URL: https://loadus.exelator.com/load/net.php?n=PGltZyB3aWR0aD0iMSIgYWx0PSJFeGVsYXRlRGF0YSIgc3R5bGU9ImRpc3BsYXk6bm9uZSIgc3JjPSJodHRwczovL3N5bmMuY3J3ZGNudHJsLm5ldC9tYXAvYz0zODU5L3RwPVZJU0QvP2h0dHBzOi8vbG9hZG0uZXhlbGF0b3IuY29tL2xvYWQvP3A9MjA0Jmc9MjYwJmJ1aWQ9JHtwcm9maWxlX2lkfSIgaGVpZ2h0PSIxIj48L2ltZz48aW1nIHdpZHRoPSIxIiBhbHQ9IkV4ZWxhdGVEYXRhIiBzdHlsZT0iZGlzcGxheTpub25lIiBzcmM9Imh0dHBzOi8vdGhydGxlLmNvbS9pbnN5bmM%2FdnhpaV9waWQ9MTAwMDQmdnhpaV9wZGlkPWY0MTcwMWJmM2E3ZDg4YmNiM2MzODMxYzI1ZDI2MjM3ZGVmYXVsdCIgaGVpZ2h0PSIxIj48L2ltZz48aW1nIHdpZHRoPSIxIiBhbHQ9IkV4ZWxhdGVEYXRhIiBzdHlsZT0iZGlzcGxheTpub25lIiBzcmM9Imh0dHBzOi8vaW1hZ2UzLnB1Ym1hdGljLmNvbS9BZFNlcnZlci9VQ29va2llU2V0UHVnP3JkPWh0dHBzJTNBJTJGJTJGbG9hZHVzLmV4ZWxhdG9yLmNvbSUyRmxvYWQlMkYlM0ZwJTNEMjA0JTI2ZyUzRDA3MSUyNmJ1aWQlM0QlMjNQTV9VU0VSX0lEIiBoZWlnaHQ9IjEiPjwvaW1nPg%3D%3D&h=6cad0eded78df96ef73d5078a474586b
Submission: On November 17 via manual from SG

Summary

This website contacted 2 IPs in 4 countries across 4 domains to perform 4 HTTP transactions.
The main IP is 147.75.102.200, located in Switzerland and belongs to PACKET - Packet Host, Inc., US. The main domain is loadus.exelator.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on May 25th 2017. Valid for: 2 years.
This is the first time this domain was scanned on urlscan.io!

Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 4 147.75.102.200 54825 (PACKET)
2 2 34.251.108.175 16509 (AMAZON-02)
1 54.84.105.44 ()
1 1 198.47.127.18 ()
1 1 185.64.189.110 62713 (AS-PUBMATIC)
4 2
Domain
Subdomains
Transfer
4 exelator.com
2 KB
2 pubmatic.com
969 B
2 crwdcntrl.net
1 KB
1 thrtle.com
2 KB
4 4
Domain Requested by
3 loadus.exelator.com 1 redirects loadus.exelator.com
2 sync.crwdcntrl.net 2 redirects
1 image2.pubmatic.com 1 redirects
1 image3.pubmatic.com 1 redirects
1 thrtle.com loadus.exelator.com
1 loadm.exelator.com loadus.exelator.com
4 6

This site contains links to these domains. Also see Links.

Domain
Subject / Issuer Validity Valid
*.exelator.com
Go Daddy Secure Certificate Authority - G2
2017-05-25 -
2019-06-25
2 years
*.thrtle.com
Go Daddy Secure Certificate Authority - G2
2018-05-21 -
2019-05-21
a year

