cache.betweendigital.com Open in urlscan Pro
5.254.23.213 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://cache.betweendigital.com/code/bidder_18.html
Effective URL:
https://cache.betweendigital.com/code/bidder_18.html
Submission: On September 19 via manual (September 19th 2020, 11:26:58 pm UTC) from GB

Summary HTTP 9 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 5 countries across 15 domains to perform 9 HTTP transactions. The main IP is 5.254.23.213, located in Germany and belongs to VOXILITY, GB. The main domain is cache.betweendigital.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on November 8th 2019. Valid for: 2 years.

This is the only time cache.betweendigital.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	5.254.23.213 5.254.23.213	3223 (VOXILITY) (VOXILITY)
4 4	18.194.12.4 18.194.12.4	16509 (AMAZON-02) (AMAZON-02)
2 2	18.194.183.62 18.194.183.62	16509 (AMAZON-02) (AMAZON-02)
1 2	188.42.191.196 188.42.191.196	7979 (SERVERS-COM) (SERVERS-COM)
6 6	31.172.81.160 31.172.81.160	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
2 2	31.172.81.158 31.172.81.158	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
2 2	89.108.120.68 89.108.120.68	43146 (AGAVA3) (AGAVA3)
1 1	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1 2	2a02:6b8::90 2a02:6b8::90	13238 (YANDEX) (YANDEX)
1 2	104.111.230.142 104.111.230.142	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	88.99.149.88 88.99.149.88	24940 (HETZNER-AS) (HETZNER-AS)
1 2	2001:6d0:4001... 2001:6d0:4001::226	52016 (TNSMSK-) (TNSMSK-)
1	88.99.70.162 88.99.70.162	24940 (HETZNER-AS) (HETZNER-AS)
1 2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	51.89.9.251 51.89.9.251	16276 (OVH) (OVH)
9	9

1 5.254.23.213 (Germany)

ASN3223 (VOXILITY, GB)

cache.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.194.12.4 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-12-4.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.194.183.62 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-183-62.eu-central-1.compute.amazonaws.com

a.sportradarserving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.42.191.196 (Luxembourg) 1 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 31.172.81.160 (Germany) 6 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync3.sniperlog.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.172.81.158 (Germany) 2 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync3.adsniper.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.108.120.68 (Russian Federation) 2 redirects

ASN43146 (AGAVA3, RU)
PTR: d51803.reg.regrucolo.ru

x01.aidata.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.194 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8::90 (Moscow, Russian Federation) 1 redirects

ASN13238 (YANDEX, RU)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.230.142 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-230-142.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.99.149.88 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: dmc-test-dn3

sync.1dmp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:6d0:4001::226 (Russian Federation) 1 redirects

ASN52016 (TNSMSK-, RU)

www.tns-counter.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.99.70.162 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: a03.smtp.rees46.com

api.rees46.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.251 (Germany)

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	bumlam.com 5 redirects sync.bumlam.com	3 KB
4	bidswitch.net 4 redirects x.bidswitch.net	2 KB
3	betweendigital.com 1 redirects cache.betweendigital.com ads.betweendigital.com	2 KB
2	openx.net 1 redirects us-u.openx.net	482 B
2	tns-counter.ru 1 redirects www.tns-counter.ru	1 KB
2	1dmp.io 1 redirects sync.1dmp.io	774 B
2	rubiconproject.com 1 redirects secure-assets.rubiconproject.com eus.rubiconproject.com	281 B
2	yandex.ru 1 redirects an.yandex.ru	813 B
2	doubleclick.net 2 redirects cm.g.doubleclick.net	2 KB
2	aidata.io 2 redirects x01.aidata.io	1 KB
2	adsniper.ru 2 redirects sync3.adsniper.ru	1 KB
2	sportradarserving.com 2 redirects a.sportradarserving.com	1 KB
1	onetag-sys.com onetag-sys.com
1	rees46.com api.rees46.com	158 B
1	sniperlog.ru 1 redirects sync3.sniperlog.ru	297 B
9	15

