Submitted URL: https://ads.betweendigital.com/sspmatch-iframe
Effective URL: https://ads.betweendigital.com/sspmatch-iframe?crf=1
Submission: On February 22 via manual from ZA — Scanned from DE

Summary

This website contacted 15 IPs in 7 countries across 20 domains to perform 23 HTTP transactions. The main IP is 188.42.196.115, located in Luxembourg and belongs to SERVERS-COM, US. The main domain is ads.betweendigital.com. The Cisco Umbrella rank of the primary domain is 1519.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on January 13th 2023. Valid for: a year.
This is the only time ads.betweendigital.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 6 188.42.196.115 7979 (SERVERS-COM)
6 6 3.73.214.250 16509 (AMAZON-02)
2 2 185.29.132.241 30419 (MEDIAMATH...)
2 2 18.156.0.31 16509 (AMAZON-02)
2 2 193.232.150.43 48061 (UMA-TECH-AS)
1 116.202.85.93 24940 (HETZNER-AS)
1 151.236.118.146 204720 (CDNETWORKS)
3 3 31.172.81.172 44066 (DE-FIRSTC...)
2 2 89.108.119.28 197695 (AS-REG)
1 2 2a02:6b8::90 208722 (GLOBAL_DC)
1 1 2.19.35.65 16625 (AKAMAI-AS)
2 23.64.52.128 16625 (AKAMAI-AS)
2 69.173.144.139 26667 (RUBICONPR...)
1 69.173.144.165 26667 (RUBICONPR...)
2 2 142.251.208.98 15169 (GOOGLE)
1 4 69.173.144.138 26667 (RUBICONPR...)
2 3 52.46.128.147 16509 (AMAZON-02)
1 3.33.220.150 16509 (AMAZON-02)
2 2 52.202.50.5 14618 (AMAZON-AES)
1 1 154.59.122.79 174 (COGENT-174)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 162.19.138.117 16276 (OVH)
1 2 2001:6d0:4001... 52016 (TNSMSK-)
1 198.148.27.139 19189 (PULSEPOINT)
1 51.89.9.254 16276 (OVH)
23 15
Apex Domain
Subdomains
Transfer
10 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 848
eus.rubiconproject.com — Cisco Umbrella Rank: 528
token.rubiconproject.com — Cisco Umbrella Rank: 542
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2123
pixel.rubiconproject.com — Cisco Umbrella Rank: 316
13 KB
7 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1519
cache.betweendigital.com — Cisco Umbrella Rank: 18363
5 KB
6 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 284
2 KB
3 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 274
2 KB
3 bumlam.com
sync.bumlam.com — Cisco Umbrella Rank: 3336
2 KB
2 tns-counter.ru
www.tns-counter.ru — Cisco Umbrella Rank: 11303
707 B
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 734
s.tribalfusion.com — Cisco Umbrella Rank: 1800
1000 B
2 eqads.com
um2.eqads.com — Cisco Umbrella Rank: 2683
446 B
2 doubleclick.net
cm.g.doubleclick.net — Cisco Umbrella Rank: 205
902 B
2 yandex.ru
an.yandex.ru — Cisco Umbrella Rank: 3718
670 B
2 aidata.io
x01.aidata.io — Cisco Umbrella Rank: 17506
1 KB
2 adhigh.net
px.adhigh.net — Cisco Umbrella Rank: 17871
826 B
2 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 273
585 B
2 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 460
1 KB
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 712
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 543
568 B
1 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 396
1 KB
1 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 1196
641 B
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 295
265 B
1 otm-r.com
sync.dmp.otm-r.com — Cisco Umbrella Rank: 19127
70 B
23 20
Domain Requested by
6 x.bidswitch.net 6 redirects
6 ads.betweendigital.com 1 redirects ads.betweendigital.com
4 pixel.rubiconproject.com 1 redirects eus.rubiconproject.com
3 s.amazon-adsystem.com 2 redirects eus.rubiconproject.com
3 sync.bumlam.com 3 redirects
2 www.tns-counter.ru 1 redirects
2 um2.eqads.com 2 redirects
2 cm.g.doubleclick.net 2 redirects
2 token.rubiconproject.com eus.rubiconproject.com
2 eus.rubiconproject.com cache.betweendigital.com
eus.rubiconproject.com
2 an.yandex.ru 1 redirects
2 x01.aidata.io 2 redirects
2 px.adhigh.net 2 redirects
2 ups.analytics.yahoo.com 2 redirects
2 sync.mathtag.com 2 redirects
1 onetag-sys.com cache.betweendigital.com
1 bh.contextweb.com
1 id5-sync.com eus.rubiconproject.com
1 s.tribalfusion.com eus.rubiconproject.com
1 a.tribalfusion.com 1 redirects
1 ums.acuityplatform.com 1 redirects
1 match.adsrvr.org eus.rubiconproject.com
1 pixel-eu.rubiconproject.com eus.rubiconproject.com
1 secure-assets.rubiconproject.com 1 redirects
1 cache.betweendigital.com ads.betweendigital.com
1 sync.dmp.otm-r.com ads.betweendigital.com
23 26

