URL: https://20795898p.rfihub.com/ca.html?rfiidc=1875819615988552168&rfiaid=3901ddd8fb00432cb06db01d80fbba30&ver=9&rb=34743&ca=207...
Submission: On July 21 via api from IT

Summary

This website contacted 5 IPs in 5 countries across 23 domains to perform 32 HTTP transactions. The main IP is 193.0.160.129, located in Netherlands and belongs to ROCKETFUEL - Rocket Fuel Inc., US. The main domain is 20795898p.rfihub.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on July 20th 2016. Valid for: 3 years.
This is the only time 20795898p.rfihub.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 193.0.160.129 54312 (ROCKETFUEL)
1 185.33.223.80 29990 (ASN-APPNEXUS)
1 2600:1f18:612... 14618 (AMAZON-AES)
1 151.101.114.2 54113 (FASTLY)
32 5

This site contains no links.

Subject Issuer Validity Valid
*.rfihub.com
DigiCert SHA2 Secure Server CA
2016-07-20 -
2019-09-03
3 years crt.sh
*.adnxs.com
DigiCert ECC Secure Server CA
2019-01-23 -
2021-03-08
2 years crt.sh
*.tremorhub.com
Amazon
2018-08-16 -
2019-09-16
a year crt.sh
f2.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3
2019-04-01 -
2019-09-07
5 months crt.sh

This page contains 1 frames:

Primary Page: https://20795898p.rfihub.com/ca.html?rfiidc=1875819615988552168&rfiaid=3901ddd8fb00432cb06db01d80fbba30&ver=9&rb=34743&ca=20795898&_o=34743&_t=20795898&pe=https%3A%2F%2Fwww.vueling.com%2Fit%2Fservizio-assistenza-clienti%2Finformativa-sulla-privacy%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26CRM%3DAVI_201907_eStoreSummerPromo_B_201974&pf=&ra=9773993256870122
Frame ID: 045D4AFF9C7C87E3410E04D22DC9BF6E
Requests: 32 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /Jetty(?:\(([\d\.]*\d+))?/i

Overall confidence: 100%
Detected patterns
  • headers server /Jetty(?:\(([\d\.]*\d+))?/i

Overall confidence: 100%
Detected patterns
  • html /<(?:iframe|img)[^>]+adnxs\.(?:net|com)/i

Overall confidence: 100%
Detected patterns
  • html /(?:<a [^>]*href="[^\/]*\/\/[^\/]*serving-sys\.com\/|<img [^>]*src="[^\/]*\/\/[^\/]*serving-sys\.com\/)/i

Page Statistics

32
Requests

13 %
HTTPS

25 %
IPv6

23
Domains

25
Subdomains

5
IPs

5
Countries

4 kB
Transfer

6 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://cm.g.doubleclick.net/pixel?google_nid=rfi&google_cm=&google_sc=&google_hm=MTg3NTgxOTYxNTk4ODU1MjE2OA==&forward= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rfi&google_cm=&google_sc=&google_hm=MTg3NTgxOTYxNTk4ODU1MjE2OA==&forward=&google_tc= HTTP 302
  • https://p.rfihub.com/cm?forward=&google_gid=CAESEDueiDq_A2JG6JK8KOyP6Rw&google_cver=1
Request Chain 2
  • https://stags.bluekai.com/site/4722?id=1875819615988552168&redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fbk_uuid%3D%24_BK_UUID%26forward%3D HTTP 302
  • https://p.rfihub.com/cm?bk_uuid=%2B1lQBy9999OF8EH5&forward=
Request Chain 9
  • https://ads.yahoo.com/cms/v1?esig=1~84c296ca4cae9f73fbcc48363a3cd4cd34be98f5&nwid=10000648372&sigv=1 HTTP 302
  • https://p.rfihub.com/cm?xid=E0
Request Chain 29
  • https://bs.serving-sys.com/serving?cn=um&dpid=12&rtu=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D17945%26userid%3D%5B%25tp_UserID%25%5D HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=17945&userid=2e591577-8d7a-4779-9a6e-1bf1b1bb7830

