bidder.newspassid.com
Open in
urlscan Pro
44.212.199.129
Public Scan
Submission: On December 04 via manual from US — Scanned from DE
Summary
TLS certificate: Issued by Amazon RSA 2048 M01 on May 3rd 2023. Valid for: a year.
This is the only time bidder.newspassid.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 | 44.212.199.129 44.212.199.129 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 | 35.71.131.137 35.71.131.137 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 168.119.146.39 168.119.146.39 | 24940 (HETZNER-AS) (HETZNER-AS) | |
1 | 2a02:fa8:8806... 2a02:fa8:8806:21::1690 | 41041 (VCLK-EU-SE) (VCLK-EU-SE) | |
1 | 54.76.37.105 54.76.37.105 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 46.228.174.117 46.228.174.117 | 56396 (AMOBEE) (AMOBEE) | |
7 | 6 |
ASN14618 (AMAZON-AES, US)
PTR: ec2-44-212-199-129.compute-1.amazonaws.com
bidder.newspassid.com |
ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org |
ASN24940 (HETZNER-AS, DE)
PTR: static.39.146.119.168.clients.your-server.de
sync.richaudience.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-37-105.eu-west-1.compute.amazonaws.com
ads.yieldmo.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
2 |
newspassid.com
bidder.newspassid.com — Cisco Umbrella Rank: 23523 |
22 KB |
1 |
unrulymedia.com
usermatch.targeting.unrulymedia.com — Cisco Umbrella Rank: 4341 |
|
1 |
yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 582 |
35 B |
1 |
dotomi.com
prebid-match.dotomi.com — Cisco Umbrella Rank: 1982 |
104 B |
1 |
richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 1727 |
|
1 |
adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 331 |
149 B |
7 | 6 |
Domain | Requested by | |
---|---|---|
2 | bidder.newspassid.com |
bidder.newspassid.com
|
1 | usermatch.targeting.unrulymedia.com |
bidder.newspassid.com
|
1 | ads.yieldmo.com | |
1 | prebid-match.dotomi.com | |
1 | sync.richaudience.com | |
1 | match.adsrvr.org | |
7 | 6 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
bidder.newspassid.com Amazon RSA 2048 M01 |
2023-05-03 - 2024-05-31 |
a year | crt.sh |
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020 |
2023-04-12 - 2024-05-13 |
a year | crt.sh |
*.richaudience.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1 |
2023-02-27 - 2024-02-26 |
a year | crt.sh |
*.dotomi.com GlobalSign RSA OV SSL CA 2018 |
2023-08-15 - 2024-09-15 |
a year | crt.sh |
*.yieldmo.com Amazon RSA 2048 M01 |
2023-04-04 - 2024-05-02 |
a year | crt.sh |
*.targeting.unrulymedia.com Sectigo RSA Domain Validation Secure Server CA |
2023-05-10 - 2024-05-10 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://bidder.newspassid.com/static/load-cookie.html?usp_consent=1YNY&pubcid=4491a8d4-1a28-4ee5-a87d-0112633dbcda&publisherId=NPID10000006&siteId=4204204305&cb=1699978147465&bidder=newspassid
Frame ID: 955F8F3D1AAB2A9BCE1AC66C5585B684
Requests: 6 HTTP requests in this frame
Frame:
https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=0&consent=&us_privacy=pbs-newspassid&rurl=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-newspassid%26%24UID
Frame ID: D73A64350B36C71A11868081FEDF5B26
Requests: 1 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
7 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
load-cookie.html
bidder.newspassid.com/static/ |
12 KB 13 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
cookie_sync
bidder.newspassid.com/ |
8 KB 9 KB |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
generic
match.adsrvr.org/track/cmf/ |
70 B 149 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/ |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
current
prebid-match.dotomi.com/match/bounce/ |
0 104 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pbsync
ads.yieldmo.com/ |
0 35 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pbsync
usermatch.targeting.unrulymedia.com/ Frame D73A |
0 0 |
Document
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
23 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| documentPictureInPicture function| doConsoleLog function| getEmptyIframe function| insertElement function| doBidderSync function| triggerIframeLoad function| triggerPixel function| doAllSyncs function| process function| ajax function| parseQueryParam function| sanitizeEndpoint function| sanitizeEndpointArgs function| sanitizeSyncCount function| sanitizeGdpr function| sanitizeGdprConsent function| getStringifiedData function| getCookieValueForKey function| isJsonString function| isEncodedString function| isAmpRequest object| keyval3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
bidder.newspassid.com/ | Name: AWSALBTG Value: cRB6JFsqqG9FOGV6uq1UXzRJB8q5/HV1IAM/0/ZFTtjghhlRi/5QffW1WSj8GwbZJv4RaFAmM1/Q+Jkkpeo4Q04/nlUPAxNgBeVbhGKruUvdeQkr2QDPDFLclmhCLWmI2bFk5Pp7dvlOLocBtKFlda8AoX3zS7ZyaUfywHCiYKo8dewvne4= |
|
bidder.newspassid.com/ | Name: AWSALBTGCORS Value: cRB6JFsqqG9FOGV6uq1UXzRJB8q5/HV1IAM/0/ZFTtjghhlRi/5QffW1WSj8GwbZJv4RaFAmM1/Q+Jkkpeo4Q04/nlUPAxNgBeVbhGKruUvdeQkr2QDPDFLclmhCLWmI2bFk5Pp7dvlOLocBtKFlda8AoX3zS7ZyaUfywHCiYKo8dewvne4= |
|
.bidder.newspassid.com/ | Name: newspassid_uid Value: 2Z5Xb9x4PSD0dGnuyktSab9RbLR |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ads.yieldmo.com
bidder.newspassid.com
match.adsrvr.org
prebid-match.dotomi.com
sync.richaudience.com
usermatch.targeting.unrulymedia.com
168.119.146.39
2a02:fa8:8806:21::1690
35.71.131.137
44.212.199.129
46.228.174.117
54.76.37.105
202b65f7735476b526548db88f43f49a959907ed4078132204f0cb1c4503f9e2
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
d21ca54e7bb111359991e59a92a2f83d0194649e3d4b0a3c71455556419bc266
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855