	Domain	Requested by
5	sync.bumlam.com	5 redirects
4	x.bidswitch.net	4 redirects
2	us-u.openx.net	1 redirects
2	www.tns-counter.ru	1 redirects
2	sync.1dmp.io	1 redirects
2	an.yandex.ru	1 redirects
2	cm.g.doubleclick.net	2 redirects
2	x01.aidata.io	2 redirects
2	sync3.adsniper.ru	2 redirects
2	ads.betweendigital.com	1 redirects
2	a.sportradarserving.com	2 redirects
1	onetag-sys.com	cache.betweendigital.com
1	api.rees46.com
1	eus.rubiconproject.com	cache.betweendigital.com
1	secure-assets.rubiconproject.com	1 redirects
1	sync3.sniperlog.ru	1 redirects
1	cache.betweendigital.com
9	17

This site contains no links.

Subject Issuer	Validity	Valid
cache.betweendigital.com Sectigo RSA Domain Validation Secure Server CA	`2019-11-08` - `2022-02-05`	2 years	crt.sh
ads.betweendigital.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-06` - `2022-02-16`	2 years	crt.sh
an.yandex.ru Yandex CA	`2020-09-16` - `2021-03-17`	6 months	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-02-13` - `2021-02-17`	2 years	crt.sh
sync.1dmp.io Let's Encrypt Authority X3	`2020-08-11` - `2020-11-09`	3 months	crt.sh
*.tns-counter.ru GlobalSign Organization Validation CA - SHA256 - G2	`2018-10-29` - `2020-12-01`	2 years	crt.sh
api.rees46.com Let's Encrypt Authority X3	`2020-09-15` - `2020-12-14`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
onetag-sys.com Let's Encrypt Authority X3	`2020-09-02` - `2020-12-01`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://cache.betweendigital.com/code/bidder_18.html
Frame ID: FE98235D3ADD14532C7C34CC6D7F0F1F
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Frame ID: 7A40E20789C13A3AD64CF9D69A22A4FF
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5d1628750185ace
Frame ID: FDC99F0B6D7AE5D6A6619138765E09C7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

9
Requests

100 %
HTTPS

19 %
IPv6

15
Domains

17
Subdomains

9
IPs

5
Countries

3 kB
Transfer

4 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://x.bidswitch.net/sync?ssp=between HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=between HTTP 302
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=between HTTP 302
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=between HTTP 302
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=ae2009e5-831f-4178-9ed7-b5cb3cb1149c&ssp=between HTTP 302
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=363e756e-57f3-4f73-a486-47e57c3db490 HTTP 302
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=363e756e-57f3-4f73-a486-47e57c3db490&crf=1

Request Chain 1

https://sync.bumlam.com/?src=aid0 HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABixp5r7BVIFl4XSlAY* HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARixp5r7BVIFl4XSlAaiARCSuT0u-s8R6opTDMR6bS_v HTTP 302
https://sync.bumlam.com/?src=aid0&s_data=CAIQABixp5r7BaIBEJK5PS76zxHqilMMxHptL-8* HTTP 302
https://sync.bumlam.com/?src=aid0&s_data=CAIQARixp5r7BaIBEJK5PS76zxHqilMMxHptL-8* HTTP 302
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=92b93d2e-facf-11ea-8a53-0cc47a6d2fef HTTP 302
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=92b93d2e-facf-11ea-8a53-0cc47a6d2fef&bounce=1 HTTP 302
https://sync.bumlam.com/?src=aid1&uid=cqYtJslCecdwigulVUIfFg& HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_cm&extra1=cqYtJslCecdwigulVUIfFg&extra2=aidata HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_cm=&extra1=cqYtJslCecdwigulVUIfFg&extra2=aidata&google_tc= HTTP 302
https://sync3.sniperlog.ru/?src=ggl&extra1=cqYtJslCecdwigulVUIfFg&extra2=aidata&google_gid=CAESEL7KjhTNcBN9o9hIx4YFSZc&google_cver=1 HTTP 301
https://sync.bumlam.com/?src=ggl&extra1=cqYtJslCecdwigulVUIfFg&extra2=aidata&google_gid=CAESEL7KjhTNcBN9o9hIx4YFSZc&google_cver=1 HTTP 302
https://an.yandex.ru/setud/adsniper/B6420F0BBFC9A9FA?sign=1722267398 HTTP 302
https://an.yandex.ru/setud/adsniper/B6420F0BBFC9A9FA?redir-setuniq=1&sign=1722267398

