ssum-sec.casalemedia.com Open in urlscan Pro
92.123.93.251 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://altitude.tex-sync.rockyou.net/usersync2/altitude
Effective URL:
https://ssum-sec.casalemedia.com/usermatch?s=185269&cb=https%3A%2F%2Ftex-sync.rockyou.net%2Fusersync%2Findexexchange%2F&C=1
Submission: On December 04 via manual (December 4th 2017, 4:17:56 pm UTC) from US

Summary HTTP 10 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 4 countries across 11 domains to perform 10 HTTP transactions. The main IP is 92.123.93.251, located in European Union and belongs to AKAMAI-ASN1, US. The main domain is ssum-sec.casalemedia.com.
TLS certificate: Issued by GeoTrust SSL CA - G3 on August 3rd 2017. Valid for: a year.

This is the only time ssum-sec.casalemedia.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	173.195.214.210 173.195.214.210	46681 (ROCKYOU) (ROCKYOU - Rockyou Inc.)
2 9	92.123.93.251 92.123.93.251	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 2	176.34.189.228 176.34.189.228	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2 2	185.29.132.21 185.29.132.21	30419 (MEDIAMATH...) (MEDIAMATH-INC - MediaMath Inc)
1	77.238.185.35 77.238.185.35	34010 (YAHOO-IRD) (YAHOO-IRD)
3 3	216.58.210.2 216.58.210.2	15169 (GOOGLE) (GOOGLE - Google LLC)
1 2	66.117.28.68 66.117.28.68	15224 (OMNITURE) (OMNITURE - Adobe Systems Inc.)
1 1	66.117.28.86 66.117.28.86	15224 (OMNITURE) (OMNITURE - Adobe Systems Inc.)
2 2	52.213.124.12 52.213.124.12	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 1	52.49.64.193 52.49.64.193	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 1	34.206.55.242 34.206.55.242	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1 1	173.195.214.209 173.195.214.209	46681 (ROCKYOU) (ROCKYOU - Rockyou Inc.)
1	63.251.24.69 63.251.24.69	13789 (INTERNAP-...) (INTERNAP-BLK3 - Internap Network Services Corporation)
10	4

1 173.195.214.210 (San Francisco, United States) 1 redirects

ASN46681 (ROCKYOU - Rockyou Inc., US)

altitude.tex-sync.rockyou.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 92.123.93.251 (European Union) 2 redirects

ASN20940 (AKAMAI-ASN1, US)
PTR: a92-123-93-251.deploy.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 176.34.189.228 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-176-34-189-228.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.29.132.21 (United Kingdom) 2 redirects

ASN30419 (MEDIAMATH-INC - MediaMath Inc, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 77.238.185.35 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
PTR: pr-bh.pbp.vip.ir2.yahoo.com

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.58.210.2 (Mountain View, United States) 3 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 66.117.28.68 (Lehi, United States) 1 redirects

ASN15224 (OMNITURE - Adobe Systems Inc., US)

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.117.28.86 (Lehi, United States) 1 redirects

ASN15224 (OMNITURE - Adobe Systems Inc., US)

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.213.124.12 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-213-124-12.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.49.64.193 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-49-64-193.eu-west-1.compute.amazonaws.com

bidi-geo.mythings.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.206.55.242 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-206-55-242.compute-1.amazonaws.com

sync.extend.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.195.214.209 (San Francisco, United States) 1 redirects

ASN46681 (ROCKYOU - Rockyou Inc., US)

tex-sync.rockyou.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.251.24.69 (United States)

ASN13789 (INTERNAP-BLK3 - Internap Network Services Corporation, US)

ads.altitude-arena.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	casalemedia.com 2 redirects ssum-sec.casalemedia.com dsum-sec.casalemedia.com	3 KB
3	everesttech.net 2 redirects pixel.everesttech.net cm.everesttech.net	1 KB
3	doubleclick.net 3 redirects cm.g.doubleclick.net	1 KB
2	bidr.io 2 redirects match.prod.bidr.io	729 B
2	mathtag.com 2 redirects sync.mathtag.com	1 KB
2	adsrvr.org 2 redirects match.adsrvr.org	1 KB
2	rockyou.net 2 redirects altitude.tex-sync.rockyou.net tex-sync.rockyou.net	895 B
1	altitude-arena.com ads.altitude-arena.com
1	extend.tv 1 redirects sync.extend.tv	546 B
1	mythings.com 1 redirects bidi-geo.mythings.com	304 B
1	yahoo.com pr-bh.ybp.yahoo.com	52 B
10	11

	Domain	Requested by
6	dsum-sec.casalemedia.com	ssum-sec.casalemedia.com
3	cm.g.doubleclick.net	3 redirects
3	ssum-sec.casalemedia.com	2 redirects
2	match.prod.bidr.io	2 redirects
2	pixel.everesttech.net	1 redirects ssum-sec.casalemedia.com
2	sync.mathtag.com	2 redirects
2	match.adsrvr.org	2 redirects
1	ads.altitude-arena.com	ssum-sec.casalemedia.com
1	tex-sync.rockyou.net	1 redirects
1	sync.extend.tv	1 redirects
1	bidi-geo.mythings.com	1 redirects
1	cm.everesttech.net	1 redirects
1	pr-bh.ybp.yahoo.com	ssum-sec.casalemedia.com
1	altitude.tex-sync.rockyou.net	1 redirects
10	14

This site contains no links.

