saint-gobaine.com Open in urlscan Pro
104.223.76.231 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/
Submission: On June 03 via automatic, source phishtank (June 3rd 2021, 3:36:58 pm UTC)

Summary HTTP 48 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 17 IPs in 5 countries across 21 domains to perform 48 HTTP transactions. The main IP is 104.223.76.231, located in Los Angeles, United States and belongs to ASN-QUADRANET-GLOBAL, US. The main domain is saint-gobaine.com.

This is the only time saint-gobaine.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Yahoo (Online)

Domain & IP information

	IP Address	AS Autonomous System
15	104.223.76.231 104.223.76.231	8100 (ASN-QUADR...) (ASN-QUADRANET-GLOBAL)
6	2a00:1288:80:... 2a00:1288:80:800::7001	203220 (YAHOO-DEB) (YAHOO-DEB)
2	152.195.39.165 152.195.39.165	15133 (EDGECAST) (EDGECAST)
3	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2 13	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	152.199.23.180 152.199.23.180	15133 (EDGECAST) (EDGECAST)
1	76.223.111.131 76.223.111.131	16509 (AMAZON-02) (AMAZON-02)
1 1	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1 2	54.239.17.112 54.239.17.112	16509 (AMAZON-02) (AMAZON-02)
1 1	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
1	52.58.45.227 52.58.45.227	16509 (AMAZON-02) (AMAZON-02)
1	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
1 1	54.236.185.42 54.236.185.42	14618 (AMAZON-AES) (AMAZON-AES)
1	37.252.172.38 37.252.172.38	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	185.29.133.52 185.29.133.52	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 2	52.49.238.187 52.49.238.187	16509 (AMAZON-02) (AMAZON-02)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (TURN) (TURN)
2 2	151.101.114.49 151.101.114.49	54113 (FASTLY) (FASTLY)
1 1	2620:116:800d... 2620:116:800d:21:8c6e:cf2c:8d6:9fb5	16509 (AMAZON-02) (AMAZON-02)
1 2	52.48.248.240 52.48.248.240	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:20:... 2606:4700:20::681a:ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	159.253.128.183 159.253.128.183	36351 (SOFTLAYER) (SOFTLAYER)
1	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
48	17

15 104.223.76.231 (Los Angeles, United States)

ASN8100 (ASN-QUADRANET-GLOBAL, US)
PTR: 104.223.76.231.static.greencloudvps.com

saint-gobaine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1288:80:800::7001 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
beap-bc.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 152.195.39.165 (United States)

ASN15133 (EDGECAST, US)

tag.sp.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2.18.234.21 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.199.23.180 (United States)

ASN15133 (EDGECAST, US)

opus.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.131 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.162 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.239.17.112 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.162 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.58.45.227 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-45-227.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.236.185.42 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-236-185-42.compute-1.amazonaws.com

sync.extend.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.172.38 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.133.52 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.49.238.187 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-238-187.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (TURN, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.114.49 (Frankfurt am Main, Germany) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:8c6e:cf2c:8d6:9fb5 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.48.248.240 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-248-240.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.253.128.183 (Amsterdam, Netherlands) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: b7.80.fd9f.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	saint-gobaine.com saint-gobaine.com	276 KB
13	casalemedia.com 2 redirects ssum-sec.casalemedia.com dsum-sec.casalemedia.com	16 KB
7	yahoo.com beap-bc.yahoo.com pr-bh.ybp.yahoo.com ads.yahoo.com opus.analytics.yahoo.com ups.analytics.yahoo.com	5 KB
4	yimg.com s.yimg.com	93 KB
3	doubleclick.net 2 redirects googleads.g.doubleclick.net cm.g.doubleclick.net	5 KB
2	crwdcntrl.net 1 redirects bcp.crwdcntrl.net	998 B
2	everesttech.net 2 redirects sync-tm.everesttech.net	646 B
2	bidr.io 2 redirects match.prod.bidr.io	1 KB
2	amazon-adsystem.com 1 redirects s.amazon-adsystem.com	961 B
2	advertising.com tag.sp.advertising.com	1 KB
1	pubmatic.com ads.pubmatic.com	14 KB
1	simpli.fi 1 redirects um.simpli.fi	624 B
1	ad4m.at ad4m.at
1	quantserve.com 1 redirects pixel.quantserve.com	511 B
1	turn.com 1 redirects ad.turn.com	425 B
1	mathtag.com 1 redirects sync.mathtag.com	638 B
1	adnxs.com ib.adnxs.com
1	extend.tv 1 redirects sync.extend.tv	546 B
1	bidswitch.net x.bidswitch.net	146 B
1	adsrvr.org match.adsrvr.org	264 B
1	googlesyndication.com pagead2.googlesyndication.com	48 KB
48	21

	Domain	Requested by
15	saint-gobaine.com	saint-gobaine.com
9	dsum-sec.casalemedia.com	1 redirects ssum-sec.casalemedia.com
4	ssum-sec.casalemedia.com	1 redirects s.yimg.com ssum-sec.casalemedia.com saint-gobaine.com
4	s.yimg.com	saint-gobaine.com s.yimg.com
3	pr-bh.ybp.yahoo.com	saint-gobaine.com ssum-sec.casalemedia.com
2	bcp.crwdcntrl.net	1 redirects ssum-sec.casalemedia.com
2	sync-tm.everesttech.net	2 redirects
2	match.prod.bidr.io	2 redirects
2	s.amazon-adsystem.com	1 redirects ssum-sec.casalemedia.com
2	cm.g.doubleclick.net	2 redirects
2	tag.sp.advertising.com	s.yimg.com tag.sp.advertising.com
1	ads.pubmatic.com	saint-gobaine.com
1	um.simpli.fi	1 redirects
1	ad4m.at	ssum-sec.casalemedia.com
1	pixel.quantserve.com	1 redirects
1	ad.turn.com	1 redirects
1	sync.mathtag.com	1 redirects
1	ib.adnxs.com	ssum-sec.casalemedia.com
1	sync.extend.tv	1 redirects
1	ups.analytics.yahoo.com	ssum-sec.casalemedia.com
1	x.bidswitch.net	ssum-sec.casalemedia.com
1	match.adsrvr.org	ssum-sec.casalemedia.com
1	opus.analytics.yahoo.com	tag.sp.advertising.com
1	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	ads.yahoo.com	saint-gobaine.com
1	pagead2.googlesyndication.com	saint-gobaine.com
1	beap-bc.yahoo.com	saint-gobaine.com
48	27

This site contains links to these domains. Also see Links.

