5259617.fls.doubleclick.net Open in urlscan Pro
172.217.16.198 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://5259617.fls.doubleclick.net/activityi;dc_pre=CKuphMfa6P8CFYEOaAgd3pELyQ;src=5259617;type=rtg;cat=retar0;ord=4952148966600;gt...
Effective URL:
http://5259617.fls.doubleclick.net/activityi;dc_pre=CKuphMfa6P8CFYEOaAgd3pELyQ;src=5259617;type=rtg;cat=retar0;ord=4952148966600;gt...
Submission: On June 29 via manual (June 29th 2023, 4:11:29 pm UTC) from US — Scanned from DE

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 2 countries across 6 domains to perform 13 HTTP transactions. The main IP is 172.217.16.198, located in United States and belongs to GOOGLE, US. The main domain is 5259617.fls.doubleclick.net. The Cisco Umbrella rank of the primary domain is 331427.

This is the only time 5259617.fls.doubleclick.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	172.217.16.198 172.217.16.198	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
5 10	185.89.210.122 185.89.210.122	29990 (ASN-APPNEX) (ASN-APPNEX)
1	108.138.15.119 108.138.15.119	16509 (AMAZON-02) (AMAZON-02)
1	192.132.33.46 192.132.33.46	18568 (BIDTELLECT) (BIDTELLECT)
2	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
13	7

2 172.217.16.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f6.1e100.net

5259617.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 185.89.210.122 (Frankfurt am Main, Germany) 5 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.15.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-15-119.fra56.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com

bttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	adnxs.com 5 redirects secure.adnxs.com — Cisco Umbrella Rank: 469	11 KB
3	adsrvr.org js.adsrvr.org — Cisco Umbrella Rank: 1592 insight.adsrvr.org — Cisco Umbrella Rank: 603	3 KB
2	google.com adservice.google.com — Cisco Umbrella Rank: 113 www.google.com — Cisco Umbrella Rank: 10	732 B
2	doubleclick.net 5259617.fls.doubleclick.net — Cisco Umbrella Rank: 331427	2 KB
1	bttrack.com bttrack.com — Cisco Umbrella Rank: 995	163 B
1	google.de 1 redirects adservice.google.de — Cisco Umbrella Rank: 10561	709 B
13	6

	Domain	Requested by
10	secure.adnxs.com	5 redirects 5259617.fls.doubleclick.net
2	insight.adsrvr.org	js.adsrvr.org
2	5259617.fls.doubleclick.net	adservice.google.com
1	bttrack.com	5259617.fls.doubleclick.net
1	js.adsrvr.org	5259617.fls.doubleclick.net
1	www.google.com	5259617.fls.doubleclick.net
1	adservice.google.de	1 redirects
1	adservice.google.com	5259617.fls.doubleclick.net
13	8

This site contains no links.

Subject Issuer	Validity	Valid
*.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.bttrack.com Sectigo RSA Domain Validation Secure Server CA	`2023-04-04` - `2024-04-21`	a year	crt.sh

This page contains 5 frames:

Primary Page: http://5259617.fls.doubleclick.net/activityi;dc_pre=CKuphMfa6P8CFYEOaAgd3pELyQ;src=5259617;type=rtg;cat=retar0;ord=4952148966600;gtm=45He36s0;auiddc=1001511037.1688049514;uaa=x86;uab=64;uafvl=Not.A/Brand;8.0.0.0%7CChromium;114.0.5735.135%7CGoogle%20Chrome;114.0.5735.135;uam=;uamb=0;uap=Windows;uapv=10.0.0;uaw=0;~oref=https://www.njtransit.com/trip-planner-service-near-to
Frame ID: D947EA04C60CE5BB914F896A0A91FFD0
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CKuphMfa6P8CFYEOaAgd3pELyQ;src=5259617;type=rtg;cat=retar0;ord=4952148966600;gtm=45He36s0;auiddc=1001511037.1688049514;uaa=x86;uab=64;uafvl=Not.A/Brand;8.0.0.0%7CChromium;114.0.5735.135%7CGoogle%20Chrome;114.0.5735.135;uam=;uamb=0;uap=Windows;uapv=10.0.0;uaw=0;~oref=https://www.njtransit.com/trip-planner-service-near-to
Frame ID: 432F81E9715503F811BF8BCBF9B00092
Requests: 1 HTTP requests in this frame