This site contains no links.

Subject Issuer Validity Valid
*.ads.betweendigital.com
Sectigo RSA Domain Validation Secure Server CA
2023-01-13 -
2024-02-13
a year crt.sh
*.dmp.otm-r.com
AlphaSSL CA - SHA256 - G2
2022-05-27 -
2023-06-28
a year crt.sh
cache.betweendigital.com
Sectigo RSA Domain Validation Secure Server CA
2023-02-16 -
2024-03-18
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2022-03-17 -
2023-04-04
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2022-03-31 -
2023-05-02
a year crt.sh
*.id5-sync.com
R3
2023-01-25 -
2023-04-25
3 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-12-28 -
2024-01-28
a year crt.sh

This page contains 4 frames:

Primary Page: https://ads.betweendigital.com/sspmatch-iframe?crf=1
Frame ID: B7A2478ADCC0FDD212EC613DEA18BB37
Requests: 5 HTTP requests in this frame

Frame: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=8aff78eb-58fc-5235-a38b-7e72c07ebdf7&CACHEBUSTER=973793
Frame ID: AC534DBA3358D0772E0CB1174000F160
Requests: 5 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Frame ID: 10D2453A361E38C848EDFFA9D0658DCA
Requests: 12 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5d1628750185ace
Frame ID: 06C6D058B843F66941E8685283D93AA5
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://ads.betweendigital.com/sspmatch-iframe HTTP 302
    https://ads.betweendigital.com/sspmatch-iframe?crf=1 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • https?://an\.yandex\.ru/

