26130.rtbbamfbidder.xyz

Summary

This website contacted 4 IPs in 1 countries across 4 domains to perform 6 HTTP transactions. The main IP is 198.147.26.130, located in Piscataway, United States and belongs to 24SHELLS - 24 SHELLS, US. The main domain is 26130.rtbbamfbidder.xyz.

This is the only time 26130.rtbbamfbidder.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	198.147.26.130 198.147.26.130	55081 (24SHELLS) (24SHELLS - 24 SHELLS)
3	204.62.12.55 204.62.12.55	46636 (NATCOWEB) (NATCOWEB - NatCoWeb Corp.)
1	2606:4700:30:... 2606:4700:30::681f:5521	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2606:4700:30:... 2606:4700:30::681b:baf8	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
6	4

1 198.147.26.130 (Piscataway, United States)

ASN55081 (24SHELLS - 24 SHELLS, US)

26130.rtbbamfbidder.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 204.62.12.55 (Clifton, United States)

ASN46636 (NATCOWEB - NatCoWeb Corp., US)

s1e.decenterads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:30::681f:5521 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

ping-hqx-1.rtbanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:30::681b:baf8 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

www.serverstitch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	decenterads.com s1e.decenterads.com	374 B
1	serverstitch.com www.serverstitch.com
1	rtbanalytics.com ping-hqx-1.rtbanalytics.com	337 B
1	rtbbamfbidder.xyz 26130.rtbbamfbidder.xyz	6 KB
6	4

	Domain	Requested by
3	s1e.decenterads.com	26130.rtbbamfbidder.xyz
1	www.serverstitch.com	26130.rtbbamfbidder.xyz
1	ping-hqx-1.rtbanalytics.com	26130.rtbbamfbidder.xyz
1	26130.rtbbamfbidder.xyz
6	4

This site contains links to these domains. Also see Links.

Domain
ping-hqx-1.rtbanalytics.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2018-10-22` - `2019-10-22`	a year	crt.sh

This page contains 3 frames:

Primary Page: http://26130.rtbbamfbidder.xyz/show?adid=1483e417f0
Frame ID: E4FC4F44404AE022F5AC011EC651F959
Requests: 4 HTTP requests in this frame

Frame: https://www.serverstitch.com/tags/?tid=1000&hash=kipp9h&width=320&height=50&p5=16666&p6=372&cad[bts]=zS4PowMzoDM0oTMwACMx0SNw0SOxAjMeKQxz&campaign_id=e50122b26559&media_id=16666&placement_id=e50122b26559&pub_domain=&cc=0.34346&cad[banner_width]=320&cad[banner_height]=50&cad[imp_pos]=&cad[imp_topframe]=&cad[site_id]=&cad[site_name]=&cad[site_domain]=&cad[site_page]=&cad[site_publisher_id]=&cad[site_name]=&cad[site_publisher_domain]=&cad[app_id]=e50122b26559&cad[app_name]=Trigon+%3A+Triangle+Block+Puzzle&cad[app_bundle]=1347129450&cad[app_paid]=&cad[app_publisher_id]=80870&cad[app_publisher_name]=&cad[app_publisher_domain]=&cad[device_dnt]=0&cad[device_ua]=Mozilla%2F5.0+%28iPhone%3B+CPU+iPhone+OS+12_2+like+Mac+OS+X%29+AppleWebKit%2F607.1.40+%28KHTML%2C+like+Gecko%29+Mobile%2F16E227+trigon%2F63&cad[device_ip]=75.134.168.218&cad[device_didsha1]=&cad[device_didmd5]=&cad[device_dpidsha1]=6D6292AD6A400CE3F96C74C4B684AA59B5B229A3&cad[device_dpidmd5]=D2CC8D9EAB4ED86AEFE796C0741119CE&cad[device_macsha1]=&cad[device_macmd5]=&cad[device_ipv6]=&cad[device_carrier]=Charter+Communications&cad[device_language]=en&cad[device_make]=Apple&cad[device_model]=iPhone&cad[device_os]=ios&cad[device_osv]=12.2&cad[device_js]=1&cad[device_connection_type]=2&cad[device_device_type]=4&cad[device_flashver]=&cad[device_ifa]=a3f49630-43ce-4b83-a231-19865e6fba8d&cad[device_geo_lat]=43.6375&cad[device_geo_lon]=-84.1979&cad[device_geo_city]=midland&cad[device_geo_zip]=&cad[user_id]=a74ae3e71ef03d8fe0d79f3a4c4e567740a4d161&cad[user_buyeruid]=&cad[user_yob]=&cad[user_gender]=&cad[user_geo_lat]=&cad[user_geo_lon]=&cad[user_geo_city]=&cad[user_geo_zip]=&cad[request_id]=31273701729511709&pub_id2=12704
Frame ID: 3560BB3E04302F7C85275ABCA149FCF5
Requests: 1 HTTP requests in this frame