Frame: https://5259617.fls.doubleclick.net/ddm/fls/r/dc_pre=CKuphMfa6P8CFYEOaAgd3pELyQ;src=5259617;type=rtg;cat=retar0;ord=4952148966600;gtm=45He36s0;auiddc=1001511037.1688049514;uaa=x86;uab=64;uafvl=Not.A/Brand;8.0.0.0%7CChromium;114.0.5735.135%7CGoogle%20Chrome;114.0.5735.135;uam=;uamb=0;uap=Windows;uapv=10.0.0;uaw=0;~oref=https://www.njtransit.com/trip-planner-service-near-to
Frame ID: E131080A788C813E553F516F4B096A36
Requests: 9 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=j63v8xw&ref=https%3A%2F%2Fadservice.google.com%2F&upid=q6qfzpo&upv=1.1.0
Frame ID: 8E74D130129FA0E7A7F2B4DEFC04F63C
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=j63v8xw&ref=https%3A%2F%2Fadservice.google.com%2F&upid=a0nel24&upv=1.1.0
Frame ID: AA3673D22574D440215C28678D960FCC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Page Statistics

13
Requests

54 %
HTTPS

38 %
IPv6

6
Domains

8
Subdomains

7
IPs

2
Countries

11 kB
Transfer

8 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://adservice.google.de/ddm/fls/i/dc_pre=CKuphMfa6P8CFYEOaAgd3pELyQ;src=5259617;type=rtg;cat=retar0;ord=4952148966600;gtm=45He36s0;auiddc=1001511037.1688049514;uaa=x86;uab=64;uafvl=Not.A/Brand;8.0.0.0%7CChromium;114.0.5735.135%7CGoogle%20Chrome;114.0.5735.135;uam=;uamb=0;uap=Windows;uapv=10.0.0;uaw=0;~oref=https://www.njtransit.com/trip-planner-service-near-to HTTP 302
https://5259617.fls.doubleclick.net/ddm/fls/r/dc_pre=CKuphMfa6P8CFYEOaAgd3pELyQ;src=5259617;type=rtg;cat=retar0;ord=4952148966600;gtm=45He36s0;auiddc=1001511037.1688049514;uaa=x86;uab=64;uafvl=Not.A/Brand;8.0.0.0%7CChromium;114.0.5735.135%7CGoogle%20Chrome;114.0.5735.135;uam=;uamb=0;uap=Windows;uapv=10.0.0;uaw=0;~oref=https://www.njtransit.com/trip-planner-service-near-to

Request Chain 3

https://secure.adnxs.com/seg?add=26609680&t=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D26609680%26t%3D1

Request Chain 4

https://secure.adnxs.com/seg?add=26609672&t=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D26609672%26t%3D1

Request Chain 6

https://secure.adnxs.com/seg?add=26371849&t=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D26371849%26t%3D1

Request Chain 7

https://secure.adnxs.com/seg?add=26388384&t=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D26388384%26t%3D1

Request Chain 8

https://secure.adnxs.com/seg?add=22419315&t=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D22419315%26t%3D1

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request trip-planner-service-near-to Show response
5259617.fls.doubleclick.net/activityi;dc_pre=CKuphMfa6P8CFYEOaAgd3pELyQ;src=5259617;type=rtg;cat=retar0;ord=4952148966600;gtm=45He36s0;auiddc=1001511037.1688049514;uaa=x86;uab=64;uafvl=Not.A/Brand;... 643 B
1 KB 129ms
53ms Document
text/html 172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://5259617.fls.doubleclick.net/activityi;dc_pre=CKuphMfa6P8CFYEOaAgd3pELyQ;src=5259617;type=rtg;cat=retar0;ord=4952148966600;gtm=45He36s0;auiddc=1001511037.1688049514;uaa=x86;uab=64;uafvl=Not.A/Brand;8.0.0.0%7CChromium;114.0.5735.135%7CGoogle%20Chrome;114.0.5735.135;uam=;uamb=0;uap=Windows;uapv=10.0.0;uaw=0;~oref=https://www.njtransit.com/trip-planner-service-near-to?

