![](/screenshots/97a23a9a-0e26-4da0-8b95-dbc39fa00aad.png)
ssum-sec.casalemedia.com
Open in
urlscan Pro
92.123.93.251
Public Scan
Effective URL: https://ssum-sec.casalemedia.com/usermatch?s=185269&cb=https%3A%2F%2Ftex-sync.rockyou.net%2Fusersync%2Findexexchange%2F&C=1
Submission: On November 08 via manual from US
Summary
TLS certificate: Issued by GeoTrust SSL CA - G3 on August 3rd 2017. Valid for: a year.
This is the only time ssum-sec.casalemedia.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 173.195.214.210 173.195.214.210 | 46681 (ROCKYOU) (ROCKYOU - Rockyou Inc.) | |
2 10 | 92.123.93.251 92.123.93.251 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
2 2 | 54.247.166.89 54.247.166.89 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 | 77.238.185.35 77.238.185.35 | 34010 (YAHOO-IRD) (YAHOO-IRD) | |
2 2 | 185.29.135.42 185.29.135.42 | 30419 (MEDIAMATH...) (MEDIAMATH-INC - MediaMath Inc) | |
2 2 | 172.217.22.66 172.217.22.66 | 15169 (GOOGLE) (GOOGLE - Google Inc.) | |
2 2 | 204.11.109.68 204.11.109.68 | 33419 (TRIBAL-FU...) (TRIBAL-FUSION - Exponential Interactive) | |
1 1 | 199.38.164.54 199.38.164.54 | 54312 (ROCKETFUEL) (ROCKETFUEL - Rocket Fuel Inc.) | |
2 2 | 72.251.245.179 72.251.245.179 | 29791 (VOXEL-DOT...) (VOXEL-DOT-NET - Voxel Dot Net) | |
2 2 | 52.58.42.118 52.58.42.118 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 1 | 173.195.214.209 173.195.214.209 | 46681 (ROCKYOU) (ROCKYOU - Rockyou Inc.) | |
1 1 | 35.158.238.49 35.158.238.49 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 | 2a02:26f0:122... 2a02:26f0:122:382::f84 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
10 | 3 |
ASN46681 (ROCKYOU - Rockyou Inc., US)
fyber.tex-sync.rockyou.net |
ASN20940 (AKAMAI-ASN1, US)
PTR: a92-123-93-251.deploy.akamaitechnologies.com
ssum-sec.casalemedia.com | |
dsum-sec.casalemedia.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-247-166-89.eu-west-1.compute.amazonaws.com
match.adsrvr.org |
ASN34010 (YAHOO-IRD, GB)
PTR: pr-bh.pbp.vip.ir2.yahoo.com
pr-bh.ybp.yahoo.com |
ASN15169 (GOOGLE - Google Inc., US)
PTR: fra15s17-in-f66.1e100.net
cm.g.doubleclick.net |
ASN33419 (TRIBAL-FUSION - Exponential Interactive, Inc., US)
PTR: a.tribalfusion.com
a.tribalfusion.com |
ASN29791 (VOXEL-DOT-NET - Voxel Dot Net, Inc., US)
cm.adgrx.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-58-42-118.eu-central-1.compute.amazonaws.com
p.adsymptotic.com |
ASN46681 (ROCKYOU - Rockyou Inc., US)
tex-sync.rockyou.net |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-158-238-49.eu-central-1.compute.amazonaws.com
sy.eu.angsrvr.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
casalemedia.com
2 redirects
ssum-sec.casalemedia.com dsum-sec.casalemedia.com |
4 KB |
2 |
adsymptotic.com
2 redirects
p.adsymptotic.com |
963 B |
2 |
adgrx.com
2 redirects
cm.adgrx.com |
1 KB |
2 |
tribalfusion.com
2 redirects
a.tribalfusion.com |
1 KB |
2 |
doubleclick.net
2 redirects
cm.g.doubleclick.net |
434 B |
2 |
mathtag.com
2 redirects
sync.mathtag.com |
1 KB |
2 |
adsrvr.org
2 redirects
match.adsrvr.org |
1 KB |
2 |
rockyou.net
2 redirects
fyber.tex-sync.rockyou.net tex-sync.rockyou.net |
885 B |
1 |
fyber.com
rtbcc.fyber.com |
799 B |
1 |
angsrvr.com
1 redirects
sy.eu.angsrvr.com |
576 B |
1 |
rfihub.com
1 redirects
a.rfihub.com |
700 B |
1 |
yahoo.com
pr-bh.ybp.yahoo.com |
52 B |
10 | 12 |
Domain | Requested by | |
---|---|---|
7 | dsum-sec.casalemedia.com |
ssum-sec.casalemedia.com
|
3 | ssum-sec.casalemedia.com | 2 redirects |
2 | p.adsymptotic.com | 2 redirects |
2 | cm.adgrx.com | 2 redirects |
2 | a.tribalfusion.com | 2 redirects |
2 | cm.g.doubleclick.net | 2 redirects |
