ssum-sec.casalemedia.com Open in urlscan Pro
92.123.93.251 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://fyber.tex-sync.rockyou.net/usersync2/fyber
Effective URL:
https://ssum-sec.casalemedia.com/usermatch?s=185269&cb=https%3A%2F%2Ftex-sync.rockyou.net%2Fusersync%2Findexexchange%2F&C=1
Submission: On November 08 via manual (November 8th 2017, 7:16:59 pm UTC) from US

Summary HTTP 10 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 6 countries across 12 domains to perform 10 HTTP transactions. The main IP is 92.123.93.251, located in European Union and belongs to AKAMAI-ASN1, US. The main domain is ssum-sec.casalemedia.com.
TLS certificate: Issued by GeoTrust SSL CA - G3 on August 3rd 2017. Valid for: a year.

This is the only time ssum-sec.casalemedia.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	173.195.214.210 173.195.214.210	46681 (ROCKYOU) (ROCKYOU - Rockyou Inc.)
2 10	92.123.93.251 92.123.93.251	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 2	54.247.166.89 54.247.166.89	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	77.238.185.35 77.238.185.35	34010 (YAHOO-IRD) (YAHOO-IRD)
2 2	185.29.135.42 185.29.135.42	30419 (MEDIAMATH...) (MEDIAMATH-INC - MediaMath Inc)
2 2	172.217.22.66 172.217.22.66	15169 (GOOGLE) (GOOGLE - Google Inc.)
2 2	204.11.109.68 204.11.109.68	33419 (TRIBAL-FU...) (TRIBAL-FUSION - Exponential Interactive)
1 1	199.38.164.54 199.38.164.54	54312 (ROCKETFUEL) (ROCKETFUEL - Rocket Fuel Inc.)
2 2	72.251.245.179 72.251.245.179	29791 (VOXEL-DOT...) (VOXEL-DOT-NET - Voxel Dot Net)
2 2	52.58.42.118 52.58.42.118	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 1	173.195.214.209 173.195.214.209	46681 (ROCKYOU) (ROCKYOU - Rockyou Inc.)
1 1	35.158.238.49 35.158.238.49	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a02:26f0:122... 2a02:26f0:122:382::f84	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
10	3

1 173.195.214.210 (San Francisco, United States) 1 redirects

ASN46681 (ROCKYOU - Rockyou Inc., US)

fyber.tex-sync.rockyou.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 92.123.93.251 (European Union) 2 redirects

ASN20940 (AKAMAI-ASN1, US)
PTR: a92-123-93-251.deploy.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.247.166.89 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-247-166-89.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 77.238.185.35 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
PTR: pr-bh.pbp.vip.ir2.yahoo.com

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.29.135.42 (United Kingdom) 2 redirects

ASN30419 (MEDIAMATH-INC - MediaMath Inc, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.22.66 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE - Google Inc., US)
PTR: fra15s17-in-f66.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 204.11.109.68 (Emeryville, United States) 2 redirects

ASN33419 (TRIBAL-FUSION - Exponential Interactive, Inc., US)
PTR: a.tribalfusion.com

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.38.164.54 (New York, United States) 1 redirects

ASN54312 (ROCKETFUEL - Rocket Fuel Inc., US)

a.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.251.245.179 (Amsterdam, Netherlands) 2 redirects

ASN29791 (VOXEL-DOT-NET - Voxel Dot Net, Inc., US)

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.58.42.118 (Frankfurt, Germany) 2 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-58-42-118.eu-central-1.compute.amazonaws.com

p.adsymptotic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.195.214.209 (San Francisco, United States) 1 redirects

ASN46681 (ROCKYOU - Rockyou Inc., US)

tex-sync.rockyou.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.158.238.49 (Frankfurt, Germany) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-158-238-49.eu-central-1.compute.amazonaws.com

sy.eu.angsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:122:382::f84 (European Union)

ASN20940 (AKAMAI-ASN1, US)

rtbcc.fyber.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	casalemedia.com 2 redirects ssum-sec.casalemedia.com dsum-sec.casalemedia.com	4 KB
2	adsymptotic.com 2 redirects p.adsymptotic.com	963 B
2	adgrx.com 2 redirects cm.adgrx.com	1 KB
2	tribalfusion.com 2 redirects a.tribalfusion.com	1 KB
2	doubleclick.net 2 redirects cm.g.doubleclick.net	434 B
2	mathtag.com 2 redirects sync.mathtag.com	1 KB
2	adsrvr.org 2 redirects match.adsrvr.org	1 KB
2	rockyou.net 2 redirects fyber.tex-sync.rockyou.net tex-sync.rockyou.net	885 B
1	fyber.com rtbcc.fyber.com	799 B
1	angsrvr.com 1 redirects sy.eu.angsrvr.com	576 B
1	rfihub.com 1 redirects a.rfihub.com	700 B
1	yahoo.com pr-bh.ybp.yahoo.com	52 B
10	12

	Domain	Requested by
7	dsum-sec.casalemedia.com	ssum-sec.casalemedia.com
3	ssum-sec.casalemedia.com	2 redirects
2	p.adsymptotic.com	2 redirects
2	cm.adgrx.com	2 redirects
2	a.tribalfusion.com	2 redirects
2	cm.g.doubleclick.net	2 redirects
2	sync.mathtag.com	2 redirects
2	match.adsrvr.org	2 redirects
1	rtbcc.fyber.com	ssum-sec.casalemedia.com
1	sy.eu.angsrvr.com	1 redirects
1	tex-sync.rockyou.net	1 redirects
1	a.rfihub.com	1 redirects
1	pr-bh.ybp.yahoo.com	ssum-sec.casalemedia.com
1	fyber.tex-sync.rockyou.net	1 redirects
10	14

This site contains no links.

