urlscan.io logo urlscan.io
SecurityTrails logo

eus.rubiconproject.com Open in urlscan Pro
23.64.52.128  Public Scan

Go To Rescan Add Verdict Report
URL: https://eus.rubiconproject.com/usync.html?geo=na&co=us
Submission Tags: falconsandbox
Submission: On February 20 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 1 domains to perform 3 HTTP transactions. The main IP is 23.64.52.128, located in Vienna, Austria and belongs to AKAMAI-AS, US. The main domain is eus.rubiconproject.com. The Cisco Umbrella rank of the primary domain is 528.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on March 17th 2022. Valid for: a year.
This is the only time eus.rubiconproject.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 23.64.52.128 16625 (AKAMAI-AS)
1 69.173.144.138 26667 (RUBICONPR...)
3 2
Apex Domain
Subdomains		 Transfer
3 rubiconproject.com
eus.rubiconproject.com — Cisco Umbrella Rank: 528
token.rubiconproject.com — Cisco Umbrella Rank: 542
11 KB
3 1
Domain Requested by
2 eus.rubiconproject.com eus.rubiconproject.com
1 token.rubiconproject.com eus.rubiconproject.com
3 2

This site contains no links.

Subject Issuer Validity Valid
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-17 -
2023-04-04		 a year crt.sh

This page contains 1 frames:

Primary Page: https://eus.rubiconproject.com/usync.html?geo=na&co=us
Frame ID: 5E39B52EE97F26B0A87FA071F9E32B8D
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

User-Sync

Detected technologies

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Page Statistics

3
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

2
Subdomains

2
IPs

2
Countries

11 kB
Transfer

34 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request usync.html
eus.rubiconproject.com/ 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?geo=na&co=us
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-52-128.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 20 Feb 2023 23:12:48 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?geo=na&co=us
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-52-128.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f41d63d7f227ad4d5109d8804d3e067a0edeb4634389f5d0f9cfcb43ef59ab62

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?geo=na&co=us
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Mon, 20 Feb 2023 23:12:48 GMT
Content-Encoding
gzip
Last-Modified
Mon, 20 Feb 2023 19:17:09 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=72296
Connection
keep-alive
Content-Length
10007
Expires
Tue, 21 Feb 2023 19:17:44 GMT
khaos.jpg
token.rubiconproject.com/ 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?geo=na&co=us
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Verdicts & Comments Add Verdict or Comment

82 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| oncontentvisibilityautostatechange string| comments object| rtb_sync function| isSellerSync function| shouldSkipBuyerSync function| getPartnerFcaps function| getPartnerFcap function| isExpired function| isCapped function| createNewFcap function| incrementPartnerFcap function| removeExpiredPartners function| savePartnerFcaps function| getConsentWindowFor function| oz_onPixelsLoaded function| getReferrer function| setCookie function| deleteCookie function| readCookie function| trim_whitespace function| countCookies function| addScriptAsync function| addScript function| retrieveQueryParams function| getCountry function| getRegion function| getAllowList function| getQueryStringParam function| loadExpiration function| saveExpiration function| is_expired function| shouldFirePixel function| firePixel function| shuffle function| prioritize function| firePixelsToMax function| fireRandomPixelsByPriority function| sortPixelsByPriority function| sortPixel function| allocatePixelCalls function| determineAllocation function| fireXRandomPixels function| array_contains function| detectIE function| doPixels function| isPixelAllowed function| getConsentParams function| getConsentQS function| appendQSParams function| appendConsentQS function| appendQueryParams function| getConsentQSParams function| getConsent function| checkCookies function| alreadyRanOnPage function| sellerSync function| initiateSellerSync function| runSyncs function| checkKhaosMatchesPrevious function| resetSyncTracking function| checkSampling function| startSync function| lsGet function| lsSet function| lsRemove function| ssGet function| ssSet function| ssRemove function| log boolean| skipBuyerSync undefined| consentParams object| regionCountries object| rtb_pixel_set string| request_country string| request_region number| expiration number| cap boolean| localStorageAccess boolean| sessionStorageAccess undefined| expiration_info undefined| logPrefix

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

eus.rubiconproject.com
token.rubiconproject.com
23.64.52.128
69.173.144.138
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
f41d63d7f227ad4d5109d8804d3e067a0edeb4634389f5d0f9cfcb43ef59ab62