Protocol

HTTP/1.1

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f6.1e100.net

Software

cafe /

Resource Hash

535d1aa2a2edefcee43d8dbf7d8a74f2efdd6b130835632cdc920eb3dbc069d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, must-revalidate
Content-Encoding: gzip
Content-Length: 474
Content-Type: text/html; charset=UTF-8
Cross-Origin-Resource-Policy: cross-origin
Date: Thu, 29 Jun 2023 16:11:24 GMT
Expires: Fri, 01 Jan 1990 00:00:00 GMT
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: cafe
Strict-Transport-Security: max-age=21600
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
X-XSS-Protection: 0

GET
H2 200 trip-planner-service-near-to Show response
adservice.google.com/ddm/fls/i/dc_pre=CKuphMfa6P8CFYEOaAgd3pELyQ;src=5259617;type=rtg;cat=retar0;ord=4952148966600;gtm=45He36s0;auiddc=1001511037.1688049514;uaa=x86;uab=64;uafvl=Not.A/Brand;8.0.0.0... Frame 432F 642 B
732 B 107ms
58ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CKuphMfa6P8CFYEOaAgd3pELyQ;src=5259617;type=rtg;cat=retar0;ord=4952148966600;gtm=45He36s0;auiddc=1001511037.1688049514;uaa=x86;uab=64;uafvl=Not.A/Brand;8.0.0.0%7CChromium;114.0.5735.135%7CGoogle%20Chrome;114.0.5735.135;uam=;uamb=0;uap=Windows;uapv=10.0.0;uaw=0;~oref=https://www.njtransit.com/trip-planner-service-near-to

Requested by

Host: 5259617.fls.doubleclick.net
URL: http://5259617.fls.doubleclick.net/activityi;dc_pre=CKuphMfa6P8CFYEOaAgd3pELyQ;src=5259617;type=rtg;cat=retar0;ord=4952148966600;gtm=45He36s0;auiddc=1001511037.1688049514;uaa=x86;uab=64;uafvl=Not.A/Brand;8.0.0.0%7CChromium;114.0.5735.135%7CGoogle%20Chrome;114.0.5735.135;uam=;uamb=0;uap=Windows;uapv=10.0.0;uaw=0;~oref=https://www.njtransit.com/trip-planner-service-near-to?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c6bfcb0712521705eb76faa82807f520ede7f4abbabef2beb29acdfdfdbb23ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://5259617.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 357
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 29 Jun 2023 16:11:24 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

trip-planner-service-near-to Show response
5259617.fls.doubleclick.net/ddm/fls/r/dc_pre=CKuphMfa6P8CFYEOaAgd3pELyQ;src=5259617;type=rtg;cat=retar0;ord=4952148966600;gtm=45He36s0;auiddc=1001511037.1688049514;uaa=x86;uab=64;uafvl=Not.A/Brand;... Frame E131
Redirect Chain

https://adservice.google.de/ddm/fls/i/dc_pre=CKuphMfa6P8CFYEOaAgd3pELyQ;src=5259617;type=rtg;cat=retar0;ord=4952148966600;gtm=45He36s0;auiddc=1001511037.1688049514;uaa=x86;uab=64;uafvl=Not.A/Brand;...
https://5259617.fls.doubleclick.net/ddm/fls/r/dc_pre=CKuphMfa6P8CFYEOaAgd3pELyQ;src=5259617;type=rtg;cat=retar0;ord=4952148966600;gtm=45He36s0;auiddc=1001511037.1688049514;uaa=x86;uab=64;uafvl=Not....