Subject Issuer	Validity	Valid
san.casalemedia.com GeoTrust SSL CA - G3	`2017-08-03` - `2018-11-02`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2017-11-09` - `2018-05-08`	6 months	crt.sh
*.everesttech.net DigiCert SHA2 Secure Server CA	`2017-04-13` - `2020-04-17`	3 years	crt.sh
*.altitude-arena.com Go Daddy Secure Certificate Authority - G2	`2017-02-07` - `2018-04-09`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://ssum-sec.casalemedia.com/usermatch?s=185269&cb=https%3A%2F%2Ftex-sync.rockyou.net%2Fusersync%2Findexexchange%2F&C=1
Frame ID: 3541.1
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://altitude.tex-sync.rockyou.net/usersync2/altitude HTTP 302
https://ssum-sec.casalemedia.com/usermatch?s=185269&cb=https%3A%2F%2Ftex-sync.rockyou.net%2Fusersync%2Findexe... HTTP 302
https://ssum-sec.casalemedia.com/usermatch?s=185269&cb=https%3A%2F%2Ftex-sync.rockyou.net%2Fusersync%2Findexe... Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

Page Statistics

10
Requests

100 %
HTTPS

0 %
IPv6

11
Domains

14
Subdomains

4
IPs

4
Countries

2 kB
Transfer

2 kB
Size

7
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://altitude.tex-sync.rockyou.net/usersync2/altitude HTTP 302
https://ssum-sec.casalemedia.com/usermatch?s=185269&cb=https%3A%2F%2Ftex-sync.rockyou.net%2Fusersync%2Findexexchange%2F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?s=185269&cb=https%3A%2F%2Ftex-sync.rockyou.net%2Fusersync%2Findexexchange%2F&C=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://match.adsrvr.org/track/cmf/casale?cm_dsp_id=39&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_user_id=WiV1KLlQJrkAAFtTu8MAAAAJ HTTP 302
https://match.adsrvr.org/track/cmb/casale?cm_dsp_id=39&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_user_id=WiV1KLlQJrkAAFtTu8MAAAAJ HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=39&external_user_id=61dca775-9a87-4061-b00a-57d2355f9140&expiration=1514996263

Request Chain 1

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&mm_bnc&mm_bct HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=183d5a25-73cd-4000-9e78-0d2a6a4b3880

Request Chain 2

https://ssum-sec.casalemedia.com/usermatchredir?s=183875&cb=https%3A%2F%2Fpr-bh.ybp.yahoo.com%2Fsync%2Fcasale%2F_UID_ HTTP 302
https://pr-bh.ybp.yahoo.com/sync/casale/WiV1KLlQJrkAAFtTu8MAAAAJBFUAAAAB

Request Chain 3

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm=&google_sc=&google_tc= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPn6YAOvi2DwJ0vgKK70_04&google_cver=1

Request Chain 4

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D71%26external_user_id%3D__EFGCK__ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=V2lWMUtRQUFCZGRTNWhISw&url=/1/gr%3furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Fcrum%253Fcm_dsp_id%253D71%2526external_user_id%253D__EFGCK__ HTTP 302
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Fcrum%253Fcm_dsp_id%253D71%2526external_user_id%253D__EFGCK__&google_gid=CAESEErSLPVW-F6DwHkYE52_LGI&google_cver=1 HTTP 302
https://pixel.everesttech.net/1x1

Request Chain 5

https://match.prod.bidr.io/cookie-sync/ie HTTP 303
https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1 HTTP 303
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAdKWU60SuoAABbIVH03uQ&expiration=1513613865

Request Chain 6

https://bidi-geo.mythings.com/bidi/casale HTTP 307
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=82&expiration=1473690514

Request Chain 7

https://sync.extend.tv/r.gif?exchange=index HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=389ac11a-7d4b-4427-a289-27b67ca347c1

Request Chain 8

https://tex-sync.rockyou.net/usersync/indexexchange/WiV1KLlQJrkAAFtTu8MAAAAJ%261109 HTTP 302
https://ads.altitude-arena.com/match?bidder_id=98&external_user_id=XU01v04-ebbadbb8-2525-4031-acab-fb0158d36457

10 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set usermatch Show response
ssum-sec.casalemedia.com/
Redirect Chain

http://altitude.tex-sync.rockyou.net/usersync2/altitude
https://ssum-sec.casalemedia.com/usermatch?s=185269&cb=https%3A%2F%2Ftex-sync.rockyou.net%2Fusersync%2Findexexchange%2F
https://ssum-sec.casalemedia.com/usermatch?s=185269&cb=https%3A%2F%2Ftex-sync.rockyou.net%2Fusersync%2Findexexchange%2F&C=1

2 KB
2 KB

19ms
19ms

Document
text/html

92.123.93.251
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?s=185269&cb=https%3A%2F%2Ftex-sync.rockyou.net%2Fusersync%2Findexexchange%2F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.123.93.251 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a92-123-93-251.deploy.akamaitechnologies.com
Software: Apache /
Resource Hash: cfe68a0bd9af347d2de19a490ed9f218325b0d706458974effbfa3509cbe612f