Frame: http://s1e.decenterads.com/?win=js_test_imp_&price=0.23504285863568347&prt=136_1dcda49e6de9ee2c7ebd458fad4e381a&t=banner&uniq=61da08dbe072ee8041e1ccbefc81fc2b
Frame ID: FAAE2E7A7DBD5C5E9F8A2ED499E459A4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

6
Requests

17 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

1
Countries

6 kB
Transfer

5 kB
Size

4
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://ping-hqx-1.rtbanalytics.com/notification/rtb/clickbot/?dcid=16&bid=z9y5ca&a_id=28eb21460d872c98f5e87110a215&uip=CMgXogTMy4CO2EjL0MTMuUzND8ciQ&udid=xbjfXkhTYiZmNlVjN4kTMtEzMyEWLzgjY00SZjNDNtAzM2kDNmNTYzZeMT&uua=H7n50MjNv42bnlmc0ByNyITR2EzLlxWai9WTgkybrNWZHBSZrlGbgwCTNRFSLhCIwQjLx4yNwYzL0l2SiV2VlxGcwFEIpgFIT9EIjFWTgU2apxGIy8lMxAyUPBSZu9GaQlGIVB1QgsTZu9GaQlGKgAjL18SYsxWa69WTzTULD&uctm=1557452433698&gid=&r_id=31273701729511709&a_bp=0.35&d=&s_id=26&b_r_id=16666&b_g_id=10&rt=App&irt=Banner&rsi=0&und=yn7IxkhTYiZmNlVjN4kTMtEzMyEWLzgjY00SZjNDNtAzM2kDNmNTYa9mGW&fct=2&u=a74ae3e71ef03d8fe0d79f3a4c4e567740a4d161&w=320&h=50&dspr=&dyn=0&dync=0&oapi=OxS3tAzN4ADOeWqhl&oai=KDfNO5UTN2IjYyITMwUTZ1LOZi&aname=uOGUXlxme6VHUgs2YvxmQgUGbn5WYpJHVgoDIu92ZpJHV94dGx&abundle=ikPaPAM1QTOyEzN0MTM9sc62&sdomain=&spid=&s_s_id=e50122b26559&dcarrier=ktiOxwcu9Wa0F2Yp5Wdt12bDBiclRnchh2QlFM32&dcarid=5qWFlUTMxAjMaCPdX&city=&b_id=372&cui=TRw31MVVeGWG7&hostn=XJkt4xEHatATMiRnch3gjh&dspb=&d_os=ios&d_osv=12.2&d_type=4&d_model=iPhone&d_make=Apple&d_lang=en&d_c_type=1&mb_id=&mb_s=0&u_a_id=5917&u_tz=America%2FDetroit&u_g=&u_yob=&ml_f_id=&ml_p=&m_uag=&u_h=21&u_d=4&d_vv=&d_vi=&d_vrv=&d_vri=&f_p=0.252&t_t=
Title: A

