urlscan.io logo urlscan.io
SecurityTrails logo

cache.betweendigital.com Open in urlscan Pro
151.236.71.19  Public Scan

Go To Rescan Add Verdict Report
URL: https://cache.betweendigital.com/code/bidder_18.html
Submission: On May 23 via manual from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 6 countries across 14 domains to perform 12 HTTP transactions. The main IP is 151.236.71.19, located in Moscow, Russian Federation and belongs to CDNETWORKS, RU. The main domain is cache.betweendigital.com. The Cisco Umbrella rank of the primary domain is 21664.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on January 24th 2022. Valid for: a year.
This is the only time cache.betweendigital.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 151.236.71.19 204720 (CDNETWORKS)
3 3 35.156.193.10 16509 (AMAZON-02)
1 34.98.67.61 15169 (GOOGLE)
4 4 31.172.81.172 44066 (DE-FIRSTC...)
2 2 31.172.81.159 44066 (DE-FIRSTC...)
2 2 89.108.120.68 197695 (AS-REG)
2 2 142.250.184.226 15169 (GOOGLE)
1 31.172.81.158 44066 (DE-FIRSTC...)
1 1 23.75.240.210 16625 (AKAMAI-AS)
2 23.205.235.133 16625 (AKAMAI-AS)
1 69.173.144.139 26667 (RUBICONPR...)
1 69.173.144.165 26667 (RUBICONPR...)
1 2 2001:6d0:4001... 52016 (TNSMSK-)
1 2600:9000:225... 16509 (AMAZON-02)
1 51.89.9.253 16276 (OVH)
2 2 188.42.196.115 7979 (SERVERS-COM)
1 2 2a02:6b8::90 208722 (GLOBAL_DC)
1 82.145.213.8 39832 (NO-OPERA)
12 11
1    151.236.71.19 (Moscow, Russian Federation)

ASN204720 (CDNETWORKS, RU)
cache.betweendigital.com
3    35.156.193.10 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-193-10.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com
odr.mookie1.com
4    31.172.81.172 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
sync.bumlam.com
2    31.172.81.159 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
sync3.adsniper.ru
2    89.108.120.68 (Russian Federation)

ASN197695 (AS-REG, RU)
PTR: d51803.reg.regrucolo.ru
x01.aidata.io
2    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
cm.g.doubleclick.net
1    31.172.81.158 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
sync3.sniperlog.ru
1    23.75.240.210 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-75-240-210.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
2    23.205.235.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-235-133.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
2    2001:6d0:4001::226 (Russian Federation)

ASN52016 (TNSMSK-, RU)
www.tns-counter.ru
1    2600:9000:225e:7200:1a:5235:f980:93a1 (United States)

ASN16509 (AMAZON-02, US)
live.primis.tech
1    51.89.9.253 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu
onetag-sys.com
2    188.42.196.115 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
2    2a02:6b8::90 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
an.yandex.ru
1    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
Apex Domain
Subdomains		 Transfer
5 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1146
eus.rubiconproject.com — Cisco Umbrella Rank: 556
token.rubiconproject.com — Cisco Umbrella Rank: 692
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2479
11 KB
4 bumlam.com
sync.bumlam.com — Cisco Umbrella Rank: 3548
2 KB
3 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 287
2 KB
3 betweendigital.com
cache.betweendigital.com — Cisco Umbrella Rank: 21664
ads.betweendigital.com — Cisco Umbrella Rank: 1895
3 KB
2 yandex.ru
an.yandex.ru — Cisco Umbrella Rank: 2598
673 B
2 tns-counter.ru
www.tns-counter.ru — Cisco Umbrella Rank: 11025
718 B
2 doubleclick.net
cm.g.doubleclick.net — Cisco Umbrella Rank: 212
1 KB
2 aidata.io
x01.aidata.io — Cisco Umbrella Rank: 14336
1 KB
2 adsniper.ru
sync3.adsniper.ru — Cisco Umbrella Rank: 13500
1 KB
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 2688
410 B
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 809
814 B
1 primis.tech
live.primis.tech — Cisco Umbrella Rank: 3041
332 B
1 sniperlog.ru
sync3.sniperlog.ru — Cisco Umbrella Rank: 45939
516 B
1 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 947
356 B
12 14
Domain Requested by
4 sync.bumlam.com 4 redirects
3 x.bidswitch.net 3 redirects
2 an.yandex.ru 1 redirects
2 ads.betweendigital.com 2 redirects
2 www.tns-counter.ru 1 redirects
2 eus.rubiconproject.com cache.betweendigital.com
eus.rubiconproject.com
2 cm.g.doubleclick.net 2 redirects
2 x01.aidata.io 2 redirects
2 sync3.adsniper.ru 2 redirects
1 t.adx.opera.com
1 onetag-sys.com cache.betweendigital.com
1 live.primis.tech
1 pixel-eu.rubiconproject.com eus.rubiconproject.com
1 token.rubiconproject.com eus.rubiconproject.com
1 secure-assets.rubiconproject.com 1 redirects
1 sync3.sniperlog.ru
1 odr.mookie1.com
1 cache.betweendigital.com
12 18