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: ssum-sec.casalemedia.com
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Cache-Control: no-cache
Cookie: CMID=WiV1KLlQJrkAAFtTu8MAAAAJ; CMPS=3216
Connection: keep-alive
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 04 Dec 2017 16:17:45 GMT
Server: Apache
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Set-Cookie: CMID=WiV1KLlQJrkAAFtTu8MAAAAJ;domain=casalemedia.com;path=/;expires=Tue, 04 Dec 2018 16:17:45 GMT CMPS=3216;domain=casalemedia.com;path=/;expires=Sun, 04 Mar 2018 16:17:45 GMT CMPRO=1109;domain=casalemedia.com;path=/;expires=Sun, 04 Mar 2018 16:17:45 GMT CMST=WiV1KVoldSkA;domain=casalemedia.com;path=/;expires=Tue, 05 Dec 2017 16:17:45 GMT CMDD=;domain=casalemedia.com;path=/;expires=Tue, 05 Dec 2017 16:17:45 GMT CMRUM3=985a25752905a0&825a257529a8c0&275a2575290b40&475a25752905a0&035a25752905a0&2d5a25752905a0&495a25752905a0&525a25752905a0;domain=casalemedia.com;path=/;expires=Tue, 04 Dec 2018 16:17:45 GMT CMSC=WiV1KQ**;domain=casalemedia.com;path=/;
Content-Type: text/html
Content-Length: 1559
Expires: Mon, 04 Dec 2017 16:17:45 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 04 Dec 2017 16:17:44 GMT
Server: Apache
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://ssum-sec.casalemedia.com/usermatch?s=185269&cb=https%3A%2F%2Ftex-sync.rockyou.net%2Fusersync%2Findexexchange%2F&C=1
Cache-Control: max-age=0, no-cache, no-store
Set-Cookie: CMID=WiV1KLlQJrkAAFtTu8MAAAAJ;domain=casalemedia.com;path=/;expires=Tue, 04 Dec 2018 16:17:44 GMT CMPS=3216;domain=casalemedia.com;path=/;expires=Sun, 04 Mar 2018 16:17:44 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 315
Expires: Mon, 04 Dec 2017 16:17:44 GMT

GET
H/1.1

200
OK

Cookie set crum
dsum-sec.casalemedia.com/
Redirect Chain

https://match.adsrvr.org/track/cmf/casale?cm_dsp_id=39&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_user_id=WiV1KLlQJrkAAFtTu8MAAAAJ
https://match.adsrvr.org/track/cmb/casale?cm_dsp_id=39&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_user_id=WiV1KLlQJrkAAFtTu8MAAAAJ
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=39&external_user_id=61dca775-9a87-4061-b00a-57d2355f9140&expiration=1514996263

43 B
43 B

11ms
11ms

Image
image/gif

92.123.93.251
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=39&external_user_id=61dca775-9a87-4061-b00a-57d2355f9140&expiration=1514996263
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=185269&cb=https%3A%2F%2Ftex-sync.rockyou.net%2Fusersync%2Findexexchange%2F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.123.93.251 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a92-123-93-251.deploy.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dsum-sec.casalemedia.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://ssum-sec.casalemedia.com/usermatch?s=185269&cb=https%3A%2F%2Ftex-sync.rockyou.net%2Fusersync%2Findexexchange%2F&C=1
Cookie: CMST=WiV1KVoldSkA; CMDD=; CMSC=WiV1KQ**; CMID=WiV1KLlQJrkAAFtTu8MAAAAJ; CMPS=3216; CMPRO=1109; CMRUM3=985a25752905a0&825a257529a8c0&275a2575290b40&035a25752905a0&475a25752905a0&495a25752905a0&2d5a2575292760CAESEPn6YAOvi2DwJ0vgKK70_04&525a25752900010
Connection: keep-alive
Cache-Control: no-cache
Referer: https://ssum-sec.casalemedia.com/usermatch?s=185269&cb=https%3A%2F%2Ftex-sync.rockyou.net%2Fusersync%2Findexexchange%2F&C=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 04 Dec 2017 16:17:45 GMT
Server: Apache
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Set-Cookie: CMID=WiV1KLlQJrkAAFtTu8MAAAAJ;domain=casalemedia.com;path=/;expires=Tue, 04 Dec 2018 16:17:45 GMT CMPS=3216;domain=casalemedia.com;path=/;expires=Sun, 04 Mar 2018 16:17:45 GMT CMPRO=1109;domain=casalemedia.com;path=/;expires=Sun, 04 Mar 2018 16:17:45 GMT CMRUM3=985a25752905a0&825a257529a8c0&275a257529276061dca775-9a87-4061-b00a-57d2355f9140&475a25752905a0&035a25752905a0&2d5a2575292760CAESEPn6YAOvi2DwJ0vgKK70_04&495a25752905a0&525a25752900010;domain=casalemedia.com;path=/;expires=Tue, 04 Dec 2018 16:17:45 GMT
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 04 Dec 2017 16:17:45 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 04 Dec 2017 16:17:42 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=39&external_user_id=61dca775-9a87-4061-b00a-57d2355f9140&expiration=1514996263
Set-Cookie: TDID=61dca775-9a87-4061-b00a-57d2355f9140; domain=.adsrvr.org; expires=Tue, 04-Dec-2018 16:17:43 GMT; path=/ TDCPM=CAESFQoGY2FzYWxlEgsI8q-Gy5LP3TUQBRgFIAEoAjILCK6T2euoz901EAU4AQ..; domain=.adsrvr.org; expires=Tue, 04-Dec-2018 16:17:43 GMT; path=/
Cache-Control: private,no-cache, must-revalidate
Connection: keep-alive
Content-Type: text/html
Content-Length: 283