2 KB
994 B

105ms
58ms

Document
text/html

172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5259617.fls.doubleclick.net/ddm/fls/r/dc_pre=CKuphMfa6P8CFYEOaAgd3pELyQ;src=5259617;type=rtg;cat=retar0;ord=4952148966600;gtm=45He36s0;auiddc=1001511037.1688049514;uaa=x86;uab=64;uafvl=Not.A/Brand;8.0.0.0%7CChromium;114.0.5735.135%7CGoogle%20Chrome;114.0.5735.135;uam=;uamb=0;uap=Windows;uapv=10.0.0;uaw=0;~oref=https://www.njtransit.com/trip-planner-service-near-to

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CKuphMfa6P8CFYEOaAgd3pELyQ;src=5259617;type=rtg;cat=retar0;ord=4952148966600;gtm=45He36s0;auiddc=1001511037.1688049514;uaa=x86;uab=64;uafvl=Not.A/Brand;8.0.0.0%7CChromium;114.0.5735.135%7CGoogle%20Chrome;114.0.5735.135;uam=;uamb=0;uap=Windows;uapv=10.0.0;uaw=0;~oref=https://www.njtransit.com/trip-planner-service-near-to

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f6.1e100.net

Software

cafe /

Resource Hash

2133acfb125bdd8ea553f892649775ed3350411d94f08bd4b2970f080b2c03ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 486
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 29 Jun 2023 16:11:25 GMT
expires: Thu, 29 Jun 2023 16:11:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 29 Jun 2023 16:11:25 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
location: https://5259617.fls.doubleclick.net/ddm/fls/r/dc_pre=CKuphMfa6P8CFYEOaAgd3pELyQ;src=5259617;type=rtg;cat=retar0;ord=4952148966600;gtm=45He36s0;auiddc=1001511037.1688049514;uaa=x86;uab=64;uafvl=Not.A/Brand;8.0.0.0%7CChromium;114.0.5735.135%7CGoogle%20Chrome;114.0.5735.135;uam=;uamb=0;uap=Windows;uapv=10.0.0;uaw=0;~oref=https://www.njtransit.com/trip-planner-service-near-to
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 url
www.google.com/ Frame E131 0
0 103ms
56ms Image
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/url?q=https://ib.adnxs.com/seg?add%3D26985965%26t%3D2&source=gmail-imap&ust=1626215730000000&usg=AOvVaw038I8FYKu1Nk9aUVyq8YA4
Requested by: Host: 5259617.fls.doubleclick.net
URL: https://5259617.fls.doubleclick.net/ddm/fls/r/dc_pre=CKuphMfa6P8CFYEOaAgd3pELyQ;src=5259617;type=rtg;cat=retar0;ord=4952148966600;gtm=45He36s0;auiddc=1001511037.1688049514;uaa=x86;uab=64;uafvl=Not.A/Brand;8.0.0.0%7CChromium;114.0.5735.135%7CGoogle%20Chrome;114.0.5735.135;uam=;uamb=0;uap=Windows;uapv=10.0.0;uaw=0;~oref=https://www.njtransit.com/trip-planner-service-near-to
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5259617.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H/1.1

200
OK

bounce Show response
secure.adnxs.com/ Frame E131
Redirect Chain

https://secure.adnxs.com/seg?add=26609680&t=1
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D26609680%26t%3D1

207 B
1 KB

37ms
36ms

Script
application/javascript

185.89.210.122
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D26609680%26t%3D1

Requested by

Host: 5259617.fls.doubleclick.net
URL: https://5259617.fls.doubleclick.net/ddm/fls/r/dc_pre=CKuphMfa6P8CFYEOaAgd3pELyQ;src=5259617;type=rtg;cat=retar0;ord=4952148966600;gtm=45He36s0;auiddc=1001511037.1688049514;uaa=x86;uab=64;uafvl=Not.A/Brand;8.0.0.0%7CChromium;114.0.5735.135%7CGoogle%20Chrome;114.0.5735.135;uam=;uamb=0;uap=Windows;uapv=10.0.0;uaw=0;~oref=https://www.njtransit.com/trip-planner-service-near-to