2 | sync.mathtag.com | 2 redirects |
2 | match.adsrvr.org | 2 redirects |
1 | rtbcc.fyber.com |
ssum-sec.casalemedia.com
|
1 | sy.eu.angsrvr.com | 1 redirects |
1 | tex-sync.rockyou.net | 1 redirects |
1 | a.rfihub.com | 1 redirects |
1 | pr-bh.ybp.yahoo.com |
ssum-sec.casalemedia.com
|
1 | fyber.tex-sync.rockyou.net | 1 redirects |
10 | 14 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
san.casalemedia.com GeoTrust SSL CA - G3 |
2017-08-03 - 2018-11-02 |
a year | crt.sh |
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA |
2017-06-01 - 2017-12-01 |
6 months | crt.sh |
fyber.com GeoTrust SSL CA - G3 |
2017-03-24 - 2018-03-16 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://ssum-sec.casalemedia.com/usermatch?s=185269&cb=https%3A%2F%2Ftex-sync.rockyou.net%2Fusersync%2Findexexchange%2F&C=1
Frame ID: 23415.1
Requests: 10 HTTP requests in this frame
Screenshot
![](/screenshots/97a23a9a-0e26-4da0-8b95-dbc39fa00aad.png)
Page URL History Show full URLs
-
https://fyber.tex-sync.rockyou.net/usersync2/fyber
HTTP 302
https://ssum-sec.casalemedia.com/usermatch?s=185269&cb=https%3A%2F%2Ftex-sync.rockyou.net%2Fusersync%2Findexe... HTTP 302
https://ssum-sec.casalemedia.com/usermatch?s=185269&cb=https%3A%2F%2Ftex-sync.rockyou.net%2Fusersync%2Findexe... Page URL
Detected technologies
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://fyber.tex-sync.rockyou.net/usersync2/fyber
HTTP 302
https://ssum-sec.casalemedia.com/usermatch?s=185269&cb=https%3A%2F%2Ftex-sync.rockyou.net%2Fusersync%2Findexexchange%2F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?s=185269&cb=https%3A%2F%2Ftex-sync.rockyou.net%2Fusersync%2Findexexchange%2F&C=1 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://match.adsrvr.org/track/cmf/casale?cm_dsp_id=39&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_user_id=WgNYILlQJ9cAADB07RoAAACG HTTP 302
- https://match.adsrvr.org/track/cmb/casale?cm_dsp_id=39&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_user_id=WgNYILlQJ9cAADB07RoAAACG HTTP 302
- https://dsum-sec.casalemedia.com/crum?cm_dsp_id=39&external_user_id=5537381b-f1b7-4841-bb31-fde698b60cdb&expiration=1512760596
- https://ssum-sec.casalemedia.com/usermatchredir?s=183875&cb=https%3A%2F%2Fpr-bh.ybp.yahoo.com%2Fsync%2Fcasale%2F_UID_ HTTP 302
- https://pr-bh.ybp.yahoo.com/sync/casale/WgNYILlQJ9cAADB07RoAAACGBIQAAAIB
- https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
- https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&mm_bnc&mm_bct HTTP 302
- https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=bd755a03-55b5-4000-8f2b-288ab9f5152c
- https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm=&google_sc=&google_tc= HTTP 302
- https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIVbbzEtmW_xECrz2ddsC8I&google_cver=1
- https://a.tribalfusion.com/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_dsp_id=131&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_user_id=WgNYILlQJ9cAADB07RoAAACG HTTP 302
- https://a.tribalfusion.com/z/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_dsp_id=131&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_user_id=WgNYILlQJ9cAADB07RoAAACG HTTP 302
- https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662335938370138
- https://a.rfihub.com/cm?cm_dsp_id=57&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_user_id=WgNYILlQJ9cAADB07RoAAACG HTTP 302
- https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=969751674357739250
- https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE HTTP 302
- https://cm.adgrx.com/bridge.gif?AG_PID=casale HTTP 302
