bidder.newspassid.com

Summary

This website contacted 6 IPs in 5 countries across 6 domains to perform 7 HTTP transactions. The main IP is 44.212.199.129, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is bidder.newspassid.com. The Cisco Umbrella rank of the primary domain is 23523.
TLS certificate: Issued by Amazon RSA 2048 M01 on May 3rd 2023. Valid for: a year.

This is the only time bidder.newspassid.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	44.212.199.129 44.212.199.129	14618 (AMAZON-AES) (AMAZON-AES)
1	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1	168.119.146.39 168.119.146.39	24940 (HETZNER-AS) (HETZNER-AS)
1	2a02:fa8:8806... 2a02:fa8:8806:21::1690	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1	54.76.37.105 54.76.37.105	16509 (AMAZON-02) (AMAZON-02)
1	46.228.174.117 46.228.174.117	56396 (AMOBEE) (AMOBEE)
7	6

2 44.212.199.129 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-212-199-129.compute-1.amazonaws.com

bidder.newspassid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 168.119.146.39 (Berlin, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.39.146.119.168.clients.your-server.de

sync.richaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:21::1690 (Singapore)

ASN41041 (VCLK-EU-SE, US)

prebid-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.76.37.105 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-37-105.eu-west-1.compute.amazonaws.com

ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.228.174.117 (United Kingdom)

ASN56396 (AMOBEE, GB)

usermatch.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	newspassid.com bidder.newspassid.com — Cisco Umbrella Rank: 23523	22 KB
1	unrulymedia.com usermatch.targeting.unrulymedia.com — Cisco Umbrella Rank: 4341
1	yieldmo.com ads.yieldmo.com — Cisco Umbrella Rank: 582	35 B
1	dotomi.com prebid-match.dotomi.com — Cisco Umbrella Rank: 1982	104 B
1	richaudience.com sync.richaudience.com — Cisco Umbrella Rank: 1727
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 331	149 B
7	6

	Domain	Requested by
2	bidder.newspassid.com	bidder.newspassid.com
1	usermatch.targeting.unrulymedia.com	bidder.newspassid.com
1	ads.yieldmo.com
1	prebid-match.dotomi.com
1	sync.richaudience.com
1	match.adsrvr.org
7	6

This site contains no links.

Subject Issuer	Validity	Valid
bidder.newspassid.com Amazon RSA 2048 M01	`2023-05-03` - `2024-05-31`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.richaudience.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2023-02-27` - `2024-02-26`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-08-15` - `2024-09-15`	a year	crt.sh
*.yieldmo.com Amazon RSA 2048 M01	`2023-04-04` - `2024-05-02`	a year	crt.sh
*.targeting.unrulymedia.com Sectigo RSA Domain Validation Secure Server CA	`2023-05-10` - `2024-05-10`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://bidder.newspassid.com/static/load-cookie.html?usp_consent=1YNY&pubcid=4491a8d4-1a28-4ee5-a87d-0112633dbcda&publisherId=NPID10000006&siteId=4204204305&cb=1699978147465&bidder=newspassid
Frame ID: 955F8F3D1AAB2A9BCE1AC66C5585B684
Requests: 6 HTTP requests in this frame

Frame: https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=0&consent=&us_privacy=pbs-newspassid&rurl=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-newspassid%26%24UID
Frame ID: D73A64350B36C71A11868081FEDF5B26
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Document