Domain
www.yahoo.com
help.yahoo.com
login.yahoo.com
info.yahoo.com

Subject Issuer	Validity	Valid
*.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-05-03` - `2021-06-23`	2 months	crt.sh
tag.sp.advertising.com DigiCert SHA2 Secure Server CA	`2020-04-02` - `2022-05-12`	2 years	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-03-29` - `2021-09-22`	6 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
opus.analytics.yahoo.com DigiCert TLS RSA SHA256 2020 CA1	`2021-05-28` - `2022-06-02`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
s.amazon-adsystem.com Amazon	`2020-08-28` - `2021-08-20`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-03-22` - `2021-09-15`	6 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2019-06-13` - `2021-06-28`	2 years	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-08` - `2021-08-08`	a year	crt.sh

This page contains 14 frames:

Primary Page: http://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/
Frame ID: B8C5DAD74DA471F7DBF7C473DD6FBEA9
Requests: 6 HTTP requests in this frame

Frame: http://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf.html
Frame ID: 93C31EDFA0B5DE997921CB19AD491C34
Requests: 10 HTTP requests in this frame

Frame: http://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-csc.html
Frame ID: 6241827230E6681F7A6573E08849E986
Requests: 2 HTTP requests in this frame

Frame: https://s.yimg.com/rq/sbox/bv.js
Frame ID: EF3CF4D7D756035BF12B6B4FDF351AB1
Requests: 2 HTTP requests in this frame

Frame: https://tag.sp.advertising.com/bid-apid/bid-apid-idsync.html
Frame ID: FF014BF7B5547072972B9722634AAD08
Requests: 2 HTTP requests in this frame

Frame: https://s.yimg.com/dh/ap/ssp_cookie_sync/emea2.html
Frame ID: 8C8DDF7C470D48660E85F60C05100C7E
Requests: 1 HTTP requests in this frame

Frame: http://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf_data/emea2.html
Frame ID: B7B3AEB4FF5BA3F57DA6804B0D6DED99
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fpr-bh.ybp.yahoo.com%2Fsync%2Fcasale%2F_UID_&s=183875&C=1
Frame ID: F75C2126F090DD79486933B98609F8CA
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210525/r20190131/zrt_lookup.html
Frame ID: 1868704450D805CF198851AE58AC0A27
Requests: 1 HTTP requests in this frame

Frame: https://opus.analytics.yahoo.com/opus/tag/opus-frame.html?id=4
Frame ID: 40C537E70E923B3B0588FA58C2B4A461
Requests: 1 HTTP requests in this frame

Frame: http://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf_data/emea2_data/user_sync.html
Frame ID: C87CBF933171DD485A196DEC4EA008E2
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=183875&cb=https%3A%2F%2Fpr-bh.ybp.yahoo.com%2Fsync%2Fcasale%2F_UID_
Frame ID: 35E050CD5402FE0CAE557A60EC21A77B
Requests: 10 HTTP requests in this frame

Frame: http://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: B975C9B9856C2392CE123532A4708750
Requests: 1 HTTP requests in this frame

Frame: http://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf_data/emea2_data/user_sync_data/showad.html
Frame ID: C1A2EE530FE1EDAE3618E8CC11800D60
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

48
Requests

65 %
HTTPS

28 %
IPv6

21
Domains

27
Subdomains

17
IPs

5
Countries

459 kB
Transfer

684 kB
Size

0
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www.yahoo.com/
Title:

Search URL Search Domain Scan URL

URL: https://help.yahoo.com/kb/index?locale=en_US&page=product&y=PROD_ACCT
Title: Help

Search URL Search Domain Scan URL

URL: https://login.yahoo.com/forgot?done=https%3A%2F%2Fmail.yahoo.com%2F
Title: Trouble signing in?

Search URL Search Domain Scan URL

URL: https://login.yahoo.com/account/create?src=ym&intl=us&done=https%3A%2F%2Fmail.yahoo.com%2F&specId=yidReg
Title: Sign up

Search URL Search Domain Scan URL

URL: https://info.yahoo.com/legal/us/yahoo/terms/en-US
Title: Terms

Search URL Search Domain Scan URL

URL: https://info.yahoo.com/privacy/us/yahoo
Title: Privacy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22

https://ssum-sec.casalemedia.com/usermatch?s=183875&cb=https%3A%2F%2Fpr-bh.ybp.yahoo.com%2Fsync%2Fcasale%2F_UID_ HTTP 302
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fpr-bh.ybp.yahoo.com%2Fsync%2Fcasale%2F_UID_&s=183875&C=1

Request Chain 27

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YLj3CbwPdC9V1j.iZf5NTwAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENlM494Nmr0YkwZzpr8hcGM&google_cver=1&gdpr=1&google_hm=2

Request Chain 28

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YLj3CbwPdC9V1j-iZf5NTwAABJIAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YLj3CbwPdC9V1j-iZf5NTwAABJIAAAAB&dcc=t

Request Chain 29

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YLj3CbwPdC9V1j-iZf5NTwAABJIAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEDh8gRJhexfN84tdkoImG9k&google_cver=1

Request Chain 32

https://sync.extend.tv/r.gif?exchange=index HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=a19eec2e-3aea-498d-a862-7e7385ebf9f3

Request Chain 37

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=b0bb60b8-f709-4100-b8e3-c66f403b97dd&gdpr=1&gdpr_consent=

Request Chain 38

https://match.prod.bidr.io/cookie-sync/ie?gdpr=1 HTTP 303
https://match.prod.bidr.io/cookie-sync/ie?gdpr=1&_bee_ppp=1 HTTP 303
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADpSE7Bce4AADLNfxaHvA&expiration=1623944201&gdpr=1

Request Chain 39

https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2600143335057571504

Request Chain 40

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1 HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YLj3CQABhHd7HQA4 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YLj3CQABhHd7HQA4&gdpr=1&_test=YLj3CQABhHd7HQA4

Request Chain 41

https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=N8Bu52fHPOYsyT3qZcIh5jGUbeksx2rmZ8W6qOF7

Request Chain 42

https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YLj3CbwPdC9V1j.iZf5NTwAA%261170?gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YLj3CbwPdC9V1j.iZf5NTwAA%261170?gdpr_consent=&us_privacy=&gdpr=1

Request Chain 44

https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=607A5C8003734DBE9DD32004B662956D&gdpr=1

48 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/ 72 KB
72 KB 342ms
327ms Document
text/html 104.223.76.231
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL: http://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/
Protocol: HTTP/1.1
Server: 104.223.76.231 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS: 104.223.76.231.static.greencloudvps.com
Software: Apache /
Resource Hash: cd8159680ecc8a407bc9e957d7b2dd88f74909baa4bfcad1d7f6d7230e1745f9

Request headers

Host: saint-gobaine.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 03 Jun 2021 15:36:39 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK yahoo_en-US_f_p_bestfit_2x.png
saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/ 3 KB
3 KB 320ms
307ms Image
image/png 104.223.76.231
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/yahoo_en-US_f_p_bestfit_2x.png
Requested by: Host: saint-gobaine.com
URL: http://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/
Protocol: HTTP/1.1
Server: 104.223.76.231 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS: 104.223.76.231.static.greencloudvps.com
Software: Apache /
Resource Hash: 19b644434cfa9f5d12e1e90a3c2d062aacf27da9ecbe8393df77383ab3c00208

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: saint-gobaine.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 03 Jun 2021 15:36:40 GMT
Last-Modified: Tue, 21 Nov 2017 13:20:20 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 3066

