bidder.newspassid.com
Open in
urlscan Pro
34.194.170.146
Public Scan
Submission: On March 07 via manual from US — Scanned from DE
Summary
TLS certificate: Issued by Amazon RSA 2048 M01 on May 3rd 2023. Valid for: a year.
This is the only time bidder.newspassid.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
4 | 34.194.170.146 34.194.170.146 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 | 2a02:2638:3::6 2a02:2638:3::6 | 44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE) | |
3 3 | 35.214.149.91 35.214.149.91 | 15169 (GOOGLE) (GOOGLE) | |
1 1 | 178.250.1.9 178.250.1.9 | 44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE) | |
1 | 104.18.43.178 104.18.43.178 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 3.71.149.231 3.71.149.231 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 3.33.220.150 3.33.220.150 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 54.76.233.138 54.76.233.138 | 16509 (AMAZON-02) (AMAZON-02) | |
1 1 | 23.40.177.46 23.40.177.46 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
1 | 52.58.27.81 52.58.27.81 | 16509 (AMAZON-02) (AMAZON-02) | |
1 1 | 185.255.84.153 185.255.84.153 | 200271 (IGUANE-) (IGUANE-) | |
1 | 67.202.105.23 67.202.105.23 | 32748 (STEADFAST) (STEADFAST) | |
11 | 8 |
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-170-146.compute-1.amazonaws.com
bidder.newspassid.com |
ASN15169 (GOOGLE, US)
PTR: 91.149.214.35.bc.googleusercontent.com
x.bidswitch.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com |
ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-233-138.eu-west-1.compute.amazonaws.com
ap.lijit.com |
ASN16625 (AKAMAI-AS, US)
PTR: a23-40-177-46.deploy.static.akamaitechnologies.com
hbx.media.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-27-81.eu-central-1.compute.amazonaws.com
crb.kargo.com |
ASN32748 (STEADFAST, US)
PTR: ip23.67-202-105.static.steadfastdns.net
ssc-cms.33across.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
4 |
newspassid.com
bidder.newspassid.com — Cisco Umbrella Rank: 25172 |
25 KB |
3 |
bidswitch.net
3 redirects
x.bidswitch.net — Cisco Umbrella Rank: 383 |
2 KB |
2 |
criteo.com
1 redirects
ssp-sync.criteo.com — Cisco Umbrella Rank: 1413 dis.criteo.com — Cisco Umbrella Rank: 662 |
552 B |
1 |
33across.com
ssc-cms.33across.com — Cisco Umbrella Rank: 929 |
|
1 |
omnitagjs.com
1 redirects
visitor.omnitagjs.com — Cisco Umbrella Rank: 737 |
390 B |
1 |
kargo.com
crb.kargo.com — Cisco Umbrella Rank: 1236 |
375 B |
1 |
media.net
1 redirects
hbx.media.net — Cisco Umbrella Rank: 1298 |
329 B |
1 |
lijit.com
ap.lijit.com — Cisco Umbrella Rank: 729 |
175 B |
1 |
adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 364 |
149 B |
1 |
yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 428 |
125 B |
1 |
the-ozone-project.com
elb.the-ozone-project.com — Cisco Umbrella Rank: 4809 |
1003 B |
11 | 11 |
Domain | Requested by | |
---|---|---|
4 | bidder.newspassid.com |
bidder.newspassid.com
|
3 | x.bidswitch.net | 3 redirects |
1 | ssc-cms.33across.com |
bidder.newspassid.com
|
1 | visitor.omnitagjs.com | 1 redirects |
1 | crb.kargo.com | |
1 | hbx.media.net | 1 redirects |
1 | ap.lijit.com | |
1 | match.adsrvr.org | |
1 | ups.analytics.yahoo.com | |
1 | elb.the-ozone-project.com | |
1 | dis.criteo.com | 1 redirects |
1 | ssp-sync.criteo.com | |
11 | 12 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
bidder.newspassid.com Amazon RSA 2048 M01 |
