saint-gobaine.com Open in urlscan Pro
104.223.76.231 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/index.php
Submission: On June 02 via automatic, source openphish (June 2nd 2021, 1:31:43 pm UTC)

Summary HTTP 49 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 19 IPs in 4 countries across 20 domains to perform 49 HTTP transactions. The main IP is 104.223.76.231, located in Los Angeles, United States and belongs to ASN-QUADRANET-GLOBAL, US. The main domain is saint-gobaine.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on May 25th 2021. Valid for: 3 months.

This is the only time saint-gobaine.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Yahoo (Online)

Domain & IP information

	IP Address	AS Autonomous System
15	104.223.76.231 104.223.76.231	8100 (ASN-QUADR...) (ASN-QUADRANET-GLOBAL)
6	2a00:1288:80:... 2a00:1288:80:800::7001	203220 (YAHOO-DEB) (YAHOO-DEB)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2 11	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	152.195.39.165 152.195.39.165	15133 (EDGECAST) (EDGECAST)
3	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
1	152.199.23.180 152.199.23.180	15133 (EDGECAST) (EDGECAST)
1	13.248.242.197 13.248.242.197	16509 (AMAZON-02) (AMAZON-02)
3 3	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
1 2	52.94.232.32 52.94.232.32	16509 (AMAZON-02) (AMAZON-02)
1	54.210.14.23 54.210.14.23	14618 (AMAZON-AES) (AMAZON-AES)
1	192.132.33.46 192.132.33.46	18568 (BIDTELLECT) (BIDTELLECT)
1 1	52.2.89.95 52.2.89.95	14618 (AMAZON-AES) (AMAZON-AES)
2	52.49.183.138 52.49.183.138	16509 (AMAZON-02) (AMAZON-02)
2 2	151.101.14.49 151.101.14.49	54113 (FASTLY) (FASTLY)
1	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
1 1	185.29.133.58 185.29.133.58	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (TURN) (TURN)
1	54.171.219.200 54.171.219.200	16509 (AMAZON-02) (AMAZON-02)
1 1	2a02:fa8:8806... 2a02:fa8:8806:13::1370	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2 3	104.111.242.53 104.111.242.53	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
1	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
49	19

15 104.223.76.231 (Los Angeles, United States)

ASN8100 (ASN-QUADRANET-GLOBAL, US)
PTR: 104.223.76.231.static.greencloudvps.com

saint-gobaine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1288:80:800::7001 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
beap-bc.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2.18.234.21 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 152.195.39.165 (United States)

ASN15133 (EDGECAST, US)

tag.sp.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.199.23.180 (United States)

ASN15133 (EDGECAST, US)

opus.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.242.197 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.16.130 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.94.232.32 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.210.14.23 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-210-14-23.compute-1.amazonaws.com

rtb.adentifi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com

bttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.2.89.95 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-2-89-95.compute-1.amazonaws.com

nep.advangelists.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.49.183.138 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-183-138.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.14.49 (Frankfurt am Main, Germany) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.133.58 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (TURN, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.171.219.200 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-219-200.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:13::1370 (United States) 1 redirects

ASN41041 (VCLK-EU-SE, US)

casale-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.111.242.53 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-53.deploy.static.akamaitechnologies.com

px.owneriq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	saint-gobaine.com saint-gobaine.com	276 KB
11	casalemedia.com 2 redirects ssum-sec.casalemedia.com dsum-sec.casalemedia.com dsum.casalemedia.com	13 KB
7	yahoo.com ads.yahoo.com beap-bc.yahoo.com pr-bh.ybp.yahoo.com opus.analytics.yahoo.com ups.analytics.yahoo.com	5 KB
4	doubleclick.net 3 redirects googleads.g.doubleclick.net cm.g.doubleclick.net	5 KB
4	yimg.com s.yimg.com	93 KB
3	owneriq.net 2 redirects px.owneriq.net	1 KB
2	pubmatic.com ads.pubmatic.com image6.pubmatic.com	14 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net	645 B
2	bidr.io match.prod.bidr.io	860 B
2	amazon-adsystem.com 1 redirects s.amazon-adsystem.com	961 B
2	advertising.com tag.sp.advertising.com	1 KB
1	dotomi.com 1 redirects casale-match.dotomi.com	187 B
1	demdex.net dpm.demdex.net
1	turn.com 1 redirects ad.turn.com	425 B
1	mathtag.com 1 redirects sync.mathtag.com	637 B
1	advangelists.com 1 redirects nep.advangelists.com	232 B
1	bttrack.com bttrack.com	380 B
1	adentifi.com rtb.adentifi.com	88 B
1	adsrvr.org match.adsrvr.org	265 B
1	googlesyndication.com pagead2.googlesyndication.com	47 KB
49	20

	Domain	Requested by
15	saint-gobaine.com	saint-gobaine.com
6	dsum-sec.casalemedia.com	1 redirects ssum-sec.casalemedia.com
4	ssum-sec.casalemedia.com	1 redirects s.yimg.com ssum-sec.casalemedia.com saint-gobaine.com
4	s.yimg.com	saint-gobaine.com s.yimg.com
3	px.owneriq.net	2 redirects ssum-sec.casalemedia.com
3	cm.g.doubleclick.net	3 redirects
3	pr-bh.ybp.yahoo.com	saint-gobaine.com ssum-sec.casalemedia.com
2	sync-tm.everesttech.net	2 redirects
2	match.prod.bidr.io	ssum-sec.casalemedia.com
2	s.amazon-adsystem.com	1 redirects ssum-sec.casalemedia.com
2	tag.sp.advertising.com	s.yimg.com tag.sp.advertising.com
1	image6.pubmatic.com	ads.pubmatic.com
1	ads.pubmatic.com	saint-gobaine.com
1	dsum.casalemedia.com	ssum-sec.casalemedia.com
1	casale-match.dotomi.com	1 redirects
1	dpm.demdex.net	ssum-sec.casalemedia.com
1	ad.turn.com	1 redirects
1	sync.mathtag.com	1 redirects
1	ups.analytics.yahoo.com	ssum-sec.casalemedia.com
1	nep.advangelists.com	1 redirects
1	bttrack.com	ssum-sec.casalemedia.com
1	rtb.adentifi.com	ssum-sec.casalemedia.com
1	match.adsrvr.org	ssum-sec.casalemedia.com
1	opus.analytics.yahoo.com	tag.sp.advertising.com
1	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	beap-bc.yahoo.com	saint-gobaine.com
1	ads.yahoo.com	saint-gobaine.com
1	pagead2.googlesyndication.com	saint-gobaine.com
49	28

This site contains links to these domains. Also see Links.