Page Statistics

23
Requests

48 %
HTTPS

12 %
IPv6

20
Domains

26
Subdomains

15
IPs

7
Countries

20 kB
Transfer

39 kB
Size

32
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://ads.betweendigital.com/sspmatch-iframe HTTP 302
    https://ads.betweendigital.com/sspmatch-iframe?crf=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://x.bidswitch.net/sync?ssp=between HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=between HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dbetween%26bsw_param%3Dc7b337a0-66ff-4890-9f7c-499eb8fddcab&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=7b1e63f5-c386-4f00-ad25-4b4c6da3ff60&expires=30&ssp=between&bsw_param=c7b337a0-66ff-4890-9f7c-499eb8fddcab&gdpr=&gdpr_consent= HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=c7b337a0-66ff-4890-9f7c-499eb8fddcab
Request Chain 1
  • https://ups.analytics.yahoo.com/ups/58665/occ?gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58665/occ?gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=251&external_user_id=eS1qYnY4M054RTJ1RXZ2RHlNcVpYMnliaUdsMi5ab21UYjJpelRoUTgtfkE%3D&gdpr=0
Request Chain 2
  • https://px.adhigh.net/p/cm/btw HTTP 302
  • https://px.adhigh.net/p/cm/btw?bounced=1 HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=37&external_user_id=ugeyWBlcxGfr.AikABlGGeAPCjQ
Request Chain 5
  • https://x.bidswitch.net/sync?ssp=between HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dbetween%26bsw_param%3Dc7b337a0-66ff-4890-9f7c-499eb8fddcab&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=915063f5-c387-4f00-ad6a-3cf8a8f8d170&expires=30&ssp=between&bsw_param=c7b337a0-66ff-4890-9f7c-499eb8fddcab&gdpr=&gdpr_consent= HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=c7b337a0-66ff-4890-9f7c-499eb8fddcab
Request Chain 6
  • https://sync.bumlam.com/?src=aid0 HTTP 302
  • https://sync.bumlam.com/?src=aid0&s_data=CAIQARiGh9efBqIBECaY5-SyghHtocQAJZDIJDc* HTTP 302
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=2698e7e4-b282-11ed-a1c4-002590c82437 HTTP 302
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=2698e7e4-b282-11ed-a1c4-002590c82437&bounce=1 HTTP 302
  • https://sync.bumlam.com/?src=aid1&uid=i0zGEzhE9SfPRs%2BrK8FxDA& HTTP 302
  • https://an.yandex.ru/mapuid/adsniperis/2698e7e4-b282-11ed-a1c4-002590c82437 HTTP 302
  • https://an.yandex.ru/mapuid/adsniperis/2698e7e4-b282-11ed-a1c4-002590c82437?redir-setuniq=1
Request Chain 7
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Request Chain 11
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm=&google_sc=&google_tc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEF-9ksVTIQfDE7AVf5ePeJ8&google_cver=1
Request Chain 12
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=oGTwr2YzR1iVK-gmGefmtA&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=oGTwr2YzR1iVK-gmGefmtA
Request Chain 15
  • https://um2.eqads.com/um/rc HTTP 302
  • https://um2.eqads.com/um/rc&eq_cc=1 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=11598&nid=2494&put=d9a593bc-8a15-46d1-8bb8-d4bb5e702b71&expires=30
Request Chain 16
  • https://ums.acuityplatform.com/tum?umid=2 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=5672&nid=2082&put=746550452204&expires=30
Request Chain 17
  • https://a.tribalfusion.com/i.match?p=b10&u={rubicon_user_token}&redirect=https%3A//pixel.rubiconproject.com/tap.php%3Fv%3D111756%26nid%3D3856%26put%3D%24TF_USER_ID_ENC%24%26expires%3D180 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b10&u={rubicon_user_token}&redirect=https%3A//pixel.rubiconproject.com/tap.php%3Fv%3D111756%26nid%3D3856%26put%3D%24TF_USER_ID_ENC%24%26expires%3D180
Request Chain 19
  • https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/973793 HTTP 302
  • https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/973793
Request Chain 20
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=8aff78eb-58fc-5235-a38b-7e72c07ebdf7&expires=60 HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=556010&ev=c7b337a0-66ff-4890-9f7c-499eb8fddcab

23 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request sspmatch-iframe
ads.betweendigital.com/
Redirect Chain
  • https://ads.betweendigital.com/sspmatch-iframe
  • https://ads.betweendigital.com/sspmatch-iframe?crf=1
604 B
696 B
Document
General
Full URL
https://ads.betweendigital.com/sspmatch-iframe?crf=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2de9f4ce13676bd16c5b6dc3ed3405253f662e9bc4a805c9f6457f8a30d3b5ce

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
604
content-type
text/html

Redirect headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
location
/sspmatch-iframe?crf=1
match
ads.betweendigital.com/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=between
  • https://x.bidswitch.net/ul_cb/sync?ssp=between
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dbetween%26bsw_param%3Dc7b337a0-66ff-4890-9f7c-499eb8fddca...
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=7b1e63f5-c386-4f00-ad25-4b4c6da3ff60&expires=30&ssp=between&bsw_param=c7b337a0-66ff-4890-9f7c-499eb8fddcab&gdpr=&gdpr_consent=
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=c7b337a0-66ff-4890-9f7c-499eb8fddcab
68 B
607 B
Image
General
Full URL
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=c7b337a0-66ff-4890-9f7c-499eb8fddcab
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe?crf=1
Protocol
H2
Server
188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