Screenshot


Detected technologies

Web
Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i

Web
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i


Stats

0
Requests

0
Ad-blocked

0
Malicious

0 %
HTTPS

0 %
IPv6

0
Domains

0
Subdomains

0
IPs

0
Countries

0 kB
Transfer

0 kB
Size

0
Cookies

4 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Adblocked net.php?n=PGltZyB3aWR0aD0iMSIgYWx0PSJFeGVsYXRlRGF0YSIgc3R5bGU9ImRpc3BsYXk6bm9uZSIgc3JjPSJodHRwczovL3N5bmMuY3J3ZGNudHJsLm5ldC9tYXAvYz0zODU5L3RwPVZJU0QvP2h0dHBzOi8vbG9hZG0uZXhlbGF0b3IuY29tL2xvYWQvP3A...
/load
600 B
805 B
Document
General
Full URL
https://loadus.exelator.com/load/net.php?n=PGltZyB3aWR0aD0iMSIgYWx0PSJFeGVsYXRlRGF0YSIgc3R5bGU9ImRpc3BsYXk6bm9uZSIgc3JjPSJodHRwczovL3N5bmMuY3J3ZGNudHJsLm5ldC9tYXAvYz0zODU5L3RwPVZJU0QvP2h0dHBzOi8vbG9hZG0uZXhlbGF0b3IuY29tL2xvYWQvP3A9MjA0Jmc9MjYwJmJ1aWQ9JHtwcm9maWxlX2lkfSIgaGVpZ2h0PSIxIj48L2ltZz48aW1nIHdpZHRoPSIxIiBhbHQ9IkV4ZWxhdGVEYXRhIiBzdHlsZT0iZGlzcGxheTpub25lIiBzcmM9Imh0dHBzOi8vdGhydGxlLmNvbS9pbnN5bmM%2FdnhpaV9waWQ9MTAwMDQmdnhpaV9wZGlkPWY0MTcwMWJmM2E3ZDg4YmNiM2MzODMxYzI1ZDI2MjM3ZGVmYXVsdCIgaGVpZ2h0PSIxIj48L2ltZz48aW1nIHdpZHRoPSIxIiBhbHQ9IkV4ZWxhdGVEYXRhIiBzdHlsZT0iZGlzcGxheTpub25lIiBzcmM9Imh0dHBzOi8vaW1hZ2UzLnB1Ym1hdGljLmNvbS9BZFNlcnZlci9VQ29va2llU2V0UHVnP3JkPWh0dHBzJTNBJTJGJTJGbG9hZHVzLmV4ZWxhdG9yLmNvbSUyRmxvYWQlMkYlM0ZwJTNEMjA0JTI2ZyUzRDA3MSUyNmJ1aWQlM0QlMjNQTV9VU0VSX0lEIiBoZWlnaHQ9IjEiPjwvaW1nPg%3D%3D&h=6cad0eded78df96ef73d5078a474586b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.102.200 , Switzerland, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS
Software
nginx/1.14.0 / Undertow/1
Resource Hash
181279f8292f83853fde02af781f13158ca37dbc967cd8b2f0913205e0f6893f
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