Subject Issuer	Validity	Valid
san.casalemedia.com GeoTrust SSL CA - G3	`2017-08-03` - `2018-11-02`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2017-06-01` - `2017-12-01`	6 months	crt.sh
fyber.com GeoTrust SSL CA - G3	`2017-03-24` - `2018-03-16`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://ssum-sec.casalemedia.com/usermatch?s=185269&cb=https%3A%2F%2Ftex-sync.rockyou.net%2Fusersync%2Findexexchange%2F&C=1
Frame ID: 23415.1
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://fyber.tex-sync.rockyou.net/usersync2/fyber HTTP 302
https://ssum-sec.casalemedia.com/usermatch?s=185269&cb=https%3A%2F%2Ftex-sync.rockyou.net%2Fusersync%2Findexe... HTTP 302
https://ssum-sec.casalemedia.com/usermatch?s=185269&cb=https%3A%2F%2Ftex-sync.rockyou.net%2Fusersync%2Findexe... Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

Page Statistics

10
Requests

100 %
HTTPS

8 %
IPv6

12
Domains

14
Subdomains

3
IPs

6
Countries

3 kB
Transfer

3 kB
Size

7
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://fyber.tex-sync.rockyou.net/usersync2/fyber HTTP 302
https://ssum-sec.casalemedia.com/usermatch?s=185269&cb=https%3A%2F%2Ftex-sync.rockyou.net%2Fusersync%2Findexexchange%2F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?s=185269&cb=https%3A%2F%2Ftex-sync.rockyou.net%2Fusersync%2Findexexchange%2F&C=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://match.adsrvr.org/track/cmf/casale?cm_dsp_id=39&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_user_id=WgNYILlQJ9cAADB07RoAAACG HTTP 302
https://match.adsrvr.org/track/cmb/casale?cm_dsp_id=39&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_user_id=WgNYILlQJ9cAADB07RoAAACG HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=39&external_user_id=5537381b-f1b7-4841-bb31-fde698b60cdb&expiration=1512760596

Request Chain 1

https://ssum-sec.casalemedia.com/usermatchredir?s=183875&cb=https%3A%2F%2Fpr-bh.ybp.yahoo.com%2Fsync%2Fcasale%2F_UID_ HTTP 302
https://pr-bh.ybp.yahoo.com/sync/casale/WgNYILlQJ9cAADB07RoAAACGBIQAAAIB

Request Chain 2

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&mm_bnc&mm_bct HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=bd755a03-55b5-4000-8f2b-288ab9f5152c

Request Chain 3

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm=&google_sc=&google_tc= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIVbbzEtmW_xECrz2ddsC8I&google_cver=1

Request Chain 4

https://a.tribalfusion.com/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_dsp_id=131&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_user_id=WgNYILlQJ9cAADB07RoAAACG HTTP 302
https://a.tribalfusion.com/z/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_dsp_id=131&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_user_id=WgNYILlQJ9cAADB07RoAAACG HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662335938370138

Request Chain 5

https://a.rfihub.com/cm?cm_dsp_id=57&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_user_id=WgNYILlQJ9cAADB07RoAAACG HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=969751674357739250

Request Chain 6

https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE HTTP 302
https://cm.adgrx.com/bridge.gif?AG_PID=casale HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=41&external_user_id=5df2c7d0-c4b9-11e7-8bbe-9a67150032b2

Request Chain 7

https://p.adsymptotic.com/d/px?_pid=13041&_psign=be82b7faf482c24ef42e8702b774bd66&_redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D100%26external_user_id%3D%24%7BUUID%7D HTTP 302
https://p.adsymptotic.com/d/px?_pid=13041&_psign=be82b7faf482c24ef42e8702b774bd66&_redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D100%26external_user_id%3D%24%7BUUID%7D&_expected_cookie=e0287d8ce57d0ff0c1e8c98bd7d439b7 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=100&external_user_id=e0287d8ce57d0ff0c1e8c98bd7d439b7

Request Chain 8

https://tex-sync.rockyou.net/usersync/indexexchange/WgNYILlQJ9cAADB07RoAAACG%261156 HTTP 302
https://sy.eu.angsrvr.com/sync?type=host&dsp=74&dspuuid=XU01v04-6d439efa-b434-4cfa-9133-f1881290d151 HTTP 302
https://rtbcc.fyber.com/img/trpx.gif

10 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set usermatch Show response
ssum-sec.casalemedia.com/
Redirect Chain

https://fyber.tex-sync.rockyou.net/usersync2/fyber
https://ssum-sec.casalemedia.com/usermatch?s=185269&cb=https%3A%2F%2Ftex-sync.rockyou.net%2Fusersync%2Findexexchange%2F
https://ssum-sec.casalemedia.com/usermatch?s=185269&cb=https%3A%2F%2Ftex-sync.rockyou.net%2Fusersync%2Findexexchange%2F&C=1

2 KB
2 KB

17ms
16ms

Document
text/html

92.123.93.251
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?s=185269&cb=https%3A%2F%2Ftex-sync.rockyou.net%2Fusersync%2Findexexchange%2F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.123.93.251 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a92-123-93-251.deploy.akamaitechnologies.com
Software: Apache /
Resource Hash: c674080c23f6bf4cd68abf7400b2ed6d7ce0b2b4245a70b3af1129d8df45f5de

