Wednesday, August 3, 2016

What is ?

I recently ran across a suspicious looking domain name in some SSL certificate traffic and wondered if others had the same question. What is it? Below I do a little quick research to determine.

First I used a proxy method (urlquery or a lab, etc.) to navigate to the url and sure enough there is even a nice explanation explaining that it's a domain name used for cookie/customer tracking of users of the website.

Being in security, I naturally don't trust what I see ... so I wanted to confirm this (because any Joe Blow could've put up this splash page claiming to be affiliated with So I navigated to in chrome and ran developer tools.

In developer tools under Network I looked, and sure enough there is a script call to so unless somebody has hacked or my browser , it's safe for me to assume that is a legit domain used by to track it's users. Some sorta master tracking cookie.

Now whether you choose to block this cookie or not is more of a privacy issue, but I don't believe it's a security risk/hacked domain or anything like that. Thus you can move on and look at something else now :-)

More about neonprimetime

Top Blogs of all-time
  1. pagerank botnet sql injection walk-thru
  2. DOM XSS 101 Walk-Through
  3. An Invoice email and a Hot mess of Java

Top Github Contributions
  1. Qualys Scantronitor 2.0

Copyright © 2016, this post cannot be reproduced or retransmitted in any form without reference to the original post.

No comments:

Post a Comment