syndication.exosrv.com
Open in
urlscan Pro
95.211.229.245
Public Scan
Submission: On December 06 via api from US
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on November 17th 2019. Valid for: 3 months.
This is the only time syndication.exosrv.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 | 95.211.229.245 95.211.229.245 | 60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands) | |
3 | 205.185.216.42 205.185.216.42 | 20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group) | |
1 1 | 52.28.161.225 52.28.161.225 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 2 | 208.99.67.227 208.99.67.227 | 29789 (REFLECTED) (REFLECTED - Reflected Networks) | |
6 | 3 |
ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: map2.hwcdn.net
a.exosrv.com | |
static.exosrv.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-28-161-225.eu-central-1.compute.amazonaws.com
track.gpsecureads.com |
ASN29789 (REFLECTED - Reflected Networks, Inc., US)
www.camsoda.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
5 |
exosrv.com
syndication.exosrv.com a.exosrv.com static.exosrv.com |
13 KB |
2 |
camsoda.com
1 redirects
www.camsoda.com |
774 B |
1 |
gpsecureads.com
1 redirects
track.gpsecureads.com |
901 B |
6 | 3 |
Domain | Requested by | |
---|---|---|
2 | static.exosrv.com | |
2 | www.camsoda.com |
1 redirects
syndication.exosrv.com
|
2 | syndication.exosrv.com |
a.exosrv.com
|
1 | track.gpsecureads.com | 1 redirects |
1 | a.exosrv.com |
syndication.exosrv.com
|
6 | 5 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.exoclick.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
exosrv.com Let's Encrypt Authority X3 |
2019-11-17 - 2020-02-15 |
3 months | crt.sh |
*.camsoda.com Sectigo ECC Domain Validation Secure Server CA |
2019-11-07 - 2020-11-06 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://syndication.exosrv.com/postitial.php?idzone=3449081&t=dint&ref=https%3A%2F%2Fsuicidegirlsnow.com%2F&fp=5&fc=1&tc&sub&el&tags&ad=https%3A%2F%2Ftrack.gpsecureads.com%2F6331bbea-7994-47d8-8fed-6057e5092bb5%3Fvar1%3D%7Bvar1%7D%26varid%3D31254141%26source%3Dsuicidegirlsnow.com%26siteid%3D455090%26zoneid%3D3449081%26catid%3D139%26country%3DUSA%26format%3D%26campid%3D2585789%26cost%3D0.0009%26tag%3DoodXdHNRLHNPNHPLY45c3UU03S2zOomnqpmpmdK501FzqZnTummdVW6V0rrJ63VVU3S0SuqqorroldK6Z0rpXSuldM6V0rpnOozqtntttq2lrzmnu3nppm3ml404z4rupdK4p.9e9t.eyfFAFMeof3OdK6V0rrLHSuD7&dest=https%3A%2F%2Fsuicidegirlsnow.com%2F%23
Frame ID: 733D1FA17F8BB8A4E91B8473A743AEA6
Requests: 5 HTTP requests in this frame
Frame:
https://www.camsoda.com/chloelima?noterms=1&id=exoremsodamobipopus&cmp=yesvoluum&ad_id=topmod&join_form=1&token_form=1&fullscreen=1&vclid=w79s3q11j2vtj7arh510ltnc&u4=top_model_array&t=top_model_array&join_form=1
Frame ID: B1F1A1D51A8846730F74DDB885EBBBBB
Requests: 1 HTTP requests in this frame
1 Outgoing links
These are links going to different origins than the main page.
