![](/screenshots/1ab92256-eba0-4cd9-87cc-531ec09bc66e.png)
ssum-sec.casalemedia.com
Open in
urlscan Pro
92.123.93.251
Public Scan
Effective URL: https://ssum-sec.casalemedia.com/usermatch?s=185269&cb=https%3A%2F%2Ftex-sync.rockyou.net%2Fusersync%2Findexexchange%2F&C=1
Submission: On December 04 via manual from US
Summary
TLS certificate: Issued by GeoTrust SSL CA - G3 on August 3rd 2017. Valid for: a year.
This is the only time ssum-sec.casalemedia.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 173.195.214.210 173.195.214.210 | 46681 (ROCKYOU) (ROCKYOU - Rockyou Inc.) | |
2 9 | 92.123.93.251 92.123.93.251 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
2 2 | 176.34.189.228 176.34.189.228 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
2 2 | 185.29.132.21 185.29.132.21 | 30419 (MEDIAMATH...) (MEDIAMATH-INC - MediaMath Inc) | |
1 | 77.238.185.35 77.238.185.35 | 34010 (YAHOO-IRD) (YAHOO-IRD) | |
3 3 | 216.58.210.2 216.58.210.2 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 2 | 66.117.28.68 66.117.28.68 | 15224 (OMNITURE) (OMNITURE - Adobe Systems Inc.) | |
1 1 | 66.117.28.86 66.117.28.86 | 15224 (OMNITURE) (OMNITURE - Adobe Systems Inc.) | |
2 2 | 52.213.124.12 52.213.124.12 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 1 | 52.49.64.193 52.49.64.193 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 1 | 34.206.55.242 34.206.55.242 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
1 1 | 173.195.214.209 173.195.214.209 | 46681 (ROCKYOU) (ROCKYOU - Rockyou Inc.) | |
1 | 63.251.24.69 63.251.24.69 | 13789 (INTERNAP-...) (INTERNAP-BLK3 - Internap Network Services Corporation) | |
10 | 4 |
ASN46681 (ROCKYOU - Rockyou Inc., US)
altitude.tex-sync.rockyou.net |
ASN20940 (AKAMAI-ASN1, US)
PTR: a92-123-93-251.deploy.akamaitechnologies.com
ssum-sec.casalemedia.com | |
dsum-sec.casalemedia.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-176-34-189-228.eu-west-1.compute.amazonaws.com
match.adsrvr.org |
ASN34010 (YAHOO-IRD, GB)
PTR: pr-bh.pbp.vip.ir2.yahoo.com
pr-bh.ybp.yahoo.com |
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s07-in-f2.1e100.net
cm.g.doubleclick.net |
ASN15224 (OMNITURE - Adobe Systems Inc., US)
pixel.everesttech.net |
ASN15224 (OMNITURE - Adobe Systems Inc., US)
cm.everesttech.net |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-213-124-12.eu-west-1.compute.amazonaws.com
match.prod.bidr.io |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-49-64-193.eu-west-1.compute.amazonaws.com
bidi-geo.mythings.com |
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-206-55-242.compute-1.amazonaws.com
sync.extend.tv |
ASN46681 (ROCKYOU - Rockyou Inc., US)
tex-sync.rockyou.net |
ASN13789 (INTERNAP-BLK3 - Internap Network Services Corporation, US)
ads.altitude-arena.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
casalemedia.com
2 redirects
ssum-sec.casalemedia.com dsum-sec.casalemedia.com |
3 KB |
3 |
everesttech.net
2 redirects
pixel.everesttech.net cm.everesttech.net |
1 KB |
3 |
doubleclick.net
3 redirects
cm.g.doubleclick.net |
1 KB |
2 |
bidr.io
2 redirects
match.prod.bidr.io |
729 B |
2 |
mathtag.com
2 redirects
sync.mathtag.com |
1 KB |
2 |
adsrvr.org
2 redirects
match.adsrvr.org |
1 KB |
2 |
rockyou.net
2 redirects
altitude.tex-sync.rockyou.net tex-sync.rockyou.net |
895 B |
1 |
altitude-arena.com
ads.altitude-arena.com |
|
1 |
extend.tv
1 redirects
sync.extend.tv |
546 B |
1 |
mythings.com
1 redirects
bidi-geo.mythings.com |
304 B |
1 |
yahoo.com
pr-bh.ybp.yahoo.com |
52 B |
10 | 11 |
Domain | Requested by | |
---|---|---|
6 | dsum-sec.casalemedia.com |
ssum-sec.casalemedia.com
|
3 | cm.g.doubleclick.net | 3 redirects |