- https://dsum-sec.casalemedia.com/rum?cm_dsp_id=41&external_user_id=5df2c7d0-c4b9-11e7-8bbe-9a67150032b2
- https://p.adsymptotic.com/d/px?_pid=13041&_psign=be82b7faf482c24ef42e8702b774bd66&_redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D100%26external_user_id%3D%24%7BUUID%7D HTTP 302
- https://p.adsymptotic.com/d/px?_pid=13041&_psign=be82b7faf482c24ef42e8702b774bd66&_redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D100%26external_user_id%3D%24%7BUUID%7D&_expected_cookie=e0287d8ce57d0ff0c1e8c98bd7d439b7 HTTP 302
- https://dsum-sec.casalemedia.com/rum?cm_dsp_id=100&external_user_id=e0287d8ce57d0ff0c1e8c98bd7d439b7
- https://tex-sync.rockyou.net/usersync/indexexchange/WgNYILlQJ9cAADB07RoAAACG%261156 HTTP 302
- https://sy.eu.angsrvr.com/sync?type=host&dsp=74&dspuuid=XU01v04-6d439efa-b434-4cfa-9133-f1881290d151 HTTP 302
- https://rtbcc.fyber.com/img/trpx.gif
10 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
![]() ssum-sec.casalemedia.com/ Redirect Chain
|
2 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
![]() dsum-sec.casalemedia.com/ Redirect Chain
|
43 B 43 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
WgNYILlQJ9cAADB07RoAAACGBIQAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Redirect Chain
|
43 B 52 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
![]() dsum-sec.casalemedia.com/ Redirect Chain
|
43 B 43 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
![]() dsum-sec.casalemedia.com/ Redirect Chain
|
43 B 43 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
![]() dsum-sec.casalemedia.com/ Redirect Chain
|
43 B 43 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
![]() dsum-sec.casalemedia.com/ Redirect Chain
|
43 B 43 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
![]() dsum-sec.casalemedia.com/ Redirect Chain
|
43 B 43 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
![]() dsum-sec.casalemedia.com/ Redirect Chain
|
43 B 43 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
trpx.gif
rtbcc.fyber.com/img/ Redirect Chain
|
799 B 799 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
Verdicts & Comments Add Verdict or Comment
0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
7 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.casalemedia.com/ | Name: CMRUM3 Value: 835a035821276018072662335938370138&275a03582027605537381b-f1b7-4841-bb31-fde698b60cdb&395a0358202760969751674357739250&035a0358202760bd755a03-55b5-4000-8f2b-288ab9f5152c&295a03582027605df2c7d0-c4b9-11e7-8bbe-9a67150032b2&495a03582005a0&2d5a0358202760CAESEIVbbzEtmW_xECrz2ddsC8I&645a0358202760e0287d8ce57d0ff0c1e8c98bd7d439b7 |
|
.casalemedia.com/ | Name: CMST Value: WgNYIFoDWCEA |
|
.casalemedia.com/ | Name: CMPRO Value: 1156 |
|
.casalemedia.com/ | Name: CMPS Value: 1156 |
|
.casalemedia.com/ | Name: CMID Value: WgNYILlQJ9cAADB07RoAAACG |
|
.casalemedia.com/ | Name: CMSC Value: WgNYIA** |
|
.casalemedia.com/ | Name: CMDD Value: |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
a.rfihub.com
a.tribalfusion.com
cm.adgrx.com
cm.g.doubleclick.net
dsum-sec.casalemedia.com
fyber.tex-sync.rockyou.net
match.adsrvr.org
p.adsymptotic.com
pr-bh.ybp.yahoo.com
rtbcc.fyber.com
ssum-sec.casalemedia.com
sy.eu.angsrvr.com
sync.mathtag.com
tex-sync.rockyou.net
172.217.22.66
173.195.214.209
173.195.214.210
185.29.135.42
199.38.164.54
204.11.109.68
2a02:26f0:122:382::f84
35.158.238.49
52.58.42.118
54.247.166.89
72.251.245.179
77.238.185.35
92.123.93.251
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
86927cafa657ae14a28bdca63befb837251fc4ce67683aa19fdccf4d1bfeef3b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
c674080c23f6bf4cd68abf7400b2ed6d7ce0b2b4245a70b3af1129d8df45f5de