This site contains no links.

Subject Issuer Validity Valid
cache.betweendigital.com
Sectigo RSA Domain Validation Secure Server CA		 2022-01-24 -
2023-02-24		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-17 -
2023-04-04		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.adx.opera.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-05-18 -
2023-06-18		 a year crt.sh

This page contains 3 frames:

Primary Page: https://cache.betweendigital.com/code/bidder_18.html
Frame ID: E97248DE847ADCBC77EBBB2E97C8E3FC
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Frame ID: 7FDDB084ACCBFF9DEA8E73B7F20B8795
Requests: 4 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5d1628750185ace
Frame ID: 620C2662C708C64558F378B65465CCE6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • https?://an\.yandex\.ru/

Page Statistics

12
Requests

58 %
HTTPS

17 %
IPv6

14
Domains

18
Subdomains

11
IPs

6
Countries

15 kB
Transfer

38 kB
Size

17
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://x.bidswitch.net/sync?ssp=between HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=between HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=53a9bfff-88c2-4475-80d8-1b6e41aa8086&ssp=between&gdpr=&gdpr_consent=
Request Chain 1
  • https://sync.bumlam.com/?src=aid0 HTTP 302
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABjpl6yUBlIFl4XSlAY* HTTP 302
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARjpl6yUBlIFl4XSlAaiARDka4Zm2k8R7IbgACWQwGR8 HTTP 302
  • https://sync.bumlam.com/?src=aid0&s_data=CAIQABjpl6yUBqIBEORrhmbaTxHshuAAJZDAZHw* HTTP 302
  • https://sync.bumlam.com/?src=aid0&s_data=CAIQARjpl6yUBqIBEORrhmbaTxHshuAAJZDAZHw* HTTP 302
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=e46b8666-da4f-11ec-86e0-002590c0647c HTTP 302
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=e46b8666-da4f-11ec-86e0-002590c0647c&bounce=1 HTTP 302
  • https://sync.bumlam.com/?src=aid1&uid=nbAV2NFLVQjM59qCHG02HA& HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_cm&extra1=nbAV2NFLVQjM59qCHG02HA&extra2=aidata HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_cm=&extra1=nbAV2NFLVQjM59qCHG02HA&extra2=aidata&google_tc= HTTP 302
  • https://sync3.sniperlog.ru/?src=ggl&extra1=nbAV2NFLVQjM59qCHG02HA&extra2=aidata&google_gid=CAESEJ-a7uJi-5KxO4SGcdsbI4c&google_cver=1
Request Chain 2
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Request Chain 6
  • https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/$%7BCACHEBUSTER%7D HTTP 302
  • https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/$%7BCACHEBUSTER%7D
Request Chain 7
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=${USER_ID}&expires=60 HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&pixel=&advId=24830&advUuid=53a9bfff-88c2-4475-80d8-1b6e41aa8086
Request Chain 9
  • https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F${USER_ID} HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F${USER_ID}&crf=1 HTTP 302
  • https://an.yandex.ru/mapuid/betweendigitalis/47bebb5e-3c66-528f-951e-6bdff7956035 HTTP 302
  • https://an.yandex.ru/mapuid/betweendigitalis/47bebb5e-3c66-528f-951e-6bdff7956035?redir-setuniq=1

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request bidder_18.html
cache.betweendigital.com/code/ 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cache.betweendigital.com/code/bidder_18.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.236.71.19 Moscow, Russian Federation, ASN204720 (CDNETWORKS, RU),
Reverse DNS
Software
nginx /
Resource Hash
0efe00c23297e5c56485eabb6ea548c2669b896704fcb2c426d898148543ccad