GET
H/1.1 200
OK client.php Show response
saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/ 22 KB
23 KB 345ms
334ms Script
text/html 104.223.76.231
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL: http://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/client.php
Requested by: Host: saint-gobaine.com
URL: http://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/
Protocol: HTTP/1.1
Server: 104.223.76.231 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS: 104.223.76.231.static.greencloudvps.com
Software: Apache /
Resource Hash: 6ad70862de73f243b711a1d8523fac32aeff4df4871955dd01b794f2d4d0a7a0

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: saint-gobaine.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 03 Jun 2021 15:36:40 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK r-sf.html Show response
saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/ Frame 93C3 5 KB
5 KB 155ms
152ms Document
text/html 104.223.76.231
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL: http://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf.html
Requested by: Host: saint-gobaine.com
URL: http://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/
Protocol: HTTP/1.1
Server: 104.223.76.231 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS: 104.223.76.231.static.greencloudvps.com
Software: Apache /
Resource Hash: 70b5b87e20f82a24c389deb2386d27d9c8fe759b644ed18a8a33b9f52f83e7e2

Request headers

Host: saint-gobaine.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/

Response headers

Date: Thu, 03 Jun 2021 15:36:40 GMT
Server: Apache
Last-Modified: Tue, 21 Nov 2017 13:20:20 GMT
Accept-Ranges: bytes
Content-Length: 4947
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html

GET
DATA 200
OK truncated
/ 650 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1a540d6790659adf104de6f73b3be7526e1729da358976fa63f366e2ca01c58d

Request headers

Referer: http://saint-gobaine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK integrator.js Show response
saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf_data/ Frame 93C3 121 B
375 B 158ms
150ms Script
application/javascript 104.223.76.231
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL: http://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf_data/integrator.js
Requested by: Host: saint-gobaine.com
URL: http://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf.html
Protocol: HTTP/1.1
Server: 104.223.76.231 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS: 104.223.76.231.static.greencloudvps.com
Software: Apache /
Resource Hash: 6b8468baa304258a3b64085584a83f5b997f809058e32ed8d10c75a302ce324d

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: saint-gobaine.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf.html
Connection: keep-alive
Cache-Control: no-cache
Referer: http://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 03 Jun 2021 15:36:40 GMT
Last-Modified: Tue, 21 Nov 2017 13:20:20 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 121

GET
H/1.1 200
OK ca-pub-7382640443023261.js Show response
saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf_data/ Frame 93C3 133 B
388 B 316ms
308ms Script
application/javascript 104.223.76.231
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL: http://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf_data/ca-pub-7382640443023261.js
Requested by: Host: saint-gobaine.com
URL: http://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf.html
Protocol: HTTP/1.1
Server: 104.223.76.231 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS: 104.223.76.231.static.greencloudvps.com
Software: Apache /
Resource Hash: 7e7fa886d5d75c745d95be4fc3c5bfb4c988019b3f643c669734612345e1b8c8

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: saint-gobaine.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf.html
Connection: keep-alive
Cache-Control: no-cache
Referer: http://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 03 Jun 2021 15:36:40 GMT
Last-Modified: Tue, 21 Nov 2017 13:20:20 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 133

GET
H/1.1 200
OK sfext-min.js Show response
saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf_data/ Frame 93C3 65 KB
66 KB 315ms
307ms Script
application/javascript 104.223.76.231
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL: http://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf_data/sfext-min.js
Requested by: Host: saint-gobaine.com
URL: http://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf.html
Protocol: HTTP/1.1
Server: 104.223.76.231 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS: 104.223.76.231.static.greencloudvps.com
Software: Apache /
Resource Hash: 07e8cc505468105a52598bfb0c1043caa705e2c033c34980014539526de835d0

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: saint-gobaine.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf.html
Connection: keep-alive
Cache-Control: no-cache
Referer: http://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 03 Jun 2021 15:36:40 GMT
Last-Modified: Tue, 21 Nov 2017 13:20:20 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 66997

GET
H/1.1 200
OK banner Show response
saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf_data/ Frame 93C3 2 KB
2 KB 323ms
315ms Script
text/plain 104.223.76.231
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL: http://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf_data/banner
Requested by: Host: saint-gobaine.com
URL: http://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf.html
Protocol: HTTP/1.1
Server: 104.223.76.231 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS: 104.223.76.231.static.greencloudvps.com
Software: Apache /
Resource Hash: dc92bbc105671d1c180bf9895d59da34112ae258a7792642d06841d827fdb9d5

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: saint-gobaine.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf.html
Connection: keep-alive
Cache-Control: no-cache
Referer: http://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 03 Jun 2021 15:36:40 GMT
Last-Modified: Tue, 21 Nov 2017 13:20:20 GMT
Server: Apache
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 2017

GET
H/1.1 200
OK adsbygoogle.js Show response
saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf_data/ Frame 93C3 65 KB
66 KB 156ms
156ms Script
application/javascript 104.223.76.231
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL: http://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf_data/adsbygoogle.js
Requested by: Host: saint-gobaine.com
URL: http://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf.html
Protocol: HTTP/1.1
Server: 104.223.76.231 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS: 104.223.76.231.static.greencloudvps.com
Software: Apache /
Resource Hash: 0f1c4a4c907abbbd518701d77f5a1cd96e37b4e0fcd2a0812e8c17a2bbe5d432

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: saint-gobaine.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf.html
Connection: keep-alive
Cache-Control: no-cache
Referer: http://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 03 Jun 2021 15:36:40 GMT
Last-Modified: Tue, 21 Nov 2017 13:20:20 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 66883

GET
H/1.1 404
Not Found get-user-id
saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf_data/ Frame 93C3 0
0 286ms
160ms Script
text/html 104.223.76.231
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL: http://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf_data/get-user-id
Requested by: Host: saint-gobaine.com
URL: http://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf.html
Protocol: HTTP/1.1
Server: 104.223.76.231 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS: 104.223.76.231.static.greencloudvps.com
Software: Apache /
Resource Hash

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: saint-gobaine.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf.html
Connection: keep-alive
Cache-Control: no-cache
Referer: http://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 03 Jun 2021 15:36:40 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 boot.js Show response
s.yimg.com/rq/darla/ 7 KB
4 KB 28ms
7ms Script
application/javascript 2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/rq/darla/boot.js

Requested by

Host: saint-gobaine.com
URL: http://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/client.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

fcbaeadfffc791269a437216ee74bc95aabf4a2ee0a61b152e302a973e78fe63

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://saint-gobaine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Wed, 02 Jun 2021 21:32:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65036
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
content-length: 3608
x-amz-id-2: 9jMGwjhEzJjNKEz2Z+3Mg3FpComhsSqHXIKmL6tZBgWOODGVcp/6/PZ8haHhZEM0Bc/2jqXiKKQ=
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 08 Apr 2021 18:32:56 GMT
server: ATS
etag: "06346d00bce3015d21a196043c398a1b-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: ETR5321PP3FV7YNV
x-xss-protection: 1; mode=block
cache-control: public,max-age=86400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8