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: ssum-sec.casalemedia.com
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Cache-Control: no-cache
Cookie: CMID=WgNYILlQJ9cAADB07RoAAACG; CMPS=1156
Connection: keep-alive
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 08 Nov 2017 19:16:48 GMT
Server: Apache
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Set-Cookie: CMID=WgNYILlQJ9cAADB07RoAAACG;domain=casalemedia.com;path=/;expires=Thu, 08 Nov 2018 19:16:48 GMT CMPS=1156;domain=casalemedia.com;path=/;expires=Tue, 06 Feb 2018 19:16:48 GMT CMPRO=1156;domain=casalemedia.com;path=/;expires=Tue, 06 Feb 2018 19:16:48 GMT CMST=WgNYIFoDWCAA;domain=casalemedia.com;path=/;expires=Thu, 09 Nov 2017 19:16:48 GMT CMDD=;domain=casalemedia.com;path=/;expires=Thu, 09 Nov 2017 19:16:48 GMT CMRUM3=835a03582005a0&275a0358200b40&395a03582005a0&035a03582005a0&295a03582005a0&495a03582005a0&2d5a03582005a0&645a03582005a0;domain=casalemedia.com;path=/;expires=Thu, 08 Nov 2018 19:16:48 GMT CMSC=WgNYIA**;domain=casalemedia.com;path=/;
Content-Type: text/html
Content-Length: 1944
Expires: Wed, 08 Nov 2017 19:16:48 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 08 Nov 2017 19:16:48 GMT
Server: Apache
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://ssum-sec.casalemedia.com/usermatch?s=185269&cb=https%3A%2F%2Ftex-sync.rockyou.net%2Fusersync%2Findexexchange%2F&C=1
Cache-Control: max-age=0, no-cache, no-store
Set-Cookie: CMID=WgNYILlQJ9cAADB07RoAAACG;domain=casalemedia.com;path=/;expires=Thu, 08 Nov 2018 19:16:48 GMT CMPS=1156;domain=casalemedia.com;path=/;expires=Tue, 06 Feb 2018 19:16:48 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 315
Expires: Wed, 08 Nov 2017 19:16:48 GMT

GET
H/1.1

200
OK

Cookie set crum
dsum-sec.casalemedia.com/
Redirect Chain

https://match.adsrvr.org/track/cmf/casale?cm_dsp_id=39&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_user_id=WgNYILlQJ9cAADB07RoAAACG
https://match.adsrvr.org/track/cmb/casale?cm_dsp_id=39&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_user_id=WgNYILlQJ9cAADB07RoAAACG
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=39&external_user_id=5537381b-f1b7-4841-bb31-fde698b60cdb&expiration=1512760596

43 B
43 B

12ms
11ms

Image
image/gif

92.123.93.251
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=39&external_user_id=5537381b-f1b7-4841-bb31-fde698b60cdb&expiration=1512760596
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=185269&cb=https%3A%2F%2Ftex-sync.rockyou.net%2Fusersync%2Findexexchange%2F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.123.93.251 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a92-123-93-251.deploy.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dsum-sec.casalemedia.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://ssum-sec.casalemedia.com/usermatch?s=185269&cb=https%3A%2F%2Ftex-sync.rockyou.net%2Fusersync%2Findexexchange%2F&C=1
Cookie: CMST=WgNYIFoDWCAA; CMDD=; CMSC=WgNYIA**; CMID=WgNYILlQJ9cAADB07RoAAACG; CMPS=1156; CMPRO=1156; CMRUM3=835a03582005a0&275a0358200b40&035a0358202760bd755a03-55b5-4000-8f2b-288ab9f5152c&395a03582005a0&295a03582027605df2c7d0-c4b9-11e7-8bbe-9a67150032b2&495a03582005a0&2d5a0358202760CAESEIVbbzEtmW_xECrz2ddsC8I&645a0358202760e0287d8ce57d0ff0c1e8c98bd7d439b7
Connection: keep-alive
Cache-Control: no-cache
Referer: https://ssum-sec.casalemedia.com/usermatch?s=185269&cb=https%3A%2F%2Ftex-sync.rockyou.net%2Fusersync%2Findexexchange%2F&C=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 08 Nov 2017 19:16:48 GMT
Server: Apache
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Set-Cookie: CMID=WgNYILlQJ9cAADB07RoAAACG;domain=casalemedia.com;path=/;expires=Thu, 08 Nov 2018 19:16:48 GMT CMPS=1156;domain=casalemedia.com;path=/;expires=Tue, 06 Feb 2018 19:16:48 GMT CMPRO=1156;domain=casalemedia.com;path=/;expires=Tue, 06 Feb 2018 19:16:48 GMT CMRUM3=835a03582005a0&275a03582027605537381b-f1b7-4841-bb31-fde698b60cdb&395a03582005a0&035a0358202760bd755a03-55b5-4000-8f2b-288ab9f5152c&295a03582027605df2c7d0-c4b9-11e7-8bbe-9a67150032b2&495a03582005a0&2d5a0358202760CAESEIVbbzEtmW_xECrz2ddsC8I&645a0358202760e0287d8ce57d0ff0c1e8c98bd7d439b7;domain=casalemedia.com;path=/;expires=Thu, 08 Nov 2018 19:16:48 GMT
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 08 Nov 2017 19:16:48 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 08 Nov 2017 19:16:36 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=39&external_user_id=5537381b-f1b7-4841-bb31-fde698b60cdb&expiration=1512760596
Set-Cookie: TDID=5537381b-f1b7-4841-bb31-fde698b60cdb; domain=.adsrvr.org; expires=Thu, 08-Nov-2018 19:16:36 GMT; path=/ TDCPM=CAESFQoGY2FzYWxlEgsI1vKxuOi50zUQBRgFIAEoAjILCNa7tZf_udM1EAU4AQ..; domain=.adsrvr.org; expires=Thu, 08-Nov-2018 19:16:36 GMT; path=/
Cache-Control: private,no-cache, must-revalidate
Connection: keep-alive
Content-Type: text/html
Content-Length: 283

GET
H2

200

WgNYILlQJ9cAADB07RoAAACGBIQAAAIB
pr-bh.ybp.yahoo.com/sync/casale/
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=183875&cb=https%3A%2F%2Fpr-bh.ybp.yahoo.com%2Fsync%2Fcasale%2F_UID_
https://pr-bh.ybp.yahoo.com/sync/casale/WgNYILlQJ9cAADB07RoAAACGBIQAAAIB