Domain
www.yahoo.com
help.yahoo.com
login.yahoo.com
info.yahoo.com

Subject Issuer	Validity	Valid
saint-gobaine.com cPanel, Inc. Certification Authority	`2021-05-25` - `2021-08-23`	3 months	crt.sh
*.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-05-03` - `2021-06-23`	2 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
tag.sp.advertising.com DigiCert SHA2 Secure Server CA	`2020-04-02` - `2022-05-12`	2 years	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-03-29` - `2021-09-22`	6 months	crt.sh
opus.analytics.yahoo.com DigiCert TLS RSA SHA256 2020 CA1	`2021-05-28` - `2022-06-02`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
s.amazon-adsystem.com Amazon	`2020-08-28` - `2021-08-20`	a year	crt.sh
adentifi.com Amazon	`2020-10-02` - `2021-11-02`	a year	crt.sh
*.bttrack.com Sectigo RSA Domain Validation Secure Server CA	`2021-03-29` - `2022-03-29`	a year	crt.sh
*.match.prod.bidr.io Amazon	`2021-02-26` - `2022-03-27`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-03-22` - `2021-09-15`	6 months	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2020-12-02` - `2022-01-02`	a year	crt.sh
*.owneriq.net GeoTrust RSA CA 2018	`2021-01-29` - `2022-02-02`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2021-03-30` - `2022-04-04`	a year	crt.sh

This page contains 14 frames:

Primary Page: https://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/index.php
Frame ID: BFBC99CFD1E1916072EA1E68816074EE
Requests: 6 HTTP requests in this frame

Frame: https://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf.html
Frame ID: C1FC01C91114D813EF8A11C908FE11DF
Requests: 10 HTTP requests in this frame

Frame: https://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-csc.html
Frame ID: 67B2F77386536633006025C242AC1336
Requests: 2 HTTP requests in this frame

Frame: https://s.yimg.com/dh/ap/ssp_cookie_sync/emea2.html
Frame ID: BB6D0185E83E967C2484C8027CFAD531
Requests: 1 HTTP requests in this frame

Frame: https://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf_data/emea2.html
Frame ID: 68701867A991A6FA4B93BDEA4208EB3A
Requests: 1 HTTP requests in this frame

Frame: https://s.yimg.com/rq/sbox/bv.js
Frame ID: 00B18C17B62F41B603E82A3323EB9FD1
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fpr-bh.ybp.yahoo.com%2Fsync%2Fcasale%2F_UID_&s=183875&C=1
Frame ID: 7E08920BAB42FBE8EB6BBC740AAC4D6A
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210525/r20190131/zrt_lookup.html
Frame ID: C195DD9977829C610E31B3ABD3963BD9
Requests: 1 HTTP requests in this frame

Frame: https://tag.sp.advertising.com/bid-apid/bid-apid-idsync.html
Frame ID: B31A66FA7E9EE049C7EB8A25F293B13F
Requests: 2 HTTP requests in this frame

Frame: https://opus.analytics.yahoo.com/opus/tag/opus-frame.html?id=4
Frame ID: 31BBBC79178387D23E130B9467FB5516
Requests: 1 HTTP requests in this frame

Frame: https://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf_data/emea2_data/user_sync.html
Frame ID: BDADDE716182D3962F67D6107DF918D3
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=183875&cb=https%3A%2F%2Fpr-bh.ybp.yahoo.com%2Fsync%2Fcasale%2F_UID_
Frame ID: 75366A4C6ACB48803EFE1DBFC2F2AEA7
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 690D3EF521A667D8D249B64A5DAD82F8
Requests: 2 HTTP requests in this frame

Frame: https://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf_data/emea2_data/user_sync_data/showad.html
Frame ID: 4B9A9E5CFC60117F1955ED9E930A4A99
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

49
Requests

100 %
HTTPS

25 %
IPv6

20
Domains

28
Subdomains

19
IPs

4
Countries

456 kB
Transfer

684 kB
Size

8
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www.yahoo.com/
Title:

Search URL Search Domain Scan URL

URL: https://help.yahoo.com/kb/index?locale=en_US&page=product&y=PROD_ACCT
Title: Help

Search URL Search Domain Scan URL

URL: https://login.yahoo.com/forgot?done=https%3A%2F%2Fmail.yahoo.com%2F
Title: Trouble signing in?

Search URL Search Domain Scan URL

URL: https://login.yahoo.com/account/create?src=ym&intl=us&done=https%3A%2F%2Fmail.yahoo.com%2F&specId=yidReg
Title: Sign up

Search URL Search Domain Scan URL

URL: https://info.yahoo.com/legal/us/yahoo/terms/en-US
Title: Terms

Search URL Search Domain Scan URL

URL: https://info.yahoo.com/privacy/us/yahoo
Title: Privacy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20

https://ssum-sec.casalemedia.com/usermatch?s=183875&cb=https%3A%2F%2Fpr-bh.ybp.yahoo.com%2Fsync%2Fcasale%2F_UID_ HTTP 302
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fpr-bh.ybp.yahoo.com%2Fsync%2Fcasale%2F_UID_&s=183875&C=1

Request Chain 27

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YLeILl3xVUcPZv4Z5LB.TAAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECvV5laXg4r1Zp0kuRq1Tmk&google_cver=1&gdpr=1&google_hm=2

Request Chain 28

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YLeILl3xVUcPZv4Z5LB-TAAABLEAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YLeILl3xVUcPZv4Z5LB-TAAABLEAAAAB&dcc=t

Request Chain 29

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YLeILl3xVUcPZv4Z5LB-TAAABLEAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YLeILl3xVUcPZv4Z5LB-TAAABLEAAAAB&gdpr_consent=&us_privacy=&gdpr=1&google_tc= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEP72XUy2S_DfARSpOCv7kio&google_cver=1

Request Chain 32

https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-ac254c05-ea70-45d6-9b71-8723f05c6b27

Request Chain 37

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1 HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YLeILgABbqDU6wAC HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YLeILgABbqDU6wAC&gdpr=1&_test=YLeILgABbqDU6wAC

Request Chain 39

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=f5dc60b7-882e-4000-8359-a530976a51ea&gdpr=1&gdpr_consent=

Request Chain 40

https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7114823332010336211

Request Chain 43

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1622727086&gdpr=1

Request Chain 44

https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6759270861396169696&uid=Q6759270861396169696&ref=%2Feucm%2Fp%2Fcc HTTP 302
https://px.owneriq.net/noop?ct=image%2Fgif

49 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request index.php Show response
saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/ 72 KB
72 KB 488ms
182ms Document
text/html 104.223.76.231
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL: https://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/index.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.223.76.231 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS: 104.223.76.231.static.greencloudvps.com
Software: Apache /
Resource Hash: cd8159680ecc8a407bc9e957d7b2dd88f74909baa4bfcad1d7f6d7230e1745f9

Request headers

Host: saint-gobaine.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 13:31:25 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK yahoo_en-US_f_p_bestfit_2x.png
saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/ 3 KB
3 KB 153ms
151ms Image
image/png 104.223.76.231
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/yahoo_en-US_f_p_bestfit_2x.png
Requested by: Host: saint-gobaine.com
URL: https://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/index.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.223.76.231 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS: 104.223.76.231.static.greencloudvps.com
Software: Apache /
Resource Hash: 19b644434cfa9f5d12e1e90a3c2d062aacf27da9ecbe8393df77383ab3c00208

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: saint-gobaine.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/index.php
Connection: keep-alive
Referer: https://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 13:31:25 GMT
Last-Modified: Tue, 21 Nov 2017 13:20:20 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 3066