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Mon, 23 May 2022 04:22:00 GMT
etag
W/"60bf907f-ee9"
last-modified
Tue, 08 Jun 2021 15:45:03 GMT
server
nginx
x-cdn-edge-cache
HIT
x-cdn-edge-id
312
x-cdn-request-id
ea00d3276ad6d272a1b09a7427af30ba
sync
odr.mookie1.com/t/v2/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=between
  • https://x.bidswitch.net/ul_cb/sync?ssp=between
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=53a9bfff-88c2-4475-80d8-1b6e41aa8086&ssp=between&gdpr=&gdpr_consent=
43 B
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=53a9bfff-88c2-4475-80d8-1b6e41aa8086&ssp=between&gdpr=&gdpr_consent=
Protocol
H2
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 May 2022 04:22:01 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
//odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=53a9bfff-88c2-4475-80d8-1b6e41aa8086&ssp=between&gdpr=&gdpr_consent=
Date
Mon, 23 May 2022 04:22:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
/
sync3.sniperlog.ru/
Redirect Chain
  • https://sync.bumlam.com/?src=aid0
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABjpl6yUBlIFl4XSlAY*
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARjpl6yUBlIFl4XSlAaiARDka4Zm2k8R7IbgACWQwGR8
  • https://sync.bumlam.com/?src=aid0&s_data=CAIQABjpl6yUBqIBEORrhmbaTxHshuAAJZDAZHw*
  • https://sync.bumlam.com/?src=aid0&s_data=CAIQARjpl6yUBqIBEORrhmbaTxHshuAAJZDAZHw*
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=e46b8666-da4f-11ec-86e0-002590c0647c
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=e46b8666-da4f-11ec-86e0-002590c0647c&bounce=1
  • https://sync.bumlam.com/?src=aid1&uid=nbAV2NFLVQjM59qCHG02HA&
  • https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_cm&extra1=nbAV2NFLVQjM59qCHG02HA&extra2=aidata
  • https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_cm=&extra1=nbAV2NFLVQjM59qCHG02HA&extra2=aidata&google_tc=
  • https://sync3.sniperlog.ru/?src=ggl&extra1=nbAV2NFLVQjM59qCHG02HA&extra2=aidata&google_gid=CAESEJ-a7uJi-5KxO4SGcdsbI4c&google_cver=1
43 B
516 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync3.sniperlog.ru/?src=ggl&extra1=nbAV2NFLVQjM59qCHG02HA&extra2=aidata&google_gid=CAESEJ-a7uJi-5KxO4SGcdsbI4c&google_cver=1
Protocol
HTTP/1.1
Server
31.172.81.158 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Mon, 23 May 2022 04:22:01 GMT
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server
nginx
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

pragma
no-cache
date
Mon, 23 May 2022 04:22:01 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync3.sniperlog.ru/?src=ggl&extra1=nbAV2NFLVQjM59qCHG02HA&extra2=aidata&google_gid=CAESEJ-a7uJi-5KxO4SGcdsbI4c&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
345
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame 7FDD
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Requested by
Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
about:blank
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 23 May 2022 04:22:01 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 23 May 2022 04:22:01 GMT
location
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
server
AkamaiGHost
usync.js
eus.rubiconproject.com/ Frame 7FDD 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
c6100fce1141a24742eedfd414285bf6d91d555ee07058ef954c414aff4057c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Mon, 23 May 2022 04:22:01 GMT
Content-Encoding
gzip
Last-Modified
Thu, 19 May 2022 17:10:31 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=83523
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9449
Expires
Tue, 24 May 2022 03:34:04 GMT
khaos.jpg
token.rubiconproject.com/ Frame 7FDD 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Content-Type
image/jpg
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 7FDD 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=btwnex
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Content-Type
image/gif
$%7BCACHEBUSTER%7D
www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/
Redirect Chain
  • https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/$%7BCACHEBUSTER%7D
  • https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/$%7BCACHEBUSTER%7D
43 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/$%7BCACHEBUSTER%7D
Protocol
H2
Server
2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU),
Reverse DNS
Software
ms-counter-3.3.5/1.20.2 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 May 2022 04:22:02 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
ms-counter-3.3.5/1.20.2
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin
*
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

