rtb-csync.smartadserver.com Open in urlscan Pro
149.202.238.105 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://cms.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=1&gdpr_consent=CPvGc9gPvGc9gAcABBENDOCsAP_AAH_AACiQIDtf...
Effective URL:
https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=1&gdpr_consent=CPvGc9gPvGc9gAcABBENDOCsAP_AAH_AACiQIDtf_X__b2_j-_7-f_t0...
Submission: On April 27 via api (April 27th 2024, 6:50:47 am UTC) from LU — Scanned from GB

Summary HTTP 2 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 2 countries across 2 domains to perform 2 HTTP transactions. The main IP is 149.202.238.105, located in France and belongs to OVH, FR. The main domain is rtb-csync.smartadserver.com. The Cisco Umbrella rank of the primary domain is 684.
TLS certificate: Issued by DigiCert Global G3 TLS ECC SHA384 202... on January 17th 2024. Valid for: a year.

This is the only time rtb-csync.smartadserver.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2620:116:800d... 2620:116:800d:21:5e1b:ce09:16e2:2a3a	16509 (AMAZON-02) (AMAZON-02)
2	149.202.238.105 149.202.238.105	16276 (OVH) (OVH)
2	1

1 2620:116:800d:21:5e1b:ce09:16e2:2a3a (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 149.202.238.105 (France)

ASN16276 (OVH, FR)
PTR: ip105.ip-149-202-238.eu

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 684	1008 B
1	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 798	881 B
2	2

	Domain	Requested by
2	rtb-csync.smartadserver.com
1	cms.quantserve.com	1 redirects
2	2

This site contains no links.

Subject Issuer	Validity	Valid
*.smartadserver.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-01-17` - `2025-01-16`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=1&gdpr_consent=CPvGc9gPvGc9gAcABBENDOCsAP_AAH_AACiQIDtf_X__b2_j-_7-f_t0eY1P9_7__-0zjhfdl-8N3f_X_L8X52M5vF16pqoKuR4ku3bBIQdlHOHcDUmw6okVryOsbk2cr7NKJ7PEmlMbM2dYGH97n13T-ZKY7__vf__zvneAA75oAGAEAIASQggAgAAAAAIAAAMABAAAABIAAAAAgAgciASYalxAF2RIyEy0YRQogRhWEhVAoAKIBIWiAwhdXBTsrgJ9YDIAUAoAnggBDACjIgEAAAkASEQASBHggEAgEAgABAAqEAgAY2AAeAFoIBAAKA6FiFFAEoFhBkQERCmBAUAAFAIAQAAAAAAiAAAAAAAAAgAhAAIAMgAA.f_gAD_gAAAAA&partneruserid=LPgQdXv-Fic3qkElfP4PJ3moFSM3-0FwK62Pmb8-
Frame ID: 132DE01F7B53A78BA234394FF8E70ED0
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

redir (1×1)

Page URL History Show full URLs

http://cms.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=1&gdpr_consent=CPvGc9gPvGc9gAcABBEN... HTTP 307
https://cms.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=1&gdpr_consent=CPvGc9gPvGc9gAcABBEN... HTTP 302
https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=1&gdpr_consent=CPvGc9gPvGc9gAcABBENDOCsAP_AAH_AACiQ... Page URL