GET
H/1.1

200
OK

Cookie set crum
dsum-sec.casalemedia.com/
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&mm_bnc&mm_bct
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=183d5a25-73cd-4000-9e78-0d2a6a4b3880

43 B
43 B

12ms
11ms

Image
image/gif

92.123.93.251
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=183d5a25-73cd-4000-9e78-0d2a6a4b3880
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=185269&cb=https%3A%2F%2Ftex-sync.rockyou.net%2Fusersync%2Findexexchange%2F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.123.93.251 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a92-123-93-251.deploy.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dsum-sec.casalemedia.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://ssum-sec.casalemedia.com/usermatch?s=185269&cb=https%3A%2F%2Ftex-sync.rockyou.net%2Fusersync%2Findexexchange%2F&C=1
Cookie: CMST=WiV1KVoldSkA; CMDD=; CMSC=WiV1KQ**; CMID=WiV1KLlQJrkAAFtTu8MAAAAJ; CMPS=3216; CMPRO=1109; CMRUM3=985a25752905a0&825a2575292760AAdKWU60SuoAABbIVH03uQ&275a257529276061dca775-9a87-4061-b00a-57d2355f9140&035a25752905a0&475a25752905a0&495a25752905a0&2d5a2575292760CAESEPn6YAOvi2DwJ0vgKK70_04&525a25752900010
Connection: keep-alive
Cache-Control: no-cache
Referer: https://ssum-sec.casalemedia.com/usermatch?s=185269&cb=https%3A%2F%2Ftex-sync.rockyou.net%2Fusersync%2Findexexchange%2F&C=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 04 Dec 2017 16:17:45 GMT
Server: Apache
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Set-Cookie: CMID=WiV1KLlQJrkAAFtTu8MAAAAJ;domain=casalemedia.com;path=/;expires=Tue, 04 Dec 2018 16:17:45 GMT CMPS=3216;domain=casalemedia.com;path=/;expires=Sun, 04 Mar 2018 16:17:45 GMT CMPRO=1109;domain=casalemedia.com;path=/;expires=Sun, 04 Mar 2018 16:17:45 GMT CMRUM3=985a25752905a0&825a2575292760AAdKWU60SuoAABbIVH03uQ&275a257529276061dca775-9a87-4061-b00a-57d2355f9140&475a25752905a0&035a2575292760183d5a25-73cd-4000-9e78-0d2a6a4b3880&2d5a2575292760CAESEPn6YAOvi2DwJ0vgKK70_04&495a25752905a0&525a25752900010;domain=casalemedia.com;path=/;expires=Tue, 04 Dec 2018 16:17:45 GMT
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 04 Dec 2017 16:17:45 GMT

Redirect headers

Date: Mon, 04 Dec 2017 16:17:45 GMT
Server: MT3 1.15.20.1 33bcb65 release zrh-pixel-x21
Connection: keep-alive
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=183d5a25-73cd-4000-9e78-0d2a6a4b3880
Cache-Control: no-cache
Set-Cookie: uuidc=3b7XZ/vtIgoCmIEk6G0bO7TP9UGW2KnForJreYG4DD9EuauFcM2+xJqVsDMebN3rtVF96jeXoWaopE2hZKWTvEh09O4iV4Is/G4NCFGjSLo=; Expires=Tue, 01-Jan-19 16:17:45 GMT; Domain=.mathtag.com; Path=/
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 04 Dec 2017 16:17:44 GMT

GET
H2

200

WiV1KLlQJrkAAFtTu8MAAAAJBFUAAAAB
pr-bh.ybp.yahoo.com/sync/casale/
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=183875&cb=https%3A%2F%2Fpr-bh.ybp.yahoo.com%2Fsync%2Fcasale%2F_UID_
https://pr-bh.ybp.yahoo.com/sync/casale/WiV1KLlQJrkAAFtTu8MAAAAJBFUAAAAB

43 B
52 B

99ms
33ms

Image
image/gif

77.238.185.35
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/WiV1KLlQJrkAAFtTu8MAAAAJBFUAAAAB

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=185269&cb=https%3A%2F%2Ftex-sync.rockyou.net%2Fusersync%2Findexexchange%2F&C=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

