Submitted URL: https://ads.betweendigital.com/sspmatch-iframe
Effective URL: https://ads.betweendigital.com/sspmatch-iframe?crf=1
Submission: On May 23 via manual from US — Scanned from DE

Summary

This website contacted 15 IPs in 7 countries across 19 domains to perform 23 HTTP transactions. The main IP is 188.42.196.115, located in Luxembourg and belongs to SERVERS-COM, US. The main domain is ads.betweendigital.com. The Cisco Umbrella rank of the primary domain is 1572.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on January 13th 2023. Valid for: a year.
This is the only time ads.betweendigital.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 6 188.42.196.115 7979 (SERVERS-COM)
6 6 54.93.152.195 16509 (AMAZON-02)
2 2 35.210.53.219 15169 (GOOGLE)
2 2 193.232.150.68 48061 (UMA-TECH-AS)
2 2 3.71.149.231 16509 (AMAZON-02)
1 194.55.244.181 34959 (PROCLOUD ...)
1 151.236.118.146 204720 (CDNETWORKS)
2 2 52.48.238.17 16509 (AMAZON-02)
3 3 31.172.81.172 44066 (DE-FIRSTC...)
2 2 89.108.120.76 197695 (AS-REG)
1 2 2a02:6b8::90 208722 (GLOBAL_DC)
1 1 23.201.255.110 16625 (AKAMAI-AS)
2 23.37.42.132 16625 (AKAMAI-AS)
1 4 69.173.144.165 26667 (RUBICONPR...)
2 4 69.173.144.139 26667 (RUBICONPR...)
1 2 2001:6d0:4001... 52016 (ADFACT)
2 3 52.94.223.167 16509 (AMAZON-02)
2 3 52.46.128.147 16509 (AMAZON-02)
1 2 34.111.113.62 396982 (GOOGLE-CL...)
1 35.244.174.68 15169 (GOOGLE)
1 1 95.101.148.198 16625 (AKAMAI-AS)
1 169.197.150.7 398989 (DEEPINTENT)
1 2 35.210.138.51 19527 (GOOGLE-2)
1 51.89.9.251 16276 (OVH)
23 15
Apex Domain
Subdomains
Transfer
11 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 953
eus.rubiconproject.com — Cisco Umbrella Rank: 566
token.rubiconproject.com — Cisco Umbrella Rank: 573
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2060
pixel.rubiconproject.com — Cisco Umbrella Rank: 315
13 KB
7 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1572
cache.betweendigital.com — Cisco Umbrella Rank: 23942
5 KB
6 amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 950
s.amazon-adsystem.com — Cisco Umbrella Rank: 273
4 KB
6 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 290
2 KB
3 bumlam.com
sync.bumlam.com — Cisco Umbrella Rank: 3772
2 KB
2 visx.net
t.visx.net — Cisco Umbrella Rank: 7133
1 KB
2 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 447
782 B
2 tns-counter.ru
www.tns-counter.ru — Cisco Umbrella Rank: 13059
706 B
2 yandex.ru
an.yandex.ru — Cisco Umbrella Rank: 3501
669 B
2 aidata.io
x01.aidata.io — Cisco Umbrella Rank: 17662
1 KB
2 avct.cloud
ads.avct.cloud — Cisco Umbrella Rank: 3720
1 KB
2 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 272
586 B
2 adhigh.net
px.adhigh.net — Cisco Umbrella Rank: 19115
826 B
2 admedo.com
pool.admedo.com — Cisco Umbrella Rank: 4604
749 B
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 729
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 943
44 B
1 mathtag.com
pixel.mathtag.com — Cisco Umbrella Rank: 978
635 B
1 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 629
98 B
1 otm-r.com
sync.dmp.otm-r.com — Cisco Umbrella Rank: 21479
69 B
23 19
Domain Requested by
6 x.bidswitch.net 6 redirects
6 ads.betweendigital.com 1 redirects ads.betweendigital.com
4 token.rubiconproject.com 1 redirects eus.rubiconproject.com
3 s.amazon-adsystem.com 2 redirects
3 pixel.rubiconproject.com 2 redirects
3 aax-eu.amazon-adsystem.com 2 redirects
3 sync.bumlam.com 3 redirects
2 t.visx.net 1 redirects
2 pixel.tapad.com 1 redirects
2 www.tns-counter.ru 1 redirects
2 eus.rubiconproject.com cache.betweendigital.com
eus.rubiconproject.com
2 an.yandex.ru 1 redirects
2 x01.aidata.io 2 redirects
2 ads.avct.cloud 2 redirects
2 ups.analytics.yahoo.com 2 redirects
2 px.adhigh.net 2 redirects
2 pool.admedo.com 2 redirects
1 onetag-sys.com cache.betweendigital.com
1 match.deepintent.com
1 pixel.mathtag.com 1 redirects
1 id.rlcdn.com
1 pixel-eu.rubiconproject.com eus.rubiconproject.com
1 secure-assets.rubiconproject.com 1 redirects
1 cache.betweendigital.com ads.betweendigital.com
1 sync.dmp.otm-r.com ads.betweendigital.com
23 25