Request Chain 2

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu

Request Chain 3

https://sync.1dmp.io/pixel.gif?cid=b536b353-09d7-46f2-bb78-fb321ef4db83&pid=w&uid=${USER_ID} HTTP 302
https://sync.1dmp.io/pixel.gif?cid=b536b353-09d7-46f2-bb78-fb321ef4db83&pid=w&uid=${USER_ID}&cs=1

Request Chain 4

https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/$%7BCACHEBUSTER%7D HTTP 302
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/$%7BCACHEBUSTER%7D

Request Chain 6

https://x.bidswitch.net/sync?dsp_id=429&user_id=${USER_ID}&expires=30 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072968&val=363e756e-57f3-4f73-a486-47e57c3db490 HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072968&val=363e756e-57f3-4f73-a486-47e57c3db490

9 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request bidder_18.html Show response
cache.betweendigital.com/code/ 4 KB
1 KB 153ms
49ms Document
text/html 5.254.23.213
VOXILITY

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.betweendigital.com/code/bidder_18.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.254.23.213 , Germany, ASN3223 (VOXILITY, GB),
Reverse DNS
Software: nginx /
Resource Hash: 9ee83b2fab93bb12e6eee90d06f9d38589cb2462d6a5fdb566cdd39534528f6c

Request headers

:method: GET
:authority: cache.betweendigital.com
:scheme: https
:path: /code/bidder_18.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
server: nginx
date: Sat, 19 Sep 2020 23:26:40 GMT
content-type: text/html
last-modified: Thu, 04 Jun 2020 14:15:01 GMT
etag: W/"5ed901e5-ec6"
content-encoding: gzip

GET
H2

200

match
ads.betweendigital.com/
Redirect Chain

https://x.bidswitch.net/sync?ssp=between
https://x.bidswitch.net/ul_cb/sync?ssp=between
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=between
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=between
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=ae2009e5-831f-4178-9ed7-b5cb3cb1149c&ssp=between
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=363e756e-57f3-4f73-a486-47e57c3db490
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=363e756e-57f3-4f73-a486-47e57c3db490&crf=1

68 B
150 B

64ms
63ms

Image
image/png

188.42.191.196
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=22&external_user_id=363e756e-57f3-4f73-a486-47e57c3db490&crf=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer: https://cache.betweendigital.com/code/bidder_18.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

status: 302
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
location: /match?bidder_id=22&external_user_id=363e756e-57f3-4f73-a486-47e57c3db490&crf=1