GET
H/1.1 200
OK r-csc.html Show response
saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/ Frame 6241 7 KB
7 KB 168ms
167ms Document
text/html 104.223.76.231
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL: http://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-csc.html
Requested by: Host: saint-gobaine.com
URL: http://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/
Protocol: HTTP/1.1
Server: 104.223.76.231 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS: 104.223.76.231.static.greencloudvps.com
Software: Apache /
Resource Hash: 98461db09c78dc1982ea4091ef106292f3075687ae18e4e4a77579907fca5353

Request headers

Host: saint-gobaine.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/

Response headers

Date: Thu, 03 Jun 2021 15:36:40 GMT
Server: Apache
Last-Modified: Tue, 21 Nov 2017 13:20:20 GMT
Accept-Ranges: bytes
Content-Length: 7298
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html

GET
H2 200 g-r-min.js Show response
s.yimg.com/rq/darla/3-0-8/js/ 207 KB
87 KB 22ms
21ms Script
application/javascript 2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/rq/darla/3-0-8/js/g-r-min.js

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/boot.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

0a951ba51cfe149349db028d537e9fc34e65d61cf495b3511f94e99ac413e11c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://saint-gobaine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Jun 2021 12:14:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12145
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
x-amz-request-id: J4520C8RRRKDQQQ0
x-amz-id-2: PF4sxkgtVFxNnHSARCJWGusExCNi8VzRFXG3xYK6gDwcPnmpCHarVuM/NJRU4bSCe4k4xuVRjG0=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 12 Jun 2018 23:28:00 GMT
server: ATS
etag: "7ac1e624b19f862b59fa388484ff5dcd-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
content-type: application/javascript; charset=utf-8
x-xss-protection: 1; mode=block
cache-control: public,max-age=86400
accept-ranges: bytes

GET
H2 200 bv.js Show response
s.yimg.com/rq/sbox/ Frame EF3C 357 B
585 B 11ms
7ms Script
application/javascript 2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/rq/sbox/bv.js

Requested by

Host: saint-gobaine.com
URL: http://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-csc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

303bbc0d2be952f516322124d7c57675f80b4cfc62d476a5819ca54f95124a5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://saint-gobaine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Thu, 03 Jun 2021 15:10:15 GMT
x-content-type-options: nosniff
age: 1586
x-amz-server-side-encryption: AES256
vary: Origin
content-length: 357
x-amz-id-2: uh755KyPHXU5BcjbVfdLyowYxvfEOML63SA9guSONLwKBP8P65wcKuzvxKG/bVXXes9J01ULbw8=
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 20 Jul 2018 21:04:26 GMT
server: ATS
etag: "87ea17b7d8be94b4b9cb35670f009dd6"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: 5CZ3EQV5A2A52JK3
x-xss-protection: 1; mode=block
cache-control: public,max-age=1800
accept-ranges: bytes
content-type: application/javascript; charset=utf-8

GET
H2 500 yi
beap-bc.yahoo.com/ Frame 6241 0
0 52ms
50ms Image
text/html 2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beap-bc.yahoo.com/yi?bv=1.0.0&bs=(135u5u5ec(gid$uCOgfTEwLjIrmfkSWSqmPwDSNDEuMQAAAAC4EI8c,st$1511273230556724,si$4465551,sp$150002527,pv$1,v$2.0))&t=J_3-D_3&al=(as$13aps5spr,aid$1W6nuwrIEhk-,bi$2317125051,agp$3539141551,cr$4532415551,ct$25,at$H,eob$gd1_match_id=-1:ypos=RICH)&s=0&r=0.8739635821522345
Requested by: Host: saint-gobaine.com
URL: http://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-csc.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://saint-gobaine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 bid-apid-idsync.html Show response
tag.sp.advertising.com/bid-apid/ Frame FF01 136 B
419 B 81ms
7ms Document
text/html 152.195.39.165
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.sp.advertising.com/bid-apid/bid-apid-idsync.html
Requested by: Host: s.yimg.com
URL: https://s.yimg.com/rq/sbox/bv.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.39.165 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6795) /
Resource Hash: 682fc76515bc4d8bde6358c50349eaabb46e6f087051920e744a013161ee22cf

Request headers

:method: GET
:authority: tag.sp.advertising.com
:scheme: https
:path: /bid-apid/bid-apid-idsync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://saint-gobaine.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://saint-gobaine.com/

Response headers

content-encoding: gzip
age: 186
content-type: text/html
date: Thu, 03 Jun 2021 15:36:41 GMT
etag: "f3441e2c340de93b6af4903c3c078bb8+gzip"
last-modified: Tue, 03 Dec 2019 21:01:22 GMT
server: ECS (frb/6795)
vary: Accept-Encoding
x-amz-id-2: 1HHpPd88owthsZ9PMHKOIXSdgcgOkoqtB83EHjHsfsuFJgrv5CV/OIFhJX9qs0/VI0FmAUKX8Uw=
x-amz-request-id: M8AMZPKERCZ7AVJT
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 124

GET
H2 200 fac-sync
pr-bh.ybp.yahoo.com/ Frame EF3C 43 B
302 B 127ms
40ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/fac-sync?cb=0.6819074748476455

Requested by

Host: saint-gobaine.com
URL: http://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-csc.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://saint-gobaine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Jun 2021 15:36:41 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 93C3 134 KB
48 KB 57ms
43ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: saint-gobaine.com
URL: http://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf_data/banner

Protocol

HTTP/1.1

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f1c97d2baed012a6a46f8f747b8a1c564f6c37e75117488210c37f803c9412a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://saint-gobaine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Thu, 03 Jun 2021 15:36:41 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 11130062639652636885
Vary: Accept-Encoding, Origin
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 48421
X-XSS-Protection: 0
Expires: Thu, 03 Jun 2021 15:36:41 GMT

GET
H2 200 emea2.html Show response
s.yimg.com/dh/ap/ssp_cookie_sync/ Frame 8C8D 855 B
1 KB 15ms
13ms Document
text/html 2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/dh/ap/ssp_cookie_sync/emea2.html

Requested by

Host: saint-gobaine.com
URL: http://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf_data/banner

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

3c1e83528705586ca2a9155985f397701e7e9b3c40a5cf1d9ca9c2bc3c63066c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: s.yimg.com
:scheme: https
:path: /dh/ap/ssp_cookie_sync/emea2.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://saint-gobaine.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://saint-gobaine.com/

Response headers

x-amz-id-2: M02yQSzI1r3r/E+w48+VHJ5XAl4nUEqKhGNx3THZX3sk/g10FwWrmISL3tbGeYRlQG58IdSMG14=
x-amz-request-id: G6DNRK8ZNWQVF05W
date: Thu, 03 Jun 2021 04:41:43 GMT
last-modified: Tue, 19 Jun 2018 23:23:41 GMT
x-amz-server-side-encryption: AES256
cache-control: max-age=86400,public
x-amz-meta-created-date: Mon, 12 Dec 2016 10:35:30 GMT
x-amz-meta-mbst-etag: "YM:1:8d2163ad-a236-4df1-90ea-3dcaa01bed6100054373a9aa589e"
x-amz-meta-x-ysws-mbst-vtime: 1481538930366622
x-amz-meta-x-ysws-access: public
accept-ranges: bytes
content-type: text/html; charset=utf-8
content-length: 855
server: ATS
referrer-policy: no-referrer-when-downgrade
etag: "d0c647cd5cfa6f032239e62784ae46ac"
expires: Sat, 05 Sep 2026 00:00:00 GMT
age: 39299
access-control-allow-origin: *
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: Origin