GET
H/1.1 200
OK client.php Show response
saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/ 22 KB
23 KB 468ms
186ms Script
text/html 104.223.76.231
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL: https://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/client.php
Requested by: Host: saint-gobaine.com
URL: https://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/index.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.223.76.231 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS: 104.223.76.231.static.greencloudvps.com
Software: Apache /
Resource Hash: 6ad70862de73f243b711a1d8523fac32aeff4df4871955dd01b794f2d4d0a7a0

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: saint-gobaine.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/index.php
Connection: keep-alive
Referer: https://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 13:31:25 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK r-sf.html Show response
saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/ Frame C1FC 5 KB
5 KB 282ms
151ms Document
text/html 104.223.76.231
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL: https://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf.html
Requested by: Host: saint-gobaine.com
URL: https://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/index.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.223.76.231 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS: 104.223.76.231.static.greencloudvps.com
Software: Apache /
Resource Hash: 70b5b87e20f82a24c389deb2386d27d9c8fe759b644ed18a8a33b9f52f83e7e2

Request headers

Host: saint-gobaine.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/index.php
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/index.php

Response headers

Date: Wed, 02 Jun 2021 13:31:25 GMT
Server: Apache
Last-Modified: Tue, 21 Nov 2017 13:20:20 GMT
Accept-Ranges: bytes
Content-Length: 4947
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html

GET
DATA 200
OK truncated
/ 650 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1a540d6790659adf104de6f73b3be7526e1729da358976fa63f366e2ca01c58d

Request headers

Referer: https://saint-gobaine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK integrator.js Show response
saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf_data/ Frame C1FC 121 B
375 B 153ms
152ms Script
application/javascript 104.223.76.231
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL: https://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf_data/integrator.js
Requested by: Host: saint-gobaine.com
URL: https://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.223.76.231 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS: 104.223.76.231.static.greencloudvps.com
Software: Apache /
Resource Hash: 6b8468baa304258a3b64085584a83f5b997f809058e32ed8d10c75a302ce324d

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: saint-gobaine.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf.html
Connection: keep-alive
Referer: https://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 13:31:25 GMT
Last-Modified: Tue, 21 Nov 2017 13:20:20 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 121

GET
H/1.1 200
OK ca-pub-7382640443023261.js Show response
saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf_data/ Frame C1FC 133 B
388 B 167ms
159ms Script
application/javascript 104.223.76.231
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL: https://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf_data/ca-pub-7382640443023261.js
Requested by: Host: saint-gobaine.com
URL: https://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.223.76.231 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS: 104.223.76.231.static.greencloudvps.com
Software: Apache /
Resource Hash: 7e7fa886d5d75c745d95be4fc3c5bfb4c988019b3f643c669734612345e1b8c8

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: saint-gobaine.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf.html
Connection: keep-alive
Referer: https://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 13:31:25 GMT
Last-Modified: Tue, 21 Nov 2017 13:20:20 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 133

GET
H/1.1 200
OK sfext-min.js Show response
saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf_data/ Frame C1FC 65 KB
66 KB 166ms
152ms Script
application/javascript 104.223.76.231
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL: https://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf_data/sfext-min.js
Requested by: Host: saint-gobaine.com
URL: https://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.223.76.231 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS: 104.223.76.231.static.greencloudvps.com
Software: Apache /
Resource Hash: 07e8cc505468105a52598bfb0c1043caa705e2c033c34980014539526de835d0

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: saint-gobaine.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf.html
Connection: keep-alive
Referer: https://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 13:31:25 GMT
Last-Modified: Tue, 21 Nov 2017 13:20:20 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 66997

GET
H/1.1 200
OK banner Show response
saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf_data/ Frame C1FC 2 KB
2 KB 304ms
151ms Script
text/plain 104.223.76.231
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL: https://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf_data/banner
Requested by: Host: saint-gobaine.com
URL: https://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.223.76.231 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS: 104.223.76.231.static.greencloudvps.com
Software: Apache /
Resource Hash: dc92bbc105671d1c180bf9895d59da34112ae258a7792642d06841d827fdb9d5

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: saint-gobaine.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf.html
Connection: keep-alive
Referer: https://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 13:31:26 GMT
Last-Modified: Tue, 21 Nov 2017 13:20:20 GMT
Server: Apache
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 2017

GET
H/1.1 200
OK adsbygoogle.js Show response
saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf_data/ Frame C1FC 65 KB
66 KB 279ms
149ms Script
application/javascript 104.223.76.231
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL: https://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf_data/adsbygoogle.js
Requested by: Host: saint-gobaine.com
URL: https://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.223.76.231 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS: 104.223.76.231.static.greencloudvps.com
Software: Apache /
Resource Hash: 0f1c4a4c907abbbd518701d77f5a1cd96e37b4e0fcd2a0812e8c17a2bbe5d432

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: saint-gobaine.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf.html
Connection: keep-alive
Referer: https://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 13:31:26 GMT
Last-Modified: Tue, 21 Nov 2017 13:20:20 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 66883

GET
H/1.1 404
Not Found get-user-id
saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf_data/ Frame C1FC 0
0 316ms
150ms Script
text/html 104.223.76.231
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL: https://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf_data/get-user-id
Requested by: Host: saint-gobaine.com
URL: https://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.223.76.231 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS: 104.223.76.231.static.greencloudvps.com
Software: Apache /
Resource Hash

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: saint-gobaine.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf.html
Connection: keep-alive
Referer: https://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 13:31:26 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 boot.js Show response
s.yimg.com/rq/darla/ 7 KB
4 KB 21ms
7ms Script
application/javascript 2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/rq/darla/boot.js

Requested by

Host: saint-gobaine.com
URL: https://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/client.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

fcbaeadfffc791269a437216ee74bc95aabf4a2ee0a61b152e302a973e78fe63

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://saint-gobaine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 10:39:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10345
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
content-length: 3608
x-amz-id-2: 7za9kgTDZjYLsUsM2fohr+lcyHiAwkIaBbPIlV2PVbqcKJY0ND0btDG8sIiSiNVfNS0Kn1g+6E4=
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 08 Apr 2021 18:32:56 GMT
server: ATS
etag: "06346d00bce3015d21a196043c398a1b-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: 5YV8JTW21F6WB8G5
x-xss-protection: 1; mode=block
cache-control: public,max-age=86400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8

GET
H/1.1 200
OK r-csc.html Show response
saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/ Frame 67B2 7 KB
7 KB 151ms
151ms Document
text/html 104.223.76.231
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL: https://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-csc.html
Requested by: Host: saint-gobaine.com
URL: https://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/index.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.223.76.231 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS: 104.223.76.231.static.greencloudvps.com
Software: Apache /
Resource Hash: 98461db09c78dc1982ea4091ef106292f3075687ae18e4e4a77579907fca5353

Request headers

Host: saint-gobaine.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/index.php
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/index.php

Response headers

Date: Wed, 02 Jun 2021 13:31:26 GMT
Server: Apache
Last-Modified: Tue, 21 Nov 2017 13:20:20 GMT
Accept-Ranges: bytes
Content-Length: 7298
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html