GET
H2

404

B6420F0BBFC9A9FA
an.yandex.ru/setud/adsniper/
Redirect Chain

https://sync.bumlam.com/?src=aid0
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABixp5r7BVIFl4XSlAY*
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARixp5r7BVIFl4XSlAaiARCSuT0u-s8R6opTDMR6bS_v
https://sync.bumlam.com/?src=aid0&s_data=CAIQABixp5r7BaIBEJK5PS76zxHqilMMxHptL-8*
https://sync.bumlam.com/?src=aid0&s_data=CAIQARixp5r7BaIBEJK5PS76zxHqilMMxHptL-8*
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=92b93d2e-facf-11ea-8a53-0cc47a6d2fef
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=92b93d2e-facf-11ea-8a53-0cc47a6d2fef&bounce=1
https://sync.bumlam.com/?src=aid1&uid=cqYtJslCecdwigulVUIfFg&
https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_cm&extra1=cqYtJslCecdwigulVUIfFg&extra2=aidata
https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_cm=&extra1=cqYtJslCecdwigulVUIfFg&extra2=aidata&google_tc=
https://sync3.sniperlog.ru/?src=ggl&extra1=cqYtJslCecdwigulVUIfFg&extra2=aidata&google_gid=CAESEL7KjhTNcBN9o9hIx4YFSZc&google_cver=1
https://sync.bumlam.com/?src=ggl&extra1=cqYtJslCecdwigulVUIfFg&extra2=aidata&google_gid=CAESEL7KjhTNcBN9o9hIx4YFSZc&google_cver=1
https://an.yandex.ru/setud/adsniper/B6420F0BBFC9A9FA?sign=1722267398
https://an.yandex.ru/setud/adsniper/B6420F0BBFC9A9FA?redir-setuniq=1&sign=1722267398

43 B
290 B

69ms
69ms

Image
image/gif

2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://an.yandex.ru/setud/adsniper/B6420F0BBFC9A9FA?redir-setuniq=1&sign=1722267398
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64

Request headers

Referer: https://cache.betweendigital.com/code/bidder_18.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Sep 2020 23:26:42 GMT
last-modified: Sat, 19 Sep 2020 23:26:42 GMT
server: nginx/1.12.2
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
status: 404
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif; charset=windows-1251
content-length: 43
expires: Sat, 19 Sep 2020 23:26:42 GMT

Redirect headers

pragma: no-cache
date: Sat, 19 Sep 2020 23:26:42 GMT
last-modified: Sat, 19 Sep 2020 23:26:42 GMT
server: nginx/1.12.2
status: 302
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://an.yandex.ru/setud/adsniper/B6420F0BBFC9A9FA?redir-setuniq=1&sign=1722267398
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 0
x-xss-protection: 1; mode=block
expires: Sat, 19 Sep 2020 23:26:42 GMT

GET
H/1.1

200
OK

usync.html
eus.rubiconproject.com/ Frame 7A40
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu

0
0

173ms
56ms

Document
text/html

104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Requested by: Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.230.142 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://cache.betweendigital.com/code/bidder_18.html
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: about:blank

Response headers

Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Wed, 19 Aug 2020 18:23:01 GMT
Content-Encoding: gzip
Content-Length: 9455
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=55852
Expires: Sun, 20 Sep 2020 14:57:35 GMT
Date: Sat, 19 Sep 2020 23:26:43 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Date: Sat, 19 Sep 2020 23:26:42 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H2

200

pixel.gif
sync.1dmp.io/
Redirect Chain

https://sync.1dmp.io/pixel.gif?cid=b536b353-09d7-46f2-bb78-fb321ef4db83&pid=w&uid=${USER_ID}
https://sync.1dmp.io/pixel.gif?cid=b536b353-09d7-46f2-bb78-fb321ef4db83&pid=w&uid=${USER_ID}&cs=1

35 B
376 B

51ms
51ms

Image
image/gif

88.99.149.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1dmp.io/pixel.gif?cid=b536b353-09d7-46f2-bb78-fb321ef4db83&pid=w&uid=${USER_ID}&cs=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.99.149.88 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: dmc-test-dn3
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://cache.betweendigital.com/code/bidder_18.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Sat, 19 Sep 2020 23:26:43 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-type: image/gif
content-length: 35
expires: 0

Redirect headers

status: 302
date: Sat, 19 Sep 2020 23:26:43 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-length: 0
location: /pixel.gif?cid=b536b353-09d7-46f2-bb78-fb321ef4db83&pid=w&uid=${USER_ID}&cs=1
expires: 0

GET
H/1.1

200
OK

$%7BCACHEBUSTER%7D
www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/
Redirect Chain

https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/$%7BCACHEBUSTER%7D
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/$%7BCACHEBUSTER%7D