GET
H2 204 get-user-id Show response
ads.yahoo.com/ Frame 93C3 0
268 B 12ms
10ms Script
text/plain 2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.yahoo.com/get-user-id?ver=2&n=29657&ts=1511273230&sig=b8895147006609bf

Requested by

Host: saint-gobaine.com
URL: http://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf_data/banner

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://saint-gobaine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Jun 2021 15:36:41 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

GET
H/1.1 404
Not Found get-user-id
saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf_data/ Frame 93C3 0
0 173ms
169ms Script
text/html 104.223.76.231
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL: http://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf_data/get-user-id
Requested by: Host: saint-gobaine.com
URL: http://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf.html
Protocol: HTTP/1.1
Server: 104.223.76.231 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS: 104.223.76.231.static.greencloudvps.com
Software: Apache /
Resource Hash

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: saint-gobaine.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf.html
Connection: keep-alive
Cache-Control: no-cache
Referer: http://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 03 Jun 2021 15:36:41 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK emea2.html Show response
saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf_data/ Frame B7B3 1 KB
1 KB 197ms
175ms Document
text/html 104.223.76.231
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL: http://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf_data/emea2.html
Requested by: Host: saint-gobaine.com
URL: http://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf.html
Protocol: HTTP/1.1
Server: 104.223.76.231 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS: 104.223.76.231.static.greencloudvps.com
Software: Apache /
Resource Hash: 840784f797836249222bc410136c048467690e5a5be3998323365e3fc1669e27

Request headers

Host: saint-gobaine.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf.html
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf.html

Response headers

Date: Thu, 03 Jun 2021 15:36:41 GMT
Server: Apache
Last-Modified: Tue, 21 Nov 2017 13:20:20 GMT
Accept-Ranges: bytes
Content-Length: 1035
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html

GET
H/1.1

200
OK

Cookie set usermatch Show response
ssum-sec.casalemedia.com/ Frame F75C
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=183875&cb=https%3A%2F%2Fpr-bh.ybp.yahoo.com%2Fsync%2Fcasale%2F_UID_
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fpr-bh.ybp.yahoo.com%2Fsync%2Fcasale%2F_UID_&s=183875&C=1

2 KB
3 KB

28ms
25ms

Document
text/html

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fpr-bh.ybp.yahoo.com%2Fsync%2Fcasale%2F_UID_&s=183875&C=1
Requested by: Host: s.yimg.com
URL: https://s.yimg.com/dh/ap/ssp_cookie_sync/emea2.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b33712d34b1a85418a07eae62daaedd91284a3d7840125efb01f592fb1d687c3

Request headers

Host: ssum-sec.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://s.yimg.com/dh/ap/ssp_cookie_sync/emea2.html
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMID=YLj3CbwPdC9V1j.iZf5NTwAA; CMPS=3169
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://s.yimg.com/dh/ap/ssp_cookie_sync/emea2.html

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 39|45|241|230|51|206|152|190
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1742
Expires: Thu, 03 Jun 2021 15:36:41 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 03 Jun 2021 15:36:41 GMT
Connection: keep-alive
Set-Cookie: CMID=YLj3CbwPdC9V1j.iZf5NTwAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 03 Jun 2022 15:36:41 GMT CMPS=3169;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 01 Sep 2021 15:36:41 GMT CMPRO=1170;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 01 Sep 2021 15:36:41 GMT CMST=YLj3CWC49wkA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 04 Jun 2021 15:36:41 GMT CMRUM3=be60b8f70905a0&ce60b8f70905a0&9860b8f70905a00&e660b8f7092760&2760b8f7090b40&2d60b8f70905a0&f160b8f70905a0&3360b8f70905a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 03 Jun 2022 15:36:41 GMT

Redirect headers

Server: Apache
Content-Length: 308
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fpr-bh.ybp.yahoo.com%2Fsync%2Fcasale%2F_UID_&s=183875&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Thu, 03 Jun 2021 15:36:41 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 03 Jun 2021 15:36:41 GMT
Connection: keep-alive
Set-Cookie: CMID=YLj3CbwPdC9V1j.iZf5NTwAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 03 Jun 2022 15:36:41 GMT CMPS=3169;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 01 Sep 2021 15:36:41 GMT

GET
H2 200 bid-apid-idsync.js Show response
tag.sp.advertising.com/bid-apid/ Frame FF01 2 KB
914 B 32ms
6ms Script
application/javascript 152.195.39.165
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.sp.advertising.com/bid-apid/bid-apid-idsync.js
Requested by: Host: tag.sp.advertising.com
URL: https://tag.sp.advertising.com/bid-apid/bid-apid-idsync.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.39.165 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/673A) /
Resource Hash: d01dbcadec79258da0830d4f94ed24ad5aa179c7018b4d5166b2dfdf21cb3f10

Request headers

Referer: https://tag.sp.advertising.com/bid-apid/bid-apid-idsync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Jun 2021 15:36:41 GMT
content-encoding: gzip
etag: "4419c7e7a776ab0345f8252d24a603e8+gzip"
last-modified: Tue, 03 Dec 2019 21:01:22 GMT
server: ECS (frb/673A)
age: 274
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
x-amz-request-id: E5Q9A0RD8KSRAV9G
content-length: 730
x-amz-id-2: w37Rd2FhJht44Y+CH+x/WgFGkXOf9HXjt4VHm0XPvkBoEhOvE0HXtevg34a9ZYmoIWlyHvAGNdU=

GET
H3-29 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210525/r20190131/ Frame 1868 10 KB
4 KB 7ms
7ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210525/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1dad6cb9a0903898a8f82f89c0d10ee6e94f8459228530fa5df3078100c9f650

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210525/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://saint-gobaine.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlvXNZ5fwQTFOm1zlpmnnfcu0-rCFmfiHpo1m6dZNueaCeJ5mZBiTFZdDr6ho0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://saint-gobaine.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 03 Jun 2021 01:21:09 GMT
expires: Thu, 17 Jun 2021 01:21:09 GMT
content-type: text/html; charset=UTF-8
etag: 15349191498103243965
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4506
x-xss-protection: 0
age: 51332
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 opus-frame.html Show response
opus.analytics.yahoo.com/opus/tag/ Frame 40C5 9 KB
4 KB 197ms
25ms Document
text/html 152.199.23.180
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://opus.analytics.yahoo.com/opus/tag/opus-frame.html?id=4

Requested by

Host: tag.sp.advertising.com
URL: https://tag.sp.advertising.com/bid-apid/bid-apid-idsync.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.23.180 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lhd/35DB) /

Resource Hash

efa70d6e32423159b2c5d940441d59c9db589b2174c0a1681134f2bb5bfc778e

Security Headers

Name	Value
Content-Security-Policy	default-src https:; script-src https: 'unsafe-inline'; style-src https: 'unsafe-inline'