Title: Powered by
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 2- https://track.gpsecureads.com/6331bbea-7994-47d8-8fed-6057e5092bb5?var1={var1}&varid=31254141&source=suicidegirlsnow.com&siteid=455090&zoneid=3449081&catid=139&country=USA&format=&campid=2585789&cost=0.0009&tag=oodXdHNRLHNPNHPLY45c3UU03S2zOomnqpmpmdK501FzqZnTummdVW6V0rrJ63VVU3S0SuqqorroldK6Z0rpXSuldM6V0rpnOozqtntttq2lrzmnu3nppm3ml404z4rupdK4p.9e9t.eyfFAFMeof3OdK6V0rrLHSuD7 HTTP 302
- https://www.camsoda.com/enter.php?alt=1&id=exoremsodamobipopus&t=top_model_array&vclid=w79s3q11j2vtj7arh510ltnc&cmp=yesvoluum&ad_id=topmod&token_form=1&join_form=1&fullscreen=1&sound=no HTTP 302
- https://www.camsoda.com/chloelima?noterms=1&id=exoremsodamobipopus&cmp=yesvoluum&ad_id=topmod&join_form=1&token_form=1&fullscreen=1&vclid=w79s3q11j2vtj7arh510ltnc&u4=top_model_array&t=top_model_array&join_form=1
6 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
postitial.php
syndication.exosrv.com/ |
946 B 778 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
desktop-interstitial.js
a.exosrv.com/ |
9 KB 10 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ads-priv.php
syndication.exosrv.com/ |
0 330 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chloelima
www.camsoda.com/ Frame B1F1 Redirect Chain
|
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
widget-branding-logo.png
static.exosrv.com/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
arrow_right-icon.svg
static.exosrv.com/images/ |
214 B 546 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
33 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate string| ad_idzone number| ad_frequency_period number| ad_frequency_count number| ad_trigger_type string| ad_trigger_class string| ad_ref string| ad_destination string| ad_sub string| ad_el string| ad_tags string| ad_url string| ads_priv string| c_name string| expires object| date string| browser string| value function| isIE function| isSafari function| isChrome function| isFirefox function| getBrowser function| checkIncognito function| isIEIncognito function| isSafariIncognito function| isChromeIncognito function| isFirefoxIncognito string| browser_key string| ua object| instParams object| element11 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.camsoda.com/ | Name: camSoda.chat_right_width_pixel Value: 300 |
|
www.camsoda.com/ | Name: camSoda.first_visit Value: 1575676254661 |
|
.camsoda.com/ | Name: www_cs_session Value: eyJpdiI6IkdOdDdoYnk0ZmFxTkNvRHBUSmZla1E9PSIsInZhbHVlIjoibGFuSG9iVlp1Rm1aSzRyXC9tV0lvcFFaMGtPSVVUaUgrbGFmaE5iUU9TT28zamdpYzZGcElndHVtYnZtcnhEK2UiLCJtYWMiOiI5ZmU4MTU1MzY2OWI0MDdhMWExNGEzZDcxZjNkYjVhMTllZTcxYmY4NTg0MDU4NThlOWQ3YzIxNDFmNWNiMDc3In0%3D |
|
www.camsoda.com/ | Name: loglevel Value: WARN |
|
www.camsoda.com/ | Name: _gid Value: GA1.1.1918972508.1575676255 |
|
www.camsoda.com/ | Name: RNLBSERVERID Value: ded3398 |
|
www.camsoda.com/ | Name: guest_ps_tracking Value: %7B%22user_id%22%3A0%2C%22advert_id%22%3A%22exoremsodamobipopus%22%2C%22sitecode%22%3A%22csb%22%2C%22wl_site%22%3A%22%22%2C%22tour%22%3A%22top_model_array%22%2C%22cmp%22%3A%22yesvoluum%22%2C%22ad_id%22%3A%22topmod%22%2C%22u1%22%3A%22%22%2C%22u2%22%3A%22%22%2C%22u3%22%3A%22%22%2C%22u4%22%3A%22top_model_array%22%2C%22type%22%3A%22%22%2C%22custom_tour%22%3A%22%22%2C%22custom_thumb%22%3A%22%22%2C%22aclid%22%3A%22%22%2C%22gclid%22%3A%22%22%2C%22vclid%22%3A%22w79s3q11j2vtj7arh510ltnc%22%7D |
|
.exosrv.com/ | Name: exo-splash-i Value: 0 |
|
www.camsoda.com/ | Name: _ga Value: GA1.1.926548843.1575676255 |
|
www.camsoda.com/ | Name: camSoda.token_form_param Value: 1 |
|
syndication.exosrv.com/ | Name: splash_i Value: false |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
a.exosrv.com
static.exosrv.com
syndication.exosrv.com
track.gpsecureads.com
www.camsoda.com
205.185.216.42
208.99.67.227
52.28.161.225
95.211.229.245
0983afa7e59ba0fb1fc1bd9ae52075a6ccefa72a9dfaa341171739f32b8c5c0d
24f79cdc2a9ee34610827b4193aa5314a85e4135fb75925be89c0291f3d49152
5325d5beb64d82d48d3f7d78b606ee93b8e975a55868bba038905329ed1044b9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fb961754bcb1edd5a95f40feaf087fcd9322e824a28765060a2d5b8680168fc4