:method
GET
:authority
loadus.exelator.com
:scheme
https
:path
/load/net.php?n=PGltZyB3aWR0aD0iMSIgYWx0PSJFeGVsYXRlRGF0YSIgc3R5bGU9ImRpc3BsYXk6bm9uZSIgc3JjPSJodHRwczovL3N5bmMuY3J3ZGNudHJsLm5ldC9tYXAvYz0zODU5L3RwPVZJU0QvP2h0dHBzOi8vbG9hZG0uZXhlbGF0b3IuY29tL2xvYWQvP3A9MjA0Jmc9MjYwJmJ1aWQ9JHtwcm9maWxlX2lkfSIgaGVpZ2h0PSIxIj48L2ltZz48aW1nIHdpZHRoPSIxIiBhbHQ9IkV4ZWxhdGVEYXRhIiBzdHlsZT0iZGlzcGxheTpub25lIiBzcmM9Imh0dHBzOi8vdGhydGxlLmNvbS9pbnN5bmM%2FdnhpaV9waWQ9MTAwMDQmdnhpaV9wZGlkPWY0MTcwMWJmM2E3ZDg4YmNiM2MzODMxYzI1ZDI2MjM3ZGVmYXVsdCIgaGVpZ2h0PSIxIj48L2ltZz48aW1nIHdpZHRoPSIxIiBhbHQ9IkV4ZWxhdGVEYXRhIiBzdHlsZT0iZGlzcGxheTpub25lIiBzcmM9Imh0dHBzOi8vaW1hZ2UzLnB1Ym1hdGljLmNvbS9BZFNlcnZlci9VQ29va2llU2V0UHVnP3JkPWh0dHBzJTNBJTJGJTJGbG9hZHVzLmV4ZWxhdG9yLmNvbSUyRmxvYWQlMkYlM0ZwJTNEMjA0JTI2ZyUzRDA3MSUyNmJ1aWQlM0QlMjNQTV9VU0VSX0lEIiBoZWlnaHQ9IjEiPjwvaW1nPg%3D%3D&h=6cad0eded78df96ef73d5078a474586b
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
server
nginx/1.14.0
date
Sat, 17 Nov 2018 00:25:54 GMT
content-type
text/html;charset=UTF-8
x-powered-by
Undertow/1
access-control-allow-credentials
true
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
Adblocked ?p=204&g=260&buid=a92c139b1b44e3ef09b68c1752b2f6d8
loadm.exelator.com/load
Redirect Chain
  • https://sync.crwdcntrl.net/map/c=3859/tp=VISD/?https://loadm.exelator.com/load/?p=204&g=260&buid=${profile_id}
  • https://sync.crwdcntrl.net/map/ct=y/c=3859/tp=VISD/?https://loadm.exelator.com/load/?p=204&g=260&buid=${profile_id}
  • https://loadm.exelator.com/load/?p=204&g=260&buid=a92c139b1b44e3ef09b68c1752b2f6d8
135 B
135 B
Image
General
Full URL
https://loadm.exelator.com/load/?p=204&g=260&buid=a92c139b1b44e3ef09b68c1752b2f6d8
Requested by
Host: loadus.exelator.com
URL: https://loadus.exelator.com/load/net.php?n=PGltZyB3aWR0aD0iMSIgYWx0PSJFeGVsYXRlRGF0YSIgc3R5bGU9ImRpc3BsYXk6bm9uZSIgc3JjPSJodHRwczovL3N5bmMuY3J3ZGNudHJsLm5ldC9tYXAvYz0zODU5L3RwPVZJU0QvP2h0dHBzOi8vbG9hZG0uZXhlbGF0b3IuY29tL2xvYWQvP3A9MjA0Jmc9MjYwJmJ1aWQ9JHtwcm9maWxlX2lkfSIgaGVpZ2h0PSIxIj48L2ltZz48aW1nIHdpZHRoPSIxIiBhbHQ9IkV4ZWxhdGVEYXRhIiBzdHlsZT0iZGlzcGxheTpub25lIiBzcmM9Imh0dHBzOi8vdGhydGxlLmNvbS9pbnN5bmM%2FdnhpaV9waWQ9MTAwMDQmdnhpaV9wZGlkPWY0MTcwMWJmM2E3ZDg4YmNiM2MzODMxYzI1ZDI2MjM3ZGVmYXVsdCIgaGVpZ2h0PSIxIj48L2ltZz48aW1nIHdpZHRoPSIxIiBhbHQ9IkV4ZWxhdGVEYXRhIiBzdHlsZT0iZGlzcGxheTpub25lIiBzcmM9Imh0dHBzOi8vaW1hZ2UzLnB1Ym1hdGljLmNvbS9BZFNlcnZlci9VQ29va2llU2V0UHVnP3JkPWh0dHBzJTNBJTJGJTJGbG9hZHVzLmV4ZWxhdG9yLmNvbSUyRmxvYWQlMkYlM0ZwJTNEMjA0JTI2ZyUzRDA3MSUyNmJ1aWQlM0QlMjNQTV9VU0VSX0lEIiBoZWlnaHQ9IjEiPjwvaW1nPg%3D%3D&h=6cad0eded78df96ef73d5078a474586b
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.102.200 , Switzerland, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS
Software
nginx/1.14.0 / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

Referer
https://loadus.exelator.com/load/net.php?n=PGltZyB3aWR0aD0iMSIgYWx0PSJFeGVsYXRlRGF0YSIgc3R5bGU9ImRpc3BsYXk6bm9uZSIgc3JjPSJodHRwczovL3N5bmMuY3J3ZGNudHJsLm5ldC9tYXAvYz0zODU5L3RwPVZJU0QvP2h0dHBzOi8vbG9hZG0uZXhlbGF0b3IuY29tL2xvYWQvP3A9MjA0Jmc9MjYwJmJ1aWQ9JHtwcm9maWxlX2lkfSIgaGVpZ2h0PSIxIj48L2ltZz48aW1nIHdpZHRoPSIxIiBhbHQ9IkV4ZWxhdGVEYXRhIiBzdHlsZT0iZGlzcGxheTpub25lIiBzcmM9Imh0dHBzOi8vdGhydGxlLmNvbS9pbnN5bmM%2FdnhpaV9waWQ9MTAwMDQmdnhpaV9wZGlkPWY0MTcwMWJmM2E3ZDg4YmNiM2MzODMxYzI1ZDI2MjM3ZGVmYXVsdCIgaGVpZ2h0PSIxIj48L2ltZz48aW1nIHdpZHRoPSIxIiBhbHQ9IkV4ZWxhdGVEYXRhIiBzdHlsZT0iZGlzcGxheTpub25lIiBzcmM9Imh0dHBzOi8vaW1hZ2UzLnB1Ym1hdGljLmNvbS9BZFNlcnZlci9VQ29va2llU2V0UHVnP3JkPWh0dHBzJTNBJTJGJTJGbG9hZHVzLmV4ZWxhdG9yLmNvbSUyRmxvYWQlMkYlM0ZwJTNEMjA0JTI2ZyUzRDA3MSUyNmJ1aWQlM0QlMjNQTV9VU0VSX0lEIiBoZWlnaHQ9IjEiPjwvaW1nPg%3D%3D&h=6cad0eded78df96ef73d5078a474586b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 17 Nov 2018 00:25:54 GMT
server
nginx/1.14.0
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
status
200
cache-control
no-cache
access-control-allow-credentials
true
content-type
application/x-javascript;charset=UTF-8