Request headers

:method: GET
:authority: opus.analytics.yahoo.com
:scheme: https
:path: /opus/tag/opus-frame.html?id=4
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tag.sp.advertising.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: A3=d=AQABBAn3uGACEKJNH3zNUmVwY6oyxwlJUwQFEgEBAQFIumDCYAAAAAAA_eMAAA&S=AQAAAnmoyAybUC7dzgTtYnp6O5Y
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://tag.sp.advertising.com/

Response headers

content-encoding: gzip
age: 252505
content-security-policy: default-src https:; script-src https: 'unsafe-inline'; style-src https: 'unsafe-inline'
content-type: text/html
date: Thu, 03 Jun 2021 15:36:41 GMT
etag: "e3f3a3e01a35be7a338eb0248b0d6a22+gzip"
last-modified: Mon, 11 Jan 2021 22:14:51 GMT
server: ECAcc (lhd/35DB)
vary: Accept-Encoding
x-amz-id-2: m4jxYnjJCr00DSogcFFjl0TxhXCR5AYIAfmCYXqnkngMcs3DZOO/j1hXXoRawbj75eIcndyUf3A=
x-amz-request-id: AEQ47NYGGKJ6Q2SZ
x-cache: HIT
content-length: 3273

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame F75C 70 B
264 B 56ms
34ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=70&cm_user_id=YLj3CbwPdC9V1j.iZf5NTwAA&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fpr-bh.ybp.yahoo.com%2Fsync%2Fcasale%2F_UID_&s=183875&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Jun 2021 15:36:41 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame F75C
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YLj3CbwPdC9V1j.iZf5NTwAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENlM494Nmr0YkwZzpr8hcGM&google_cver=1&gdpr=1&google_hm=2

43 B
1 KB

78ms
15ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENlM494Nmr0YkwZzpr8hcGM&google_cver=1&gdpr=1&google_hm=2
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fpr-bh.ybp.yahoo.com%2Fsync%2Fcasale%2F_UID_&s=183875&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 03 Jun 2021 15:36:41 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 03 Jun 2021 15:36:41 GMT

Redirect headers

pragma: no-cache
date: Thu, 03 Jun 2021 15:36:41 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENlM494Nmr0YkwZzpr8hcGM&google_cver=1&gdpr=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 341
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame F75C
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YLj3CbwPdC9V1j-iZf5NTwAABJIAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YLj3CbwPdC9V1j-iZf5NTwAABJIAAAAB&dcc=t

43 B
433 B

126ms
110ms

Image
image/gif

54.239.17.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YLj3CbwPdC9V1j-iZf5NTwAABJIAAAAB&dcc=t
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fpr-bh.ybp.yahoo.com%2Fsync%2Fcasale%2F_UID_&s=183875&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.239.17.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 03 Jun 2021 15:36:41 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 03 Jun 2021 15:36:41 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YLj3CbwPdC9V1j-iZf5NTwAABJIAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame F75C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YLj3CbwPdC9V1j-iZf5NTwAABJIAAAAB&gdpr_consent=&us_privacy=&gdpr=1
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEDh8gRJhexfN84tdkoImG9k&google_cver=1

43 B
315 B

60ms
39ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEDh8gRJhexfN84tdkoImG9k&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fpr-bh.ybp.yahoo.com%2Fsync%2Fcasale%2F_UID_&s=183875&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 03 Jun 2021 15:36:41 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Thu, 03 Jun 2021 15:36:41 GMT

Redirect headers

pragma: no-cache
date: Thu, 03 Jun 2021 15:36:41 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEDh8gRJhexfN84tdkoImG9k&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sync
x.bidswitch.net/ Frame F75C 43 B
146 B 93ms
21ms Image
image/gif 52.58.45.227
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=index&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fpr-bh.ybp.yahoo.com%2Fsync%2Fcasale%2F_UID_&s=183875&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.45.227 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-45-227.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Jun 2021 15:36:41 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H/1.1 204
No Content sync
ups.analytics.yahoo.com/ups/55940/ Frame F75C 0
234 B 149ms
10ms Image
text/plain 18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YLj3CbwPdC9V1j-iZf5NTwAABJIAAAAB&gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fpr-bh.ybp.yahoo.com%2Fsync%2Fcasale%2F_UID_&s=183875&C=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.128 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 03 Jun 2021 15:36:41 GMT
Server: ATS/7.1.2.128
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame F75C
Redirect Chain

https://sync.extend.tv/r.gif?exchange=index
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=a19eec2e-3aea-498d-a862-7e7385ebf9f3

43 B
1 KB

32ms
24ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=a19eec2e-3aea-498d-a862-7e7385ebf9f3
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fpr-bh.ybp.yahoo.com%2Fsync%2Fcasale%2F_UID_&s=183875&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 03 Jun 2021 15:36:41 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 03 Jun 2021 15:36:41 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 03 Jun 2021 15:36:41 GMT
Access-Control-Allow-Origin: *
Content-Type: text/html; charset=utf-8
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=a19eec2e-3aea-498d-a862-7e7385ebf9f3
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 132
Expires: Tue, 29 May 1984 15:00:00 GMT

GET
H/1.1 400
Request failed due to privacy signals getuid
ib.adnxs.com/ Frame F75C 0
0 156ms
18ms Image
text/html 37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fpr-bh.ybp.yahoo.com%2Fsync%2Fcasale%2F_UID_&s=183875&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 YLj3CbwPdC9V1j-iZf5NTwAABJIAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame F75C 43 B
707 B 50ms
34ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/YLj3CbwPdC9V1j-iZf5NTwAABJIAAAAB

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fpr-bh.ybp.yahoo.com%2Fsync%2Fcasale%2F_UID_&s=183875&C=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Jun 2021 15:36:41 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK user_sync.html Show response
saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf_data/emea2_data/ Frame C87C 1 KB
1 KB 180ms
161ms Document
text/html 104.223.76.231
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL: http://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf_data/emea2_data/user_sync.html
Requested by: Host: saint-gobaine.com
URL: http://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf_data/emea2.html
Protocol: HTTP/1.1
Server: 104.223.76.231 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS: 104.223.76.231.static.greencloudvps.com
Software: Apache /
Resource Hash: be279aca9769cae3df652f14668be1c7ecb890d0d6fb63bd64abeb1faccd9276

Request headers

Host: saint-gobaine.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf_data/emea2.html
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf_data/emea2.html

Response headers

Date: Thu, 03 Jun 2021 15:36:41 GMT
Server: Apache
Last-Modified: Tue, 21 Nov 2017 13:20:20 GMT
Accept-Ranges: bytes
Content-Length: 1057
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html

GET
H/1.1 200
OK Cookie set usermatch Show response
ssum-sec.casalemedia.com/ Frame 35E0 1 KB
3 KB 42ms
22ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?s=183875&cb=https%3A%2F%2Fpr-bh.ybp.yahoo.com%2Fsync%2Fcasale%2F_UID_
Requested by: Host: saint-gobaine.com
URL: http://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf_data/emea2.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ee7d588c2017e5d780c3390cc078889ec99fcb5a3f671b3aa77e2dae1d0c159a

