urlscan.io logo urlscan.io
SecurityTrails logo

dsum-sec.casalemedia.com Open in urlscan Pro
104.18.36.155  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://p.rfihub.com/cm?in=1&pub=2079&gdpr=1&gdpr_consent=CP_HM8gP_HM8gErAJJENA1EsAP_gAEPgAATIKKtV_H__bW1r8X73aft0eY1...
Effective URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5107433833979945990&C=1
Submission: On May 25 via manual from RO — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 2 countries across 2 domains to perform 2 HTTP transactions. The main IP is 104.18.36.155, located in and belongs to CLOUDFLARENET, US. The main domain is dsum-sec.casalemedia.com. The Cisco Umbrella rank of the primary domain is 635.
TLS certificate: Issued by E1 on April 19th 2024. Valid for: 3 months.
This is the only time dsum-sec.casalemedia.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 193.0.160.131 54312 (ROCKETFUEL)
1 3 104.18.36.155 13335 (CLOUDFLAR...)
2 1
Apex Domain
Subdomains		 Transfer
3 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 635
2 KB
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 826
757 B
2 2
Domain Requested by
3 dsum-sec.casalemedia.com 1 redirects
1 p.rfihub.com 1 redirects
2 2

This site contains no links.

Subject Issuer Validity Valid
casalemedia.com
E1		 2024-04-19 -
2024-07-18		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5107433833979945990&C=1
Frame ID: 22B561FCB4A369C7ADCA1B30459E7BEC
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

crum (1×1)

Page URL History Show full URLs

  1. http://p.rfihub.com/cm?in=1&pub=2079&gdpr=1&gdpr_consent=CP_HM8gP_HM8gErAJJENA1EsAP_gAEPgAATIKKt... HTTP 307
    https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1&gdpr_consent=CP_HM8gP_HM8gErAJJENA1EsAP_gAEPgAATIKKt... HTTP 302
    https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5107433833979945990 HTTP 302
    https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5107433833979945990&C=1 Page URL

Page Statistics

2
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

2
Countries

1 kB
Transfer

0 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://p.rfihub.com/cm?in=1&pub=2079&gdpr=1&gdpr_consent=CP_HM8gP_HM8gErAJJENA1EsAP_gAEPgAATIKKtV_H__bW1r8X73aft0eY1P9_j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVCgaogVryDMakWcoTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vr993dx2D-t_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D9-ct87_XW-9_fff79Ll9-goqAWYaFRAHWRISEGgYRQIAVBWEBFAgAAABIGiAgBMGBTsDAJdYSIAQAoABggBAACjIAEAAAkACEQAQAFAgAAgECgABAAgEAgAYGAAMAFgIBAACA6BCmBBAoFgAkZkRCmBCFAkEBLZUIJAECCuEIRZ4EEAiJgoAAASACsAAQFgsDiSQErEggS4g2gAAIAEAghAqEUnZgCCBM2WqvFE2jK0gLR84WAAAAA.YAAAAAAAAAAA HTTP 307
    https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1&gdpr_consent=CP_HM8gP_HM8gErAJJENA1EsAP_gAEPgAATIKKtV_H__bW1r8X73aft0eY1P9_j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVCgaogVryDMakWcoTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vr993dx2D-t_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D9-ct87_XW-9_fff79Ll9-goqAWYaFRAHWRISEGgYRQIAVBWEBFAgAAABIGiAgBMGBTsDAJdYSIAQAoABggBAACjIAEAAAkACEQAQAFAgAAgECgABAAgEAgAYGAAMAFgIBAACA6BCmBBAoFgAkZkRCmBCFAkEBLZUIJAECCuEIRZ4EEAiJgoAAASACsAAQFgsDiSQErEggS4g2gAAIAEAghAqEUnZgCCBM2WqvFE2jK0gLR84WAAAAA.YAAAAAAAAAAA HTTP 302
    https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5107433833979945990 HTTP 302
    https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5107433833979945990&C=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

2 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request crum
dsum-sec.casalemedia.com/
Redirect Chain
  • http://p.rfihub.com/cm?in=1&pub=2079&gdpr=1&gdpr_consent=CP_HM8gP_HM8gErAJJENA1EsAP_gAEPgAATIKKtV_H__bW1r8X73aft0eY1P9_j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVCgaogVryDMakWcoTNKJ6BkiFMR...
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1&gdpr_consent=CP_HM8gP_HM8gErAJJENA1EsAP_gAEPgAATIKKtV_H__bW1r8X73aft0eY1P9_j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVCgaogVryDMakWcoTNKJ6BkiFM...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5107433833979945990
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5107433833979945990&C=1
43 B
340 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5107433833979945990&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8896ce545b2daca9-TXL
content-length
43
content-type
image/gif
date
Sat, 25 May 2024 16:12:15 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uHlB0%2F9jgghfPDxIHJDw4cj0hHG%2B8kf9oVHc%2B5dOk0eyPTPaZWczwsXfOP7VewlwIR9auKAjq5MvTogppHBWt59M7r0PAVV%2B4j5R5XDhezMRvf%2Fo5bYSyPyu8a0B5Vy88tOlVmbm75o%2BjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8896ce53da09aca9-TXL
content-length
0
date
Sat, 25 May 2024 16:12:15 GMT
expires
0
location
/crum?cm_dsp_id=57&external_user_id=5107433833979945990&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qDUtnjQpsJSeeEwRPx6aaqXPoYMAIxL%2B30BpChkCQBEKlAj1Nm%2FMPjH93P7CCbydpwWl%2BL%2Fl%2BvhRn6iNRS9hOiycILZ4Axbi7o4qXcA5u7WlGwnNgFFiobsZ%2BIK9DQLSSkWcDSj850LYpg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
favicon.ico
dsum-sec.casalemedia.com/ 		0
551 B 		Other
General
Check archive.org
Download Go to
Full URL
https://dsum-sec.casalemedia.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5107433833979945990&C=1
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 25 May 2024 16:12:15 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
0
pragma
no-cache
last-modified
Mon, 16 Oct 2023 14:07:46 GMT
server
cloudflare
etag
"0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KNgsTdWUFTOeuBlxxSYRxoOLAxkS2zWJ7wQeWd7upN0CDhcr23NbUNHa2mOrreYcWzbXL%2FL39lBXtMJWS%2FBjE3uTsIqQkz5h1Kwb814QD3%2Fz52hvj65L4wL9dW5inA11ry2mKaTE5xtfQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/vnd.microsoft.icon
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
8896ce5549a358ea-TXL
expires
Sat, 25 May 2024 20:12:15 GMT

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Domain/Path Name / Value
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MDcxNrYwNrY0t7Q0MbW0NBDiM9QN1S3ITU5K9XWv8kwBAIoJo_IlAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MDcxNrYwNrY0t7Q0MbW0NBDiM9QN1S3ITU5K9XWv8kwBAIoJo_IlAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA__vFyGtobmhmZmoMhIamJgBUN6d5EAAAAA
.casalemedia.com/ Name: CMID
Value: ZlIN37mqPI8AAE9-BvgzcgAA
.casalemedia.com/ Name: CMPS
Value: 1212
.casalemedia.com/ Name: CMPRO
Value: 1212

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

dsum-sec.casalemedia.com
p.rfihub.com
104.18.36.155
193.0.160.131
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855