77.238.185.35 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

pr-bh.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /sync/casale/WiV1KLlQJrkAAFtTu8MAAAAJBFUAAAAB
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pr-bh.ybp.yahoo.com
referer: https://ssum-sec.casalemedia.com/usermatch?s=185269&cb=https%3A%2F%2Ftex-sync.rockyou.net%2Fusersync%2Findexexchange%2F&C=1
:scheme: https
:method: GET
Referer: https://ssum-sec.casalemedia.com/usermatch?s=185269&cb=https%3A%2F%2Ftex-sync.rockyou.net%2Fusersync%2Findexexchange%2F&C=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date: Mon, 04 Dec 2017 16:17:45 GMT
server: ATS
age: 0
strict-transport-security: max-age=31536000
content-type: image/gif
status: 200
public-key-pins-report-only: max-age=2592000; pin-sha256="2fRAUXyxl4A1/XHrKNBmc8bTkzA7y4FB/GLJuNAzCqY="; pin-sha256="2oALgLKofTmeZvoZ1y/fSZg7R9jPMix8eVA6DH4o/q8="; pin-sha256="47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU="; pin-sha256="cAajgxHlj7GTSEIzIYIQxmEloOSoJq7VOaxWHfv72QM="; pin-sha256="Gtk3r1evlBrs0hG3fm3VoM19daHexDWP//OCmeeMr5M="; pin-sha256="i7WTqTvh0OioIruIfFR4kMPnBqrS2rdiVPl/s2uC/CY="; pin-sha256="iduNzFNKpwYZ3se/XV+hXcbUonlLw09QPa6AYUwpu4M="; pin-sha256="I/Lt/z7ekCWanjD0Cvj5EqXls2lOaThEA0H2Bg4BT/o="; pin-sha256="JbQbUG5JMJUoI6brnx0x3vZF6jilxsapbXGVfjhN8Fg="; pin-sha256="lnsM2T/O9/J84sJFdnrpsFp3awZJ+ZZbYpCWhGloaHI="; pin-sha256="r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E="; pin-sha256="SVqWumuteCQHvVIaALrOZXuzVVVeS7f4FGxxu6V+es4="; pin-sha256="uUwZgwDOxcBXrQcntwu+kYFpkiVkOaezL0WYEZ3anJc="; pin-sha256="UZJDjsNp1+4M5x9cbbdflB779y5YRBcV6Z6rBMLIrO4="; pin-sha256="Wd8xe/qfTwq3ylFNd3IpaqLHZbh2ZNCLluVzmeNkcpw="; pin-sha256="WoiWRyIOVNa9ihaBciRSC7XHjliYS9VwUGOIud4PB18="; includeSubdomains; report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-hpkp-report-only"
set-cookie: B=ccu2gftd2at99&b=3&s=ho;Path=/;Domain=.yahoo.com;Expires=Tue, 04-Dec-2018 16:17:45 GMT
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 04 Dec 2017 16:17:45 GMT
Server: Apache
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://pr-bh.ybp.yahoo.com/sync/casale/WiV1KLlQJrkAAFtTu8MAAAAJBFUAAAAB
Cache-Control: max-age=0, no-cache, no-store
Set-Cookie: CMID=WiV1KLlQJrkAAFtTu8MAAAAJ;domain=casalemedia.com;path=/;expires=Tue, 04 Dec 2018 16:17:45 GMT CMPS=3216;domain=casalemedia.com;path=/;expires=Sun, 04 Mar 2018 16:17:45 GMT CMPRO=1109;domain=casalemedia.com;path=/;expires=Sun, 04 Mar 2018 16:17:45 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 256
Expires: Mon, 04 Dec 2017 16:17:45 GMT

GET
H/1.1

200
OK

Cookie set crum
dsum-sec.casalemedia.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm=&google_sc=&google_tc=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPn6YAOvi2DwJ0vgKK70_04&google_cver=1

43 B
43 B

28ms
12ms

Image
image/gif

92.123.93.251
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPn6YAOvi2DwJ0vgKK70_04&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=185269&cb=https%3A%2F%2Ftex-sync.rockyou.net%2Fusersync%2Findexexchange%2F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.123.93.251 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a92-123-93-251.deploy.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dsum-sec.casalemedia.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://ssum-sec.casalemedia.com/usermatch?s=185269&cb=https%3A%2F%2Ftex-sync.rockyou.net%2Fusersync%2Findexexchange%2F&C=1
Cookie: CMST=WiV1KVoldSkA; CMDD=; CMRUM3=985a25752905a0&825a257529a8c0&275a2575290b40&475a25752905a0&035a25752905a0&2d5a25752905a0&495a25752905a0&525a25752905a0; CMSC=WiV1KQ**; CMID=WiV1KLlQJrkAAFtTu8MAAAAJ; CMPS=3216; CMPRO=1109
Connection: keep-alive
Cache-Control: no-cache
Referer: https://ssum-sec.casalemedia.com/usermatch?s=185269&cb=https%3A%2F%2Ftex-sync.rockyou.net%2Fusersync%2Findexexchange%2F&C=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 04 Dec 2017 16:17:45 GMT
Server: Apache
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Set-Cookie: CMID=WiV1KLlQJrkAAFtTu8MAAAAJ;domain=casalemedia.com;path=/;expires=Tue, 04 Dec 2018 16:17:45 GMT CMPS=3216;domain=casalemedia.com;path=/;expires=Sun, 04 Mar 2018 16:17:45 GMT CMPRO=1109;domain=casalemedia.com;path=/;expires=Sun, 04 Mar 2018 16:17:45 GMT CMRUM3=985a25752905a0&825a257529a8c0&275a2575290b40&475a25752905a0&035a25752905a0&2d5a2575292760CAESEPn6YAOvi2DwJ0vgKK70_04&495a25752905a0&525a25752905a0;domain=casalemedia.com;path=/;expires=Tue, 04 Dec 2018 16:17:45 GMT
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 04 Dec 2017 16:17:45 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Dec 2017 16:17:45 GMT
server: HTTP server (unknown)
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPn6YAOvi2DwJ0vgKK70_04&google_cver=1
cache-control: no-cache, must-revalidate
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT IDE=AHWqTUkTn4sEzYnk0Tis6bYC7mQAaal5k1XlauKX4uVve5pSnhYKotrgPg; expires=Sat, 29-Dec-2018 16:17:45 GMT; path=/; domain=.doubleclick.net; HttpOnly
content-type: text/html; charset=UTF-8
alt-svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 314
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