32 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Cookie set ca.html
20795898p.rfihub.com/
6 KB
3 KB
Document
General
Full URL
https://20795898p.rfihub.com/ca.html?rfiidc=1875819615988552168&rfiaid=3901ddd8fb00432cb06db01d80fbba30&ver=9&rb=34743&ca=20795898&_o=34743&_t=20795898&pe=https%3A%2F%2Fwww.vueling.com%2Fit%2Fservizio-assistenza-clienti%2Finformativa-sulla-privacy%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26CRM%3DAVI_201907_eStoreSummerPromo_B_201974&pf=&ra=9773993256870122
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
193.0.160.129 , Netherlands, ASN54312 (ROCKETFUEL - Rocket Fuel Inc., US),
Reverse DNS
Software
Jetty(9.0.6.v20130930) /
Resource Hash
518648cb37258d80b1daced6217b4e96ddf4028f003e73fab2b13d8a4705d4f0

Request headers

Host
20795898p.rfihub.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie
eud=H4sIAAAAAAAAAF3QKw6AMBCE4fBKCARBuAgtFDhfj1GJrKysRHKESiQSWYXeX36Z7CSzrhiU2ZbdaK2OZZ09HOAI3_ALZ9iW0g4-YQ8HOMIf-yvcw76WTnBopK8W--EEP3CmO-zpkcN2xL8m6R8wEk7l0AEAAA;Path=/;Domain=.rfihub.com;Expires=Fri, 14-Aug-2020 23:36:58 GMT rud=H4sIAAAAAAAAAOMSNrQwN7UwtDQzNLW0sDA1NTI0sxDiM9QtDa3KKygO9SixMEuW4jU0NTM2NzUyMrQwNjYAAI-i2Co0AAAA;Path=/;Domain=.rfihub.com;Expires=Fri, 14-Aug-2020 23:36:58 GMT ruds=H4sIAAAAAAAAAOMSNrQwN7UwtDQzNLW0sDA1NTI0sxDiM9QtDa3KKygO9SixMEsGALW2SH8lAAAA;Path=/;Domain=.rfihub.com
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
no-cache
Content-Type
text/html
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Transfer-Encoding
chunked
Server
Jetty(9.0.6.v20130930)
cm
p.rfihub.com/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rfi&google_cm=&google_sc=&google_hm=MTg3NTgxOTYxNTk4ODU1MjE2OA==&forward=
  • https://cm.g.doubleclick.net/pixel?google_nid=rfi&google_cm=&google_sc=&google_hm=MTg3NTgxOTYxNTk4ODU1MjE2OA==&forward=&google_tc=
  • https://p.rfihub.com/cm?forward=&google_gid=CAESEDueiDq_A2JG6JK8KOyP6Rw&google_cver=1
0
0

setuid
ib.adnxs.com/
43 B
845 B
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=18&code=1875819615988552168
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.80 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
251.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://20795898p.rfihub.com/ca.html?rfiidc=1875819615988552168&rfiaid=3901ddd8fb00432cb06db01d80fbba30&ver=9&rb=34743&ca=20795898&_o=34743&_t=20795898&pe=https%3A%2F%2Fwww.vueling.com%2Fit%2Fservizio-assistenza-clienti%2Finformativa-sulla-privacy%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26CRM%3DAVI_201907_eStoreSummerPromo_B_201974&pf=&ra=9773993256870122
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Jul 2019 23:37:00 GMT
AN-X-Request-Uuid
69445cf9-03b9-4c82-8e4c-11d582c65f85
Content-Type
image/gif
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
212.8.240.141; 212.8.240.141; 251.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.245:80
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cm
p.rfihub.com/
Redirect Chain
  • https://stags.bluekai.com/site/4722?id=1875819615988552168&redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fbk_uuid%3D%24_BK_UUID%26forward%3D
  • https://p.rfihub.com/cm?bk_uuid=%2B1lQBy9999OF8EH5&forward=
0
0

