urlscan.io logo urlscan.io
SecurityTrails logo

ads.exoclick.com Open in urlscan Pro
2606:2800:234:4cc4:5670:35d5:1e00:b394  Public Scan

Go To Rescan Add Verdict Report
URL: http://ads.exoclick.com/iframe.php?idzone=369326&size=300x250
Submission Tags: falconsandbox
Submission: On July 14 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 2 domains to perform 7 HTTP transactions. The main IP is 2606:2800:234:4cc4:5670:35d5:1e00:b394, located in United States and belongs to EDGECAST, US. The main domain is ads.exoclick.com.
This is the only time ads.exoclick.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2606:2800:234... 15133 (EDGECAST)
1 95.211.229.246 60781 (LEASEWEB-...)
1 2 216.18.168.166 29789 (REFLECTED)
3 205.185.208.78 20446 (HIGHWINDS3)
7 4
Domain Requested by
3 hw-cdn2.contentabc.com ads2.contentabc.com
2 ads2.contentabc.com 1 redirects syndication.exoclick.com
2 ads.exoclick.com ads.exoclick.com
1 syndication.exoclick.com ads.exoclick.com
7 4

This site contains no links.

Subject Issuer Validity Valid
*.contentabc.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2020-11-11 -
2021-12-12		 a year crt.sh

This page contains 3 frames:

Primary Page: http://ads.exoclick.com/iframe.php?idzone=369326&size=300x250
Frame ID: 5765C0868874615AAA30F2DD20E72821
Requests: 2 HTTP requests in this frame

Frame: http://syndication.exoclick.com/ads-iframe-display.php?idzone=369326&type=300x250&p=http%3A//ads.exoclick.com/iframe.php%3Fidzone%3D369326%26size%3D300x250&dt=1626279166815&sub=&tags=&cookieconsent=true&screen_resolution=1600x1200&el=%22
Frame ID: 7842A061648EE552FC41BE2AD836AC0A
Requests: 1 HTTP requests in this frame

Frame: https://ads2.contentabc.com/ads?spot_id=2864490&rand=o0iwve5lvy8&ata=favthumbs
Frame ID: 304366D5C4654F04AFE53C7F3AF293D2
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

7
Requests

57 %
HTTPS

25 %
IPv6

2
Domains

4
Subdomains

4
IPs

2
Countries

484 kB
Transfer

497 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • http://ads2.contentabc.com/ads?spot_id=2864490&rand=o0iwve5lvy8&ata=favthumbs HTTP 301
  • https://ads2.contentabc.com/ads?spot_id=2864490&rand=o0iwve5lvy8&ata=favthumbs

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request iframe.php
ads.exoclick.com/ 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://ads.exoclick.com/iframe.php?idzone=369326&size=300x250
Protocol
HTTP/1.1
Server
2606:2800:234:4cc4:5670:35d5:1e00:b394 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx /
Resource Hash
5114201d2eee0bfead945fcce6c5b0e8c3cb9af8bc92e1bb6ae4175b66890717

Request headers

Host
ads.exoclick.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Encoding
gzip
Cache-Control
max-age=10800
Content-Type
text/html; charset=UTF-8
Date
Wed, 14 Jul 2021 16:12:46 GMT
Expires
Wed, 14 Jul 2021 19:12:46 GMT
Server
nginx
Transfer-Encoding
chunked
ads.js
ads.exoclick.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ads.exoclick.com/ads.js
Requested by
Host: ads.exoclick.com
URL: http://ads.exoclick.com/iframe.php?idzone=369326&size=300x250
Protocol
HTTP/1.1
Server
2606:2800:234:4cc4:5670:35d5:1e00:b394 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67BC) /
Resource Hash
c7bb5a38065389932bf7cd004edddf11c7a62df77057d4be869d8e7ae7897de8

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
ads.exoclick.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
*/*
Referer
http://ads.exoclick.com/iframe.php?idzone=369326&size=300x250
Connection
keep-alive
Cache-Control
no-cache
Referer
http://ads.exoclick.com/iframe.php?idzone=369326&size=300x250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Jul 2021 16:12:46 GMT
Content-Encoding
gzip
Last-Modified
Wed, 14 Jul 2021 15:12:10 GMT
Server
ECS (frb/67BC)
Age
3636
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
application/javascript
Cache-Control
max-age=10800
Accept-Ranges
bytes
Content-Length
961
Expires
Wed, 14 Jul 2021 19:12:46 GMT
Cookie set ads-iframe-display.php
syndication.exoclick.com/ Frame 7842 		298 B
761 B 		Document
General
Check archive.org
Download Go to
Full URL
http://syndication.exoclick.com/ads-iframe-display.php?idzone=369326&type=300x250&p=http%3A//ads.exoclick.com/iframe.php%3Fidzone%3D369326%26size%3D300x250&dt=1626279166815&sub=&tags=&cookieconsent=true&screen_resolution=1600x1200&el=%22
Requested by
Host: ads.exoclick.com
URL: http://ads.exoclick.com/ads.js
Protocol
HTTP/1.1
Server
95.211.229.246 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
90ea767f7a0e0503de50f8481eb25d1d0f07a27d017f81827b3d72256da8163b

Request headers

Host
syndication.exoclick.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://ads.exoclick.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://ads.exoclick.com/