1x1
pixel.everesttech.net/
Redirect Chain

https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D71%26external_user_id%3D__EFGCK__
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=V2lWMUtRQUFCZGRTNWhISw&url=/1/gr%3furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Fcrum%253Fcm_dsp_i...
https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Fcrum%253Fcm_dsp_id%253D71%2526external_user_id%253D__EFGCK__&google_gid=CAESEErSL...
https://pixel.everesttech.net/1x1

128 B
128 B

17ms
17ms

Image
image/png

66.117.28.68
Adobe Systems Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.everesttech.net/1x1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=185269&cb=https%3A%2F%2Ftex-sync.rockyou.net%2Fusersync%2Findexexchange%2F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 66.117.28.68 Lehi, United States, ASN15224 (OMNITURE - Adobe Systems Inc., US),
Reverse DNS
Software: Apache /
Resource Hash: bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: pixel.everesttech.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://ssum-sec.casalemedia.com/usermatch?s=185269&cb=https%3A%2F%2Ftex-sync.rockyou.net%2Fusersync%2Findexexchange%2F&C=1
Cookie: everest_session_v2=WiV1KQAABddS5hHK; everest_g_v2=g_surferid~WiV1KQAABddS5hHK; ev_sync_ax=20171204
Connection: keep-alive
Cache-Control: no-cache
Referer: https://ssum-sec.casalemedia.com/usermatch?s=185269&cb=https%3A%2F%2Ftex-sync.rockyou.net%2Fusersync%2Findexexchange%2F&C=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date: Mon, 04 Dec 2017 16:17:45 GMT
Last-Modified: Wed, 19 Oct 2016 22:11:25 GMT
Server: Apache
ETag: "9c37b1-80-53f3f17013d40"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=997101
Content-Length: 128

Redirect headers

Date: Mon, 04 Dec 2017 16:17:44 GMT
Server: AMO-cookiemap/1.1
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Location: https://pixel.everesttech.net/1x1
Set-Cookie: ev_sync_ax=20171204; Domain=.everesttech.net; Expires=Thu, 04-Jan-2018 16:17:45 GMT; Path=/
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=15,max=100
Content-Length: 0

GET
H/1.1

200
OK

Cookie set crum
dsum-sec.casalemedia.com/
Redirect Chain

https://match.prod.bidr.io/cookie-sync/ie
https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAdKWU60SuoAABbIVH03uQ&expiration=1513613865

43 B
43 B

12ms
11ms

Image
image/gif

92.123.93.251
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAdKWU60SuoAABbIVH03uQ&expiration=1513613865
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=185269&cb=https%3A%2F%2Ftex-sync.rockyou.net%2Fusersync%2Findexexchange%2F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.123.93.251 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a92-123-93-251.deploy.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dsum-sec.casalemedia.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://ssum-sec.casalemedia.com/usermatch?s=185269&cb=https%3A%2F%2Ftex-sync.rockyou.net%2Fusersync%2Findexexchange%2F&C=1
Cookie: CMST=WiV1KVoldSkA; CMDD=; CMSC=WiV1KQ**; CMID=WiV1KLlQJrkAAFtTu8MAAAAJ; CMPS=3216; CMPRO=1109; CMRUM3=985a25752905a0&825a257529a8c0&275a257529276061dca775-9a87-4061-b00a-57d2355f9140&475a25752905a0&035a25752905a0&2d5a2575292760CAESEPn6YAOvi2DwJ0vgKK70_04&495a25752905a0&525a25752900010
Connection: keep-alive
Cache-Control: no-cache
Referer: https://ssum-sec.casalemedia.com/usermatch?s=185269&cb=https%3A%2F%2Ftex-sync.rockyou.net%2Fusersync%2Findexexchange%2F&C=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 04 Dec 2017 16:17:45 GMT
Server: Apache
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Set-Cookie: CMID=WiV1KLlQJrkAAFtTu8MAAAAJ;domain=casalemedia.com;path=/;expires=Tue, 04 Dec 2018 16:17:45 GMT CMPS=3216;domain=casalemedia.com;path=/;expires=Sun, 04 Mar 2018 16:17:45 GMT CMPRO=1109;domain=casalemedia.com;path=/;expires=Sun, 04 Mar 2018 16:17:45 GMT CMRUM3=985a25752905a0&825a2575292760AAdKWU60SuoAABbIVH03uQ&275a257529276061dca775-9a87-4061-b00a-57d2355f9140&035a25752905a0&475a25752905a0&495a25752905a0&2d5a2575292760CAESEPn6YAOvi2DwJ0vgKK70_04&525a25752900010;domain=casalemedia.com;path=/;expires=Tue, 04 Dec 2018 16:17:45 GMT
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 04 Dec 2017 16:17:45 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAdKWU60SuoAABbIVH03uQ&expiration=1513613865
set-cookie: bito=AAdKWU60SuoAABbIVH03uQ; Domain=bidr.io; expires=Tue, 31 Dec 2030 11:59:59 GMT; Path=/ checkForPermission=; Domain=bidr.io; expires=Thu, 01 May 2008 00:00:00 GMT; Path=/
Date: Mon, 04 Dec 2017 16:17:45 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