Request headers

Host: ssum-sec.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://saint-gobaine.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMID=YLj3CbwPdC9V1j.iZf5NTwAA; CMPS=3169; CMPRO=1170; CMST=YLj3CWC49wkA; CMRUM3=9860b8f70905a00&e660b8f7092760&be60b8f70905a0&ce60b8f70905a0&3360b8f70905a0&2760b8f7090b40&f160b8f70905a0&2d60b8f70905a0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://saint-gobaine.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 3|130|4|88|81|221|5|90
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1522
Expires: Thu, 03 Jun 2021 15:36:41 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 03 Jun 2021 15:36:41 GMT
Connection: keep-alive
Set-Cookie: CMID=YLj3CbwPdC9V1j.iZf5NTwAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 03 Jun 2022 15:36:41 GMT CMPS=3169;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 01 Sep 2021 15:36:41 GMT CMPRO=1170;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 01 Sep 2021 15:36:41 GMT CMRUM3=9860b8f70905a00&8260b8f709a8c0&be60b8f70905a0&5a60b8f70905a0&0560b8f70905a0&ce60b8f70905a0&5860b8f70905a0&2760b8f7090b40&f160b8f70905a0&0360b8f70905a0&e660b8f7092760&dd60b8f7092760&3360b8f70905a0&0460b8f70905a0&5160b8f70905a0&2d60b8f70905a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 03 Jun 2022 15:36:41 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 35E0
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=b0bb60b8-f709-4100-b8e3-c66f403b97dd&gdpr=1&gdpr_consent=

43 B
1 KB

119ms
30ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=b0bb60b8-f709-4100-b8e3-c66f403b97dd&gdpr=1&gdpr_consent=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=183875&cb=https%3A%2F%2Fpr-bh.ybp.yahoo.com%2Fsync%2Fcasale%2F_UID_
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 03 Jun 2021 15:36:41 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 03 Jun 2021 15:36:41 GMT

Redirect headers

Date: Thu, 03 Jun 2021 15:36:38 GMT
Server: MT3 3736 915c305 master zrh-pixel-x29
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=b0bb60b8-f709-4100-b8e3-c66f403b97dd&gdpr=1&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 03 Jun 2021 15:36:37 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 35E0
Redirect Chain

https://match.prod.bidr.io/cookie-sync/ie?gdpr=1
https://match.prod.bidr.io/cookie-sync/ie?gdpr=1&_bee_ppp=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADpSE7Bce4AADLNfxaHvA&expiration=1623944201&gdpr=1

43 B
1 KB

41ms
34ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADpSE7Bce4AADLNfxaHvA&expiration=1623944201&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=183875&cb=https%3A%2F%2Fpr-bh.ybp.yahoo.com%2Fsync%2Fcasale%2F_UID_
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 03 Jun 2021 15:36:41 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 03 Jun 2021 15:36:41 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADpSE7Bce4AADLNfxaHvA&expiration=1623944201&gdpr=1
Date: Thu, 03 Jun 2021 15:36:41 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 35E0
Redirect Chain

https://ad.turn.com/r/cs?pid=21&gdpr=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2600143335057571504

43 B
1 KB

92ms
15ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2600143335057571504
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=183875&cb=https%3A%2F%2Fpr-bh.ybp.yahoo.com%2Fsync%2Fcasale%2F_UID_
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 03 Jun 2021 15:36:41 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 03 Jun 2021 15:36:41 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2600143335057571504
pragma: no-cache
date: Thu, 03 Jun 2021 15:36:40 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 35E0
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YLj3CQABhHd7HQA4
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YLj3CQABhHd7HQA4&gdpr=1&_test=YLj3CQABhHd7HQA4

43 B
1 KB

48ms
19ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YLj3CQABhHd7HQA4&gdpr=1&_test=YLj3CQABhHd7HQA4
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=183875&cb=https%3A%2F%2Fpr-bh.ybp.yahoo.com%2Fsync%2Fcasale%2F_UID_
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 03 Jun 2021 15:36:41 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 03 Jun 2021 15:36:41 GMT

Redirect headers

pragma: no-cache
date: Thu, 03 Jun 2021 15:36:41 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1622734602.912243,VS0,VE0
x-served-by: cache-hhn4031-HHN
x-cache: HIT
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YLj3CQABhHd7HQA4&gdpr=1&_test=YLj3CQABhHd7HQA4
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 35E0
Redirect Chain

https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=N8Bu52fHPOYsyT3qZcIh5jGUbeksx2rmZ8W6qOF7

43 B
1 KB

99ms
31ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=N8Bu52fHPOYsyT3qZcIh5jGUbeksx2rmZ8W6qOF7
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=183875&cb=https%3A%2F%2Fpr-bh.ybp.yahoo.com%2Fsync%2Fcasale%2F_UID_
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 03 Jun 2021 15:36:41 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 03 Jun 2021 15:36:41 GMT

Redirect headers

pragma: no-cache
date: Thu, 03 Jun 2021 15:36:41 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=N8Bu52fHPOYsyT3qZcIh5jGUbeksx2rmZ8W6qOF7
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

tpid=YLj3CbwPdC9V1j.iZf5NTwAA%261170
bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/ Frame 35E0
Redirect Chain

https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YLj3CbwPdC9V1j.iZf5NTwAA%261170?gdpr_consent=&us_privacy=&gdpr=1
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YLj3CbwPdC9V1j.iZf5NTwAA%261170?gdpr_consent=&us_privacy=&gdpr=1

49 B
708 B

56ms
53ms

Image
image/gif

52.48.248.240
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YLj3CbwPdC9V1j.iZf5NTwAA%261170?gdpr_consent=&us_privacy=&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=183875&cb=https%3A%2F%2Fpr-bh.ybp.yahoo.com%2Fsync%2Fcasale%2F_UID_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.248.240 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-248-240.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Jun 2021 15:36:41 GMT
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.17.167
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 03 Jun 2021 15:36:41 GMT
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YLj3CbwPdC9V1j.iZf5NTwAA%261170?gdpr_consent=&us_privacy=&gdpr=1
cache-control: no-cache
x-server: 10.45.10.212
content-length: 0
expires: 0

GET
H2 200 ix
ad4m.at/ad/sim/ Frame 35E0 0
0 104ms
27ms Image
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad4m.at/ad/sim/ix?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=183875&cb=https%3A%2F%2Fpr-bh.ybp.yahoo.com%2Fsync%2Fcasale%2F_UID_
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 35E0
Redirect Chain

https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=607A5C8003734DBE9DD32004B662956D&gdpr=1

43 B
1 KB

102ms
19ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=607A5C8003734DBE9DD32004B662956D&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=183875&cb=https%3A%2F%2Fpr-bh.ybp.yahoo.com%2Fsync%2Fcasale%2F_UID_
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 03 Jun 2021 15:36:41 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 03 Jun 2021 15:36:41 GMT