tap.php
pixel.rubiconproject.com/
0
0

Pug
simage2.pubmatic.com/AdServer/
0
0

ibs:dpid=1121&dpuuid=1875819615988552168&redir=
dpm.demdex.net/
0
0

cx
msec.xp1.ru4.com/
0
0

sync
pixel.advertising.com/ups/55856/
0
0

rum
dsum-sec.casalemedia.com/
0
0

cm
p.rfihub.com/
Redirect Chain
  • https://ads.yahoo.com/cms/v1?esig=1~84c296ca4cae9f73fbcc48363a3cd4cd34be98f5&nwid=10000648372&sigv=1
  • https://p.rfihub.com/cm?xid=E0
0
0

idsync
soma.smaato.net/oapi/
0
0

sd
us-u.openx.net/w/1.0/
0
0

360947.gif
idsync.rlcdn.com/
0
0

partner
sync.search.spotxchange.com/
0
0

sync
partners.tremorhub.com/
43 B
183 B
Image
General
Full URL
https://partners.tremorhub.com/sync?UIRF=1875819615988552168&r=s8nvWBosUAQk
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4216:e0a:8e15:4ca3:bca3 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://20795898p.rfihub.com/ca.html?rfiidc=1875819615988552168&rfiaid=3901ddd8fb00432cb06db01d80fbba30&ver=9&rb=34743&ca=20795898&_o=34743&_t=20795898&pe=https%3A%2F%2Fwww.vueling.com%2Fit%2Fservizio-assistenza-clienti%2Finformativa-sulla-privacy%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26CRM%3DAVI_201907_eStoreSummerPromo_B_201974&pf=&ra=9773993256870122
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Sun, 21 Jul 2019 23:36:58 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif
g.pixel
aa.agkn.com/adscores/
0
0

usermatch.gif
beacon.krxd.net/
0
0

sync
x.bidswitch.net/
0
0

cm
p.rfihub.com/
0
0

/
sync-tm.everesttech.net/upi/pid/Mlpt2JaG/
0
0

activity
ckm-m.xp1.ru4.com/
0
0

activity
ckm-m.xp1.ru4.com/
0
0

ping_match.gif
pm.w55c.net/
0
0

activity
ckm-m.xp1.ru4.com/
0
0

/
sync-tm.everesttech.net/upi/pid/CepIAyXi/
0
0

/
trc.taboola.com/sg/rocketfuel-network/1/rtb-h/
0
148 B
Image
General
Full URL
https://trc.taboola.com/sg/rocketfuel-network/1/rtb-h/?taboola_hm=1875819615988552168
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://20795898p.rfihub.com/ca.html?rfiidc=1875819615988552168&rfiaid=3901ddd8fb00432cb06db01d80fbba30&ver=9&rb=34743&ca=20795898&_o=34743&_t=20795898&pe=https%3A%2F%2Fwww.vueling.com%2Fit%2Fservizio-assistenza-clienti%2Finformativa-sulla-privacy%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26CRM%3DAVI_201907_eStoreSummerPromo_B_201974&pf=&ra=9773993256870122
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 21 Jul 2019 23:36:59 GMT
via
1.1 varnish
server
nginx
x-timer
S1563752219.447728,VS0,VE8
x-served-by
cache-hhn4062-HHN
x-cache
MISS
status
200
accept-ranges
bytes
content-length
0
x-cache-hits
0
bct
mid.rkdms.com/
0
0

1875819615988552168
dmx.districtm.io/s/10023/
0
0

cksync.php
contextual.media.net/
0
0

cm
p.rfihub.com/
Redirect Chain
  • https://bs.serving-sys.com/serving?cn=um&dpid=12&rtu=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D17945%26userid%3D%5B%25tp_UserID%25%5D
  • https://p.rfihub.com/cm?in=1&pub=17945&userid=2e591577-8d7a-4779-9a6e-1bf1b1bb7830
0
0