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request show Show response 26130.rtbbamfbidder.xyz/	5 KB 6 KB	355ms 101ms	Document text/html	198.147.26.130 24 SHELLS
General Check archive.org Show headers Download Go to Full URL http://26130.rtbbamfbidder.xyz/show?adid=1483e417f0 Protocol HTTP/1.1 Server 198.147.26.130 Piscataway, United States, ASN55081 (24SHELLS - 24 SHELLS, US), Reverse DNS Software / Resource Hash `8b1983afd9f486fd2f12f8355a5d65e31c1e9444882ca16be302ea7dffda36a7` Request headers Host 26130.rtbbamfbidder.xyz Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Content-Type text/html;charset=UTF-8 Access-Control-Allow-Origin * Content-Length 5544 Date Fri, 10 May 2019 01:49:42 GMT Connection keep-alive
GET H/1.1	200 OK	/ s1e.decenterads.com/	43 B 187 B	211ms 99ms	Image image/gif	204.62.12.55 NatCoWeb Corp.
General Check archive.org Show headers Download Go to Show image Full URL http://s1e.decenterads.com/?win=te_imp&prt=136_1dcda49e6de9ee2c7ebd458fad4e381a&t=banner&uniq=4ce9709ccac0c4d3161858b35dab65e0 Requested by Host: 26130.rtbbamfbidder.xyz URL: http://26130.rtbbamfbidder.xyz/show?adid=1483e417f0 Protocol HTTP/1.1 Server 204.62.12.55 Clifton, United States, ASN46636 (NATCOWEB - NatCoWeb Corp., US), Reverse DNS Software / Resource Hash `4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49` Request headers Referer http://26130.rtbbamfbidder.xyz/show?adid=1483e417f0 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Fri, 10 May 2019 01:49:46 GMT Connection keep-alive Transfer-Encoding chunked Content-Type image/gif
GET H/1.1	200 OK	/ ping-hqx-1.rtbanalytics.com/notification/rtb/w/a/	0 337 B	131ms 104ms	Image text/plain	2606:4700:30::681f:5521 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL http://ping-hqx-1.rtbanalytics.com/notification/rtb/w/a/?a_p=0.34346&dcid=16&bid=z9y5ca&a_id=28eb21460d872c98f5e87110a215&uip=hh1SSgTMy4CO2EjL0MTMuUzNMwlBe&udid=DWHP1khTYiZmNlVjN4kTMtEzMyEWLzgjY00SZjNDNtAzM2kDNmNTYwoQiB&uua=fub9vMjNv42bnlmc0ByNyITR2EzLlxWai9WTgkybrNWZHBSZrlGbgwCTNRFSLhCIwQjLx4yNwYzL0l2SiV2VlxGcwFEIpgFIT9EIjFWTgU2apxGIy8lMxAyUPBSZu9GaQlGIVB1QgsTZu9GaQlGKgAjL18SYsxWa69WTKVvLa&uctm=1557452433697&gid=&r_id=31273701729511709&a_bp=0.35&d=&s_id=26&b_r_id=16666&b_g_id=10&rt=App&irt=Banner&rsi=0&und=Hq9ZVkhTYiZmNlVjN4kTMtEzMyEWLzgjY00SZjNDNtAzM2kDNmNTYpwH6c&fct=2&u=a74ae3e71ef03d8fe0d79f3a4c4e567740a4d161&w=320&h=50&dspr=&dyn=0&dync=0&oapi=YgwznAzN4ADO6PWW0&oai=unhY05UTN2IjYyITMwUTZ5niTE&aname=QdDwnlxme6VHUgs2YvxmQgUGbn5WYpJHVgoDIu92ZpJHVihk4w&abundle=8ANqWAM1QTOyEzN0MTMeZ7cz&sdomain=&spid=&s_s_id=e50122b26559&dcarrier=CoWfFwcu9Wa0F2Yp5Wdt12bDBiclRnchh2QifZNk&dcarid=i0AZHUTMxAjMiiTnV&city=&b_id=372&cui=UuZa0MVVkevmp&hostn=UdWOZxEHatATMiRncg93jp&dspb=&d_os=ios&d_osv=12.2&d_type=4&d_model=iPhone&d_make=Apple&d_lang=en&d_c_type=1&mb_id=&mb_s=0&u_a_id=5917&u_tz=America%2FDetroit&u_g=&u_yob=&ml_f_id=&ml_p=&m_uag=&u_h=21&u_d=4&d_vv=&d_vi=&d_vrv=&d_vri=&f_p=0.252&t_t= Requested by Host: 26130.rtbbamfbidder.xyz URL: http://26130.rtbbamfbidder.xyz/show?adid=1483e417f0 Protocol HTTP/1.1 Server 2606:4700:30::681f:5521 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer http://26130.rtbbamfbidder.xyz/show?adid=1483e417f0 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Fri, 10 May 2019 01:49:39 GMT Server cloudflare Connection keep-alive CF-RAY 4d4841fefa7196a4-FRA Content-Length 0 Content-Type text/plain; charset=UTF-8