This site contains no links.

Subject Issuer Validity Valid
*.ads.betweendigital.com
Sectigo RSA Domain Validation Secure Server CA
2023-01-13 -
2024-02-13
a year crt.sh
*.dmp.otm-r.com
AlphaSSL CA - SHA256 - G2
2022-05-27 -
2023-06-28
a year crt.sh
cache.betweendigital.com
Sectigo RSA Domain Validation Secure Server CA
2023-02-16 -
2024-03-18
a year crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2023-03-07 -
2024-04-03
a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA
2023-02-02 -
2024-03-03
a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2
2022-11-30 -
2024-01-01
a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-12-28 -
2024-01-28
a year crt.sh

This page contains 4 frames:

Primary Page: https://ads.betweendigital.com/sspmatch-iframe?crf=1
Frame ID: 816CE5A3F4511831F76B56A82DC83ED3
Requests: 5 HTTP requests in this frame

Frame: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=e5a8dfbe-6526-528f-89fd-073eed91decc&CACHEBUSTER=245937
Frame ID: 7FFA27D53339D4F786B9D32CFAA08756
Requests: 5 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Frame ID: BA9F172C1584320CCD3938700824AF7B
Requests: 12 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5d1628750185ace
Frame ID: 525D48912EFDD44FBFB2C53D31550E1E
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://ads.betweendigital.com/sspmatch-iframe HTTP 302
    https://ads.betweendigital.com/sspmatch-iframe?crf=1 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • https?://an\.yandex\.ru/