GET
H2 200 g-r-min.js Show response
s.yimg.com/rq/darla/3-0-8/js/ 207 KB
87 KB 8ms
7ms Script
application/javascript 2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/rq/darla/3-0-8/js/g-r-min.js

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/rq/darla/boot.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

0a951ba51cfe149349db028d537e9fc34e65d61cf495b3511f94e99ac413e11c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://saint-gobaine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 12:05:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5129
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
x-amz-request-id: 1BS1CH4290V02B8Z
x-amz-id-2: C8Av9JyV0AswM1m/8xcuO7riMNOg9eViIajZP71xPLffZ8RplB4cw1tnOIqZ06+5lPfXBnV89Fw=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 12 Jun 2018 23:28:00 GMT
server: ATS
etag: "7ac1e624b19f862b59fa388484ff5dcd-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
content-type: application/javascript; charset=utf-8
x-xss-protection: 1; mode=block
cache-control: public,max-age=86400
accept-ranges: bytes

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame C1FC 134 KB
47 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: saint-gobaine.com
URL: https://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf_data/banner

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

519e7eb4cb5c041d430896b12022586b5e6f113d91a459511e5fdd046d107c02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://saint-gobaine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 13:31:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48406
x-xss-protection: 0
server: cafe
etag: 4803332960857302342
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 02 Jun 2021 13:31:26 GMT

GET
H2 200 emea2.html Show response
s.yimg.com/dh/ap/ssp_cookie_sync/ Frame BB6D 855 B
1 KB 8ms
8ms Document
text/html 2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/dh/ap/ssp_cookie_sync/emea2.html

Requested by

Host: saint-gobaine.com
URL: https://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf_data/banner

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

3c1e83528705586ca2a9155985f397701e7e9b3c40a5cf1d9ca9c2bc3c63066c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: s.yimg.com
:scheme: https
:path: /dh/ap/ssp_cookie_sync/emea2.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://saint-gobaine.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://saint-gobaine.com/

Response headers

x-amz-id-2: Nx503Pgr171Wgq3x6/XHYJ+wOjGs/9SbLNyFhOnpjxsLbOZXEoji93sI801TjoIuaBmOd9kLboU=
x-amz-request-id: R2PGJQ8W8TC41919
date: Wed, 02 Jun 2021 04:24:50 GMT
last-modified: Tue, 19 Jun 2018 23:23:41 GMT
x-amz-server-side-encryption: AES256
cache-control: max-age=86400,public
x-amz-meta-created-date: Mon, 12 Dec 2016 10:35:30 GMT
x-amz-meta-mbst-etag: "YM:1:8d2163ad-a236-4df1-90ea-3dcaa01bed6100054373a9aa589e"
x-amz-meta-x-ysws-mbst-vtime: 1481538930366622
x-amz-meta-x-ysws-access: public
accept-ranges: bytes
content-type: text/html; charset=utf-8
content-length: 855
server: ATS
referrer-policy: no-referrer-when-downgrade
etag: "d0c647cd5cfa6f032239e62784ae46ac"
expires: Sat, 05 Sep 2026 00:00:00 GMT
age: 32797
access-control-allow-origin: *
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: Origin

GET
H2 204 get-user-id Show response
ads.yahoo.com/ Frame C1FC 0
296 B 7ms
6ms Script
text/plain 2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.yahoo.com/get-user-id?ver=2&n=29657&ts=1511273230&sig=b8895147006609bf

Requested by

Host: saint-gobaine.com
URL: https://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf_data/banner

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://saint-gobaine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 13:31:26 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

GET
H/1.1 404
Not Found get-user-id
saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf_data/ Frame C1FC 0
0 152ms
151ms Script
text/html 104.223.76.231
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL: https://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf_data/get-user-id
Requested by: Host: saint-gobaine.com
URL: https://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.223.76.231 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS: 104.223.76.231.static.greencloudvps.com
Software: Apache /
Resource Hash

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: saint-gobaine.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf.html
Connection: keep-alive
Referer: https://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 13:31:26 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK emea2.html Show response
saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf_data/ Frame 6870 1 KB
1 KB 152ms
152ms Document
text/html 104.223.76.231
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL: https://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf_data/emea2.html
Requested by: Host: saint-gobaine.com
URL: https://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.223.76.231 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS: 104.223.76.231.static.greencloudvps.com
Software: Apache /
Resource Hash: 840784f797836249222bc410136c048467690e5a5be3998323365e3fc1669e27

Request headers

Host: saint-gobaine.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf.html
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf.html

Response headers

Date: Wed, 02 Jun 2021 13:31:26 GMT
Server: Apache
Last-Modified: Tue, 21 Nov 2017 13:20:20 GMT
Accept-Ranges: bytes
Content-Length: 1035
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html

GET
H2 200 bv.js Show response
s.yimg.com/rq/sbox/ Frame 00B1 357 B
595 B 7ms
7ms Script
application/javascript 2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/rq/sbox/bv.js

Requested by

Host: saint-gobaine.com
URL: https://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-csc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

303bbc0d2be952f516322124d7c57675f80b4cfc62d476a5819ca54f95124a5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://saint-gobaine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Wed, 02 Jun 2021 13:09:52 GMT
x-content-type-options: nosniff
age: 1295
x-amz-server-side-encryption: AES256
vary: Origin
content-length: 357
x-amz-id-2: nxkugm05geckZNS6dTbJF5v8Ptqt//xDTSWGeftp52W5DR3PJmT3tCWAjlK6r8WBoRXrghxdLy8=
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 20 Jul 2018 21:04:26 GMT
server: ATS
etag: "87ea17b7d8be94b4b9cb35670f009dd6"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: S75YYBCG04NWYFAE
x-xss-protection: 1; mode=block
cache-control: public,max-age=1800
accept-ranges: bytes
content-type: application/javascript; charset=utf-8

GET
H2 500 yi
beap-bc.yahoo.com/ Frame 67B2 0
0 47ms
44ms Image
text/html 2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beap-bc.yahoo.com/yi?bv=1.0.0&bs=(135u5u5ec(gid$uCOgfTEwLjIrmfkSWSqmPwDSNDEuMQAAAAC4EI8c,st$1511273230556724,si$4465551,sp$150002527,pv$1,v$2.0))&t=J_3-D_3&al=(as$13aps5spr,aid$1W6nuwrIEhk-,bi$2317125051,agp$3539141551,cr$4532415551,ct$25,at$H,eob$gd1_match_id=-1:ypos=RICH)&s=0&r=0.6262939672675327
Requested by: Host: saint-gobaine.com
URL: https://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-csc.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://saint-gobaine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1

200
OK

Cookie set usermatch Show response
ssum-sec.casalemedia.com/ Frame 7E08
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=183875&cb=https%3A%2F%2Fpr-bh.ybp.yahoo.com%2Fsync%2Fcasale%2F_UID_
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fpr-bh.ybp.yahoo.com%2Fsync%2Fcasale%2F_UID_&s=183875&C=1