GET H/1.1	200 OK	/ s1e.decenterads.com/	43 B 187 B	211ms 99ms	Image image/gif	204.62.12.55 NatCoWeb Corp.
General Check archive.org Show headers Download Go to Show image Full URL http://s1e.decenterads.com/?win=impr&price=0.23504285863568347&prt=136_1dcda49e6de9ee2c7ebd458fad4e381a&t=banner&uniq=61da08dbe072ee8041e1ccbefc81fc2b Requested by Host: 26130.rtbbamfbidder.xyz URL: http://26130.rtbbamfbidder.xyz/show?adid=1483e417f0 Protocol HTTP/1.1 Server 204.62.12.55 Clifton, United States, ASN46636 (NATCOWEB - NatCoWeb Corp., US), Reverse DNS Software / Resource Hash `4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49` Request headers Referer http://26130.rtbbamfbidder.xyz/show?adid=1483e417f0 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Fri, 10 May 2019 01:49:46 GMT Connection keep-alive Transfer-Encoding chunked Content-Type image/gif
GET H2	200	/ www.serverstitch.com/tags/ Frame 3560	0 0	866ms 802ms	Document text/html	2606:4700:30::681b:baf8 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://www.serverstitch.com/tags/?tid=1000&hash=kipp9h&width=320&height=50&p5=16666&p6=372&cad[bts]=zS4PowMzoDM0oTMwACMx0SNw0SOxAjMeKQxz&campaign_id=e50122b26559&media_id=16666&placement_id=e50122b26559&pub_domain=&cc=0.34346&cad[banner_width]=320&cad[banner_height]=50&cad[imp_pos]=&cad[imp_topframe]=&cad[site_id]=&cad[site_name]=&cad[site_domain]=&cad[site_page]=&cad[site_publisher_id]=&cad[site_name]=&cad[site_publisher_domain]=&cad[app_id]=e50122b26559&cad[app_name]=Trigon+%3A+Triangle+Block+Puzzle&cad[app_bundle]=1347129450&cad[app_paid]=&cad[app_publisher_id]=80870&cad[app_publisher_name]=&cad[app_publisher_domain]=&cad[device_dnt]=0&cad[device_ua]=Mozilla%2F5.0+%28iPhone%3B+CPU+iPhone+OS+12_2+like+Mac+OS+X%29+AppleWebKit%2F607.1.40+%28KHTML%2C+like+Gecko%29+Mobile%2F16E227+trigon%2F63&cad[device_ip]=75.134.168.218&cad[device_didsha1]=&cad[device_didmd5]=&cad[device_dpidsha1]=6D6292AD6A400CE3F96C74C4B684AA59B5B229A3&cad[device_dpidmd5]=D2CC8D9EAB4ED86AEFE796C0741119CE&cad[device_macsha1]=&cad[device_macmd5]=&cad[device_ipv6]=&cad[device_carrier]=Charter+Communications&cad[device_language]=en&cad[device_make]=Apple&cad[device_model]=iPhone&cad[device_os]=ios&cad[device_osv]=12.2&cad[device_js]=1&cad[device_connection_type]=2&cad[device_device_type]=4&cad[device_flashver]=&cad[device_ifa]=a3f49630-43ce-4b83-a231-19865e6fba8d&cad[device_geo_lat]=43.6375&cad[device_geo_lon]=-84.1979&cad[device_geo_city]=midland&cad[device_geo_zip]=&cad[user_id]=a74ae3e71ef03d8fe0d79f3a4c4e567740a4d161&cad[user_buyeruid]=&cad[user_yob]=&cad[user_gender]=&cad[user_geo_lat]=&cad[user_geo_lon]=&cad[user_geo_city]=&cad[user_geo_zip]=&cad[request_id]=31273701729511709&pub_id2=12704 Requested by Host: 26130.rtbbamfbidder.xyz URL: http://26130.rtbbamfbidder.xyz/show?adid=1483e417f0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681b:baf8 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / PHP/5.6.33-0+deb8u1 Resource Hash Request headers :method GET :authority www.serverstitch.com :scheme https :path /tags/?tid=1000&hash=kipp9h&width=320&height=50&p5=16666&p6=372&cad[bts]=zS4PowMzoDM0oTMwACMx0SNw0SOxAjMeKQxz&campaign_id=e50122b26559&media_id=16666&placement_id=e50122b26559&pub_domain=&cc=0.34346&cad[banner_width]=320&cad[banner_height]=50&cad[imp_pos]=&cad[imp_topframe]=&cad[site_id]=&cad[site_name]=&cad[site_domain]=&cad[site_page]=&cad[site_publisher_id]=&cad[site_name]=&cad[site_publisher_domain]=&cad[app_id]=e50122b26559&cad[app_name]=Trigon+%3A+Triangle+Block+Puzzle&cad[app_bundle]=1347129450&cad[app_paid]=&cad[app_publisher_id]=80870&cad[app_publisher_name]=&cad[app_publisher_domain]=&cad[device_dnt]=0&cad[device_ua]=Mozilla%2F5.0+%28iPhone%3B+CPU+iPhone+OS+12_2+like+Mac+OS+X%29+AppleWebKit%2F607.1.40+%28KHTML%2C+like+Gecko%29+Mobile%2F16E227+trigon%2F63&cad[device_ip]=75.134.168.218&cad[device_didsha1]=&cad[device_didmd5]=&cad[device_dpidsha1]=6D6292AD6A400CE3F96C74C4B684AA59B5B229A3&cad[device_dpidmd5]=D2CC8D9EAB4ED86AEFE796C0741119CE&cad[device_macsha1]=&cad[device_macmd5]=&cad[device_ipv6]=&cad[device_carrier]=Charter+Communications&cad[device_language]=en&cad[device_make]=Apple&cad[device_model]=iPhone&cad[device_os]=ios&cad[device_osv]=12.2&cad[device_js]=1&cad[device_connection_type]=2&cad[device_device_type]=4&cad[device_flashver]=&cad[device_ifa]=a3f49630-43ce-4b83-a231-19865e6fba8d&cad[device_geo_lat]=43.6375&cad[device_geo_lon]=-84.1979&cad[device_geo_city]=midland&cad[device_geo_zip]=&cad[user_id]=a74ae3e71ef03d8fe0d79f3a4c4e567740a4d161&cad[user_buyeruid]=&cad[user_yob]=&cad[user_gender]=&cad[user_geo_lat]=&cad[user_geo_lon]=&cad[user_geo_city]=&cad[user_geo_zip]=&cad[request_id]=31273701729511709&pub_id2=12704 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 referer http://26130.rtbbamfbidder.xyz/show?adid=1483e417f0 accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer http://26130.rtbbamfbidder.xyz/show?adid=1483e417f0 Response headers status 200 date Fri, 10 May 2019 01:49:39 GMT content-type text/html; charset=UTF-8 set-cookie __cfduid=dc54e60c3c6a2556b1191044f057340641557452979; expires=Sat, 09-May-20 01:49:39 GMT; path=/; domain=.serverstitch.com; HttpOnly kipp9h_1000=1; expires=Thu, 05-May-2039 01:49:39 GMT; Max-Age=630720000; path=/; domain=www.serverstitch.com kipp9h_1000_2019-05-10=1; expires=Mon, 13-May-2019 01:49:39 GMT; Max-Age=259200; path=/; domain=www.serverstitch.com kipp9h_1000_2019-05-10_01=1; expires=Fri, 10-May-2019 13:49:39 GMT; Max-Age=43200; path=/; domain=www.serverstitch.com x-powered-by PHP/5.6.33-0+deb8u1 access-control-allow-origin * expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 4d4841ff4bfd64a3-FRA content-encoding br
GET H/1.1	200 OK	/ s1e.decenterads.com/ Frame FAAE	0 0	200ms 98ms	Document image/gif	204.62.12.55 NatCoWeb Corp.
General Check archive.org Show headers Download Go to Full URL http://s1e.decenterads.com/?win=js_test_imp_&price=0.23504285863568347&prt=136_1dcda49e6de9ee2c7ebd458fad4e381a&t=banner&uniq=61da08dbe072ee8041e1ccbefc81fc2b Requested by Host: 26130.rtbbamfbidder.xyz URL: http://26130.rtbbamfbidder.xyz/show?adid=1483e417f0 Protocol HTTP/1.1 Server 204.62.12.55 Clifton, United States, ASN46636 (NATCOWEB - NatCoWeb Corp., US), Reverse DNS Software / Resource Hash Request headers Host s1e.decenterads.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 Referer http://26130.rtbbamfbidder.xyz/show?adid=1483e417f0 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer http://26130.rtbbamfbidder.xyz/show?adid=1483e417f0 Response headers Content-Type image/gif Date Fri, 10 May 2019 01:49:46 GMT Connection keep-alive Transfer-Encoding chunked