location
//ads.betweendigital.com/match?bidder_id=22&external_user_id=c7b337a0-66ff-4890-9f7c-499eb8fddcab
date
Wed, 22 Feb 2023 07:25:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
match
ads.betweendigital.com/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58665/occ?gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58665/occ?gdpr=0&gdpr_consent=&verify=true
  • https://ads.betweendigital.com/match?bidder_id=251&external_user_id=eS1qYnY4M054RTJ1RXZ2RHlNcVpYMnliaUdsMi5ab21UYjJpelRoUTgtfkE%3D&gdpr=0
68 B
607 B
Image
General
Full URL
https://ads.betweendigital.com/match?bidder_id=251&external_user_id=eS1qYnY4M054RTJ1RXZ2RHlNcVpYMnliaUdsMi5ab21UYjJpelRoUTgtfkE%3D&gdpr=0
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe?crf=1
Protocol
H2
Server
188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

location
https://ads.betweendigital.com/match?bidder_id=251&external_user_id=eS1qYnY4M054RTJ1RXZ2RHlNcVpYMnliaUdsMi5ab21UYjJpelRoUTgtfkE%3D&gdpr=0
date
Wed, 22 Feb 2023 07:25:57 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
match
ads.betweendigital.com/
Redirect Chain
  • https://px.adhigh.net/p/cm/btw
  • https://px.adhigh.net/p/cm/btw?bounced=1
  • https://ads.betweendigital.com/match?bidder_id=37&external_user_id=ugeyWBlcxGfr.AikABlGGeAPCjQ
68 B
607 B
Image
General
Full URL
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=ugeyWBlcxGfr.AikABlGGeAPCjQ
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe?crf=1
Protocol
H2
Server
188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 22 Feb 2023 07:25:57 GMT
server
nginx
x-backend-id
f24-ru
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
*
location
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=ugeyWBlcxGfr.AikABlGGeAPCjQ
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
btw
sync.dmp.otm-r.com/match/
0
70 B
Image
General
Full URL
https://sync.dmp.otm-r.com/match/btw?id=8aff78eb-58fc-5235-a38b-7e72c07ebdf7
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe?crf=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
116.202.85.93 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.93.85.202.116.clients.your-server.de
Software
nginx/1.17.10 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 22 Feb 2023 07:25:57 GMT
server
nginx/1.17.10
bidder_18.html
cache.betweendigital.com/code/ Frame AC53
4 KB
1 KB
Document
General
Full URL
https://cache.betweendigital.com/code/bidder_18.html?USER_ID=8aff78eb-58fc-5235-a38b-7e72c07ebdf7&CACHEBUSTER=973793
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe?crf=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.236.118.146 Moscow, Russian Federation, ASN204720 (CDNETWORKS, RU),
Reverse DNS
Software
nginx /
Resource Hash
0771c19c407aac665a7b2c8eecf0709b0990dfd62358a4dc9f373fbf56404878

Request headers

Referer
https://ads.betweendigital.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Wed, 22 Feb 2023 07:25:57 GMT
etag
W/"638623e5-e7e"
last-modified
Tue, 29 Nov 2022 15:23:17 GMT
server
nginx
x-cdn-edge-cache
HIT
x-cdn-edge-id
310
x-cdn-request-id
09e00ff51e461d8513c33236a92d2042
match
ads.betweendigital.com/ Frame AC53
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=between
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dbetween%26bsw_param%3Dc7b337a0-66ff-4890-9f7c-499eb8fddca...
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=915063f5-c387-4f00-ad6a-3cf8a8f8d170&expires=30&ssp=between&bsw_param=c7b337a0-66ff-4890-9f7c-499eb8fddcab&gdpr=&gdpr_consent=
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=c7b337a0-66ff-4890-9f7c-499eb8fddcab
68 B
607 B
Image
General
Full URL
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=c7b337a0-66ff-4890-9f7c-499eb8fddcab
Protocol
H2
Server
188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