3 | ssum-sec.casalemedia.com | 2 redirects |
2 | match.prod.bidr.io | 2 redirects |
2 | pixel.everesttech.net |
1 redirects
ssum-sec.casalemedia.com
|
2 | sync.mathtag.com | 2 redirects |
2 | match.adsrvr.org | 2 redirects |
1 | ads.altitude-arena.com |
ssum-sec.casalemedia.com
|
1 | tex-sync.rockyou.net | 1 redirects |
1 | sync.extend.tv | 1 redirects |
1 | bidi-geo.mythings.com | 1 redirects |
1 | cm.everesttech.net | 1 redirects |
1 | pr-bh.ybp.yahoo.com |
ssum-sec.casalemedia.com
|
1 | altitude.tex-sync.rockyou.net | 1 redirects |
10 | 14 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
san.casalemedia.com GeoTrust SSL CA - G3 |
2017-08-03 - 2018-11-02 |
a year | crt.sh |
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA |
2017-11-09 - 2018-05-08 |
6 months | crt.sh |
*.everesttech.net DigiCert SHA2 Secure Server CA |
2017-04-13 - 2020-04-17 |
3 years | crt.sh |
*.altitude-arena.com Go Daddy Secure Certificate Authority - G2 |
2017-02-07 - 2018-04-09 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://ssum-sec.casalemedia.com/usermatch?s=185269&cb=https%3A%2F%2Ftex-sync.rockyou.net%2Fusersync%2Findexexchange%2F&C=1
Frame ID: 3541.1
Requests: 10 HTTP requests in this frame
Screenshot
![](/screenshots/1ab92256-eba0-4cd9-87cc-531ec09bc66e.png)
Page URL History Show full URLs
-
http://altitude.tex-sync.rockyou.net/usersync2/altitude
HTTP 302
https://ssum-sec.casalemedia.com/usermatch?s=185269&cb=https%3A%2F%2Ftex-sync.rockyou.net%2Fusersync%2Findexe... HTTP 302
https://ssum-sec.casalemedia.com/usermatch?s=185269&cb=https%3A%2F%2Ftex-sync.rockyou.net%2Fusersync%2Findexe... Page URL
Detected technologies
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://altitude.tex-sync.rockyou.net/usersync2/altitude
HTTP 302
https://ssum-sec.casalemedia.com/usermatch?s=185269&cb=https%3A%2F%2Ftex-sync.rockyou.net%2Fusersync%2Findexexchange%2F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?s=185269&cb=https%3A%2F%2Ftex-sync.rockyou.net%2Fusersync%2Findexexchange%2F&C=1 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://match.adsrvr.org/track/cmf/casale?cm_dsp_id=39&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_user_id=WiV1KLlQJrkAAFtTu8MAAAAJ HTTP 302
- https://match.adsrvr.org/track/cmb/casale?cm_dsp_id=39&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_user_id=WiV1KLlQJrkAAFtTu8MAAAAJ HTTP 302
- https://dsum-sec.casalemedia.com/crum?cm_dsp_id=39&external_user_id=61dca775-9a87-4061-b00a-57d2355f9140&expiration=1514996263
- https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
- https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&mm_bnc&mm_bct HTTP 302
- https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=183d5a25-73cd-4000-9e78-0d2a6a4b3880
- https://ssum-sec.casalemedia.com/usermatchredir?s=183875&cb=https%3A%2F%2Fpr-bh.ybp.yahoo.com%2Fsync%2Fcasale%2F_UID_ HTTP 302
- https://pr-bh.ybp.yahoo.com/sync/casale/WiV1KLlQJrkAAFtTu8MAAAAJBFUAAAAB
- https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm=&google_sc=&google_tc= HTTP 302
- https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPn6YAOvi2DwJ0vgKK70_04&google_cver=1
- https://pixel.everesttech.net/1/gr?url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D71%26external_user_id%3D__EFGCK__ HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=everest&google_cm&google_sc&ev_rs=1&google_hm=V2lWMUtRQUFCZGRTNWhISw&url=/1/gr%3furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Fcrum%253Fcm_dsp_id%253D71%2526external_user_id%253D__EFGCK__ HTTP 302