43 B
458 B

42ms
42ms

Image
image/gif

2001:6d0:4001::226
TNSMSK-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/$%7BCACHEBUSTER%7D
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU),
Reverse DNS
Software: ms-counter-3.1.0/1.14.0 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://cache.betweendigital.com/code/bidder_18.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 19 Sep 2020 23:26:43 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: ms-counter-3.1.0/1.14.0
Content-Type: image/gif
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 19 Sep 2020 23:26:43 GMT
Server: ms-counter-3.1.0/1.14.0
Strict-Transport-Security: max-age=2678400
Content-Type: image/gif
Location: https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/$%7BCACHEBUSTER%7D
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 betweendata
api.rees46.com/profile/ 43 B
158 B 151ms
50ms Image
image/gif 88.99.70.162
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.rees46.com/profile/betweendata?rand=${CACHEBUSTER}
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 88.99.70.162 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: a03.smtp.rees46.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://cache.betweendigital.com/code/bidder_18.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Sat, 19 Sep 2020 23:26:43 GMT
access-control-allow-credentials: true
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
content-length: 43
content-type: image/gif

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=429&user_id=${USER_ID}&expires=30
https://us-u.openx.net/w/1.0/sd?id=537072968&val=363e756e-57f3-4f73-a486-47e57c3db490
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072968&val=363e756e-57f3-4f73-a486-47e57c3db490

43 B
180 B

58ms
58ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072968&val=363e756e-57f3-4f73-a486-47e57c3db490
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.193.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://cache.betweendigital.com/code/bidder_18.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Sep 2020 23:26:44 GMT
via: 1.1 google
server: OXGW/16.193.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Sat, 19 Sep 2020 23:26:44 GMT
via: 1.1 google
server: OXGW/16.193.0
status: 302
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072968&val=363e756e-57f3-4f73-a486-47e57c3db490
alt-svc: clear
content-length: 0

GET
H2 200 /
onetag-sys.com/usync/ Frame FDC9 0
0 150ms
49ms Document
text/html 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=5d1628750185ace

Requested by

Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.89.9.251 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?pubId=5d1628750185ace
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cache.betweendigital.com/code/bidder_18.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://cache.betweendigital.com/code/bidder_18.html

Response headers

status: 200
content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
strict-transport-security: max-age=2592000

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes object| pixels object| params function| getURLParameter

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.sportradarserving.com
ads.betweendigital.com
an.yandex.ru
api.rees46.com
cache.betweendigital.com
cm.g.doubleclick.net
eus.rubiconproject.com
onetag-sys.com
secure-assets.rubiconproject.com
sync.1dmp.io
sync.bumlam.com
sync3.adsniper.ru
sync3.sniperlog.ru
us-u.openx.net
www.tns-counter.ru
x.bidswitch.net
x01.aidata.io
104.111.230.142
172.217.16.194
18.194.12.4
18.194.183.62
188.42.191.196
2001:6d0:4001::226
2a00:1450:4001:808::2002
2a02:6b8::90
31.172.81.158
31.172.81.160
35.244.159.8
5.254.23.213
51.89.9.251
88.99.149.88
88.99.70.162
89.108.120.68
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
9ee83b2fab93bb12e6eee90d06f9d38589cb2462d6a5fdb566cdd39534528f6c
ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

cache.betweendigital.com Open in urlscan Pro 5.254.23.213 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

9 Requests

100 %HTTPS

19 %IPv6

15 Domains

17 Subdomains

9 IPs

5 Countries

3 kBTransfer

4 kBSize

0 Cookies

0 Outgoing links

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

0 Cookies

Indicators

cache.betweendigital.com Open in urlscan Pro
5.254.23.213 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

100 %
HTTPS

19 %
IPv6

15
Domains

17
Subdomains

9
IPs

5
Countries

3 kB
Transfer

4 kB
Size

0
Cookies

9 HTTP transactions
0 data transactions