Page Statistics

7
Requests

100 %
HTTPS

17 %
IPv6

6
Domains

6
Subdomains

6
IPs

5
Countries

22 kB
Transfer

20 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request load-cookie.html Show response bidder.newspassid.com/static/	12 KB 13 KB	362ms 105ms	Document text/html	44.212.199.129 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://bidder.newspassid.com/static/load-cookie.html?usp_consent=1YNY&pubcid=4491a8d4-1a28-4ee5-a87d-0112633dbcda&publisherId=NPID10000006&siteId=4204204305&cb=1699978147465&bidder=newspassid Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.212.199.129 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-44-212-199-129.compute-1.amazonaws.com Software / Resource Hash `202b65f7735476b526548db88f43f49a959907ed4078132204f0cb1c4503f9e2` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes cache-control no-cache, no-store, must-revalidate content-length 12255 content-type text/html; charset=utf-8 date Mon, 04 Dec 2023 18:03:02 GMT expires 0 last-modified Mon, 04 Dec 2023 10:33:06 GMT pragma no-cache vary Origin
POST H2	200	cookie_sync Show response bidder.newspassid.com/	8 KB 9 KB	106ms 106ms	XHR text/plain	44.212.199.129 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://bidder.newspassid.com/cookie_sync Requested by Host: bidder.newspassid.com URL: https://bidder.newspassid.com/static/load-cookie.html?usp_consent=1YNY&pubcid=4491a8d4-1a28-4ee5-a87d-0112633dbcda&publisherId=NPID10000006&siteId=4204204305&cb=1699978147465&bidder=newspassid Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.212.199.129 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-44-212-199-129.compute-1.amazonaws.com Software / Resource Hash `d21ca54e7bb111359991e59a92a2f83d0194649e3d4b0a3c71455556419bc266` Request headers Referer https://bidder.newspassid.com/static/load-cookie.html?usp_consent=1YNY&pubcid=4491a8d4-1a28-4ee5-a87d-0112633dbcda&publisherId=NPID10000006&siteId=4204204305&cb=1699978147465&bidder=newspassid accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Mon, 04 Dec 2023 18:03:02 GMT vary Origin content-type text/plain; charset=utf-8 access-control-allow-origin https://bidder.newspassid.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true expires 0
GET H2	200	generic match.adsrvr.org/track/cmf/	70 B 149 B	103ms 32ms	Image image/gif	35.71.131.137 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://match.adsrvr.org/track/cmf/generic?ttd_pid=u40cpuw&ttd_tpi=1&gdpr=0&gdpr_consent= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.71.131.137 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a6370ebea231e0c9a.awsglobalaccelerator.com Software Kestrel / Resource Hash `8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0` Request headers accept-language de-DE,de;q=0.9 Referer https://bidder.newspassid.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Mon, 04 Dec 2023 18:03:03 GMT server Kestrel content-length 70 content-type image/gif
GET H2	400	/ sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/	0 0	311ms 15ms	Image text/html	168.119.146.39 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=pbs&consentString=&r=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Drichaudience%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-newspassid%26uid%3D[PDID] Protocol H2 Security TLS 1.3, , AES_256_GCM Server 168.119.146.39 Berlin, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.39.146.119.168.clients.your-server.de Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language de-DE,de;q=0.9 Referer https://bidder.newspassid.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers
GET H2	204	current prebid-match.dotomi.com/match/bounce/	0 104 B	159ms 68ms	Image text/plain	2a02:fa8:8806:21::1690 VCLK-EU-SE
General Check archive.org Show headers Download Go to Show image Full URL https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&gdpr=0&gdpr_consent=&us_privacy=pbs-newspassid&rurl=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dconversant%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:fa8:8806:21::1690 , Singapore, ASN41041 (VCLK-EU-SE, US), Reverse DNS Software nginx / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language de-DE,de;q=0.9 Referer https://bidder.newspassid.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers pragma no-cache date Mon, 04 Dec 2023 18:03:03 GMT cache-control no-cache, private, max-age=0, no-store server nginx expires 0
GET H2	204	pbsync ads.yieldmo.com/	0 35 B	143ms 31ms	Image text/plain	54.76.37.105 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ads.yieldmo.com/pbsync?is=ozone&gdpr=0&gdpr_consent=&us_privacy=pbs-newspassid&redirectUri=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dyieldmo%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-newspassid%26uid%3D%24UID Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.76.37.105 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-76-37-105.eu-west-1.compute.amazonaws.com Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language de-DE,de;q=0.9 Referer https://bidder.newspassid.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Mon, 04 Dec 2023 18:03:03 GMT
GET H2	204	pbsync usermatch.targeting.unrulymedia.com/ Frame D73A	0 0	56ms 13ms	Document text/plain	46.228.174.117 AMOBEE
General Check archive.org Show headers Download Go to Full URL https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=0&consent=&us_privacy=pbs-newspassid&rurl=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-newspassid%26%24UID Requested by Host: bidder.newspassid.com URL: https://bidder.newspassid.com/static/load-cookie.html?usp_consent=1YNY&pubcid=4491a8d4-1a28-4ee5-a87d-0112633dbcda&publisherId=NPID10000006&siteId=4204204305&cb=1699978147465&bidder=newspassid Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 46.228.174.117 , United Kingdom, ASN56396 (AMOBEE, GB), Reverse DNS Software / Resource Hash Request headers Referer https://bidder.newspassid.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers date Mon, 04 Dec 2023 18:03:03 GMT

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
bidder.newspassid.com/	1970-01-20 16:51:57	Name: AWSALBTG Value: cRB6JFsqqG9FOGV6uq1UXzRJB8q5/HV1IAM/0/ZFTtjghhlRi/5QffW1WSj8GwbZJv4RaFAmM1/Q+Jkkpeo4Q04/nlUPAxNgBeVbhGKruUvdeQkr2QDPDFLclmhCLWmI2bFk5Pp7dvlOLocBtKFlda8AoX3zS7ZyaUfywHCiYKo8dewvne4=
bidder.newspassid.com/	1970-01-20 16:51:57	Name: AWSALBTGCORS Value: cRB6JFsqqG9FOGV6uq1UXzRJB8q5/HV1IAM/0/ZFTtjghhlRi/5QffW1WSj8GwbZJv4RaFAmM1/Q+Jkkpeo4Q04/nlUPAxNgBeVbhGKruUvdeQkr2QDPDFLclmhCLWmI2bFk5Pp7dvlOLocBtKFlda8AoX3zS7ZyaUfywHCiYKo8dewvne4=
.bidder.newspassid.com/	1970-01-20 18:51:28	Name: newspassid_uid Value: 2Z5Xb9x4PSD0dGnuyktSab9RbLR

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=pbs&consentString=&r=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Drichaudience%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-newspassid%26uid%3D[PDID] Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.yieldmo.com
bidder.newspassid.com
match.adsrvr.org
prebid-match.dotomi.com
sync.richaudience.com
usermatch.targeting.unrulymedia.com
168.119.146.39
2a02:fa8:8806:21::1690
35.71.131.137
44.212.199.129
46.228.174.117
54.76.37.105
202b65f7735476b526548db88f43f49a959907ed4078132204f0cb1c4503f9e2
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
d21ca54e7bb111359991e59a92a2f83d0194649e3d4b0a3c71455556419bc266
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

bidder.newspassid.com Open in urlscan Pro 44.212.199.129 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

7 Requests

100 %HTTPS

17 %IPv6

6 Domains

6 Subdomains

6 IPs

5 Countries

22 kBTransfer

20 kBSize

3 Cookies

0 Outgoing links

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

3 Cookies

1 Console Messages

Indicators

bidder.newspassid.com Open in urlscan Pro
44.212.199.129 Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

100 %
HTTPS

17 %
IPv6

6
Domains

6
Subdomains

6
IPs

5
Countries

22 kB
Transfer

20 kB
Size

3
Cookies

7 HTTP transactions
0 data transactions