Page Statistics

2
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

1
IPs

2
Countries

1 kB
Transfer

0 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://cms.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=1&gdpr_consent=CPvGc9gPvGc9gAcABBENDOCsAP_AAH_AACiQIDtf_X__b2_j-_7-f_t0eY1P9_7__-0zjhfdl-8N3f_X_L8X52M5vF16pqoKuR4ku3bBIQdlHOHcDUmw6okVryOsbk2cr7NKJ7PEmlMbM2dYGH97n13T-ZKY7__vf__zvneAA75oAGAEAIASQggAgAAAAAIAAAMABAAAABIAAAAAgAgciASYalxAF2RIyEy0YRQogRhWEhVAoAKIBIWiAwhdXBTsrgJ9YDIAUAoAnggBDACjIgEAAAkASEQASBHggEAgEAgABAAqEAgAY2AAeAFoIBAAKA6FiFFAEoFhBkQERCmBAUAAFAIAQAAAAAAiAAAAAAAAAgAhAAIAMgAA.f_gAD_gAAAAA HTTP 307
https://cms.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=1&gdpr_consent=CPvGc9gPvGc9gAcABBENDOCsAP_AAH_AACiQIDtf_X__b2_j-_7-f_t0eY1P9_7__-0zjhfdl-8N3f_X_L8X52M5vF16pqoKuR4ku3bBIQdlHOHcDUmw6okVryOsbk2cr7NKJ7PEmlMbM2dYGH97n13T-ZKY7__vf__zvneAA75oAGAEAIASQggAgAAAAAIAAAMABAAAABIAAAAAgAgciASYalxAF2RIyEy0YRQogRhWEhVAoAKIBIWiAwhdXBTsrgJ9YDIAUAoAnggBDACjIgEAAAkASEQASBHggEAgEAgABAAqEAgAY2AAeAFoIBAAKA6FiFFAEoFhBkQERCmBAUAAFAIAQAAAAAAiAAAAAAAAAgAhAAIAMgAA.f_gAD_gAAAAA HTTP 302
https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=1&gdpr_consent=CPvGc9gPvGc9gAcABBENDOCsAP_AAH_AACiQIDtf_X__b2_j-_7-f_t0eY1P9_7__-0zjhfdl-8N3f_X_L8X52M5vF16pqoKuR4ku3bBIQdlHOHcDUmw6okVryOsbk2cr7NKJ7PEmlMbM2dYGH97n13T-ZKY7__vf__zvneAA75oAGAEAIASQggAgAAAAAIAAAMABAAAABIAAAAAgAgciASYalxAF2RIyEy0YRQogRhWEhVAoAKIBIWiAwhdXBTsrgJ9YDIAUAoAnggBDACjIgEAAAkASEQASBHggEAgEAgABAAqEAgAY2AAeAFoIBAAKA6FiFFAEoFhBkQERCmBAUAAFAIAQAAAAAAiAAAAAAAAAgAhAAIAMgAA.f_gAD_gAAAAA&partneruserid=LPgQdXv-Fic3qkElfP4PJ3moFSM3-0FwK62Pmb8- Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