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.www.serverstitch.com/	1970-01-19 00:41:52	Name: kipp9h_1000_2019-05-10 Value: 1
.www.serverstitch.com/	1970-01-26 07:49:32	Name: kipp9h_1000 Value: 1
.www.serverstitch.com/	1970-01-19 00:38:16	Name: kipp9h_1000_2019-05-10_01 Value: 1
.serverstitch.com/	1970-01-19 09:23:08	Name: __cfduid Value: dc54e60c3c6a2556b1191044f057340641557452979

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

26130.rtbbamfbidder.xyz
ping-hqx-1.rtbanalytics.com
s1e.decenterads.com
www.serverstitch.com
198.147.26.130
204.62.12.55
2606:4700:30::681b:baf8
2606:4700:30::681f:5521
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
8b1983afd9f486fd2f12f8355a5d65e31c1e9444882ca16be302ea7dffda36a7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

26130.rtbbamfbidder.xyz Open in urlscan Pro 198.147.26.130 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

6 Requests

17 %HTTPS

50 %IPv6

4 Domains

4 Subdomains

4 IPs

1 Countries

6 kBTransfer

5 kBSize

4 Cookies

1 Outgoing links

Redirected requests

6 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

4 Cookies

Indicators

26130.rtbbamfbidder.xyz Open in urlscan Pro
198.147.26.130 Public Scan

Screenshot
Live screenshot

Full Image

6
Requests

17 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

1
Countries

6 kB
Transfer

5 kB
Size

4
Cookies

6 HTTP transactions
0 data transactions