- https://cm.everesttech.net/cm/ax?cookieid=&ev_rs=1&url=/1/gr%3Furl=https%253A%252F%252Fdsum-sec.casalemedia.com%252Fcrum%253Fcm_dsp_id%253D71%2526external_user_id%253D__EFGCK__&google_gid=CAESEErSLPVW-F6DwHkYE52_LGI&google_cver=1 HTTP 302
- https://pixel.everesttech.net/1x1
- https://match.prod.bidr.io/cookie-sync/ie HTTP 303
- https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1 HTTP 303
- https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAdKWU60SuoAABbIVH03uQ&expiration=1513613865
- https://bidi-geo.mythings.com/bidi/casale HTTP 307
- https://dsum-sec.casalemedia.com/crum?cm_dsp_id=82&expiration=1473690514
- https://sync.extend.tv/r.gif?exchange=index HTTP 302
- https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=389ac11a-7d4b-4427-a289-27b67ca347c1
- https://tex-sync.rockyou.net/usersync/indexexchange/WiV1KLlQJrkAAFtTu8MAAAAJ%261109 HTTP 302
- https://ads.altitude-arena.com/match?bidder_id=98&external_user_id=XU01v04-ebbadbb8-2525-4031-acab-fb0158d36457
10 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
![]() ssum-sec.casalemedia.com/ Redirect Chain
|
2 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
![]() dsum-sec.casalemedia.com/ Redirect Chain
|
43 B 43 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
![]() dsum-sec.casalemedia.com/ Redirect Chain
|
43 B 43 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
WiV1KLlQJrkAAFtTu8MAAAAJBFUAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Redirect Chain
|
43 B 52 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
![]() dsum-sec.casalemedia.com/ Redirect Chain
|
43 B 43 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1x1
pixel.everesttech.net/ Redirect Chain
|
128 B 128 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
![]() dsum-sec.casalemedia.com/ Redirect Chain
|
43 B 43 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
![]() dsum-sec.casalemedia.com/ Redirect Chain
|
43 B 43 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
![]() dsum-sec.casalemedia.com/ Redirect Chain
|
43 B 43 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
![]() ads.altitude-arena.com/ Redirect Chain
|
0 0 |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
Verdicts & Comments Add Verdict or Comment
0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
7 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.casalemedia.com/ | Name: CMPRO Value: 1109 |
|
.casalemedia.com/ | Name: CMPS Value: 3216 |
|
.casalemedia.com/ | Name: CMID Value: WiV1KLlQJrkAAFtTu8MAAAAJ |
|
.casalemedia.com/ | Name: CMSC Value: WiV1KQ** |
|
.casalemedia.com/ | Name: CMDD Value: |
|
.casalemedia.com/ | Name: CMRUM3 Value: 985a2575292760389ac11a-7d4b-4427-a289-27b67ca347c1&825a2575292760AAdKWU60SuoAABbIVH03uQ&275a257529276061dca775-9a87-4061-b00a-57d2355f9140&035a2575292760183d5a25-73cd-4000-9e78-0d2a6a4b3880&475a25752905a0&495a25752905a0&2d5a2575292760CAESEPn6YAOvi2DwJ0vgKK70_04&525a25752900010 |
|
.casalemedia.com/ | Name: CMST Value: WiV1KVoldSkA |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ads.altitude-arena.com
altitude.tex-sync.rockyou.net
bidi-geo.mythings.com
cm.everesttech.net
cm.g.doubleclick.net
dsum-sec.casalemedia.com
match.adsrvr.org
match.prod.bidr.io
pixel.everesttech.net
pr-bh.ybp.yahoo.com
ssum-sec.casalemedia.com
sync.extend.tv
sync.mathtag.com
tex-sync.rockyou.net
173.195.214.209
173.195.214.210
176.34.189.228
185.29.132.21
216.58.210.2
34.206.55.242
52.213.124.12
52.49.64.193
63.251.24.69
66.117.28.68
66.117.28.86
77.238.185.35
92.123.93.251
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bf94db5c7d218f9a2a2edfff6c01bf65f5946a32000cd41835fee5b564efa62f
cfe68a0bd9af347d2de19a490ed9f218325b0d706458974effbfa3509cbe612f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855