location
//ads.betweendigital.com/match?bidder_id=22&external_user_id=c7b337a0-66ff-4890-9f7c-499eb8fddcab
date
Wed, 22 Feb 2023 07:25:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
2698e7e4-b282-11ed-a1c4-002590c82437
an.yandex.ru/mapuid/adsniperis/ Frame AC53
Redirect Chain
  • https://sync.bumlam.com/?src=aid0
  • https://sync.bumlam.com/?src=aid0&s_data=CAIQARiGh9efBqIBECaY5-SyghHtocQAJZDIJDc*
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=2698e7e4-b282-11ed-a1c4-002590c82437
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=2698e7e4-b282-11ed-a1c4-002590c82437&bounce=1
  • https://sync.bumlam.com/?src=aid1&uid=i0zGEzhE9SfPRs%2BrK8FxDA&
  • https://an.yandex.ru/mapuid/adsniperis/2698e7e4-b282-11ed-a1c4-002590c82437
  • https://an.yandex.ru/mapuid/adsniperis/2698e7e4-b282-11ed-a1c4-002590c82437?redir-setuniq=1
43 B
108 B
Image
General
Full URL
https://an.yandex.ru/mapuid/adsniperis/2698e7e4-b282-11ed-a1c4-002590c82437?redir-setuniq=1
Protocol
H2
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 07:25:58 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Wed, 22 Feb 2023 07:25:58 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Wed, 22 Feb 2023 07:25:58 GMT

Redirect headers

pragma
no-cache
date
Wed, 22 Feb 2023 07:25:58 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Wed, 22 Feb 2023 07:25:58 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
location
https://an.yandex.ru/mapuid/adsniperis/2698e7e4-b282-11ed-a1c4-002590c82437?redir-setuniq=1
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Wed, 22 Feb 2023 07:25:58 GMT
usync.html
eus.rubiconproject.com/ Frame 10D2
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Requested by
Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=8aff78eb-58fc-5235-a38b-7e72c07ebdf7&CACHEBUSTER=973793
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-52-128.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cache.betweendigital.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 22 Feb 2023 07:25:58 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 22 Feb 2023 07:25:58 GMT
location
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
server
AkamaiGHost
usync.js
eus.rubiconproject.com/ Frame 10D2
33 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.64.52.128 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-52-128.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
4f5d4436c209b4d9c4a3bec05f53c7bfdfff135f076026a5c117512bc8ae5940

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Wed, 22 Feb 2023 07:25:58 GMT
Content-Encoding
gzip
Last-Modified
Tue, 21 Feb 2023 16:52:51 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=33941
Connection
keep-alive
Content-Length
10007
Expires
Wed, 22 Feb 2023 16:51:39 GMT
khaos.jpg
token.rubiconproject.com/ Frame 10D2
284 B
536 B
Image
General
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
f5982f4f9cc79eb2b489dda8b92e3144
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 10D2
0
239 B
Image
General
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=btwnex
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 10D2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm=&google_sc=&google_tc=
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEF-9ksVTIQfDE7AVf5ePeJ8&google_cver=1
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEF-9ksVTIQfDE7AVf5ePeJ8&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Wed, 22 Feb 2023 07:25:59 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEF-9ksVTIQfDE7AVf5ePeJ8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 10D2
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=oGTwr2YzR1iVK-gmGefmtA&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=oGTwr2YzR1iVK-gmGefmtA
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=oGTwr2YzR1iVK-gmGefmtA
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 22 Feb 2023 07:25:59 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
FVZEPGAT0XFM8DC2A1FE
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=oGTwr2YzR1iVK-gmGefmtA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame 10D2
70 B
265 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 22 Feb 2023 07:25:59 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
token
token.rubiconproject.com/ Frame 10D2
0
214 B
Image
General
Full URL
https://token.rubiconproject.com/token?pid=25470
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
f5982f4f9cc79eb2b489dda8b92e3144
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 10D2
Redirect Chain
  • https://um2.eqads.com/um/rc
  • https://um2.eqads.com/um/rc&eq_cc=1
  • https://pixel.rubiconproject.com/tap.php?v=11598&nid=2494&put=d9a593bc-8a15-46d1-8bb8-d4bb5e702b71&expires=30
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=11598&nid=2494&put=d9a593bc-8a15-46d1-8bb8-d4bb5e702b71&expires=30
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Wed, 22 Feb 2023 07:25:59 GMT
last-modified
Wed, 22 Feb 2023 07:25:59 GMT
content-type
text/html; charset=utf-8
location
https://pixel.rubiconproject.com/tap.php?v=11598&nid=2494&put=d9a593bc-8a15-46d1-8bb8-d4bb5e702b71&expires=30
cache-control
no-cache, must-revalidate
content-length
144
expires
Sat, 6 May 1995 12:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 10D2
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=2
  • https://pixel.rubiconproject.com/tap.php?v=5672&nid=2082&put=746550452204&expires=30
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=5672&nid=2082&put=746550452204&expires=30
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