2023-05-03 - 2024-05-31 |
a year | crt.sh |
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2024-02-08 - 2024-05-07 |
3 months | crt.sh |
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA |
2023-12-26 - 2024-06-19 |
6 months | crt.sh |
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020 |
2023-04-12 - 2024-05-13 |
a year | crt.sh |
*.lijit.com Amazon RSA 2048 M02 |
2023-11-21 - 2024-12-19 |
a year | crt.sh |
*.prod.euc1.green.ops.kargo.com Amazon RSA 2048 M03 |
2023-12-12 - 2025-01-10 |
a year | crt.sh |
*.33across.com Sectigo RSA Domain Validation Secure Server CA |
2023-09-06 - 2024-09-30 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://bidder.newspassid.com/static/load-cookie.html?usp_consent=1yn-&pubcid=3d5066b9-ac11-4fac-9736-1a08bdbd6e5f&publisherid=npid10000001&siteid=4204204274&cb=1709569477352&bidder=newspassid
Frame ID: F020C464542ED7BA7278A8C61327B7E8
Requests: 10 HTTP requests in this frame
Frame:
https://ssc-cms.33across.com/ps/?ri=0010b00002QLYzgAAH&ru=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Frame ID: 31FE22F104A33CC7919B8D716152EBC2
Requests: 1 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 2- https://x.bidswitch.net/sync?ssp=ozone&gdpr=0&gdpr_consent=&us_privacy=pbs-newspassid HTTP 302
- https://x.bidswitch.net/ul_cb/sync?ssp=ozone&gdpr=0&gdpr_consent=&us_privacy=pbs-newspassid HTTP 302
- https://dis.criteo.com/dis/usersync.aspx?r=25&p=52&dis=0&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D462%26ssp%3Dozone%26user_id%3D%40%40CRITEO_USERID%40%40 HTTP 302
- https://x.bidswitch.net/sync?dsp_id=462&ssp=ozone&user_id=k-W5jtuPNxV5XKmCTMVVxhpkbXpnwFj94JUoF-Zg&gdpr=0&gdpr_consent= HTTP 302
- https://elb.the-ozone-project.com/setuid?bidder=bidswitch&gdpr=0&gdpr_consent=&us_privacy=&uid=9039306e-15b8-4cae-8081-b7c605e7a2ce
- https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=pbs-newspassid&redirect=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dmedianet%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-newspassid%26uid%3D%3Cvsid%3E HTTP 302
- https://bidder.newspassid.com/setuid?bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=pbs-newspassid&uid=0000EEA
- https://visitor.omnitagjs.com/visitor/bsync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=0&gdpr_consent=&us_privacy=pbs-newspassid&url=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-newspassid%26uid%3D[BUYER_USERID] HTTP 307
- https://bidder.newspassid.com/setuid?bidder=adyoulike&gdpr=0&gdpr_consent=&us_privacy=pbs-newspassid&uid=4f1ec55e525a5137b9cac49a27f03a7b
11 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
load-cookie.html
bidder.newspassid.com/static/ |
12 KB 13 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
cookie_sync
bidder.newspassid.com/ |
10 KB 10 KB |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iframe
ssp-sync.criteo.com/user-sync/ |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
setuid
elb.the-ozone-project.com/ Redirect Chain
|
0 1003 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
occ
ups.analytics.yahoo.com/ups/58737/ |
0 125 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
generic
match.adsrvr.org/track/cmf/ |
70 B 149 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pixel
ap.lijit.com/ |
0 175 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
setuid
bidder.newspassid.com/ Redirect Chain
|
0 749 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