2 KB
3 KB

33ms
33ms

Document
text/html

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fpr-bh.ybp.yahoo.com%2Fsync%2Fcasale%2F_UID_&s=183875&C=1
Requested by: Host: s.yimg.com
URL: https://s.yimg.com/dh/ap/ssp_cookie_sync/emea2.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 518c780ac9fda203d1fcffddb3f558c2e11bd43f5b98834857b42c79f80445a2

Request headers

Host: ssum-sec.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://s.yimg.com/dh/ap/ssp_cookie_sync/emea2.html
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMID=YLeILl3xVUcPZv4Z5LB.TAAA; CMPS=5182
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://s.yimg.com/dh/ap/ssp_cookie_sync/emea2.html

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 39|45|241|230|188|156|195|130
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1759
Expires: Wed, 02 Jun 2021 13:31:26 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 02 Jun 2021 13:31:26 GMT
Connection: keep-alive
Set-Cookie: CMID=YLeILl3xVUcPZv4Z5LB.TAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 02 Jun 2022 13:31:26 GMT CMPS=5182;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 31 Aug 2021 13:31:26 GMT CMPRO=1201;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 31 Aug 2021 13:31:26 GMT CMST=YLeILmC3iC4A;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 03 Jun 2021 13:31:26 GMT CMRUM3=9c60b7882e05a00&2d60b7882e05a0&e660b7882e2760&c360b7882e05a00&2760b7882e0b40&f160b7882e05a0&8260b7882ea8c0&bc60b7882e05a00;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 02 Jun 2022 13:31:26 GMT

Redirect headers

Server: Apache
Content-Length: 308
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fpr-bh.ybp.yahoo.com%2Fsync%2Fcasale%2F_UID_&s=183875&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Wed, 02 Jun 2021 13:31:26 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 02 Jun 2021 13:31:26 GMT
Connection: keep-alive
Set-Cookie: CMID=YLeILl3xVUcPZv4Z5LB.TAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 02 Jun 2022 13:31:26 GMT CMPS=5182;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 31 Aug 2021 13:31:26 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210525/r20190131/ Frame C195 10 KB
4 KB 6ms
5ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210525/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1dad6cb9a0903898a8f82f89c0d10ee6e94f8459228530fa5df3078100c9f650

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210525/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://saint-gobaine.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://saint-gobaine.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 02 Jun 2021 01:21:09 GMT
expires: Wed, 16 Jun 2021 01:21:09 GMT
content-type: text/html; charset=UTF-8
etag: 15349191498103243965
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4506
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 43817
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 bid-apid-idsync.html Show response
tag.sp.advertising.com/bid-apid/ Frame B31A 136 B
418 B 36ms
7ms Document
text/html 152.195.39.165
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.sp.advertising.com/bid-apid/bid-apid-idsync.html
Requested by: Host: s.yimg.com
URL: https://s.yimg.com/rq/sbox/bv.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.39.165 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6795) /
Resource Hash: 682fc76515bc4d8bde6358c50349eaabb46e6f087051920e744a013161ee22cf

Request headers

:method: GET
:authority: tag.sp.advertising.com
:scheme: https
:path: /bid-apid/bid-apid-idsync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://saint-gobaine.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://saint-gobaine.com/

Response headers

content-encoding: gzip
age: 140
content-type: text/html
date: Wed, 02 Jun 2021 13:31:26 GMT
etag: "f3441e2c340de93b6af4903c3c078bb8+gzip"
last-modified: Tue, 03 Dec 2019 21:01:22 GMT
server: ECS (frb/6795)
vary: Accept-Encoding
x-amz-id-2: YuokNoKycpMMSWPdjr10O7f6HGPszgRQy8G7YSaGOfYs3wf+2O/B8wala1D8gxi6YkQf4CxZ2tY=
x-amz-request-id: RSG1TG5J7WXH51HR
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 124

GET
H2 200 fac-sync
pr-bh.ybp.yahoo.com/ Frame 00B1 43 B
302 B 101ms
33ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/fac-sync?cb=0.6400583381087481

Requested by

Host: saint-gobaine.com
URL: https://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-csc.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://saint-gobaine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 13:31:26 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff

GET
H2 200 bid-apid-idsync.js Show response
tag.sp.advertising.com/bid-apid/ Frame B31A 2 KB
914 B 7ms
7ms Script
application/javascript 152.195.39.165
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.sp.advertising.com/bid-apid/bid-apid-idsync.js
Requested by: Host: tag.sp.advertising.com
URL: https://tag.sp.advertising.com/bid-apid/bid-apid-idsync.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.39.165 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/673A) /
Resource Hash: d01dbcadec79258da0830d4f94ed24ad5aa179c7018b4d5166b2dfdf21cb3f10

Request headers

Referer: https://tag.sp.advertising.com/bid-apid/bid-apid-idsync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 13:31:26 GMT
content-encoding: gzip
etag: "4419c7e7a776ab0345f8252d24a603e8+gzip"
last-modified: Tue, 03 Dec 2019 21:01:22 GMT
server: ECS (frb/673A)
age: 236
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
x-amz-request-id: WHBTZ2XAF4T878YT
content-length: 730
x-amz-id-2: Ca+odYGsoaPNj7i88IPuZ5HZiOnK3UgCprRvwek9Y42WTYI3OAhchxo7wUGSYWvyHlihZMbiUlQ=

GET
H2 200 opus-frame.html Show response
opus.analytics.yahoo.com/opus/tag/ Frame 31BB 9 KB
4 KB 32ms
9ms Document
text/html 152.199.23.180
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://opus.analytics.yahoo.com/opus/tag/opus-frame.html?id=4

Requested by

Host: tag.sp.advertising.com
URL: https://tag.sp.advertising.com/bid-apid/bid-apid-idsync.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.23.180 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FA0) /

Resource Hash

efa70d6e32423159b2c5d940441d59c9db589b2174c0a1681134f2bb5bfc778e

Security Headers

Name	Value
Content-Security-Policy	default-src https:; script-src https: 'unsafe-inline'; style-src https: 'unsafe-inline'

Request headers

:method: GET
:authority: opus.analytics.yahoo.com
:scheme: https
:path: /opus/tag/opus-frame.html?id=4
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tag.sp.advertising.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: A3=d=AQABBC6It2ACEIdwAXdh-l5jtsrJg22ohmEFEgEBAQHZuGDBYAAAAAAA_eMAAA&S=AQAAAlhHYd3CkI3gS0iEHj0JYQA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://tag.sp.advertising.com/

Response headers

content-encoding: gzip
age: 158587
content-security-policy: default-src https:; script-src https: 'unsafe-inline'; style-src https: 'unsafe-inline'
content-type: text/html
date: Wed, 02 Jun 2021 13:31:26 GMT
etag: "e3f3a3e01a35be7a338eb0248b0d6a22+gzip"
last-modified: Mon, 11 Jan 2021 22:14:51 GMT
server: ECAcc (frc/8FA0)
vary: Accept-Encoding
x-amz-id-2: 31VB0Xb4GmHPy94noEmsvbXA+a04Oz17pW02K3yKTdd/18HlfYxvUUXSp3rrW5b8hSgtUuPNEt8=
x-amz-request-id: AA31T20VVPSD4EHF
x-cache: HIT
content-length: 3273