access-control-allow-origin
*
location
https://pixel.rubiconproject.com/tap.php?v=5672&nid=2082&put=746550452204&expires=30
content-length
0
i.match
s.tribalfusion.com/z/ Frame 10D2
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b10&u={rubicon_user_token}&redirect=https%3A//pixel.rubiconproject.com/tap.php%3Fv%3D111756%26nid%3D3856%26put%3D%24TF_USER_ID_ENC%24%26expires%3D180
  • https://s.tribalfusion.com/z/i.match?p=b10&u={rubicon_user_token}&redirect=https%3A//pixel.rubiconproject.com/tap.php%3Fv%3D111756%26nid%3D3856%26put%3D%24TF_USER_ID_ENC%24%26expires%3D180
43 B
389 B
Image
General
Full URL
https://s.tribalfusion.com/z/i.match?p=b10&u={rubicon_user_token}&redirect=https%3A//pixel.rubiconproject.com/tap.php%3Fv%3D111756%26nid%3D3856%26put%3D%24TF_USER_ID_ENC%24%26expires%3D180
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol
H2
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 07:25:59 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
79d5fdac8f8839f1-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 22 Feb 2023 07:25:59 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
439
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b10&u={rubicon_user_token}&redirect=https%3A//pixel.rubiconproject.com/tap.php%3Fv%3D111756%26nid%3D3856%26put%3D%24TF_USER_ID_ENC%24%26expires%3D180
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
79d5fdab7e0439f1-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
9.gif
id5-sync.com/i/175/ Frame 10D2
43 B
1 KB
Image
General
Full URL
https://id5-sync.com/i/175/9.gif
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Wed, 22 Feb 2023 07:25:58 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"
973793
www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/ Frame AC53
Redirect Chain
  • https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/973793
  • https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/973793
43 B
297 B
Image
General
Full URL
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/973793
Protocol
H2
Server
2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU),
Reverse DNS
Software
ms-counter-3.5.5/1.20.2 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Feb 2023 07:26:00 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
ms-counter-3.5.5/1.20.2
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin
*
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

pragma
no-cache
date
Wed, 22 Feb 2023 07:26:00 GMT
strict-transport-security
max-age=2678400
server
ms-counter-3.5.5/1.20.2
content-type
image/gif
location
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/973793
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin
*
content-length
0
expires
Thu, 01 Jan 1970 00:00:01 GMT
rtset
bh.contextweb.com/bh/ Frame AC53
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=8aff78eb-58fc-5235-a38b-7e72c07ebdf7&expires=60
  • https://bh.contextweb.com/bh/rtset?do=add&pid=556010&ev=c7b337a0-66ff-4890-9f7c-499eb8fddcab
49 B
568 B
Image
General
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=556010&ev=c7b337a0-66ff-4890-9f7c-499eb8fddcab
Protocol
H2
Server
198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.50.v20221201) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(9.4.50.v20221201)
content-language
de-DE
content-type
image/gif;charset=iso-8859-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-69b5865499-4wlvf
expires
-1

Redirect headers

location
//bh.contextweb.com/bh/rtset?do=add&pid=556010&ev=c7b337a0-66ff-4890-9f7c-499eb8fddcab
date
Wed, 22 Feb 2023 07:26:00 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
/
onetag-sys.com/usync/ Frame 06C6
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=5d1628750185ace
Requested by
Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=8aff78eb-58fc-5235-a38b-7e72c07ebdf7&CACHEBUSTER=973793
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://cache.betweendigital.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| oncontentvisibilityautostatechange