43 B
52 B

99ms
32ms

Image
image/gif

77.238.185.35
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/WgNYILlQJ9cAADB07RoAAACGBIQAAAIB

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=185269&cb=https%3A%2F%2Ftex-sync.rockyou.net%2Fusersync%2Findexexchange%2F&C=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

77.238.185.35 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

pr-bh.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=6000

Request headers

:path: /sync/casale/WgNYILlQJ9cAADB07RoAAACGBIQAAAIB
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: pr-bh.ybp.yahoo.com
referer: https://ssum-sec.casalemedia.com/usermatch?s=185269&cb=https%3A%2F%2Ftex-sync.rockyou.net%2Fusersync%2Findexexchange%2F&C=1
:scheme: https
:method: GET
Referer: https://ssum-sec.casalemedia.com/usermatch?s=185269&cb=https%3A%2F%2Ftex-sync.rockyou.net%2Fusersync%2Findexexchange%2F&C=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date: Wed, 08 Nov 2017 19:16:48 GMT
server: ATS
age: 0
strict-transport-security: max-age=6000
content-type: image/gif
status: 200
public-key-pins-report-only: max-age=2592000; pin-sha256="2fRAUXyxl4A1/XHrKNBmc8bTkzA7y4FB/GLJuNAzCqY="; pin-sha256="2oALgLKofTmeZvoZ1y/fSZg7R9jPMix8eVA6DH4o/q8="; pin-sha256="47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU="; pin-sha256="cAajgxHlj7GTSEIzIYIQxmEloOSoJq7VOaxWHfv72QM="; pin-sha256="Gtk3r1evlBrs0hG3fm3VoM19daHexDWP//OCmeeMr5M="; pin-sha256="i7WTqTvh0OioIruIfFR4kMPnBqrS2rdiVPl/s2uC/CY="; pin-sha256="iduNzFNKpwYZ3se/XV+hXcbUonlLw09QPa6AYUwpu4M="; pin-sha256="I/Lt/z7ekCWanjD0Cvj5EqXls2lOaThEA0H2Bg4BT/o="; pin-sha256="JbQbUG5JMJUoI6brnx0x3vZF6jilxsapbXGVfjhN8Fg="; pin-sha256="lnsM2T/O9/J84sJFdnrpsFp3awZJ+ZZbYpCWhGloaHI="; pin-sha256="r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E="; pin-sha256="SVqWumuteCQHvVIaALrOZXuzVVVeS7f4FGxxu6V+es4="; pin-sha256="uUwZgwDOxcBXrQcntwu+kYFpkiVkOaezL0WYEZ3anJc="; pin-sha256="UZJDjsNp1+4M5x9cbbdflB779y5YRBcV6Z6rBMLIrO4="; pin-sha256="Wd8xe/qfTwq3ylFNd3IpaqLHZbh2ZNCLluVzmeNkcpw="; pin-sha256="WoiWRyIOVNa9ihaBciRSC7XHjliYS9VwUGOIud4PB18="; includeSubdomains; report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-hpkp-report-only"
set-cookie: B=bkqkbahd06m10&b=3&s=75;Path=/;Domain=.yahoo.com;Expires=Thu, 08-Nov-2018 19:16:48 GMT
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 08 Nov 2017 19:16:48 GMT
Server: Apache
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://pr-bh.ybp.yahoo.com/sync/casale/WgNYILlQJ9cAADB07RoAAACGBIQAAAIB
Cache-Control: max-age=0, no-cache, no-store
Set-Cookie: CMID=WgNYILlQJ9cAADB07RoAAACG;domain=casalemedia.com;path=/;expires=Thu, 08 Nov 2018 19:16:48 GMT CMPS=1156;domain=casalemedia.com;path=/;expires=Tue, 06 Feb 2018 19:16:48 GMT CMPRO=1156;domain=casalemedia.com;path=/;expires=Tue, 06 Feb 2018 19:16:48 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 256
Expires: Wed, 08 Nov 2017 19:16:48 GMT

GET
H/1.1

200
OK

Cookie set crum
dsum-sec.casalemedia.com/
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&mm_bnc&mm_bct
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=bd755a03-55b5-4000-8f2b-288ab9f5152c

43 B
43 B

11ms
11ms

Image
image/gif

92.123.93.251
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=bd755a03-55b5-4000-8f2b-288ab9f5152c
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=185269&cb=https%3A%2F%2Ftex-sync.rockyou.net%2Fusersync%2Findexexchange%2F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.123.93.251 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a92-123-93-251.deploy.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dsum-sec.casalemedia.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://ssum-sec.casalemedia.com/usermatch?s=185269&cb=https%3A%2F%2Ftex-sync.rockyou.net%2Fusersync%2Findexexchange%2F&C=1
Cookie: CMST=WgNYIFoDWCAA; CMDD=; CMSC=WgNYIA**; CMID=WgNYILlQJ9cAADB07RoAAACG; CMPS=1156; CMPRO=1156; CMRUM3=835a03582005a0&275a0358200b40&395a03582005a0&035a03582005a0&295a03582005a0&495a03582005a0&2d5a0358202760CAESEIVbbzEtmW_xECrz2ddsC8I&645a03582005a0
Connection: keep-alive
Cache-Control: no-cache
Referer: https://ssum-sec.casalemedia.com/usermatch?s=185269&cb=https%3A%2F%2Ftex-sync.rockyou.net%2Fusersync%2Findexexchange%2F&C=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 08 Nov 2017 19:16:48 GMT
Server: Apache
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Set-Cookie: CMID=WgNYILlQJ9cAADB07RoAAACG;domain=casalemedia.com;path=/;expires=Thu, 08 Nov 2018 19:16:48 GMT CMPS=1156;domain=casalemedia.com;path=/;expires=Tue, 06 Feb 2018 19:16:48 GMT CMPRO=1156;domain=casalemedia.com;path=/;expires=Tue, 06 Feb 2018 19:16:48 GMT CMRUM3=835a03582005a0&275a0358200b40&395a03582005a0&035a0358202760bd755a03-55b5-4000-8f2b-288ab9f5152c&295a03582027605df2c7d0-c4b9-11e7-8bbe-9a67150032b2&495a03582005a0&2d5a0358202760CAESEIVbbzEtmW_xECrz2ddsC8I&645a03582005a0;domain=casalemedia.com;path=/;expires=Thu, 08 Nov 2018 19:16:48 GMT
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 08 Nov 2017 19:16:48 GMT