Cookie set crum
dsum-sec.casalemedia.com/
Redirect Chain

https://bidi-geo.mythings.com/bidi/casale
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=82&expiration=1473690514

43 B
43 B

12ms
12ms

Image
image/gif

92.123.93.251
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=82&expiration=1473690514
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=185269&cb=https%3A%2F%2Ftex-sync.rockyou.net%2Fusersync%2Findexexchange%2F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.123.93.251 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a92-123-93-251.deploy.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dsum-sec.casalemedia.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://ssum-sec.casalemedia.com/usermatch?s=185269&cb=https%3A%2F%2Ftex-sync.rockyou.net%2Fusersync%2Findexexchange%2F&C=1
Cookie: CMST=WiV1KVoldSkA; CMDD=; CMSC=WiV1KQ**; CMID=WiV1KLlQJrkAAFtTu8MAAAAJ; CMPS=3216; CMPRO=1109; CMRUM3=985a25752905a0&825a257529a8c0&275a2575290b40&475a25752905a0&035a25752905a0&2d5a2575292760CAESEPn6YAOvi2DwJ0vgKK70_04&495a25752905a0&525a25752905a0
Connection: keep-alive
Cache-Control: no-cache
Referer: https://ssum-sec.casalemedia.com/usermatch?s=185269&cb=https%3A%2F%2Ftex-sync.rockyou.net%2Fusersync%2Findexexchange%2F&C=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 04 Dec 2017 16:17:45 GMT
Server: Apache
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Set-Cookie: CMID=WiV1KLlQJrkAAFtTu8MAAAAJ;domain=casalemedia.com;path=/;expires=Tue, 04 Dec 2018 16:17:45 GMT CMPS=3216;domain=casalemedia.com;path=/;expires=Sun, 04 Mar 2018 16:17:45 GMT CMPRO=1109;domain=casalemedia.com;path=/;expires=Sun, 04 Mar 2018 16:17:45 GMT CMRUM3=985a25752905a0&825a257529a8c0&275a2575290b40&035a25752905a0&475a25752905a0&495a25752905a0&2d5a2575292760CAESEPn6YAOvi2DwJ0vgKK70_04&525a25752900010;domain=casalemedia.com;path=/;expires=Tue, 04 Dec 2018 16:17:45 GMT
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 04 Dec 2017 16:17:45 GMT

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=82&expiration=1473690514
Date: Mon, 04 Dec 2017 16:17:45 GMT
Cache-Control: no-cache
Server: Finatra
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

Cookie set crum
dsum-sec.casalemedia.com/
Redirect Chain

https://sync.extend.tv/r.gif?exchange=index
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=389ac11a-7d4b-4427-a289-27b67ca347c1

43 B
43 B

11ms
11ms

Image
image/gif

92.123.93.251
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=389ac11a-7d4b-4427-a289-27b67ca347c1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=185269&cb=https%3A%2F%2Ftex-sync.rockyou.net%2Fusersync%2Findexexchange%2F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.123.93.251 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a92-123-93-251.deploy.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dsum-sec.casalemedia.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://ssum-sec.casalemedia.com/usermatch?s=185269&cb=https%3A%2F%2Ftex-sync.rockyou.net%2Fusersync%2Findexexchange%2F&C=1
Cookie: CMST=WiV1KVoldSkA; CMDD=; CMSC=WiV1KQ**; CMID=WiV1KLlQJrkAAFtTu8MAAAAJ; CMPS=3216; CMPRO=1109; CMRUM3=985a25752905a0&825a2575292760AAdKWU60SuoAABbIVH03uQ&275a257529276061dca775-9a87-4061-b00a-57d2355f9140&475a25752905a0&035a2575292760183d5a25-73cd-4000-9e78-0d2a6a4b3880&2d5a2575292760CAESEPn6YAOvi2DwJ0vgKK70_04&495a25752905a0&525a25752900010
Connection: keep-alive
Cache-Control: no-cache
Referer: https://ssum-sec.casalemedia.com/usermatch?s=185269&cb=https%3A%2F%2Ftex-sync.rockyou.net%2Fusersync%2Findexexchange%2F&C=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 04 Dec 2017 16:17:45 GMT
Server: Apache
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Set-Cookie: CMID=WiV1KLlQJrkAAFtTu8MAAAAJ;domain=casalemedia.com;path=/;expires=Tue, 04 Dec 2018 16:17:45 GMT CMPS=3216;domain=casalemedia.com;path=/;expires=Sun, 04 Mar 2018 16:17:45 GMT CMPRO=1109;domain=casalemedia.com;path=/;expires=Sun, 04 Mar 2018 16:17:45 GMT CMRUM3=985a2575292760389ac11a-7d4b-4427-a289-27b67ca347c1&825a2575292760AAdKWU60SuoAABbIVH03uQ&275a257529276061dca775-9a87-4061-b00a-57d2355f9140&035a2575292760183d5a25-73cd-4000-9e78-0d2a6a4b3880&475a25752905a0&495a25752905a0&2d5a2575292760CAESEPn6YAOvi2DwJ0vgKK70_04&525a25752900010;domain=casalemedia.com;path=/;expires=Tue, 04 Dec 2018 16:17:45 GMT
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 04 Dec 2017 16:17:45 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 04 Dec 2017 16:21:56 GMT
Access-Control-Allow-Origin: *
Content-Type: text/html; charset=utf-8
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=389ac11a-7d4b-4427-a289-27b67ca347c1
Set-Cookie: extendtv_user_id=389ac11a-7d4b-4427-a289-27b67ca347c1; Path=/; Domain=extend.tv; Expires=Wed, 04 Dec 2019 16:21:56 GMT
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 132
Expires: Tue, 29 May 1984 15:00:00 GMT