32 Cookies

Domain/Path Name / Value
.betweendigital.com/ Name: dc
Value: lux1
.betweendigital.com/ Name: tuuid
Value: 8aff78eb-58fc-5235-a38b-7e72c07ebdf7
.betweendigital.com/ Name: ss
Value: 1
.yahoo.com/ Name: A3
Value: d=AQABBIXD9WMCEAeWfO3hEvlm2gRPgKcyhiYFEgEBAQEV92P_YwAAAAAA_eMAAA&S=AQAAAk_Erg2Fa7GJ9X-lUiew8BQ
.analytics.yahoo.com/ Name: IDSYNC
Value: 199l~2a4v
.adhigh.net/ Name: gi_u
Value: ugeyWBlcxGfr.AikABlGGeAPCjQ
.bidswitch.net/ Name: tuuid
Value: c7b337a0-66ff-4890-9f7c-499eb8fddcab
.bidswitch.net/ Name: c
Value: 1677050757
.bidswitch.net/ Name: tuuid_lu
Value: 1677050757
.adhigh.net/ Name: btw_sync
Value: LKO6
.mathtag.com/ Name: uuid
Value: 915063f5-c387-4f00-ad6a-3cf8a8f8d170
.betweendigital.com/ Name: ut
Value: Y_XDhgABRDjqDLpMve__RSvMnMuyt_lsIDkBRw==
.bumlam.com/ Name: suuid3
Value: IiQyNjk4ZTdlNC1iMjgyLTExZWQtYTFjNC0wMDI1OTBjODI0Mzc*
.aidata.io/ Name: __upin
Value: i0zGEzhE9SfPRs+rK8FxDA
.aidata.io/ Name: __upints
Value: 1677050758
.yandex.ru/ Name: yuidss
Value: 9736185331677050758
.yandex.ru/ Name: yandexuid
Value: 9736185331677050758
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: callback
Value:
.acuityplatform.com/ Name: auid
Value: 746550452204
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqAMvqNdXNlck1hdGNoaW5nSWTEkWxhc3REcm9wVGltZU1pbGxpcyUBQx4APDqimGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUMeADw6oo90aGlyZFBhcnR5VXNlcklkIfv7hnZlcnNpb27C+w=="
.doubleclick.net/ Name: IDE
Value: AHWqTUlGNgAQXNbwb5JTU1Sd0FfT_anOD81af-MlW3TvNZvTMWMKaxew7U4wGpJd4d0
.tribalfusion.com/ Name: ANON_ID
Value: aonr6iq0I1f9yNy6Qw621Cr03wIW6FrfKXmqsWjUGBXt7aJNZd0imhnKdJ44gZcU11Jc20vgyD
.eqads.com/ Name: EQUser
Value: UID=d9a593bc-8a15-46d1-8bb8-d4bb5e702b71
.amazon-adsystem.com/ Name: ad-id
Value: A2ME72WVGUYsgJYv6jSsX-4
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.tns-counter.ru/ Name: guid
Value: FB51680863F5C388X1677050760
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 83e59822c6bd9550

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ads.betweendigital.com
an.yandex.ru
bh.contextweb.com
cache.betweendigital.com
cm.g.doubleclick.net
eus.rubiconproject.com
id5-sync.com
match.adsrvr.org
onetag-sys.com
pixel-eu.rubiconproject.com
pixel.rubiconproject.com
px.adhigh.net
s.amazon-adsystem.com
s.tribalfusion.com
secure-assets.rubiconproject.com
sync.bumlam.com
sync.dmp.otm-r.com
sync.mathtag.com
token.rubiconproject.com
um2.eqads.com
ums.acuityplatform.com
ups.analytics.yahoo.com
www.tns-counter.ru
x.bidswitch.net
x01.aidata.io
116.202.85.93
142.251.208.98
151.236.118.146
154.59.122.79
162.19.138.117
18.156.0.31
185.29.132.241
188.42.196.115
193.232.150.43
198.148.27.139
2.19.35.65
2001:6d0:4001::226
23.64.52.128
2606:4700::6812:18ad
2a02:6b8::90
3.33.220.150
3.73.214.250
31.172.81.172
51.89.9.254
52.202.50.5
52.46.128.147
69.173.144.138
69.173.144.139
69.173.144.165
89.108.119.28
0771c19c407aac665a7b2c8eecf0709b0990dfd62358a4dc9f373fbf56404878
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2de9f4ce13676bd16c5b6dc3ed3405253f662e9bc4a805c9f6457f8a30d3b5ce
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4f5d4436c209b4d9c4a3bec05f53c7bfdfff135f076026a5c117512bc8ae5940
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e