Redirect headers

Date: Wed, 08 Nov 2017 19:16:48 GMT
Server: MT3 1.15.19.0 3a17b0a release cdg-pixel-x5
Connection: keep-alive
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=bd755a03-55b5-4000-8f2b-288ab9f5152c
Cache-Control: no-cache
Set-Cookie: uuidc=aqXYqYw/EdJy1W5f0A+ES1uQf/P4j6F+WT723L3LB9lzta39PbsIAlYn6zJy4C4jfURNaVw6HC+89+Dg9R4WcA+eO6lNL1u2CfuBWDFpd/g=; Expires=Thu, 06-Dec-18 19:16:48 GMT; Domain=.mathtag.com; Path=/
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 08 Nov 2017 19:16:47 GMT

GET
H/1.1

200
OK

Cookie set crum
dsum-sec.casalemedia.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm=&google_sc=&google_tc=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIVbbzEtmW_xECrz2ddsC8I&google_cver=1

43 B
43 B

24ms
11ms

Image
image/gif

92.123.93.251
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIVbbzEtmW_xECrz2ddsC8I&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=185269&cb=https%3A%2F%2Ftex-sync.rockyou.net%2Fusersync%2Findexexchange%2F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.123.93.251 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a92-123-93-251.deploy.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dsum-sec.casalemedia.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://ssum-sec.casalemedia.com/usermatch?s=185269&cb=https%3A%2F%2Ftex-sync.rockyou.net%2Fusersync%2Findexexchange%2F&C=1
Cookie: CMST=WgNYIFoDWCAA; CMDD=; CMRUM3=835a03582005a0&275a0358200b40&395a03582005a0&035a03582005a0&295a03582005a0&495a03582005a0&2d5a03582005a0&645a03582005a0; CMSC=WgNYIA**; CMID=WgNYILlQJ9cAADB07RoAAACG; CMPS=1156; CMPRO=1156
Connection: keep-alive
Cache-Control: no-cache
Referer: https://ssum-sec.casalemedia.com/usermatch?s=185269&cb=https%3A%2F%2Ftex-sync.rockyou.net%2Fusersync%2Findexexchange%2F&C=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 08 Nov 2017 19:16:48 GMT
Server: Apache
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Set-Cookie: CMID=WgNYILlQJ9cAADB07RoAAACG;domain=casalemedia.com;path=/;expires=Thu, 08 Nov 2018 19:16:48 GMT CMPS=1156;domain=casalemedia.com;path=/;expires=Tue, 06 Feb 2018 19:16:48 GMT CMPRO=1156;domain=casalemedia.com;path=/;expires=Tue, 06 Feb 2018 19:16:48 GMT CMRUM3=835a03582005a0&275a0358200b40&395a03582005a0&035a03582005a0&295a03582005a0&495a03582005a0&2d5a0358202760CAESEIVbbzEtmW_xECrz2ddsC8I&645a03582005a0;domain=casalemedia.com;path=/;expires=Thu, 08 Nov 2018 19:16:48 GMT
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 08 Nov 2017 19:16:48 GMT

Redirect headers

pragma: no-cache
date: Wed, 08 Nov 2017 19:16:48 GMT
server: HTTP server (unknown)
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIVbbzEtmW_xECrz2ddsC8I&google_cver=1
cache-control: no-cache, must-revalidate
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT IDE=AHWqTUl7tcju_RrYlJi6cTLPNgtEc3JDkjwt3fNvi4mv_h6mJ6-NCFq5Vg; expires=Fri, 08-Nov-2019 19:16:48 GMT; path=/; domain=.doubleclick.net; HttpOnly
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 314
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

Cookie set crum
dsum-sec.casalemedia.com/
Redirect Chain

https://a.tribalfusion.com/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_dsp_id=131&cm_callback_url=https%3A%2F%2...
https://a.tribalfusion.com/z/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_dsp_id=131&cm_callback_url=https%3A%2F...
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662335938370138

43 B
43 B

11ms
10ms

Image
image/gif

92.123.93.251
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662335938370138
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=185269&cb=https%3A%2F%2Ftex-sync.rockyou.net%2Fusersync%2Findexexchange%2F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.123.93.251 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a92-123-93-251.deploy.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dsum-sec.casalemedia.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://ssum-sec.casalemedia.com/usermatch?s=185269&cb=https%3A%2F%2Ftex-sync.rockyou.net%2Fusersync%2Findexexchange%2F&C=1
Cookie: CMST=WgNYIFoDWCAA; CMDD=; CMSC=WgNYIA**; CMID=WgNYILlQJ9cAADB07RoAAACG; CMPS=1156; CMPRO=1156; CMRUM3=835a03582005a0&275a03582027605537381b-f1b7-4841-bb31-fde698b60cdb&035a0358202760bd755a03-55b5-4000-8f2b-288ab9f5152c&395a0358202760969751674357739250&295a03582027605df2c7d0-c4b9-11e7-8bbe-9a67150032b2&495a03582005a0&2d5a0358202760CAESEIVbbzEtmW_xECrz2ddsC8I&645a0358202760e0287d8ce57d0ff0c1e8c98bd7d439b7
Connection: keep-alive
Cache-Control: no-cache
Referer: https://ssum-sec.casalemedia.com/usermatch?s=185269&cb=https%3A%2F%2Ftex-sync.rockyou.net%2Fusersync%2Findexexchange%2F&C=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 08 Nov 2017 19:16:49 GMT
Server: Apache
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Set-Cookie: CMID=WgNYILlQJ9cAADB07RoAAACG;domain=casalemedia.com;path=/;expires=Thu, 08 Nov 2018 19:16:49 GMT CMPS=1156;domain=casalemedia.com;path=/;expires=Tue, 06 Feb 2018 19:16:49 GMT CMPRO=1156;domain=casalemedia.com;path=/;expires=Tue, 06 Feb 2018 19:16:49 GMT CMST=WgNYIFoDWCEA;domain=casalemedia.com;path=/;expires=Thu, 09 Nov 2017 19:16:49 GMT CMRUM3=835a035821276018072662335938370138&275a03582027605537381b-f1b7-4841-bb31-fde698b60cdb&395a0358202760969751674357739250&035a0358202760bd755a03-55b5-4000-8f2b-288ab9f5152c&295a03582027605df2c7d0-c4b9-11e7-8bbe-9a67150032b2&495a03582005a0&2d5a0358202760CAESEIVbbzEtmW_xECrz2ddsC8I&645a0358202760e0287d8ce57d0ff0c1e8c98bd7d439b7;domain=casalemedia.com;path=/;expires=Thu, 08 Nov 2018 19:16:49 GMT
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 08 Nov 2017 19:16:49 GMT