GET
H/1.1

200
OK

Cookie set match
ads.altitude-arena.com/
Redirect Chain

https://tex-sync.rockyou.net/usersync/indexexchange/WiV1KLlQJrkAAFtTu8MAAAAJ%261109
https://ads.altitude-arena.com/match?bidder_id=98&external_user_id=XU01v04-ebbadbb8-2525-4031-acab-fb0158d36457

0
0

370ms
92ms

Image
image/webp

63.251.24.69
Internap Network ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.altitude-arena.com/match?bidder_id=98&external_user_id=XU01v04-ebbadbb8-2525-4031-acab-fb0158d36457
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=185269&cb=https%3A%2F%2Ftex-sync.rockyou.net%2Fusersync%2Findexexchange%2F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.251.24.69 , United States, ASN13789 (INTERNAP-BLK3 - Internap Network Services Corporation, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: ads.altitude-arena.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://ssum-sec.casalemedia.com/usermatch?s=185269&cb=https%3A%2F%2Ftex-sync.rockyou.net%2Fusersync%2Findexexchange%2F&C=1
Connection: keep-alive
Cache-Control: no-cache
Referer: https://ssum-sec.casalemedia.com/usermatch?s=185269&cb=https%3A%2F%2Ftex-sync.rockyou.net%2Fusersync%2Findexexchange%2F&C=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date: Mon, 04 Dec 2017 16:17:45 GMT
Set-Cookie: um="!98,XU01v04-ebbadbb8-2525-4031-acab-fb0158d36457";Version=1;Path=/;Domain=.altitude-arena.com;Expires=Mon, 11-Dec-2017 16:17:45 GMT;Max-Age=604800
Content-Type: image/webp
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Mon, 04 Dec 2017 16:17:45 GMT
Server: nginx
up_name: 173.195.214.64:1002
Transfer-Encoding: chunked
svr_name: tal-nginx-prod-001.tn.ryint.net
Location: https://ads.altitude-arena.com/match?bidder_id=98&external_user_id=XU01v04-ebbadbb8-2525-4031-acab-fb0158d36457
Connection: keep-alive
Content-Type: text/html

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.casalemedia.com/	1970-01-18 14:16:20	Name: CMPRO Value: 1109
.casalemedia.com/	1970-01-18 14:16:20	Name: CMPS Value: 3216
.casalemedia.com/	1970-01-18 20:52:20	Name: CMID Value: WiV1KLlQJrkAAFtTu8MAAAAJ
.casalemedia.com/	1970-01-01 00:00:00	Name: CMSC Value: WiV1KQ**
.casalemedia.com/	1970-01-18 12:08:10	Name: CMDD Value:
.casalemedia.com/	1970-01-18 20:52:20	Name: CMRUM3 Value: 985a2575292760389ac11a-7d4b-4427-a289-27b67ca347c1&825a2575292760AAdKWU60SuoAABbIVH03uQ&275a257529276061dca775-9a87-4061-b00a-57d2355f9140&035a2575292760183d5a25-73cd-4000-9e78-0d2a6a4b3880&475a25752905a0&495a25752905a0&2d5a2575292760CAESEPn6YAOvi2DwJ0vgKK70_04&525a25752900010
.casalemedia.com/	1970-01-18 12:08:10	Name: CMST Value: WiV1KVoldSkA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.altitude-arena.com
altitude.tex-sync.rockyou.net
bidi-geo.mythings.com
cm.everesttech.net
cm.g.doubleclick.net
dsum-sec.casalemedia.com
match.adsrvr.org
match.prod.bidr.io
pixel.everesttech.net
pr-bh.ybp.yahoo.com
ssum-sec.casalemedia.com
sync.extend.tv
sync.mathtag.com
tex-sync.rockyou.net
173.195.214.209
173.195.214.210
176.34.189.228
185.29.132.21
216.58.210.2
34.206.55.242
52.213.124.12
52.49.64.193
63.251.24.69
66.117.28.68
66.117.28.86
77.238.185.35
92.123.93.251
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f
cfe68a0bd9af347d2de19a490ed9f218325b0d706458974effbfa3509cbe612f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

ssum-sec.casalemedia.com Open in urlscan Pro 92.123.93.251 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

10 Requests

100 %HTTPS

0 %IPv6

11 Domains

14 Subdomains

4 IPs

4 Countries

2 kBTransfer

2 kBSize

7 Cookies

0 Outgoing links

Page URL History

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

7 Cookies

Indicators

ssum-sec.casalemedia.com Open in urlscan Pro
92.123.93.251 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

100 %
HTTPS

0 %
IPv6

11
Domains

14
Subdomains

4
IPs

4
Countries

2 kB
Transfer

2 kB
Size

7
Cookies

10 HTTP transactions
0 data transactions