Redirect headers

Pragma
no-cache
Date
Sat, 17 Nov 2018 00:25:54 GMT
P3P
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
Location
https://loadm.exelator.com/load/?p=204&g=260&buid=a92c139b1b44e3ef09b68c1752b2f6d8
Cache-Control
no-cache
X-Server
10.26.1.206
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
insync?vxii_pid=10004&vxii_pdid=f41701bf3a7d88bcb3c3831c25d26237default
thrtle.com
0
2 KB
Image
General
Full URL
https://thrtle.com/insync?vxii_pid=10004&vxii_pdid=f41701bf3a7d88bcb3c3831c25d26237default
Requested by
Host: loadus.exelator.com
URL: https://loadus.exelator.com/load/net.php?n=PGltZyB3aWR0aD0iMSIgYWx0PSJFeGVsYXRlRGF0YSIgc3R5bGU9ImRpc3BsYXk6bm9uZSIgc3JjPSJodHRwczovL3N5bmMuY3J3ZGNudHJsLm5ldC9tYXAvYz0zODU5L3RwPVZJU0QvP2h0dHBzOi8vbG9hZG0uZXhlbGF0b3IuY29tL2xvYWQvP3A9MjA0Jmc9MjYwJmJ1aWQ9JHtwcm9maWxlX2lkfSIgaGVpZ2h0PSIxIj48L2ltZz48aW1nIHdpZHRoPSIxIiBhbHQ9IkV4ZWxhdGVEYXRhIiBzdHlsZT0iZGlzcGxheTpub25lIiBzcmM9Imh0dHBzOi8vdGhydGxlLmNvbS9pbnN5bmM%2FdnhpaV9waWQ9MTAwMDQmdnhpaV9wZGlkPWY0MTcwMWJmM2E3ZDg4YmNiM2MzODMxYzI1ZDI2MjM3ZGVmYXVsdCIgaGVpZ2h0PSIxIj48L2ltZz48aW1nIHdpZHRoPSIxIiBhbHQ9IkV4ZWxhdGVEYXRhIiBzdHlsZT0iZGlzcGxheTpub25lIiBzcmM9Imh0dHBzOi8vaW1hZ2UzLnB1Ym1hdGljLmNvbS9BZFNlcnZlci9VQ29va2llU2V0UHVnP3JkPWh0dHBzJTNBJTJGJTJGbG9hZHVzLmV4ZWxhdG9yLmNvbSUyRmxvYWQlMkYlM0ZwJTNEMjA0JTI2ZyUzRDA3MSUyNmJ1aWQlM0QlMjNQTV9VU0VSX0lEIiBoZWlnaHQ9IjEiPjwvaW1nPg%3D%3D&h=6cad0eded78df96ef73d5078a474586b
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.84.105.44 Ashburn, United States, ASN (),
Reverse DNS
ec2-54-84-105-44.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://loadus.exelator.com/load/net.php?n=PGltZyB3aWR0aD0iMSIgYWx0PSJFeGVsYXRlRGF0YSIgc3R5bGU9ImRpc3BsYXk6bm9uZSIgc3JjPSJodHRwczovL3N5bmMuY3J3ZGNudHJsLm5ldC9tYXAvYz0zODU5L3RwPVZJU0QvP2h0dHBzOi8vbG9hZG0uZXhlbGF0b3IuY29tL2xvYWQvP3A9MjA0Jmc9MjYwJmJ1aWQ9JHtwcm9maWxlX2lkfSIgaGVpZ2h0PSIxIj48L2ltZz48aW1nIHdpZHRoPSIxIiBhbHQ9IkV4ZWxhdGVEYXRhIiBzdHlsZT0iZGlzcGxheTpub25lIiBzcmM9Imh0dHBzOi8vdGhydGxlLmNvbS9pbnN5bmM%2FdnhpaV9waWQ9MTAwMDQmdnhpaV9wZGlkPWY0MTcwMWJmM2E3ZDg4YmNiM2MzODMxYzI1ZDI2MjM3ZGVmYXVsdCIgaGVpZ2h0PSIxIj48L2ltZz48aW1nIHdpZHRoPSIxIiBhbHQ9IkV4ZWxhdGVEYXRhIiBzdHlsZT0iZGlzcGxheTpub25lIiBzcmM9Imh0dHBzOi8vaW1hZ2UzLnB1Ym1hdGljLmNvbS9BZFNlcnZlci9VQ29va2llU2V0UHVnP3JkPWh0dHBzJTNBJTJGJTJGbG9hZHVzLmV4ZWxhdG9yLmNvbSUyRmxvYWQlMkYlM0ZwJTNEMjA0JTI2ZyUzRDA3MSUyNmJ1aWQlM0QlMjNQTV9VU0VSX0lEIiBoZWlnaHQ9IjEiPjwvaW1nPg%3D%3D&h=6cad0eded78df96ef73d5078a474586b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-type
text/html
Adblocked ?p=204&g=071&buid=820F8F7F-6E7A-4EEA-A472-0EE4A0E17527&xl8blockcheck=1
/load
Redirect Chain
  • https://image3.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Floadus.exelator.com%2Fload%2F%3Fp%3D204%26g%3D071%26buid%3D%23PM_USER_ID
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Floadus.exelator.com%2Fload%2F%3Fp%3D204%26g%3D071%26buid%3D%23PM_USER_ID
  • https://loadus.exelator.com/load/?p=204&g=071&buid=820F8F7F-6E7A-4EEA-A472-0EE4A0E17527
  • https://loadus.exelator.com/load/?p=204&g=071&buid=820F8F7F-6E7A-4EEA-A472-0EE4A0E17527&xl8blockcheck=1
134 B
134 B
Image
General
Full URL
https://loadus.exelator.com/load/?p=204&g=071&buid=820F8F7F-6E7A-4EEA-A472-0EE4A0E17527&xl8blockcheck=1
Requested by
Host: loadus.exelator.com
URL: https://loadus.exelator.com/load/net.php?n=PGltZyB3aWR0aD0iMSIgYWx0PSJFeGVsYXRlRGF0YSIgc3R5bGU9ImRpc3BsYXk6bm9uZSIgc3JjPSJodHRwczovL3N5bmMuY3J3ZGNudHJsLm5ldC9tYXAvYz0zODU5L3RwPVZJU0QvP2h0dHBzOi8vbG9hZG0uZXhlbGF0b3IuY29tL2xvYWQvP3A9MjA0Jmc9MjYwJmJ1aWQ9JHtwcm9maWxlX2lkfSIgaGVpZ2h0PSIxIj48L2ltZz48aW1nIHdpZHRoPSIxIiBhbHQ9IkV4ZWxhdGVEYXRhIiBzdHlsZT0iZGlzcGxheTpub25lIiBzcmM9Imh0dHBzOi8vdGhydGxlLmNvbS9pbnN5bmM%2FdnhpaV9waWQ9MTAwMDQmdnhpaV9wZGlkPWY0MTcwMWJmM2E3ZDg4YmNiM2MzODMxYzI1ZDI2MjM3ZGVmYXVsdCIgaGVpZ2h0PSIxIj48L2ltZz48aW1nIHdpZHRoPSIxIiBhbHQ9IkV4ZWxhdGVEYXRhIiBzdHlsZT0iZGlzcGxheTpub25lIiBzcmM9Imh0dHBzOi8vaW1hZ2UzLnB1Ym1hdGljLmNvbS9BZFNlcnZlci9VQ29va2llU2V0UHVnP3JkPWh0dHBzJTNBJTJGJTJGbG9hZHVzLmV4ZWxhdG9yLmNvbSUyRmxvYWQlMkYlM0ZwJTNEMjA0JTI2ZyUzRDA3MSUyNmJ1aWQlM0QlMjNQTV9VU0VSX0lEIiBoZWlnaHQ9IjEiPjwvaW1nPg%3D%3D&h=6cad0eded78df96ef73d5078a474586b
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.102.200 , Switzerland, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS
Software
nginx/1.14.0 / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