Redirect headers

Pragma: no-cache
X-Function: 209
X-Reuse-Index: 2
P3P: CP="NOI DEVo TAIa OUR BUS"
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662335938370138
Set-Cookie: ANON_ID=a0nrejS3n0gFyoxDnSmZbn48Hn5We0qhOdUZcVSSQqZa98vPHj8ThT25c5nYr3Gb2dakv3IRbXs; path=/; domain=.tribalfusion.com; expires=Tue, 06-Feb-2018 19:16:49 GMT;
Cache-Control: no-cache private
Connection: keep-alive
Content-Type: text/html
Content-Length: 36
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

Cookie set rum
dsum-sec.casalemedia.com/
Redirect Chain

https://a.rfihub.com/cm?cm_dsp_id=57&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_user_id=WgNYILlQJ9cAADB07RoAAACG
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=969751674357739250

43 B
43 B

11ms
11ms

Image
image/gif

92.123.93.251
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=969751674357739250
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=185269&cb=https%3A%2F%2Ftex-sync.rockyou.net%2Fusersync%2Findexexchange%2F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.123.93.251 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a92-123-93-251.deploy.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dsum-sec.casalemedia.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://ssum-sec.casalemedia.com/usermatch?s=185269&cb=https%3A%2F%2Ftex-sync.rockyou.net%2Fusersync%2Findexexchange%2F&C=1
Cookie: CMST=WgNYIFoDWCAA; CMDD=; CMSC=WgNYIA**; CMID=WgNYILlQJ9cAADB07RoAAACG; CMPS=1156; CMPRO=1156; CMRUM3=835a03582005a0&275a03582027605537381b-f1b7-4841-bb31-fde698b60cdb&395a03582005a0&035a0358202760bd755a03-55b5-4000-8f2b-288ab9f5152c&295a03582027605df2c7d0-c4b9-11e7-8bbe-9a67150032b2&495a03582005a0&2d5a0358202760CAESEIVbbzEtmW_xECrz2ddsC8I&645a0358202760e0287d8ce57d0ff0c1e8c98bd7d439b7
Connection: keep-alive
Cache-Control: no-cache
Referer: https://ssum-sec.casalemedia.com/usermatch?s=185269&cb=https%3A%2F%2Ftex-sync.rockyou.net%2Fusersync%2Findexexchange%2F&C=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 08 Nov 2017 19:16:48 GMT
Server: Apache
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Set-Cookie: CMID=WgNYILlQJ9cAADB07RoAAACG;domain=casalemedia.com;path=/;expires=Thu, 08 Nov 2018 19:16:48 GMT CMPS=1156;domain=casalemedia.com;path=/;expires=Tue, 06 Feb 2018 19:16:48 GMT CMPRO=1156;domain=casalemedia.com;path=/;expires=Tue, 06 Feb 2018 19:16:48 GMT CMRUM3=835a03582005a0&275a03582027605537381b-f1b7-4841-bb31-fde698b60cdb&035a0358202760bd755a03-55b5-4000-8f2b-288ab9f5152c&395a0358202760969751674357739250&295a03582027605df2c7d0-c4b9-11e7-8bbe-9a67150032b2&495a03582005a0&2d5a0358202760CAESEIVbbzEtmW_xECrz2ddsC8I&645a0358202760e0287d8ce57d0ff0c1e8c98bd7d439b7;domain=casalemedia.com;path=/;expires=Thu, 08 Nov 2018 19:16:48 GMT
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 08 Nov 2017 19:16:48 GMT

Redirect headers

Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=969751674357739250
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Server: Jetty(9.0.6.v20130930)
Set-Cookie: ruds=H4sIAAAAAAAAAOMSsjSzNDc1NDM3MTY1Nze2NDI1EOIz1M3L8fPRDfP08Y83cAEAnLQt4SQAAAA;Path=/;Domain=.rfihub.com eud=H4sIAAAAAAAAAPvFyGtoamhgaGZhZmBhYmkEAC0fKAAQAAAA;Path=/;Domain=.rfihub.com;Expires=Mon, 03-Dec-2018 19:16:48 GMT rud=H4sIAAAAAAAAAOMSsjSzNDc1NDM3MTY1Nze2NDI1EOIz1M3L8fPRDfP08Y83cJHiNTQ1NDA0szAzsDCxNAIAvgyFjzMAAAA;Path=/;Domain=.rfihub.com;Expires=Mon, 03-Dec-2018 19:16:48 GMT
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