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 7E08 70 B
265 B 94ms
31ms Image
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=70&cm_user_id=YLeILl3xVUcPZv4Z5LB.TAAA&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fpr-bh.ybp.yahoo.com%2Fsync%2Fcasale%2F_UID_&s=183875&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Jun 2021 13:31:26 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 7E08
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YLeILl3xVUcPZv4Z5LB.TAAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECvV5laXg4r1Zp0kuRq1Tmk&google_cver=1&gdpr=1&google_hm=2

43 B
1002 B

27ms
27ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECvV5laXg4r1Zp0kuRq1Tmk&google_cver=1&gdpr=1&google_hm=2
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fpr-bh.ybp.yahoo.com%2Fsync%2Fcasale%2F_UID_&s=183875&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 13:31:26 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 02 Jun 2021 13:31:26 GMT

Redirect headers

pragma: no-cache
date: Wed, 02 Jun 2021 13:31:26 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECvV5laXg4r1Zp0kuRq1Tmk&google_cver=1&gdpr=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 341
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 7E08
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YLeILl3xVUcPZv4Z5LB-TAAABLEAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YLeILl3xVUcPZv4Z5LB-TAAABLEAAAAB&dcc=t

43 B
433 B

102ms
102ms

Image
image/gif

52.94.232.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YLeILl3xVUcPZv4Z5LB-TAAABLEAAAAB&dcc=t
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fpr-bh.ybp.yahoo.com%2Fsync%2Fcasale%2F_UID_&s=183875&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.94.232.32 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 13:31:26 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 13:31:26 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YLeILl3xVUcPZv4Z5LB-TAAABLEAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame 7E08
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YLeILl3xVUcPZv4Z5LB-TAAABLEAAAAB&gdpr_consent=&us_privacy=&gdpr=1
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YLeILl3xVUcPZv4Z5LB-TAAABLEAAAAB&gdpr_consent=&us_privacy=&gdpr=1&google_tc=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEP72XUy2S_DfARSpOCv7kio&google_cver=1

43 B
315 B

26ms
24ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEP72XUy2S_DfARSpOCv7kio&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fpr-bh.ybp.yahoo.com%2Fsync%2Fcasale%2F_UID_&s=183875&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 13:31:26 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Wed, 02 Jun 2021 13:31:26 GMT

Redirect headers

pragma: no-cache
date: Wed, 02 Jun 2021 13:31:26 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEP72XUy2S_DfARSpOCv7kio&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK CookieIndex
rtb.adentifi.com/ Frame 7E08 0
88 B 418ms
102ms Image
text/plain 54.210.14.23
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.adentifi.com/CookieIndex
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fpr-bh.ybp.yahoo.com%2Fsync%2Fcasale%2F_UID_&s=183875&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.210.14.23 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-210-14-23.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 0
Content-Type: text/plain

GET
H/1.1 200
OK cookiesync
bttrack.com/pixel/ Frame 7E08 35 B
380 B 390ms
98ms Image
image/gif 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fpr-bh.ybp.yahoo.com%2Fsync%2Fcasale%2F_UID_&s=183875&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-ServerName: Track001-dc3
Pragma: no-cache
Date: Wed, 02 Jun 2021 13:31:15 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control: private,no-cache
Content-Type: image/gif
Content-Length: 35
Expires: -1

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 7E08
Redirect Chain

https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-ac254c05-ea70-45d6-9b71-8723f05c6b27

43 B
1 KB

26ms
25ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-ac254c05-ea70-45d6-9b71-8723f05c6b27
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fpr-bh.ybp.yahoo.com%2Fsync%2Fcasale%2F_UID_&s=183875&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 13:31:26 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 02 Jun 2021 13:31:26 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-ac254c05-ea70-45d6-9b71-8723f05c6b27
date: Wed, 02 Jun 2021 13:31:26 GMT
server: Apache-Coyote/1.1
content-length: 0

GET
H/1.1 200
OK ie
match.prod.bidr.io/cookie-sync/ Frame 7E08 43 B
430 B 114ms
27ms Image
image/gif 52.49.183.138
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/ie?gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fpr-bh.ybp.yahoo.com%2Fsync%2Fcasale%2F_UID_&s=183875&C=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.49.183.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-183-138.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
Date: Wed, 02 Jun 2021 13:31:26 GMT
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
content-type: image/gif
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 YLeILl3xVUcPZv4Z5LB-TAAABLEAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 7E08 43 B
700 B 34ms
33ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/YLeILl3xVUcPZv4Z5LB-TAAABLEAAAAB

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fpr-bh.ybp.yahoo.com%2Fsync%2Fcasale%2F_UID_&s=183875&C=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 13:31:26 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK user_sync.html Show response
saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf_data/emea2_data/ Frame BDAD 1 KB
1 KB 153ms
152ms Document
text/html 104.223.76.231
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL: https://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf_data/emea2_data/user_sync.html
Requested by: Host: saint-gobaine.com
URL: https://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf_data/emea2.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.223.76.231 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS: 104.223.76.231.static.greencloudvps.com
Software: Apache /
Resource Hash: be279aca9769cae3df652f14668be1c7ecb890d0d6fb63bd64abeb1faccd9276

Request headers

Host: saint-gobaine.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf_data/emea2.html
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf_data/emea2.html

Response headers

Date: Wed, 02 Jun 2021 13:31:26 GMT
Server: Apache
Last-Modified: Tue, 21 Nov 2017 13:20:20 GMT
Accept-Ranges: bytes
Content-Length: 1057
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html

GET
H/1.1 200
OK Cookie set usermatch Show response
ssum-sec.casalemedia.com/ Frame 7536 2 KB
3 KB 30ms
29ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?s=183875&cb=https%3A%2F%2Fpr-bh.ybp.yahoo.com%2Fsync%2Fcasale%2F_UID_
Requested by: Host: saint-gobaine.com
URL: https://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf_data/emea2.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: f687b378db6427f6c0504ae4d358a6d61b259e700cb9f5fb6b1b9339d84ca3fa

Request headers

Host: ssum-sec.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://saint-gobaine.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMID=YLeILl3xVUcPZv4Z5LB.TAAA; CMPS=5182; CMPRO=1201; CMST=YLeILmC3iC4A; CMRUM3=9c60b7882e05a00&2d60b7882e05a0&e660b7882e2760&c360b7882e05a00&2760b7882e0b40&f160b7882e05a0&8260b7882ea8c0&bc60b7882e05a00
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://saint-gobaine.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 88|206|3|4|130|218|65|31
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1661
Expires: Wed, 02 Jun 2021 13:31:26 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 02 Jun 2021 13:31:26 GMT
Connection: keep-alive
Set-Cookie: CMID=YLeILl3xVUcPZv4Z5LB.TAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 02 Jun 2022 13:31:26 GMT CMPS=5182;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 31 Aug 2021 13:31:26 GMT CMPRO=1201;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 31 Aug 2021 13:31:26 GMT CMRUM3=c360b7882e05a00&2760b7882e0b40&1f60b7882e05a00&e660b7882e2760&bc60b7882e05a00&8260b7882ea8c0&0460b7882e05a0&da60b7882e2760&f160b7882e05a0&2d60b7882e05a0&0360b7882e05a0&9c60b7882e05a00&4160b7882e05a0&5860b7882e05a0&ce60b7882e05a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 02 Jun 2022 13:31:26 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 7536
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YLeILgABbqDU6wAC
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YLeILgABbqDU6wAC&gdpr=1&_test=YLeILgABbqDU6wAC