Page Statistics

23
Requests

52 %
HTTPS

8 %
IPv6

19
Domains

25
Subdomains

15
IPs

7
Countries

19 kB
Transfer

39 kB
Size

30
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://ads.betweendigital.com/sspmatch-iframe HTTP 302
    https://ads.betweendigital.com/sspmatch-iframe?crf=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://x.bidswitch.net/sync?ssp=between HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=between HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=1b2fbc46-0f14-4741-b1da-6c43947210e9 HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=1b2fbc46-0f14-4741-b1da-6c43947210e9 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=edf888bd-2b5d-4d84-9093-41838c7e58d7&user_group=1&ssp=between&bsw_param=1b2fbc46-0f14-4741-b1da-6c43947210e9 HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=1b2fbc46-0f14-4741-b1da-6c43947210e9
Request Chain 1
  • https://px.adhigh.net/p/cm/btw HTTP 302
  • https://px.adhigh.net/p/cm/btw?bounced=1 HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=37&external_user_id=uL6zwChWCozC.AikABlGISTNaKQ
Request Chain 2
  • https://ups.analytics.yahoo.com/ups/58665/occ?gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58665/occ?gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=251&external_user_id=eS1xaTd5TC5sRTJ1SHpmWlpYUWtDdEVQM0ZGV3g0cWVTR2RTTVFkaHMtfkE%3D&gdpr=0
Request Chain 5
  • https://x.bidswitch.net/sync?ssp=between HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dbetween HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dbetween HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=40574598-e325-4f38-a486-7ab44e0c36fd&ssp=between HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=1b2fbc46-0f14-4741-b1da-6c43947210e9
Request Chain 6
  • https://sync.bumlam.com/?src=aid0 HTTP 302
  • https://sync.bumlam.com/?src=aid0&s_data=CAIQARjys7OjBqIBEHnDK8z5fRHthuAAJZDAZHw* HTTP 302
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=79c32bcc-f97d-11ed-86e0-002590c0647c HTTP 302
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=79c32bcc-f97d-11ed-86e0-002590c0647c&bounce=1 HTTP 302
  • https://sync.bumlam.com/?src=aid1&uid=r5o9oxtPIiNKO4%2BO4DJWtg& HTTP 302
  • https://an.yandex.ru/mapuid/adsniperis/79c32bcc-f97d-11ed-86e0-002590c0647c HTTP 302
  • https://an.yandex.ru/mapuid/adsniperis/79c32bcc-f97d-11ed-86e0-002590c0647c?redir-setuniq=1
Request Chain 7
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Request Chain 11
  • https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/245937 HTTP 302
  • https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/245937
Request Chain 12
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=x8_adkEVSLOOinZI22enyQ&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=x8_adkEVSLOOinZI22enyQ
Request Chain 13
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=b1BN1b5tR6Cmkjblv3Ofbw&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=b1BN1b5tR6Cmkjblv3Ofbw
Request Chain 16
  • https://token.rubiconproject.com/token?pid=37556&a=1 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=
Request Chain 18
  • https://pixel.mathtag.com/sync/img?redir=https%3A%2F%2Ftoken.rubiconproject.com%2Ftoken%3Fpid%3D35912%26puid%3D%5BMM_UUID%5D HTTP 302
  • https://token.rubiconproject.com/token?pid=35912&puid=d81d646c-d9f3-4600-940c-5687d898983d
Request Chain 20
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=e5a8dfbe-6526-528f-89fd-073eed91decc&expires=60 HTTP 302
  • https://t.visx.net/sync?tp_id=1&tp_uid=1b2fbc46-0f14-4741-b1da-6c43947210e9&gdpr_applies=&gdpr_consent=&ssp_custom_data=&gdpr_pd= HTTP 302
  • https://t.visx.net/ul_cb/sync?tp_id=1&tp_uid=1b2fbc46-0f14-4741-b1da-6c43947210e9&gdpr_applies=&gdpr_consent=&ssp_custom_data=&gdpr_pd=

23 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request sspmatch-iframe
ads.betweendigital.com/
Redirect Chain
  • https://ads.betweendigital.com/sspmatch-iframe
  • https://ads.betweendigital.com/sspmatch-iframe?crf=1
604 B
687 B
Document
General
Full URL
https://ads.betweendigital.com/sspmatch-iframe?crf=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
83bd7316aa8649795a2ee0fb75c96ec7fcbade24465607a28a814f28a8fa4c28

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
604
content-type
text/html

Redirect headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
location
/sspmatch-iframe?crf=1
match
ads.betweendigital.com/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=between
  • https://x.bidswitch.net/ul_cb/sync?ssp=between
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=1b2fbc46-0f14-4741-b1da-6c43947210e9
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=1b2fbc46-0f14-4741-b1da-6c43947210e9
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=edf888bd-2b5d-4d84-9093-41838c7e58d7&user_group=1&ssp=between&bsw_param=1b2fbc46-0f14-4741-b1da-6c43947210e9
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=1b2fbc46-0f14-4741-b1da-6c43947210e9
68 B
598 B
Image
General
Full URL
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=1b2fbc46-0f14-4741-b1da-6c43947210e9
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe?crf=1
Protocol
H2
Server
188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