Cookie set rum
dsum-sec.casalemedia.com/
Redirect Chain

https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
https://cm.adgrx.com/bridge.gif?AG_PID=casale
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=41&external_user_id=5df2c7d0-c4b9-11e7-8bbe-9a67150032b2

43 B
43 B

16ms
11ms

Image
image/gif

92.123.93.251
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=41&external_user_id=5df2c7d0-c4b9-11e7-8bbe-9a67150032b2
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=185269&cb=https%3A%2F%2Ftex-sync.rockyou.net%2Fusersync%2Findexexchange%2F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.123.93.251 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a92-123-93-251.deploy.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dsum-sec.casalemedia.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://ssum-sec.casalemedia.com/usermatch?s=185269&cb=https%3A%2F%2Ftex-sync.rockyou.net%2Fusersync%2Findexexchange%2F&C=1
Cookie: CMST=WgNYIFoDWCAA; CMDD=; CMRUM3=835a03582005a0&275a0358200b40&395a03582005a0&035a03582005a0&295a03582005a0&495a03582005a0&2d5a03582005a0&645a03582005a0; CMSC=WgNYIA**; CMID=WgNYILlQJ9cAADB07RoAAACG; CMPS=1156; CMPRO=1156
Connection: keep-alive
Cache-Control: no-cache
Referer: https://ssum-sec.casalemedia.com/usermatch?s=185269&cb=https%3A%2F%2Ftex-sync.rockyou.net%2Fusersync%2Findexexchange%2F&C=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 08 Nov 2017 19:16:48 GMT
Server: Apache
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Set-Cookie: CMID=WgNYILlQJ9cAADB07RoAAACG;domain=casalemedia.com;path=/;expires=Thu, 08 Nov 2018 19:16:48 GMT CMPS=1156;domain=casalemedia.com;path=/;expires=Tue, 06 Feb 2018 19:16:48 GMT CMPRO=1156;domain=casalemedia.com;path=/;expires=Tue, 06 Feb 2018 19:16:48 GMT CMRUM3=835a03582005a0&275a0358200b40&035a03582005a0&395a03582005a0&295a03582027605df2c7d0-c4b9-11e7-8bbe-9a67150032b2&495a03582005a0&2d5a0358202760CAESEIVbbzEtmW_xECrz2ddsC8I&645a03582005a0;domain=casalemedia.com;path=/;expires=Thu, 08 Nov 2018 19:16:48 GMT
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 08 Nov 2017 19:16:48 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 08 Nov 2017 19:16:48 GMT
server: Cowboy
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=41&external_user_id=5df2c7d0-c4b9-11e7-8bbe-9a67150032b2
P3P: CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin: *
set-cookie: ADGRX_CM_CASALE_BRIDGED=1; Version=1; Expires=Thu, 09-Nov-2017 19:16:48 GMT; Max-Age=86400; Domain=.adgrx.com; Path=/
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
X-RealServer-NX: ams-delivery-7
Content-Length: 0
Expires: Thu, 23 Sep 2004 17:42:04 GMT

GET
H/1.1

200
OK

Cookie set rum
dsum-sec.casalemedia.com/
Redirect Chain

https://p.adsymptotic.com/d/px?_pid=13041&_psign=be82b7faf482c24ef42e8702b774bd66&_redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D100%26external_user_id%3D%24%7BUUID%7D
https://p.adsymptotic.com/d/px?_pid=13041&_psign=be82b7faf482c24ef42e8702b774bd66&_redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D100%26external_user_id%3D%24%7BUUID%7D&_expect...
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=100&external_user_id=e0287d8ce57d0ff0c1e8c98bd7d439b7

43 B
43 B

17ms
16ms

Image
image/gif

92.123.93.251
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=100&external_user_id=e0287d8ce57d0ff0c1e8c98bd7d439b7
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=185269&cb=https%3A%2F%2Ftex-sync.rockyou.net%2Fusersync%2Findexexchange%2F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.123.93.251 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a92-123-93-251.deploy.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: dsum-sec.casalemedia.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://ssum-sec.casalemedia.com/usermatch?s=185269&cb=https%3A%2F%2Ftex-sync.rockyou.net%2Fusersync%2Findexexchange%2F&C=1
Cookie: CMST=WgNYIFoDWCAA; CMDD=; CMSC=WgNYIA**; CMID=WgNYILlQJ9cAADB07RoAAACG; CMPS=1156; CMPRO=1156; CMRUM3=835a03582005a0&275a0358200b40&395a03582005a0&035a0358202760bd755a03-55b5-4000-8f2b-288ab9f5152c&295a03582027605df2c7d0-c4b9-11e7-8bbe-9a67150032b2&495a03582005a0&2d5a0358202760CAESEIVbbzEtmW_xECrz2ddsC8I&645a03582005a0
Connection: keep-alive
Cache-Control: no-cache
Referer: https://ssum-sec.casalemedia.com/usermatch?s=185269&cb=https%3A%2F%2Ftex-sync.rockyou.net%2Fusersync%2Findexexchange%2F&C=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 08 Nov 2017 19:16:48 GMT
Server: Apache
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Set-Cookie: CMID=WgNYILlQJ9cAADB07RoAAACG;domain=casalemedia.com;path=/;expires=Thu, 08 Nov 2018 19:16:48 GMT CMPS=1156;domain=casalemedia.com;path=/;expires=Tue, 06 Feb 2018 19:16:48 GMT CMPRO=1156;domain=casalemedia.com;path=/;expires=Tue, 06 Feb 2018 19:16:48 GMT CMRUM3=835a03582005a0&275a0358200b40&035a0358202760bd755a03-55b5-4000-8f2b-288ab9f5152c&395a03582005a0&295a03582027605df2c7d0-c4b9-11e7-8bbe-9a67150032b2&495a03582005a0&2d5a0358202760CAESEIVbbzEtmW_xECrz2ddsC8I&645a0358202760e0287d8ce57d0ff0c1e8c98bd7d439b7;domain=casalemedia.com;path=/;expires=Thu, 08 Nov 2018 19:16:48 GMT
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 08 Nov 2017 19:16:48 GMT