43 B
1 KB

26ms
26ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YLeILgABbqDU6wAC&gdpr=1&_test=YLeILgABbqDU6wAC
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=183875&cb=https%3A%2F%2Fpr-bh.ybp.yahoo.com%2Fsync%2Fcasale%2F_UID_
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 13:31:26 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 02 Jun 2021 13:31:26 GMT

Redirect headers

pragma: no-cache
date: Wed, 02 Jun 2021 13:31:26 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1622640687.718315,VS0,VE0
x-served-by: cache-fra19156-FRA
x-cache: HIT
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YLeILgABbqDU6wAC&gdpr=1&_test=YLeILgABbqDU6wAC
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1 204
No Content sync
ups.analytics.yahoo.com/ups/55940/ Frame 7536 0
234 B 51ms
15ms Image
text/plain 18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YLeILl3xVUcPZv4Z5LB-TAAABLEAAAAB&gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=183875&cb=https%3A%2F%2Fpr-bh.ybp.yahoo.com%2Fsync%2Fcasale%2F_UID_

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.128 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 13:31:26 GMT
Server: ATS/7.1.2.128
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 7536
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=f5dc60b7-882e-4000-8359-a530976a51ea&gdpr=1&gdpr_consent=

43 B
1 KB

26ms
26ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=f5dc60b7-882e-4000-8359-a530976a51ea&gdpr=1&gdpr_consent=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=183875&cb=https%3A%2F%2Fpr-bh.ybp.yahoo.com%2Fsync%2Fcasale%2F_UID_
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 13:31:26 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 02 Jun 2021 13:31:26 GMT

Redirect headers

Date: Wed, 02 Jun 2021 13:31:19 GMT
Server: MT3 3736 915c305 master zrh-pixel-x4
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=f5dc60b7-882e-4000-8359-a530976a51ea&gdpr=1&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 02 Jun 2021 13:31:18 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 7536
Redirect Chain

https://ad.turn.com/r/cs?pid=21&gdpr=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7114823332010336211

43 B
1009 B

27ms
26ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7114823332010336211
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=183875&cb=https%3A%2F%2Fpr-bh.ybp.yahoo.com%2Fsync%2Fcasale%2F_UID_
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 13:31:26 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 02 Jun 2021 13:31:26 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7114823332010336211
pragma: no-cache
date: Wed, 02 Jun 2021 13:31:26 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1 200
OK ie
match.prod.bidr.io/cookie-sync/ Frame 7536 43 B
430 B 70ms
27ms Image
image/gif 52.49.183.138
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/ie?gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=183875&cb=https%3A%2F%2Fpr-bh.ybp.yahoo.com%2Fsync%2Fcasale%2F_UID_

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.49.183.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-183-138.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
Date: Wed, 02 Jun 2021 13:31:26 GMT
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
content-type: image/gif
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK ibs:dpid=23728&dpuuid=YLeILl3xVUcPZv4Z5LB.TAAA%261201
dpm.demdex.net/ Frame 7536 0
0 134ms
31ms Image
application/json 54.171.219.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YLeILl3xVUcPZv4Z5LB.TAAA%261201?gdpr_consent=&us_privacy=&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=183875&cb=https%3A%2F%2Fpr-bh.ybp.yahoo.com%2Fsync%2Fcasale%2F_UID_
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.219.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-219-200.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1

200
OK

rum
dsum.casalemedia.com/ Frame 7536
Redirect Chain

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1622727086&gdpr=1

43 B
315 B

86ms
32ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1622727086&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=183875&cb=https%3A%2F%2Fpr-bh.ybp.yahoo.com%2Fsync%2Fcasale%2F_UID_
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 13:31:26 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Wed, 02 Jun 2021 13:31:26 GMT

Redirect headers

location: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1622727086&gdpr=1
pragma: no-cache
date: Wed, 02 Jun 2021 13:31:26 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
content-length: 0
expires: 0

GET
H/1.1

200
OK

noop
px.owneriq.net/ Frame 7536
Redirect Chain

https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6759270861396169696&uid=Q6759270861396169696&ref=%2Feucm%2Fp%2Fcc
https://px.owneriq.net/noop?ct=image%2Fgif

0
287 B

27ms
27ms

Image
image/gif

104.111.242.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.owneriq.net/noop?ct=image%2Fgif
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=183875&cb=https%3A%2F%2Fpr-bh.ybp.yahoo.com%2Fsync%2Fcasale%2F_UID_
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.242.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-53.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 13:31:26 GMT
Server: Apache/2.2.15 (CentOS)
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By: PHP/5.3.3
Content-Length: 0
Content-Type: image/gif

Redirect headers

Location: https://px.owneriq.net/noop?ct=image%2Fgif
Date: Wed, 02 Jun 2021 13:31:26 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H2 200 YLeILl3xVUcPZv4Z5LB-TAAABLEAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 7536 43 B
88 B 34ms
33ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/YLeILl3xVUcPZv4Z5LB-TAAABLEAAAAB

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=183875&cb=https%3A%2F%2Fpr-bh.ybp.yahoo.com%2Fsync%2Fcasale%2F_UID_

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 13:31:26 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 690D 38 KB
14 KB 62ms
22ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: saint-gobaine.com
URL: https://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf_data/emea2_data/user_sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/showad.js
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://saint-gobaine.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://saint-gobaine.com/

Response headers

last-modified: Tue, 11 May 2021 05:24:02 GMT
etag: "13006b6-96ca-5c2071a26cca4"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13964
content-type: text/html; charset=UTF-8
cache-control: public, max-age=112423
expires: Thu, 03 Jun 2021 20:45:09 GMT
date: Wed, 02 Jun 2021 13:31:26 GMT
vary: Accept-Encoding

GET
H/1.1 200
OK showad.html Show response
saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf_data/emea2_data/user_sync_data/ Frame 4B9A 29 KB
29 KB 153ms
152ms Document
text/html 104.223.76.231
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL: https://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf_data/emea2_data/user_sync_data/showad.html
Requested by: Host: saint-gobaine.com
URL: https://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf_data/emea2_data/user_sync.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.223.76.231 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS: 104.223.76.231.static.greencloudvps.com
Software: Apache /
Resource Hash: f23c693f53fd49446f9fc3b6c7d3311df34a39d20d5e27be28cd38b0e9e8ffec

Request headers

Host: saint-gobaine.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf_data/emea2_data/user_sync.html
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-sf_data/emea2_data/user_sync.html