location
//ads.betweendigital.com/match?bidder_id=22&external_user_id=1b2fbc46-0f14-4741-b1da-6c43947210e9
date
Tue, 23 May 2023 15:21:22 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
match
ads.betweendigital.com/
Redirect Chain
  • https://px.adhigh.net/p/cm/btw
  • https://px.adhigh.net/p/cm/btw?bounced=1
  • https://ads.betweendigital.com/match?bidder_id=37&external_user_id=uL6zwChWCozC.AikABlGISTNaKQ
68 B
598 B
Image
General
Full URL
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=uL6zwChWCozC.AikABlGISTNaKQ
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe?crf=1
Protocol
H2
Server
188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Tue, 23 May 2023 15:21:22 GMT
server
nginx
x-backend-id
f12-ru
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
*
location
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=uL6zwChWCozC.AikABlGISTNaKQ
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
match
ads.betweendigital.com/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58665/occ?gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58665/occ?gdpr=0&gdpr_consent=&verify=true
  • https://ads.betweendigital.com/match?bidder_id=251&external_user_id=eS1xaTd5TC5sRTJ1SHpmWlpYUWtDdEVQM0ZGV3g0cWVTR2RTTVFkaHMtfkE%3D&gdpr=0
68 B
598 B
Image
General
Full URL
https://ads.betweendigital.com/match?bidder_id=251&external_user_id=eS1xaTd5TC5sRTJ1SHpmWlpYUWtDdEVQM0ZGV3g0cWVTR2RTTVFkaHMtfkE%3D&gdpr=0
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe?crf=1
Protocol
H2
Server
188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

location
https://ads.betweendigital.com/match?bidder_id=251&external_user_id=eS1xaTd5TC5sRTJ1SHpmWlpYUWtDdEVQM0ZGV3g0cWVTR2RTTVFkaHMtfkE%3D&gdpr=0
date
Tue, 23 May 2023 15:21:22 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
btw
sync.dmp.otm-r.com/match/
0
69 B
Image
General
Full URL
https://sync.dmp.otm-r.com/match/btw?id=e5a8dfbe-6526-528f-89fd-073eed91decc
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe?crf=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.55.244.181 , Russian Federation, ASN34959 (PROCLOUD PROCLOUD MSK, RU),
Reverse DNS
Software
nginx/1.23.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 23 May 2023 15:21:22 GMT
server
nginx/1.23.2
bidder_18.html
cache.betweendigital.com/code/ Frame 7FFA
4 KB
1 KB
Document
General
Full URL
https://cache.betweendigital.com/code/bidder_18.html?USER_ID=e5a8dfbe-6526-528f-89fd-073eed91decc&CACHEBUSTER=245937
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe?crf=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.236.118.146 Moscow, Russian Federation, ASN204720 (CDNETWORKS, RU),
Reverse DNS
Software
nginx /
Resource Hash
0771c19c407aac665a7b2c8eecf0709b0990dfd62358a4dc9f373fbf56404878

Request headers

Referer
https://ads.betweendigital.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Tue, 23 May 2023 15:21:22 GMT
etag
W/"638623e5-e7e"
last-modified
Tue, 29 Nov 2022 15:23:17 GMT
server
nginx
x-cdn-edge-cache
HIT
x-cdn-edge-id
310
x-cdn-request-id
d3c42ba5b965a08454872a2ad3285873
match
ads.betweendigital.com/ Frame 7FFA
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=between
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dbetween
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dbetween
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=40574598-e325-4f38-a486-7ab44e0c36fd&ssp=between
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=1b2fbc46-0f14-4741-b1da-6c43947210e9
68 B
598 B
Image
General
Full URL
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=1b2fbc46-0f14-4741-b1da-6c43947210e9
Protocol
H2
Server
188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

location
//ads.betweendigital.com/match?bidder_id=22&external_user_id=1b2fbc46-0f14-4741-b1da-6c43947210e9
date
Tue, 23 May 2023 15:21:22 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
79c32bcc-f97d-11ed-86e0-002590c0647c
an.yandex.ru/mapuid/adsniperis/ Frame 7FFA
Redirect Chain
  • https://sync.bumlam.com/?src=aid0
  • https://sync.bumlam.com/?src=aid0&s_data=CAIQARjys7OjBqIBEHnDK8z5fRHthuAAJZDAZHw*
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=79c32bcc-f97d-11ed-86e0-002590c0647c
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=79c32bcc-f97d-11ed-86e0-002590c0647c&bounce=1
  • https://sync.bumlam.com/?src=aid1&uid=r5o9oxtPIiNKO4%2BO4DJWtg&
  • https://an.yandex.ru/mapuid/adsniperis/79c32bcc-f97d-11ed-86e0-002590c0647c
  • https://an.yandex.ru/mapuid/adsniperis/79c32bcc-f97d-11ed-86e0-002590c0647c?redir-setuniq=1
43 B
108 B
Image
General
Full URL
https://an.yandex.ru/mapuid/adsniperis/79c32bcc-f97d-11ed-86e0-002590c0647c?redir-setuniq=1
Protocol
H2
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 May 2023 15:21:23 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Tue, 23 May 2023 15:21:23 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Tue, 23 May 2023 15:21:23 GMT