Referer
https://loadus.exelator.com/load/net.php?n=PGltZyB3aWR0aD0iMSIgYWx0PSJFeGVsYXRlRGF0YSIgc3R5bGU9ImRpc3BsYXk6bm9uZSIgc3JjPSJodHRwczovL3N5bmMuY3J3ZGNudHJsLm5ldC9tYXAvYz0zODU5L3RwPVZJU0QvP2h0dHBzOi8vbG9hZG0uZXhlbGF0b3IuY29tL2xvYWQvP3A9MjA0Jmc9MjYwJmJ1aWQ9JHtwcm9maWxlX2lkfSIgaGVpZ2h0PSIxIj48L2ltZz48aW1nIHdpZHRoPSIxIiBhbHQ9IkV4ZWxhdGVEYXRhIiBzdHlsZT0iZGlzcGxheTpub25lIiBzcmM9Imh0dHBzOi8vdGhydGxlLmNvbS9pbnN5bmM%2FdnhpaV9waWQ9MTAwMDQmdnhpaV9wZGlkPWY0MTcwMWJmM2E3ZDg4YmNiM2MzODMxYzI1ZDI2MjM3ZGVmYXVsdCIgaGVpZ2h0PSIxIj48L2ltZz48aW1nIHdpZHRoPSIxIiBhbHQ9IkV4ZWxhdGVEYXRhIiBzdHlsZT0iZGlzcGxheTpub25lIiBzcmM9Imh0dHBzOi8vaW1hZ2UzLnB1Ym1hdGljLmNvbS9BZFNlcnZlci9VQ29va2llU2V0UHVnP3JkPWh0dHBzJTNBJTJGJTJGbG9hZHVzLmV4ZWxhdG9yLmNvbSUyRmxvYWQlMkYlM0ZwJTNEMjA0JTI2ZyUzRDA3MSUyNmJ1aWQlM0QlMjNQTV9VU0VSX0lEIiBoZWlnaHQ9IjEiPjwvaW1nPg%3D%3D&h=6cad0eded78df96ef73d5078a474586b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 17 Nov 2018 00:25:54 GMT
server
nginx/1.14.0
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
status
200
cache-control
no-cache
access-control-allow-credentials
true
content-type
application/x-javascript;charset=UTF-8

Redirect headers

date
Sat, 17 Nov 2018 00:25:54 GMT
server
nginx/1.14.0
x-powered-by
Undertow/1
status
302
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://loadus.exelator.com/load/?p=204&g=071&buid=820F8F7F-6E7A-4EEA-A472-0EE4A0E17527&xl8blockcheck=1
cache-control
no-cache
access-control-allow-credentials
true
content-type
image/gif
content-length
0

Redirect requests

There were HTTP redirects (301, 302) for the following requests:

Request 1
  • https://sync.crwdcntrl.net/map/c=3859/tp=VISD/?https://loadm.exelator.com/load/?p=204&g=260&buid=${profile_id}
  • https://sync.crwdcntrl.net/map/ct=y/c=3859/tp=VISD/?https://loadm.exelator.com/load/?p=204&g=260&buid=${profile_id}
  • https://loadm.exelator.com/load/?p=204&g=260&buid=a92c139b1b44e3ef09b68c1752b2f6d8
Request 3
  • https://image3.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Floadus.exelator.com%2Fload%2F%3Fp%3D204%26g%3D071%26buid%3D%23PM_USER_ID
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Floadus.exelator.com%2Fload%2F%3Fp%3D204%26g%3D071%26buid%3D%23PM_USER_ID
  • https://loadus.exelator.com/load/?p=204&g=071&buid=820F8F7F-6E7A-4EEA-A472-0EE4A0E17527
  • https://loadus.exelator.com/load/?p=204&g=071&buid=820F8F7F-6E7A-4EEA-A472-0EE4A0E17527&xl8blockcheck=1

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Domain/Path Name / Value
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQcHCIsUgydwiOcXAKDUlMc3ANM3M1Dw52czcwsLQBMhdXJZatGBpaXFqStKhJRU5JTlNq8viQx3j3Rx9PX0ilzlnFOXnpq4AC4W5Bi0yM1%252BSX5SZvsjFdXFRShrDopLiU8Gb%252BzsAh0IqQQ%253D%253D"
.exelator.com/ Name: EE
Value: "88d0b78cd02edaf05f657cc678814f05"