Redirect headers

date: Thu, 03 Jun 2021 15:36:41 GMT
x-content-type-options: nosniff
server: nginx
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=607A5C8003734DBE9DD32004B662956D&gdpr=1
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Wed, 02 Jun 2021 15:36:41 GMT

GET
H2 200 YLj3CbwPdC9V1j-iZf5NTwAABJIAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 35E0 43 B
88 B 122ms
44ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/YLj3CbwPdC9V1j-iZf5NTwAABJIAAAAB

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=183875&cb=https%3A%2F%2Fpr-bh.ybp.yahoo.com%2Fsync%2Fcasale%2F_UID_

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Jun 2021 15:36:41 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame B975 38 KB
14 KB 74ms
8ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: saint-gobaine.com
URL: http://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf_data/emea2_data/user_sync.html
Protocol: HTTP/1.1
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://saint-gobaine.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://saint-gobaine.com/

Response headers

Last-Modified: Tue, 11 May 2021 05:24:02 GMT
ETag: "13006b6-96ca-5c2071a26cca4"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13964
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=150063
Expires: Sat, 05 Jun 2021 09:17:44 GMT
Date: Thu, 03 Jun 2021 15:36:41 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK showad.html Show response
saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf_data/emea2_data/user_sync_data/ Frame C1A2 29 KB
29 KB 181ms
161ms Document
text/html 104.223.76.231
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL: http://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf_data/emea2_data/user_sync_data/showad.html
Requested by: Host: saint-gobaine.com
URL: http://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf_data/emea2_data/user_sync.html
Protocol: HTTP/1.1
Server: 104.223.76.231 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS: 104.223.76.231.static.greencloudvps.com
Software: Apache /
Resource Hash: f23c693f53fd49446f9fc3b6c7d3311df34a39d20d5e27be28cd38b0e9e8ffec

Request headers

Host: saint-gobaine.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf_data/emea2_data/user_sync.html
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf_data/emea2_data/user_sync.html

Response headers

Date: Thu, 03 Jun 2021 15:36:41 GMT
Server: Apache
Last-Modified: Tue, 21 Nov 2017 13:20:20 GMT
Accept-Ranges: bytes
Content-Length: 29846
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/html

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Yahoo (Online)

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://s.yimg.com/rq/darla/3-0-8/js/g-r-min.js(Line 3) Message: DARLA notice: 425
console-api	log	URL: https://s.yimg.com/rq/darla/3-0-8/js/g-r-min.js(Line 3) Message: DARLA notice: 426
console-api	log	URL: http://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-csc.html(Line 21) Message: darla csc writer, invalid host (1)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.turn.com
ad4m.at
ads.pubmatic.com
ads.yahoo.com
bcp.crwdcntrl.net
beap-bc.yahoo.com
cm.g.doubleclick.net
dsum-sec.casalemedia.com
googleads.g.doubleclick.net
ib.adnxs.com
match.adsrvr.org
match.prod.bidr.io
opus.analytics.yahoo.com
pagead2.googlesyndication.com
pixel.quantserve.com
pr-bh.ybp.yahoo.com
s.amazon-adsystem.com
s.yimg.com
saint-gobaine.com
ssum-sec.casalemedia.com
sync-tm.everesttech.net
sync.extend.tv
sync.mathtag.com
tag.sp.advertising.com
um.simpli.fi
ups.analytics.yahoo.com
x.bidswitch.net
104.223.76.231
142.250.186.162
151.101.114.49
152.195.39.165
152.199.23.180
159.253.128.183
18.156.0.31
185.29.133.52
2.18.233.180
2.18.234.21
2001:678:cb4:bbbb::11
216.58.212.162
2606:4700:20::681a:ad1
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2a00:1288:110:c305::8000
2a00:1288:80:800::7001
2a00:1450:4001:813::2002
2a00:1450:4001:82b::2002
37.252.172.38
52.48.248.240
52.49.238.187
52.58.45.227
54.236.185.42
54.239.17.112
76.223.111.131
07e8cc505468105a52598bfb0c1043caa705e2c033c34980014539526de835d0
0a951ba51cfe149349db028d537e9fc34e65d61cf495b3511f94e99ac413e11c
0f1c4a4c907abbbd518701d77f5a1cd96e37b4e0fcd2a0812e8c17a2bbe5d432
19b644434cfa9f5d12e1e90a3c2d062aacf27da9ecbe8393df77383ab3c00208
1a540d6790659adf104de6f73b3be7526e1729da358976fa63f366e2ca01c58d
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74
1dad6cb9a0903898a8f82f89c0d10ee6e94f8459228530fa5df3078100c9f650
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
303bbc0d2be952f516322124d7c57675f80b4cfc62d476a5819ca54f95124a5c
3c1e83528705586ca2a9155985f397701e7e9b3c40a5cf1d9ca9c2bc3c63066c
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
682fc76515bc4d8bde6358c50349eaabb46e6f087051920e744a013161ee22cf
6ad70862de73f243b711a1d8523fac32aeff4df4871955dd01b794f2d4d0a7a0
6b8468baa304258a3b64085584a83f5b997f809058e32ed8d10c75a302ce324d
70b5b87e20f82a24c389deb2386d27d9c8fe759b644ed18a8a33b9f52f83e7e2
7e7fa886d5d75c745d95be4fc3c5bfb4c988019b3f643c669734612345e1b8c8
840784f797836249222bc410136c048467690e5a5be3998323365e3fc1669e27
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f1c97d2baed012a6a46f8f747b8a1c564f6c37e75117488210c37f803c9412a
98461db09c78dc1982ea4091ef106292f3075687ae18e4e4a77579907fca5353
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b33712d34b1a85418a07eae62daaedd91284a3d7840125efb01f592fb1d687c3
be279aca9769cae3df652f14668be1c7ecb890d0d6fb63bd64abeb1faccd9276
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
cd8159680ecc8a407bc9e957d7b2dd88f74909baa4bfcad1d7f6d7230e1745f9
d01dbcadec79258da0830d4f94ed24ad5aa179c7018b4d5166b2dfdf21cb3f10
dc92bbc105671d1c180bf9895d59da34112ae258a7792642d06841d827fdb9d5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee7d588c2017e5d780c3390cc078889ec99fcb5a3f671b3aa77e2dae1d0c159a
efa70d6e32423159b2c5d940441d59c9db589b2174c0a1681134f2bb5bfc778e
f23c693f53fd49446f9fc3b6c7d3311df34a39d20d5e27be28cd38b0e9e8ffec
fcbaeadfffc791269a437216ee74bc95aabf4a2ee0a61b152e302a973e78fe63

saint-gobaine.com Open in urlscan Pro 104.223.76.231 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

48 Requests

65 %HTTPS

28 %IPv6

21 Domains

27 Subdomains

17 IPs

5 Countries

459 kBTransfer

684 kBSize

0 Cookies

6 Outgoing links

Redirected requests

48 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

saint-gobaine.com Open in urlscan Pro
104.223.76.231 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

48
Requests

65 %
HTTPS

28 %
IPv6

21
Domains

27
Subdomains

17
IPs

5
Countries

459 kB
Transfer

684 kB
Size

0
Cookies

48 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!