Redirect headers

pragma
no-cache
date
Tue, 23 May 2023 15:21:23 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Tue, 23 May 2023 15:21:23 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
location
https://an.yandex.ru/mapuid/adsniperis/79c32bcc-f97d-11ed-86e0-002590c0647c?redir-setuniq=1
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Tue, 23 May 2023 15:21:23 GMT
usync.html
eus.rubiconproject.com/ Frame BA9F
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Requested by
Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=e5a8dfbe-6526-528f-89fd-073eed91decc&CACHEBUSTER=245937
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cache.betweendigital.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 23 May 2023 15:21:23 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 23 May 2023 15:21:23 GMT
location
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
server
AkamaiGHost
usync.js
eus.rubiconproject.com/ Frame BA9F
34 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
a7019f1fd3a656f5f264b240d972f15817bc5290d8ccecd04f02d44d19d13c36

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Tue, 23 May 2023 15:21:23 GMT
Content-Encoding
gzip
Last-Modified
Mon, 22 May 2023 23:40:20 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=29986
Connection
keep-alive
Content-Length
10084
Expires
Tue, 23 May 2023 23:41:09 GMT
khaos.jpg
token.rubiconproject.com/ Frame BA9F
284 B
536 B
Image
General
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame BA9F
0
239 B
Image
General
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=btwnex
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
e06182bf224d96e6550f4595601cdb0b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
245937
www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/ Frame 7FFA
Redirect Chain
  • https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/245937
  • https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/245937
43 B
296 B
Image
General
Full URL
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/245937
Protocol
H2
Server
2001:6d0:4001::226 , Russian Federation, ASN52016 (ADFACT, RU),
Reverse DNS
Software
ms-counter-4.0.4/1.22.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 May 2023 15:21:23 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
ms-counter-4.0.4/1.22.1
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin
*
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

pragma
no-cache
date
Tue, 23 May 2023 15:21:23 GMT
strict-transport-security
max-age=2678400
server
ms-counter-4.0.4/1.22.1
content-type
image/gif
location
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/245937
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin
*
content-length
0
expires
Thu, 01 Jan 1970 00:00:01 GMT
ecm3
aax-eu.amazon-adsystem.com/s/ Frame BA9F
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=x8_adkEVSLOOinZI22enyQ&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=x8_adkEVSLOOinZI22enyQ
43 B
479 B
Image
General
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=x8_adkEVSLOOinZI22enyQ
Protocol
HTTP/1.1
Server
52.94.223.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 23 May 2023 15:21:23 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
GVWY84DW0HE3W4FG3C5Q
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=x8_adkEVSLOOinZI22enyQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame BA9F
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=b1BN1b5tR6Cmkjblv3Ofbw&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=b1BN1b5tR6Cmkjblv3Ofbw
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=b1BN1b5tR6Cmkjblv3Ofbw
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 23 May 2023 15:21:24 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
E98EB5P2TA8NR8T1WWTZ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=b1BN1b5tR6Cmkjblv3Ofbw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
token
token.rubiconproject.com/ Frame BA9F
0
214 B
Image
General
Full URL
https://token.rubiconproject.com/token?pid=25470
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync.php
pixel.rubiconproject.com/exchange/ Frame BA9F
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=a9us
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
check
pixel.tapad.com/idsync/ex/receive/ Frame BA9F
Redirect Chain
  • https://token.rubiconproject.com/token?pid=37556&a=1
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=
95 B
164 B
Image
General
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=
Protocol
H2
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 15:21:23 GMT
strict-transport-security
max-age=31536000
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
content-type
image/png