Response headers

Server
nginx
Date
Wed, 14 Jul 2021 16:12:46 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, must-revalidate
Pragma
no-cache
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie
__uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2260ef0cfece7761.303956583984170101%22%3B%7D; expires=Fri, 14 Jul 2023 16:12:46 GMT; path=; domain=.exoclick.com;
Content-Encoding
gzip
Cookie set ads
ads2.contentabc.com/ Frame 3043
Redirect Chain
  • http://ads2.contentabc.com/ads?spot_id=2864490&rand=o0iwve5lvy8&ata=favthumbs
  • https://ads2.contentabc.com/ads?spot_id=2864490&rand=o0iwve5lvy8&ata=favthumbs
20 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads2.contentabc.com/ads?spot_id=2864490&rand=o0iwve5lvy8&ata=favthumbs
Requested by
Host: syndication.exoclick.com
URL: http://syndication.exoclick.com/ads-iframe-display.php?idzone=369326&type=300x250&p=http%3A//ads.exoclick.com/iframe.php%3Fidzone%3D369326%26size%3D300x250&dt=1626279166815&sub=&tags=&cookieconsent=true&screen_resolution=1600x1200&el=%22
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.18.168.166 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
openresty /
Resource Hash
388cf47c72387b6df7f42ad8a16793902aec82bb371b1193bf3f6bb015ac0c74

Request headers

Host
ads2.contentabc.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://syndication.exoclick.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://syndication.exoclick.com/

Response headers

Server
openresty
Date
Wed, 14 Jul 2021 16:12:46 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET
Access-Control-Allow-Headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
Set-Cookie
adtool_guid=Ch5KImDvDP5nVhOul9G6Ag==; expires=Thu, 31-Dec-37 23:55:55 GMT; path=/; Secure; HTTPOnly; SameSite=None; RNLBSERVERID=ded7079; path=/; HttpOnly; Secure; SameSite=None
Content-Encoding
gzip

Redirect headers

Content-length
0
Location
https://ads2.contentabc.com/ads?spot_id=2864490&rand=o0iwve5lvy8&ata=favthumbs
vortex-simple-1.0.0.js
hw-cdn2.contentabc.com/delivery/vortex/ Frame 3043 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hw-cdn2.contentabc.com/delivery/vortex/vortex-simple-1.0.0.js
Requested by
Host: ads2.contentabc.com
URL: https://ads2.contentabc.com/ads?spot_id=2864490&rand=o0iwve5lvy8&ata=favthumbs
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
205.185.208.78 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
vip078.ssl.hwcdn.net
Software
/
Resource Hash
6f0e50ac39121175ca0427c4e87cdfa2520b526c8497e23cffbca726eb6ca42c

Request headers

Referer
https://ads2.contentabc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Jul 2021 16:12:47 GMT
Last-Modified
Fri, 02 Nov 2018 14:17:11 GMT
ETag
"1541168231"
X-HW
1626279166.dop251.am5.t,1626279167.cds132.am5.shn,1626279167.cds132.am5.c
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=10752814
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
5027
1001932_logo.png
hw-cdn2.contentabc.com/a7/creatives/1/49/812663/1001932/ Frame 3043 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hw-cdn2.contentabc.com/a7/creatives/1/49/812663/1001932/1001932_logo.png
Requested by
Host: ads2.contentabc.com
URL: https://ads2.contentabc.com/ads?spot_id=2864490&rand=o0iwve5lvy8&ata=favthumbs
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
205.185.208.78 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
vip078.ssl.hwcdn.net
Software
/
Resource Hash
ba89161f62c517bdd776996943f3e26ed2b92d749178f1c24da07c8db904e27c

Request headers

Referer
https://ads2.contentabc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 14 Jul 2021 16:12:47 GMT
Last-Modified
Sat, 03 Jul 2021 13:51:59 GMT
ETag
"1625320319"
X-HW
1626279166.dop247.am5.t,1626279167.cds075.am5.shn,1626279167.dop247.am5.t,1626279167.cds289.am5.c
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=10417660
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
3346
1001932_video.mp4
hw-cdn2.contentabc.com/a7/creatives/1/49/812663/1001932/ Frame 3043 		463 KB
463 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://hw-cdn2.contentabc.com/a7/creatives/1/49/812663/1001932/1001932_video.mp4
Requested by
Host: ads2.contentabc.com
URL: https://ads2.contentabc.com/ads?spot_id=2864490&rand=o0iwve5lvy8&ata=favthumbs
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
205.185.208.78 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
vip078.ssl.hwcdn.net
Software
/
Resource Hash
e32354f32c4499e80238a597b2f046b44a5940490d2a593d00dfa66a1e8acf75

Request headers

Referer
https://ads2.contentabc.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Date
Wed, 14 Jul 2021 16:12:47 GMT
Last-Modified
Sat, 03 Jul 2021 13:55:02 GMT
Access-Control-Allow-Origin
*
ETag
"1625320502"
X-HW
1626279166.dop247.am5.t,1626279167.cds075.am5.shn,1626279167.dop247.am5.t,1626279167.cds119.am5.c
Content-Type
video/mp4
Content-Range
bytes 0-473988/473989
Cache-Control
max-age=10569536
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
473989

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| URLToArray function| escapeHtml function| getAcceptedParams string| currentUrl object| pageParams string| ad_idzone string| ad_width string| ad_height undefined| ad_tags undefined| ad_el undefined| ad_notify string| eventMethod function| eventer string| messageEvent object| exoDynamicParams string| exoDocumentProtocol

3 Cookies

Domain/Path Name / Value
ads2.contentabc.com/ Name: RNLBSERVERID
Value: ded7079
ads2.contentabc.com/ Name: adtool_guid
Value: Ch5KImDvDP5nVhOul9G6Ag==
.exoclick.com/ Name: __uvt
Value: a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2260ef0cfece7761.303956583984170101%22%3B%7D