Protocol

HTTP/1.1

Server

185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

cf76b984b60434ae03bc359c4accc575aba730c4210ac7adaf54ef14aea66c78

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5259617.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Jun 2023 16:11:25 GMT
AN-X-Request-Uuid: 431a20d2-1b43-4b56-a35a-1d1788385538
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/javascript; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.114.215.133; 217.114.215.133; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 207
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Date: Thu, 29 Jun 2023 16:11:25 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.114.215.133; 217.114.215.133; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 64076036-ac68-4ee3-ad84-42ed35b1a495
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D26609680%26t%3D1
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

bounce Show response
secure.adnxs.com/ Frame E131
Redirect Chain

https://secure.adnxs.com/seg?add=26609672&t=1
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D26609672%26t%3D1

0
1 KB

28ms
28ms

Script
application/javascript

185.89.210.122
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D26609672%26t%3D1

Requested by

Protocol

HTTP/1.1

Server

185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5259617.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Jun 2023 16:11:25 GMT
AN-X-Request-Uuid: 653b0bb5-97e7-4b40-b1e4-2a8b7f7d502e
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/javascript; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.114.215.133; 217.114.215.133; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Date: Thu, 29 Jun 2023 16:11:25 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.114.215.133; 217.114.215.133; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: dd97ee79-d619-4e4e-b1d3-8d81e8d61a7f
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D26609672%26t%3D1
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ Frame E131 4 KB
2 KB 66ms
19ms Script
application/x-javascript 108.138.15.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: 5259617.fls.doubleclick.net
URL: https://5259617.fls.doubleclick.net/ddm/fls/r/dc_pre=CKuphMfa6P8CFYEOaAgd3pELyQ;src=5259617;type=rtg;cat=retar0;ord=4952148966600;gtm=45He36s0;auiddc=1001511037.1688049514;uaa=x86;uab=64;uafvl=Not.A/Brand;8.0.0.0%7CChromium;114.0.5735.135%7CGoogle%20Chrome;114.0.5735.135;uam=;uamb=0;uap=Windows;uapv=10.0.0;uaw=0;~oref=https://www.njtransit.com/trip-planner-service-near-to
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.15.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-15-119.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5259617.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 02:20:06 GMT
Content-Encoding: gzip
Via: 1.1 4dd80d99fd5d0f6baaaf5179cd921f72.cloudfront.net (CloudFront)
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-P7
Age: 49880
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: dZk07ouFBlU7IOSqt2h_0T_hyYEVdJVamQz2_YASThw5uDyCbIMmbA==

GET
H/1.1

200
OK

bounce Show response
secure.adnxs.com/ Frame E131
Redirect Chain

https://secure.adnxs.com/seg?add=26371849&t=1
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D26371849%26t%3D1

0
1 KB

28ms
28ms

Script
application/javascript

185.89.210.122
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D26371849%26t%3D1

Requested by

Protocol

HTTP/1.1

Server

185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5259617.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Jun 2023 16:11:25 GMT
AN-X-Request-Uuid: 45ff5112-d6f3-41da-a09d-8afdadfaba61
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/javascript; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.114.215.133; 217.114.215.133; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Date: Thu, 29 Jun 2023 16:11:25 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.114.215.133; 217.114.215.133; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 2f87e9ba-1bea-45ef-bc42-94c854d0d579
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D26371849%26t%3D1
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

bounce Show response
secure.adnxs.com/ Frame E131
Redirect Chain

https://secure.adnxs.com/seg?add=26388384&t=1
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D26388384%26t%3D1

0
1 KB

27ms
27ms

Script
application/javascript

185.89.210.122
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D26388384%26t%3D1