pragma
no-cache
date
Mon, 23 May 2022 04:22:02 GMT
server
ms-counter-3.3.5/1.20.2
strict-transport-security
max-age=2678400
content-type
image/gif
location
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/$%7BCACHEBUSTER%7D
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin
*
content-length
0
expires
Thu, 01 Jan 1970 00:00:01 GMT
liveCS.php
live.primis.tech/live/
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=${USER_ID}&expires=60
  • https://live.primis.tech/live/liveCS.php?source=external&pixel=&advId=24830&advUuid=53a9bfff-88c2-4475-80d8-1b6e41aa8086
0
332 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&pixel=&advId=24830&advUuid=53a9bfff-88c2-4475-80d8-1b6e41aa8086
Protocol
H2
Server
2600:9000:225e:7200:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 May 2022 04:22:02 GMT
via
1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
server
nginx
age
0
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
x-amz-cf-pop
FRA60-P4
content-type
text/html; charset=utf-8
x-amz-cf-id
BlPJ1pucp3QN5Uuohi6WZ2l7LZdXrmnh-tgM-6es-hFCNe34Opv4Gw==

Redirect headers

Location
//live.primis.tech/live/liveCS.php?source=external&pixel=&advId=24830&advUuid=53a9bfff-88c2-4475-80d8-1b6e41aa8086
Date
Mon, 23 May 2022 04:22:02 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
/
onetag-sys.com/usync/ Frame 620C 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5d1628750185ace
Requested by
Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://cache.betweendigital.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
47bebb5e-3c66-528f-951e-6bdff7956035
an.yandex.ru/mapuid/betweendigitalis/
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F${USER_ID}
  • https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F${USER_ID}&crf=1
  • https://an.yandex.ru/mapuid/betweendigitalis/47bebb5e-3c66-528f-951e-6bdff7956035
  • https://an.yandex.ru/mapuid/betweendigitalis/47bebb5e-3c66-528f-951e-6bdff7956035?redir-setuniq=1
43 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/betweendigitalis/47bebb5e-3c66-528f-951e-6bdff7956035?redir-setuniq=1
Protocol
H2
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 May 2022 04:22:02 GMT
content-encoding
gzip
last-modified
Mon, 23 May 2022 04:22:02 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Mon, 23 May 2022 04:22:02 GMT

Redirect headers

pragma
no-cache
date
Mon, 23 May 2022 04:22:02 GMT
content-encoding
gzip
last-modified
Mon, 23 May 2022 04:22:02 GMT
strict-transport-security
max-age=31536000
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
location
https://an.yandex.ru/mapuid/betweendigitalis/47bebb5e-3c66-528f-951e-6bdff7956035?redir-setuniq=1
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Mon, 23 May 2022 04:22:02 GMT
sync
t.adx.opera.com/ 		0
410 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.adx.opera.com/sync?vendor=60079&uid=${USER_ID}
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS
n-sysadmin-jumpbox-03.feednews.opera.technology
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 May 2022 04:22:02 GMT
server
Tengine
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
0
expires
Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails object| pixels object| params function| getURLParameter

17 Cookies

Domain/Path Name / Value
.bidswitch.net/ Name: tuuid
Value: 53a9bfff-88c2-4475-80d8-1b6e41aa8086
.bidswitch.net/ Name: c
Value: 1653279720
.bidswitch.net/ Name: tuuid_lu
Value: 1653279720
.adsniper.ru/ Name: uuid3
Value: IiRlNDZiODY2Ni1kYTRmLTExZWMtODZlMC0wMDI1OTBjMDY0N2M*
.bumlam.com/ Name: suuid3
Value: IiRlNDZiODY2Ni1kYTRmLTExZWMtODZlMC0wMDI1OTBjMDY0N2M*
.aidata.io/ Name: __upin
Value: nbAV2NFLVQjM59qCHG02HA
.aidata.io/ Name: __upints
Value: 1653279721
.doubleclick.net/ Name: IDE
Value: AHWqTUmPNp36tV9tlzJhF52ZLs5H8L4zs1NqHjPuMAoN2LDSF4m5LKeVE4apwFKxcU8
.sniperlog.ru/ Name: guid
Value: 9D052B558AFAB869
.tns-counter.ru/ Name: guid
Value: 008B6A14628B0BEAX1653279722
.betweendigital.com/ Name: dc
Value: lux1
.betweendigital.com/ Name: tuuid
Value: 47bebb5e-3c66-528f-951e-6bdff7956035
.betweendigital.com/ Name: ss
Value: 1
.betweendigital.com/ Name: ut
Value: YosL6gAE4gDw8-eGeBikkyaCfHXi9_lcXJ7ihA==
.yandex.ru/ Name: yuidss
Value: 3702915721653279722
.yandex.ru/ Name: yandexuid
Value: 3702915721653279722
.adx.opera.com/ Name: UID
Value: df2142c15a7c486b887e235a51fb57a0