Redirect headers

Date: Wed, 08 Nov 2017 19:16:48 GMT
Server: nginx/1.8.0
P3P: CP='NON DSP COR CONi OUR BUS CNT'
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=100&external_user_id=e0287d8ce57d0ff0c1e8c98bd7d439b7
Set-Cookie: U=e0287d8ce57d0ff0c1e8c98bd7d439b7;Path=/;Domain=.adsymptotic.com;Expires=Tue, 06-Feb-2018 19:16:48 GMT
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

trpx.gif
rtbcc.fyber.com/img/
Redirect Chain

https://tex-sync.rockyou.net/usersync/indexexchange/WgNYILlQJ9cAADB07RoAAACG%261156
https://sy.eu.angsrvr.com/sync?type=host&dsp=74&dspuuid=XU01v04-6d439efa-b434-4cfa-9133-f1881290d151
https://rtbcc.fyber.com/img/trpx.gif

799 B
799 B

22ms
6ms

Image
image/gif

2a02:26f0:122:382::f84
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtbcc.fyber.com/img/trpx.gif
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=185269&cb=https%3A%2F%2Ftex-sync.rockyou.net%2Fusersync%2Findexexchange%2F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:122:382::f84 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: lighttpd/1.4.28 /
Resource Hash: 86927cafa657ae14a28bdca63befb837251fc4ce67683aa19fdccf4d1bfeef3b

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: rtbcc.fyber.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://ssum-sec.casalemedia.com/usermatch?s=185269&cb=https%3A%2F%2Ftex-sync.rockyou.net%2Fusersync%2Findexexchange%2F&C=1
Connection: keep-alive
Cache-Control: no-cache
Referer: https://ssum-sec.casalemedia.com/usermatch?s=185269&cb=https%3A%2F%2Ftex-sync.rockyou.net%2Fusersync%2Findexexchange%2F&C=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date: Wed, 08 Nov 2017 19:16:48 GMT
Last-Modified: Fri, 31 Oct 2014 08:09:44 GMT
Server: lighttpd/1.4.28
ETag: "779695302"
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=85225
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 799
Expires: Thu, 09 Nov 2017 18:57:13 GMT

Redirect headers

Location: https://rtbcc.fyber.com/img/trpx.gif
Set-Cookie: uuid=fb88b613-d828-409f-b8a9-6de1fe0543a7; Domain=angsrvr.com; Path=/; Max-Age=2592000; Expires=Fri, 08 Dec 2017 19:16:48 GMT dspuuid-D74=D74.XU01v04-6d439efa-b434-4cfa-9133-f1881290d151.1510168608; Domain=angsrvr.com; Path=/; Max-Age=2592000; Expires=Fri, 08 Dec 2017 19:16:48 GMT
Date: Wed, 08 Nov 2017 19:16:48 GMT
Server: ANG/adsync-1.2.1
Connection: keep-alive
Content-Length: 0
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.casalemedia.com/	1970-01-18 20:15:04	Name: CMRUM3 Value: 835a035821276018072662335938370138&275a03582027605537381b-f1b7-4841-bb31-fde698b60cdb&395a0358202760969751674357739250&035a0358202760bd755a03-55b5-4000-8f2b-288ab9f5152c&295a03582027605df2c7d0-c4b9-11e7-8bbe-9a67150032b2&495a03582005a0&2d5a0358202760CAESEIVbbzEtmW_xECrz2ddsC8I&645a0358202760e0287d8ce57d0ff0c1e8c98bd7d439b7
.casalemedia.com/	1970-01-18 11:30:55	Name: CMST Value: WgNYIFoDWCEA
.casalemedia.com/	1970-01-18 13:39:04	Name: CMPRO Value: 1156
.casalemedia.com/	1970-01-18 13:39:04	Name: CMPS Value: 1156
.casalemedia.com/	1970-01-18 20:15:04	Name: CMID Value: WgNYILlQJ9cAADB07RoAAACG
.casalemedia.com/	1970-01-01 00:00:00	Name: CMSC Value: WgNYIA**
.casalemedia.com/	1970-01-18 11:30:55	Name: CMDD Value:

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.rfihub.com
a.tribalfusion.com
cm.adgrx.com
cm.g.doubleclick.net
dsum-sec.casalemedia.com
fyber.tex-sync.rockyou.net
match.adsrvr.org
p.adsymptotic.com
pr-bh.ybp.yahoo.com
rtbcc.fyber.com
ssum-sec.casalemedia.com
sy.eu.angsrvr.com
sync.mathtag.com
tex-sync.rockyou.net
172.217.22.66
173.195.214.209
173.195.214.210
185.29.135.42
199.38.164.54
204.11.109.68
2a02:26f0:122:382::f84
35.158.238.49
52.58.42.118
54.247.166.89
72.251.245.179
77.238.185.35
92.123.93.251
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
86927cafa657ae14a28bdca63befb837251fc4ce67683aa19fdccf4d1bfeef3b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
c674080c23f6bf4cd68abf7400b2ed6d7ce0b2b4245a70b3af1129d8df45f5de

ssum-sec.casalemedia.com Open in urlscan Pro 92.123.93.251 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

10 Requests

100 %HTTPS

8 %IPv6

12 Domains

14 Subdomains

3 IPs

6 Countries

3 kBTransfer

3 kBSize

7 Cookies

0 Outgoing links

Page URL History

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

7 Cookies

Indicators

ssum-sec.casalemedia.com Open in urlscan Pro
92.123.93.251 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

100 %
HTTPS

8 %
IPv6

12
Domains

14
Subdomains

3
IPs

6
Countries

3 kB
Transfer

3 kB
Size

7
Cookies

10 HTTP transactions
0 data transactions