Response headers

Date: Wed, 02 Jun 2021 13:31:26 GMT
Server: Apache
Last-Modified: Tue, 21 Nov 2017 13:20:20 GMT
Accept-Ranges: bytes
Content-Length: 29846
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 690D 0
42 B 44ms
13ms Script
text/plain 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=51895044&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 13:31:26 GMT
content-length: 0

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Yahoo (Online)

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.yahoo.com/	1970-01-20 03:29:58	Name: A3 Value: d=AQABBC6It2ACEIdwAXdh-l5jtsrJg22ohmEFEgEBAQHZuGDBYAAAAAAA_eMAAA&S=AQAAAlhHYd3CkI3gS0iEHj0JYQA
.casalemedia.com/	1970-01-20 03:29:36	Name: CMRUM3 Value: 2760b7882e0b40&c360b7882e2760av-ac254c05-ea70-45d6-9b71-8723f05c6b27&e660b7882e2760&f160b7882e05a0&0460b7882e27607114823332010336211&bc60b7882e05a00&8260b7882ea8c0&0360b7882e2760f5dc60b7-882e-4000-8359-a530976a51ea&2d60b7882e05a0&9c60b7882e05a00&5860b7882e2760YLeILgABbqDU6wAC
.casalemedia.com/	1970-01-20 03:29:36	Name: CMID Value: YLeILl3xVUcPZv4Z5LB.TAAA
.casalemedia.com/	1970-01-19 20:53:36	Name: CMPRO Value: 1201
.ads.pubmatic.com/	1970-01-19 18:45:27	Name: KCCH Value: YES
.doubleclick.net/	1970-01-20 04:05:36	Name: IDE Value: AHWqTUkAQ5G0FZ4VdC9dABEZfvmV09sEgPyxTaccBibK3eEge5zQmJQ5sMtBbLeeT7Y
.casalemedia.com/	1970-01-19 18:45:27	Name: CMST Value: YLeILmC3iC4A
.casalemedia.com/	1970-01-19 20:53:36	Name: CMPS Value: 5182

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://s.yimg.com/rq/darla/3-0-8/js/g-r-min.js(Line 3) Message: DARLA notice: 425
console-api	log	URL: https://s.yimg.com/rq/darla/3-0-8/js/g-r-min.js(Line 3) Message: DARLA notice: 426
console-api	log	URL: https://saint-gobaine.com/cg-bin/yahoo/login/login.yahoo.com/files/r-csc.html(Line 21) Message: darla csc writer, invalid host (1)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.turn.com
ads.pubmatic.com
ads.yahoo.com
beap-bc.yahoo.com
bttrack.com
casale-match.dotomi.com
cm.g.doubleclick.net
dpm.demdex.net
dsum-sec.casalemedia.com
dsum.casalemedia.com
googleads.g.doubleclick.net
image6.pubmatic.com
match.adsrvr.org
match.prod.bidr.io
nep.advangelists.com
opus.analytics.yahoo.com
pagead2.googlesyndication.com
pr-bh.ybp.yahoo.com
px.owneriq.net
rtb.adentifi.com
s.amazon-adsystem.com
s.yimg.com
saint-gobaine.com
ssum-sec.casalemedia.com
sync-tm.everesttech.net
sync.mathtag.com
tag.sp.advertising.com
ups.analytics.yahoo.com
104.111.242.53
104.223.76.231
13.248.242.197
151.101.14.49
152.195.39.165
152.199.23.180
172.217.16.130
18.156.0.31
185.29.133.58
185.64.189.115
192.132.33.46
2.18.233.180
2.18.234.21
2001:678:cb4:bbbb::11
2a00:1288:110:c305::8000
2a00:1288:80:800::7001
2a00:1450:4001:813::2002
2a00:1450:4001:82a::2002
2a02:fa8:8806:13::1370
52.2.89.95
52.49.183.138
52.94.232.32
54.171.219.200
54.210.14.23
07e8cc505468105a52598bfb0c1043caa705e2c033c34980014539526de835d0
0a951ba51cfe149349db028d537e9fc34e65d61cf495b3511f94e99ac413e11c
0f1c4a4c907abbbd518701d77f5a1cd96e37b4e0fcd2a0812e8c17a2bbe5d432
19b644434cfa9f5d12e1e90a3c2d062aacf27da9ecbe8393df77383ab3c00208
1a540d6790659adf104de6f73b3be7526e1729da358976fa63f366e2ca01c58d
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74
1dad6cb9a0903898a8f82f89c0d10ee6e94f8459228530fa5df3078100c9f650
303bbc0d2be952f516322124d7c57675f80b4cfc62d476a5819ca54f95124a5c
3c1e83528705586ca2a9155985f397701e7e9b3c40a5cf1d9ca9c2bc3c63066c
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
518c780ac9fda203d1fcffddb3f558c2e11bd43f5b98834857b42c79f80445a2
519e7eb4cb5c041d430896b12022586b5e6f113d91a459511e5fdd046d107c02
682fc76515bc4d8bde6358c50349eaabb46e6f087051920e744a013161ee22cf
6ad70862de73f243b711a1d8523fac32aeff4df4871955dd01b794f2d4d0a7a0
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b8468baa304258a3b64085584a83f5b997f809058e32ed8d10c75a302ce324d
70b5b87e20f82a24c389deb2386d27d9c8fe759b644ed18a8a33b9f52f83e7e2
7e7fa886d5d75c745d95be4fc3c5bfb4c988019b3f643c669734612345e1b8c8
840784f797836249222bc410136c048467690e5a5be3998323365e3fc1669e27
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
98461db09c78dc1982ea4091ef106292f3075687ae18e4e4a77579907fca5353
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
be279aca9769cae3df652f14668be1c7ecb890d0d6fb63bd64abeb1faccd9276
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
cd8159680ecc8a407bc9e957d7b2dd88f74909baa4bfcad1d7f6d7230e1745f9
d01dbcadec79258da0830d4f94ed24ad5aa179c7018b4d5166b2dfdf21cb3f10
dc92bbc105671d1c180bf9895d59da34112ae258a7792642d06841d827fdb9d5
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
efa70d6e32423159b2c5d940441d59c9db589b2174c0a1681134f2bb5bfc778e
f23c693f53fd49446f9fc3b6c7d3311df34a39d20d5e27be28cd38b0e9e8ffec
f687b378db6427f6c0504ae4d358a6d61b259e700cb9f5fb6b1b9339d84ca3fa
fcbaeadfffc791269a437216ee74bc95aabf4a2ee0a61b152e302a973e78fe63

saint-gobaine.com Open in urlscan Pro 104.223.76.231 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

49 Requests

100 %HTTPS

25 %IPv6

20 Domains

28 Subdomains

19 IPs

4 Countries

456 kBTransfer

684 kBSize

8 Cookies

6 Outgoing links

Redirected requests

49 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

saint-gobaine.com Open in urlscan Pro
104.223.76.231 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

49
Requests

100 %
HTTPS

25 %
IPv6

20
Domains

28
Subdomains

19
IPs

4
Countries

456 kB
Transfer

684 kB
Size

8
Cookies

49 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!