requested by: Host: match.prod.bidr.io
URL: https://match.prod.bidr.io/cookie-msync?ai=ChMIp5WQ1wEQ4sUBGI_Yy-3VpuUCEgwKCmRlbWFuZGJhc2UaAnBtYACSAQJwbQ%3D%3D&_bee_ppp=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://match.prod.bidr.io/cookie-msync?ai=ChMIp5WQ1wEQ4sUBGI_Yy-3VpuUCEgwKCmRlbWFuZGJhc2UaAnBtYACSAQJwbQ%3D%3D&_bee_ppp=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Cnection: close
Pragma: no-cache
Date: Tue, 22 Oct 2019 09:44:48 GMT
X-lat: Pug22012:0:513
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Content-Type: image/gif; charset=utf-8
Content-Length: 42

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=130&external_user_id=AAGgbk67XZ8AAEAw_DOpaA&expiration=1572947087
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=130&external_user_id=AAGgbk67XZ8AAEAw_DOpaA&expiration=1572947087&C=1

43 B
877 B

15ms
15ms

Image
image/gif

2.18.234.21
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=130&external_user_id=AAGgbk67XZ8AAEAw_DOpaA&expiration=1572947087&C=1
Requested by: Host: match.prod.bidr.io
URL: https://match.prod.bidr.io/cookie-msync?ai=ChMIp5WQ1wEQ4sUBGI_Yy-3VpuUCEgwKCmRlbWFuZGJhc2UaAnBtYACSAQJwbQ%3D%3D&_bee_ppp=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://match.prod.bidr.io/cookie-msync?ai=ChMIp5WQ1wEQ4sUBGI_Yy-3VpuUCEgwKCmRlbWFuZGJhc2UaAnBtYACSAQJwbQ%3D%3D&_bee_ppp=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 22 Oct 2019 09:44:48 GMT
Server: Apache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 22 Oct 2019 09:44:48 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 22 Oct 2019 09:44:48 GMT
Server: Apache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=130&external_user_id=AAGgbk67XZ8AAEAw_DOpaA&expiration=1572947087&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 312
Expires: Tue, 22 Oct 2019 09:44:48 GMT

GET
H/1.1 200
OK setuid
ib.adnxs.com/ 43 B
869 B 43ms
16ms Image
image/gif 185.33.223.80
AppNexus

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=331&seg=6290637&code=AAGgbk67XZ8AAEAw_DOpaA

Requested by

Host: match.prod.bidr.io
URL: https://match.prod.bidr.io/cookie-msync?ai=ChMIp5WQ1wEQ4sUBGI_Yy-3VpuUCEgwKCmRlbWFuZGJhc2UaAnBtYACSAQJwbQ%3D%3D&_bee_ppp=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.80 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

251.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://match.prod.bidr.io/cookie-msync?ai=ChMIp5WQ1wEQ4sUBGI_Yy-3VpuUCEgwKCmRlbWFuZGJhc2UaAnBtYACSAQJwbQ%3D%3D&_bee_ppp=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 22 Oct 2019 09:44:50 GMT
X-Proxy-Origin: 144.76.109.30; 144.76.109.30; 251.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.51:80
AN-X-Request-Uuid: 1a4711a1-aa74-4d95-88cc-9b9b72f0b809
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ 0
239 B 40ms
12ms Image
image/gif 69.173.144.165
The Rubicon Project

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAGgbk67XZ8AAEAw_DOpaA&expires=30
Requested by: Host: match.prod.bidr.io
URL: https://match.prod.bidr.io/cookie-msync?ai=ChMIp5WQ1wEQ4sUBGI_Yy-3VpuUCEgwKCmRlbWFuZGJhc2UaAnBtYACSAQJwbQ%3D%3D&_bee_ppp=1
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://match.prod.bidr.io/cookie-msync?ai=ChMIp5WQ1wEQ4sUBGI_Yy-3VpuUCEgwKCmRlbWFuZGJhc2UaAnBtYACSAQJwbQ%3D%3D&_bee_ppp=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Content-Type: image/gif

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://us-u.openx.net/w/1.0/sd?id=537125688&val=AAGgbk67XZ8AAEAw_DOpaA
https://us-u.openx.net/w/1.0/sd?cc=1&id=537125688&val=AAGgbk67XZ8AAEAw_DOpaA

43 B
183 B

16ms
16ms

Image
image/gif

34.95.120.147
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537125688&val=AAGgbk67XZ8AAEAw_DOpaA
Requested by: Host: match.prod.bidr.io
URL: https://match.prod.bidr.io/cookie-msync?ai=ChMIp5WQ1wEQ4sUBGI_Yy-3VpuUCEgwKCmRlbWFuZGJhc2UaAnBtYACSAQJwbQ%3D%3D&_bee_ppp=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.164.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://match.prod.bidr.io/cookie-msync?ai=ChMIp5WQ1wEQ4sUBGI_Yy-3VpuUCEgwKCmRlbWFuZGJhc2UaAnBtYACSAQJwbQ%3D%3D&_bee_ppp=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Oct 2019 09:44:48 GMT
via: 1.1 google
server: OXGW/16.164.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Tue, 22 Oct 2019 09:44:48 GMT
via: 1.1 google
server: OXGW/16.164.0
status: 302
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537125688&val=AAGgbk67XZ8AAEAw_DOpaA
alt-svc: clear
content-length: 0

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.bidr.io/	1970-01-19 14:04:11	Name: bito Value: AAGgbk67XZ8AAEAw_DOpaA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

beacon.krxd.net
cm.g.doubleclick.net
dpm.demdex.net
dsum-sec.casalemedia.com
ib.adnxs.com
image2.pubmatic.com
match.prod.bidr.io
pixel.rubiconproject.com
segments.company-target.com
tags.bluekai.com
us-u.openx.net
143.204.101.75
185.33.223.80
185.64.189.110
2.18.234.21
2.19.42.73
216.58.205.226
34.243.82.109
34.95.120.147
52.211.150.253
54.154.68.131
69.173.144.165
01be5d58fbaeed9f9a1c49cdd57d5fd824a01b19ad107aabd8ca2e1ed600c685
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

match.prod.bidr.io Open in urlscan Pro 52.211.150.253 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

11 Requests

100 %HTTPS

0 %IPv6

11 Domains

11 Subdomains

10 IPs

6 Countries

7 kBTransfer

2 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

1 Cookies

Indicators

match.prod.bidr.io Open in urlscan Pro
52.211.150.253 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

100 %
HTTPS

0 %
IPv6

11
Domains

11
Subdomains

10
IPs

6
Countries

7 kB
Transfer

2 kB
Size

1
Cookies

11 HTTP transactions
0 data transactions