Requested by

Protocol

HTTP/1.1

Server

185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5259617.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Jun 2023 16:11:25 GMT
AN-X-Request-Uuid: 773be569-cc87-471a-80cf-5fdcbfb1db96
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/javascript; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.114.215.133; 217.114.215.133; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Date: Thu, 29 Jun 2023 16:11:25 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.114.215.133; 217.114.215.133; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: ac353ae5-9eda-403c-bb82-841cfa8d7077
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D26388384%26t%3D1
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

bounce Show response
secure.adnxs.com/ Frame E131
Redirect Chain

https://secure.adnxs.com/seg?add=22419315&t=1
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D22419315%26t%3D1

0
1 KB

28ms
28ms

Script
application/javascript

185.89.210.122
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D22419315%26t%3D1

Requested by

Protocol

HTTP/1.1

Server

185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5259617.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Jun 2023 16:11:25 GMT
AN-X-Request-Uuid: bc93be62-3a0a-4eaa-ac73-c43cbf38a3f0
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/javascript; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.114.215.133; 217.114.215.133; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Date: Thu, 29 Jun 2023 16:11:25 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.114.215.133; 217.114.215.133; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 6a9f62b7-573c-442e-a4a3-1420f9ac3e4a
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D22419315%26t%3D1
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 2630
bttrack.com/pixel/retarget/ Frame E131 35 B
163 B 338ms
111ms Image
image/gif 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bttrack.com/pixel/retarget/2630

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),

Reverse DNS

46.bidtellect.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5259617.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-servername: Track002-iad
pragma: no-cache
date: Thu, 29 Jun 2023 16:10:33 GMT
strict-transport-security: max-age=31536000;
content-type: image/gif
cache-control: private,no-cache
content-length: 35
expires: -1

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame 8E74 0
181 B 155ms
48ms Document
text/html 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=j63v8xw&ref=https%3A%2F%2Fadservice.google.com%2F&upid=q6qfzpo&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://5259617.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-type: text/html
date: Thu, 29 Jun 2023 16:11:25 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame AA36 0
182 B 153ms
47ms Document
text/html 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=j63v8xw&ref=https%3A%2F%2Fadservice.google.com%2F&upid=a0nel24&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://5259617.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-type: text/html
date: Thu, 29 Jun 2023 16:11:25 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| onbeforetoggle object| onscrollend

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-20 12:54:15	Name: test_cookie Value: CheckForPermission
.adnxs.com/	1970-01-20 15:03:51	Name: anj Value: dTM7k!M4/8CxrEQF']wIg2E><gQ27G!]tbP6j2F-XstGt!@DyC$zGY'
.adnxs.com/	1970-01-20 15:03:51	Name: uuid2 Value: 3871691041483555631

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5259617.fls.doubleclick.net
adservice.google.com
adservice.google.de
bttrack.com
insight.adsrvr.org
js.adsrvr.org
secure.adnxs.com
www.google.com
108.138.15.119
172.217.16.198
185.89.210.122
192.132.33.46
2a00:1450:4001:809::2004
2a00:1450:4001:827::2002
2a00:1450:4001:831::2002
3.33.220.150
2133acfb125bdd8ea553f892649775ed3350411d94f08bd4b2970f080b2c03ee
535d1aa2a2edefcee43d8dbf7d8a74f2efdd6b130835632cdc920eb3dbc069d3
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
c6bfcb0712521705eb76faa82807f520ede7f4abbabef2beb29acdfdfdbb23ae
cf76b984b60434ae03bc359c4accc575aba730c4210ac7adaf54ef14aea66c78
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

5259617.fls.doubleclick.net Open in urlscan Pro 172.217.16.198 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

13 Requests

54 %HTTPS

38 %IPv6

6 Domains

8 Subdomains

7 IPs

2 Countries

11 kBTransfer

8 kBSize

3 Cookies

0 Outgoing links

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

3 Cookies

Security Headers

Indicators

5259617.fls.doubleclick.net Open in urlscan Pro
172.217.16.198 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

54 %
HTTPS

38 %
IPv6

6
Domains

8
Subdomains

7
IPs

2
Countries

11 kB
Transfer

8 kB
Size

3
Cookies

13 HTTP transactions
0 data transactions