pixel
live.rezync.com/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
p.rfihub.com
URL
https://p.rfihub.com/cm?forward=&google_gid=CAESEDueiDq_A2JG6JK8KOyP6Rw&google_cver=1
Domain
p.rfihub.com
URL
https://p.rfihub.com/cm?bk_uuid=%2B1lQBy9999OF8EH5&forward=
Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/tap.php?v=13490&nid=2596&put=1875819615988552168&expires=30&next=
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTU3NjgwMA==&piggybackCookie=1875819615988552168&r=
Domain
dpm.demdex.net
URL
https://dpm.demdex.net/ibs:dpid=1121&dpuuid=1875819615988552168&redir=
Domain
msec.xp1.ru4.com
URL
https://msec.xp1.ru4.com/cx?_i=57753720&_u=1875819615988552168&redirect=
Domain
pixel.advertising.com
URL
https://pixel.advertising.com/ups/55856/sync?uid=1875819615988552168&_origin=1
Domain
dsum-sec.casalemedia.com
URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=1875819615988552168&forward=
Domain
p.rfihub.com
URL
https://p.rfihub.com/cm?xid=E0
Domain
soma.smaato.net
URL
https://soma.smaato.net/oapi/idsync?redirect=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fpub%3D720%26partnerId%3DSomaCookieUserId
Domain
us-u.openx.net
URL
https://us-u.openx.net/w/1.0/sd?id=537073062&val=1875819615988552168&r=
Domain
idsync.rlcdn.com
URL
https://idsync.rlcdn.com/360947.gif?partner_uid=1875819615988552168
Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?adv_id=7180&uid=1875819615988552168&img=1
Domain
aa.agkn.com
URL
https://aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=1875819615988552168
Domain
beacon.krxd.net
URL
https://beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=1875819615988552168
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/sync?dsp_id=119&user_id=1875819615988552168&expires=30
Domain
p.rfihub.com
URL
https://p.rfihub.com/cm?pub=24472&in=1
Domain
sync-tm.everesttech.net
URL
https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D
Domain
ckm-m.xp1.ru4.com
URL
https://ckm-m.xp1.ru4.com/activity?_o=62795&_t=cm_adx
Domain
ckm-m.xp1.ru4.com
URL
https://ckm-m.xp1.ru4.com/activity?_o=62795&_t=cm_apn_in
Domain
pm.w55c.net
URL
https://pm.w55c.net/ping_match.gif?st=x1&rurl=https%3A%2F%2Fs.xp1.ru4.com%2Fcx%3F_i%3D50217510%26_u%3D_wfivefivec_
Domain
ckm-m.xp1.ru4.com
URL
https://ckm-m.xp1.ru4.com/activity?_o=37516008&_t=lr_cm
Domain
sync-tm.everesttech.net
URL
https://sync-tm.everesttech.net/upi/pid/CepIAyXi/?redir=https%3A%2F%2Fmsec.xp1.ru4.com%2Fcx%3F_i%3D52583729%26_u%3D%24%7BUSER_ID%7D
Domain
mid.rkdms.com
URL
https://mid.rkdms.com/bct?pid=b151435b-9c0e-4361-9268-647f8ff9b20c&puid=1875819615988552168&_ct=img
Domain
dmx.districtm.io
URL
https://dmx.districtm.io/s/10023/1875819615988552168
Domain
contextual.media.net
URL
https://contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=1875819615988552168
Domain
p.rfihub.com
URL
https://p.rfihub.com/cm?in=1&pub=17945&userid=2e591577-8d7a-4779-9a6e-1bf1b1bb7830
Domain
live.rezync.com
URL
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1875819615988552168

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| rfiEventHandler function| rfiFirePixels

3 Cookies

Domain/Path Name / Value
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAAAOMSNrQwN7UwtDQzNLW0sDA1NTI0sxDiM9QtDa3KKygO9SixMEsGALW2SH8lAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAAAOMSNrQwN7UwtDQzNLW0sDA1NTI0sxDiM9QtDa3KKygO9SixMEuW4jU0NTM2NzUyMrQwNjYAAI-i2Co0AAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAAAF3QKw6AMBCE4fBKCARBuAgtFDhfj1GJrKysRHKESiQSWYXeX36Z7CSzrhiU2ZbdaK2OZZ09HOAI3_ALZ9iW0g4-YQ8HOMIf-yvcw76WTnBopK8W--EEP3CmO-zpkcN2xL8m6R8wEk7l0AEAAA