Redirect headers

date
Tue, 23 May 2023 15:21:23 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
709414.gif
id.rlcdn.com/ Frame BA9F
0
98 B
Image
General
Full URL
https://id.rlcdn.com/709414.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 15:21:23 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
token
token.rubiconproject.com/ Frame BA9F
Redirect Chain
  • https://pixel.mathtag.com/sync/img?redir=https%3A%2F%2Ftoken.rubiconproject.com%2Ftoken%3Fpid%3D35912%26puid%3D%5BMM_UUID%5D
  • https://token.rubiconproject.com/token?pid=35912&puid=d81d646c-d9f3-4600-940c-5687d898983d
0
214 B
Image
General
Full URL
https://token.rubiconproject.com/token?pid=35912&puid=d81d646c-d9f3-4600-940c-5687d898983d
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Date
Tue, 23 May 2023 15:21:23 GMT
Server
MT3 851 9bd98ae master cdg-pixel-x33 config_version:"unknown"
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Location
https://token.rubiconproject.com/token?pid=35912&puid=d81d646c-d9f3-4600-940c-5687d898983d
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Expires
Tue, 23 May 2023 15:21:22 GMT
143
match.deepintent.com/usersync/ Frame BA9F
0
44 B
Image
General
Full URL
https://match.deepintent.com/usersync/143
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 15:21:23 GMT
content-length
0
server
a
sync
t.visx.net/ul_cb/ Frame 7FFA
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=e5a8dfbe-6526-528f-89fd-073eed91decc&expires=60
  • https://t.visx.net/sync?tp_id=1&tp_uid=1b2fbc46-0f14-4741-b1da-6c43947210e9&gdpr_applies=&gdpr_consent=&ssp_custom_data=&gdpr_pd=
  • https://t.visx.net/ul_cb/sync?tp_id=1&tp_uid=1b2fbc46-0f14-4741-b1da-6c43947210e9&gdpr_applies=&gdpr_consent=&ssp_custom_data=&gdpr_pd=
43 B
642 B
Image
General
Full URL
https://t.visx.net/ul_cb/sync?tp_id=1&tp_uid=1b2fbc46-0f14-4741-b1da-6c43947210e9&gdpr_applies=&gdpr_consent=&ssp_custom_data=&gdpr_pd=
Protocol
HTTP/1.1
Server
35.210.138.51 Brussels, Belgium, ASN19527 (GOOGLE-2, US),
Reverse DNS
51.138.210.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Tue, 23 May 2023 15:21:23 GMT
xff
nil
Server
nginx
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
s2s
nil
ip
185.213.155.186
Content-Length
43

Redirect headers

Date
Tue, 23 May 2023 15:21:23 GMT
xff
nil
Server
nginx
Content-Type
text/plain
Location
https://t.visx.net/ul_cb/sync?tp_id=1&tp_uid=1b2fbc46-0f14-4741-b1da-6c43947210e9&gdpr_applies=&gdpr_consent=&ssp_custom_data=&gdpr_pd=
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
s2s
nil
ip
185.213.155.186
Content-Length
0
/
onetag-sys.com/usync/ Frame 525D
0
0
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=5d1628750185ace
Requested by
Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=e5a8dfbe-6526-528f-89fd-073eed91decc&CACHEBUSTER=245937
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip251.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://cache.betweendigital.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless

30 Cookies

Domain/Path Name / Value
.betweendigital.com/ Name: dc
Value: lux1
.betweendigital.com/ Name: tuuid
Value: e5a8dfbe-6526-528f-89fd-073eed91decc
.betweendigital.com/ Name: ss
Value: 1
.yahoo.com/ Name: A3
Value: d=AQABBPLZbGQCEKzTxJ012aRD5kmO_OxOhC8FEgEBAQErbmR2ZOANyiMA_eMAAA&S=AQAAAmDIisEeTpc6e5h1LpTghIk
.bidswitch.net/ Name: tuuid
Value: 1b2fbc46-0f14-4741-b1da-6c43947210e9
.bidswitch.net/ Name: c
Value: 1684855282
.bidswitch.net/ Name: tuuid_lu
Value: 1684855282
.analytics.yahoo.com/ Name: IDSYNC
Value: 199l~2bt3
.adhigh.net/ Name: gi_u
Value: uL6zwChWCozC.AikABlGISTNaKQ
.adhigh.net/ Name: btw_sync
Value: LKQP
pool.admedo.com/ Name: tuuid
Value: edf888bd-2b5d-4d84-9093-41838c7e58d7
pool.admedo.com/ Name: c
Value: 1684855282
pool.admedo.com/ Name: tuuid_lu
Value: 1684855282
ads.avct.cloud/ Name: uuid
Value: 40574598-e325-4f38-a486-7ab44e0c36fd
.betweendigital.com/ Name: ut
Value: ZGzZ8gAKf4DSf6QL3VNPMxPEfj0FQ1hBfw3lyg==
.bumlam.com/ Name: suuid3
Value: IiQ3OWMzMmJjYy1mOTdkLTExZWQtODZlMC0wMDI1OTBjMDY0N2M*
.aidata.io/ Name: __upin
Value: r5o9oxtPIiNKO4+O4DJWtg
.aidata.io/ Name: __upints
Value: 1684855282
.yandex.ru/ Name: yuidss
Value: 2155423391684855283
.yandex.ru/ Name: yandexuid
Value: 2155423391684855283
.mathtag.com/ Name: uuid
Value: d81d646c-d9f3-4600-940c-5687d898983d
.tapad.com/ Name: TapAd_TS
Value: 1684855283539
.tapad.com/ Name: TapAd_DID
Value: 54b41ec3-b364-4c9c-9885-2cb0eb1276c8
.tns-counter.ru/ Name: guid
Value: 6BFB7A0D646CD9F3X1684855283
t.visx.net/ Name: tuuid
Value: d1d0c3e7-5848-469f-823e-9220c92405a1
t.visx.net/ Name: c
Value: 1684855283
t.visx.net/ Name: tuuid_lu
Value: 1684855283
t.visx.net/ Name: um2
Value: !1,1b2fbc46-0f14-4741-b1da-6c43947210e9,454105283
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.amazon-adsystem.com/ Name: ad-id
Value: AzfwnaixIEA7o_40TutxpmY

1 Console Messages

Source Level URL
Text
network error URL: https://id.rlcdn.com/709414.gif
Message:
Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax-eu.amazon-adsystem.com
ads.avct.cloud
ads.betweendigital.com
an.yandex.ru
cache.betweendigital.com
eus.rubiconproject.com
id.rlcdn.com
match.deepintent.com
onetag-sys.com
pixel-eu.rubiconproject.com
pixel.mathtag.com
pixel.rubiconproject.com
pixel.tapad.com
pool.admedo.com
px.adhigh.net
s.amazon-adsystem.com
secure-assets.rubiconproject.com
sync.bumlam.com
sync.dmp.otm-r.com
t.visx.net
token.rubiconproject.com
ups.analytics.yahoo.com
www.tns-counter.ru
x.bidswitch.net
x01.aidata.io
151.236.118.146
169.197.150.7
188.42.196.115
193.232.150.68
194.55.244.181
2001:6d0:4001::226
23.201.255.110
23.37.42.132
2a02:6b8::90
3.71.149.231
31.172.81.172
34.111.113.62
35.210.138.51
35.210.53.219
35.244.174.68
51.89.9.251
52.46.128.147
52.48.238.17
52.94.223.167
54.93.152.195
69.173.144.139
69.173.144.165
89.108.120.76
95.101.148.198
0771c19c407aac665a7b2c8eecf0709b0990dfd62358a4dc9f373fbf56404878
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
83bd7316aa8649795a2ee0fb75c96ec7fcbade24465607a28a814f28a8fa4c28
a7019f1fd3a656f5f264b240d972f15817bc5290d8ccecd04f02d44d19d13c36
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855