PrebidServer
crb.kargo.com/api/v1/dsync/ |
43 B 375 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
setuid
bidder.newspassid.com/ Redirect Chain
|
0 858 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
ssc-cms.33across.com/ps/ Frame 31FE |
0 0 |
Document
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
22 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 function| doConsoleLog function| getEmptyIframe function| insertElement function| doBidderSync function| triggerIframeLoad function| triggerPixel function| doAllSyncs function| process function| ajax function| parseQueryParam function| sanitizeEndpoint function| sanitizeEndpointArgs function| sanitizeSyncCount function| sanitizeGdpr function| sanitizeGdprConsent function| getStringifiedData function| getCookieValueForKey function| isJsonString function| isEncodedString function| isAmpRequest object| keyval12 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.bidder.newspassid.com/ | Name: newspassid_uid Value: 2dMdL6vTV8Snw2NGRDyoL1CCH5z |
|
.bidswitch.net/ | Name: tuuid Value: 9039306e-15b8-4cae-8081-b7c605e7a2ce |
|
.bidswitch.net/ | Name: c Value: 1709821822 |
|
.bidswitch.net/ | Name: tuuid_lu Value: 1709821822 |
|
.criteo.com/ | Name: uid Value: d12c8f91-c8d8-42ed-87f1-ec841b5a98b7 |
|
.the-ozone-project.com/ | Name: uids Value: eyJ0ZW1wVUlEcyI6eyJiaWRzd2l0Y2giOnsidWlkIjoiOTAzOTMwNmUtMTViOC00Y2FlLTgwODEtYjdjNjA1ZTdhMmNlIiwiZXhwaXJlcyI6IjIwMjQtMDMtMjFUMTQ6MzA6MjIuNTE0MDk1MzczWiJ9fSwiYmRheSI6IjIwMjQtMDMtMDdUMTQ6MzA6MjIuNTE0MDkxMjAxWiJ9 |
|
.the-ozone-project.com/ | Name: __cf_bm Value: ._ZZBOPMQ2QFF_7DpVoUCk2t7EHAAeD2HymhAshAyQc-1709821822-1.0.1.1-.Fjx5ei1AytCsURpX0sePoYvM1GPJVWNTfl8UNyWs4iDEXcHCn51fTPY_Ark1ZuK78v5n4lw2t3vAH_y.SCaIg |
|
.kargo.com/ | Name: ktcid Value: 4b7d1b31-2107-043d-57af-0b2ac430da5d |
|
.omnitagjs.com/ | Name: ayl_visitor Value: 4f1ec55e525a5137b9cac49a27f03a7b |
|
bidder.newspassid.com/ | Name: AWSALBTG Value: V+8Nz7VKHZpMrWRMzVVV4E2XoWiz+bjQuCRiYJOBcsIA1MiIB73AafUFeOx4PC4XoBlZjtRnW7J2GE18ckWM/ptlL/p1BlHBFHIL5zDkucl8kYT5y2eWMyv1fQwrpEAv4eDW+wexdWHjo3ZTnAYcww9LF8PGOs5IPoff27AcCDzNyNK3mZ8= |
|
bidder.newspassid.com/ | Name: AWSALBTGCORS Value: V+8Nz7VKHZpMrWRMzVVV4E2XoWiz+bjQuCRiYJOBcsIA1MiIB73AafUFeOx4PC4XoBlZjtRnW7J2GE18ckWM/ptlL/p1BlHBFHIL5zDkucl8kYT5y2eWMyv1fQwrpEAv4eDW+wexdWHjo3ZTnAYcww9LF8PGOs5IPoff27AcCDzNyNK3mZ8= |
|
.bidder.newspassid.com/ | Name: uids Value: eyJ0ZW1wVUlEcyI6eyJhZHlvdWxpa2UiOnsidWlkIjoiNGYxZWM1NWU1MjVhNTEzN2I5Y2FjNDlhMjdmMDNhN2IiLCJleHBpcmVzIjoiMjAyNC0wMy0yMVQxNDozMDoyNC4xODQ3NTMzMDVaIn0sIm1lZGlhbmV0Ijp7InVpZCI6IjAwMDBFRUEiLCJleHBpcmVzIjoiMjAyNC0wMy0yMVQxNDozMDoyMy43Njc0MjMxMDZaIn19LCJiZGF5IjoiMjAyNC0wMy0wN1QxNDozMDoyMy43Njc0MTkxODZaIn0= |
19 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ap.lijit.com
bidder.newspassid.com
crb.kargo.com
dis.criteo.com
elb.the-ozone-project.com
hbx.media.net
match.adsrvr.org
ssc-cms.33across.com
ssp-sync.criteo.com
ups.analytics.yahoo.com
visitor.omnitagjs.com
x.bidswitch.net
104.18.43.178
178.250.1.9
185.255.84.153
23.40.177.46
2a02:2638:3::6
3.33.220.150
3.71.149.231
34.194.170.146
35.214.149.91
52.58.27.81
54.76.233.138
67.202.105.23
202b65f7735476b526548db88f43f49a959907ed4078132204f0cb1c4503f9e2
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
45c2505d6f910ecf5c93a9c46a15aab6190ddcde95f9c247df601ecc57c9d438
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855