2 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response rtb-csync.smartadserver.com/redir/ Redirect Chain http://cms.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=1&gdpr_consent=CPvGc9gPvGc9gAcABBENDOCsAP_AAH_AACiQIDtf_X__b2_j-_7-f_t0eY1P9_7__-0zjhfdl-8N3f_X_L8X52M5vF16pqoKuR4ku3bBIQdlHOHcDUm... https://cms.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=1&gdpr_consent=CPvGc9gPvGc9gAcABBENDOCsAP_AAH_AACiQIDtf_X__b2_j-_7-f_t0eY1P9_7__-0zjhfdl-8N3f_X_L8X52M5vF16pqoKuR4ku3bBIQdlHOHcDU... https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=1&gdpr_consent=CPvGc9gPvGc9gAcABBENDOCsAP_AAH_AACiQIDtf_X__b2_j-_7-f_t0eY1P9_7__-0zjhfdl-8N3f_X_L8X52M5vF16pqoKuR4ku3bBIQdlHOHcDUmw6okVr...	43 B 687 B	106ms 28ms	Document image/gif	149.202.238.105 OVH
General Check archive.org Show headers Download Go to Full URL https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=1&gdpr_consent=CPvGc9gPvGc9gAcABBENDOCsAP_AAH_AACiQIDtf_X__b2_j-_7-f_t0eY1P9_7__-0zjhfdl-8N3f_X_L8X52M5vF16pqoKuR4ku3bBIQdlHOHcDUmw6okVryOsbk2cr7NKJ7PEmlMbM2dYGH97n13T-ZKY7__vf__zvneAA75oAGAEAIASQggAgAAAAAIAAAMABAAAABIAAAAAgAgciASYalxAF2RIyEy0YRQogRhWEhVAoAKIBIWiAwhdXBTsrgJ9YDIAUAoAnggBDACjIgEAAAkASEQASBHggEAgEAgABAAqEAgAY2AAeAFoIBAAKA6FiFFAEoFhBkQERCmBAUAAFAIAQAAAAAAiAAAAAAAAAgAhAAIAMgAA.f_gAD_gAAAAA&partneruserid=LPgQdXv-Fic3qkElfP4PJ3moFSM3-0FwK62Pmb8- Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 149.202.238.105 , France, ASN16276 (OVH, FR), Reverse DNS ip105.ip-149-202-238.eu Software / Resource Hash `89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7` Request headers Accept-Language en-GB,en;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.75 Safari/537.36 Response headers cache-control no-cache,no-store content-type image/gif date Sat, 27 Apr 2024 06:50:41 GMT p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" pragma no-cache transfer-encoding chunked Redirect headers access-control-allow-credentials true access-control-allow-origin * cache-control private, no-cache, no-store, proxy-revalidate content-length 0 date Sat, 27 Apr 2024 06:50:41 GMT expires Fri, 04 Aug 1978 12:00:00 GMT location https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=1&gdpr_consent=CPvGc9gPvGc9gAcABBENDOCsAP_AAH_AACiQIDtf_X__b2_j-_7-f_t0eY1P9_7__-0zjhfdl-8N3f_X_L8X52M5vF16pqoKuR4ku3bBIQdlHOHcDUmw6okVryOsbk2cr7NKJ7PEmlMbM2dYGH97n13T-ZKY7__vf__zvneAA75oAGAEAIASQggAgAAAAAIAAAMABAAAABIAAAAAgAgciASYalxAF2RIyEy0YRQogRhWEhVAoAKIBIWiAwhdXBTsrgJ9YDIAUAoAnggBDACjIgEAAAkASEQASBHggEAgEAgABAAqEAgAY2AAeAFoIBAAKA6FiFFAEoFhBkQERCmBAUAAFAIAQAAAAAAiAAAAAAAAAgAhAAIAMgAA.f_gAD_gAAAAA&partneruserid=LPgQdXv-Fic3qkElfP4PJ3moFSM3-0FwK62Pmb8- p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV" pragma no-cache strict-transport-security max-age=86400
GET H/1.1	200 OK	favicon.ico rtb-csync.smartadserver.com/	164 B 321 B	28ms 28ms	Other image/png	149.202.238.105 OVH
General Check archive.org Show headers Download Go to Full URL https://rtb-csync.smartadserver.com/favicon.ico Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 149.202.238.105 , France, ASN16276 (OVH, FR), Reverse DNS ip105.ip-149-202-238.eu Software / Resource Hash `c9aa77072578d356a061de015a14024194a94163bb02780821e40ab9e2086cf1` Request headers Accept-Language en-GB,en;q=0.9;q=0.9 Referer https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=1&gdpr_consent=CPvGc9gPvGc9gAcABBENDOCsAP_AAH_AACiQIDtf_X__b2_j-_7-f_t0eY1P9_7__-0zjhfdl-8N3f_X_L8X52M5vF16pqoKuR4ku3bBIQdlHOHcDUmw6okVryOsbk2cr7NKJ7PEmlMbM2dYGH97n13T-ZKY7__vf__zvneAA75oAGAEAIASQggAgAAAAAIAAAMABAAAABIAAAAAgAgciASYalxAF2RIyEy0YRQogRhWEhVAoAKIBIWiAwhdXBTsrgJ9YDIAUAoAnggBDACjIgEAAAkASEQASBHggEAgEAgABAAqEAgAY2AAeAFoIBAAKA6FiFFAEoFhBkQERCmBAUAAFAIAQAAAAAAiAAAAAAAAAgAhAAIAMgAA.f_gAD_gAAAAA&partneruserid=LPgQdXv-Fic3qkElfP4PJ3moFSM3-0FwK62Pmb8- User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.75 Safari/537.36 Response headers date Sat, 27 Apr 2024 06:50:41 GMT cache-control public,max-age=86400 transfer-encoding chunked content-type image/png

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.quantserve.com/	1970-01-20 22:19:36	Name: d Value: EB8BDQHbK4ir0QA
.quantserve.com/	1970-01-21 05:40:15	Name: mc Value: 662ca041-dc3f0-1cf75-5cf1c
.smartadserver.com/	1970-01-21 05:38:48	Name: pid Value: 917083837353024027
.smartadserver.com/	1970-01-21 05:38:48	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-21 04:55:36	Name: csync Value: 80:LPgQdXv-Fic3qkElfP4PJ3moFSM3-0FwK62Pmb8-

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cms.quantserve.com
rtb-csync.smartadserver.com
149.202.238.105
2620:116:800d:21:5e1b:ce09:16e2:2a3a
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
c9aa77072578d356a061de015a14024194a94163bb02780821e40ab9e2086cf1

rtb-csync.smartadserver.com Open in urlscan Pro 149.202.238.105 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

2 Requests

100 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

1 IPs

2 Countries

1 kBTransfer

0 kBSize

5 Cookies

0 Outgoing links

Page URL History

Redirected requests

2 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

5 Cookies

Indicators

rtb-csync.smartadserver.com Open in urlscan Pro
149.202.238.105 Public Scan

Screenshot
Live screenshot

Full Image

2
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

1
IPs

2
Countries

1 kB
Transfer

0 kB
Size

5
Cookies

2 HTTP transactions
0 data transactions