exlec.com
Open in
urlscan Pro
198.252.104.144
Malicious Activity!
Public Scan
Submission: On October 25 via manual from AU — Scanned from AU
Summary
TLS certificate: Issued by R3 on September 28th 2022. Valid for: 3 months.
This is the only time exlec.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Microsoft (Consumer)Domain & IP information
ASN20068 (HAWKHOST, CA)
PTR: 198.252.104.144-static.reverse.arandomserver.com
exlec.com |
ASN15169 (GOOGLE, US)
PTR: 115.208.227.35.bc.googleusercontent.com
handshake-production-cdn.joinhandshake.com |
ASN15169 (GOOGLE, US)
PTR: 7.88.190.35.bc.googleusercontent.com
sessions.bugsnag.com |
ASN16509 (AMAZON-02, US)
PTR: server-52-85-44-219.cpt52.r.cloudfront.net
cdn.segment.com |
ASN15169 (GOOGLE, US)
PTR: se-in-f113.1e100.net
www.google-analytics.com |
ASN15169 (GOOGLE, US)
PTR: sd-in-f157.1e100.net
stats.g.doubleclick.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-26-88-131.us-west-2.compute.amazonaws.com
api.segment.io |
ASN15169 (GOOGLE, US)
PTR: sl-in-f97.1e100.net
www.googletagmanager.com |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-45-116-81.deploy.static.akamaitechnologies.com
snap.licdn.com |
ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-03-sin6.fbcdn.net
connect.facebook.net |
ASN40676 (AS40676, US)
PTR: unassigned.psychz.net
extreme-ip-lookup.com |
ASN15169 (GOOGLE, US)
PTR: 80.142.244.35.bc.googleusercontent.com
cdn.pdst.fm |
ASN16509 (AMAZON-02, US)
PTR: server-52-84-251-128.sin5.r.cloudfront.net
tag.demandbase.com |
Domain | Requested by | |
---|---|---|
10 | handshake-production-cdn.joinhandshake.com |
exlec.com
handshake-production-cdn.joinhandshake.com |
6 | www.google-analytics.com |
handshake-production-cdn.joinhandshake.com
www.google-analytics.com www.googletagmanager.com exlec.com |
4 | api.segment.io |
cdn.segment.com
|
3 | www.googletagmanager.com |
cdn.segment.com
www.googletagmanager.com |
2 | tr.outbrain.com |
amplify.outbrain.com
exlec.com |
2 | us-central1-adaptive-growth.cloudfunctions.net |
handshake-production-cdn.joinhandshake.com
|
2 | analytics.tiktok.com |
exlec.com
analytics.tiktok.com |
2 | connect.facebook.net |
exlec.com
connect.facebook.net |
2 | snap.licdn.com |
www.googletagmanager.com
snap.licdn.com |
2 | stats.g.doubleclick.net |
www.google-analytics.com
|
2 | sessions.bugsnag.com |
handshake-production-cdn.joinhandshake.com
|
2 | exlec.com |
handshake-production-cdn.joinhandshake.com
|
1 | www.facebook.com |
exlec.com
|
1 | www.google.com.au |
exlec.com
|
1 | www.google.com |
exlec.com
|
1 | api.company-target.com |
tag.demandbase.com
|
1 | www.googleadservices.com |
www.googletagmanager.com
|
1 | tag.demandbase.com |
exlec.com
|
1 | cdn.pdst.fm |
exlec.com
|
1 | extreme-ip-lookup.com |
www.googletagmanager.com
|
1 | amplify.outbrain.com |
exlec.com
|
1 | cdn.segment.com |
handshake-production-cdn.joinhandshake.com
|
1 | aadcdn.msftauth.net |
exlec.com
|
1 | polyfill.io |
exlec.com
|
0 | p.adsymptotic.com Failed |
exlec.com
|
0 | segments.company-target.com Failed |
exlec.com
|
55 | 26 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.exlec.com R3 |
2022-09-28 - 2022-12-27 |
3 months | crt.sh |
handshake-production-cdn.joinhandshake.com GTS CA 1D4 |
2022-09-30 - 2022-12-29 |
3 months | crt.sh |
polyfill.io GlobalSign Atlas R3 DV TLS CA 2022 Q1 |
2022-03-08 - 2023-04-09 |
a year | crt.sh |
aadcdn.msftauth.net DigiCert SHA2 Secure Server CA |
2022-04-01 - 2023-04-01 |
a year | crt.sh |
*.bugsnag.com Sectigo RSA Domain Validation Secure Server CA |
2022-04-26 - 2023-04-26 |
a year | crt.sh |
*.segment.com Amazon |
2022-01-12 - 2023-02-10 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2022-09-12 - 2022-12-05 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2022-09-26 - 2022-12-19 |
3 months | crt.sh |
*.segment.io Amazon |
2022-02-10 - 2023-03-11 |
a year | crt.sh |
snap.licdn.com DigiCert SHA2 Secure Server CA |
2022-03-01 - 2023-03-01 |
a year | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2022-08-03 - 2022-11-01 |
3 months | crt.sh |
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-04-03 - 2023-04-04 |
a year | crt.sh |
t1.extreme-dm.com R3 |
2022-08-14 - 2022-11-12 |
3 months | crt.sh |
cdn.pdst.fm GTS CA 1D4 |
2022-10-05 - 2023-01-03 |
3 months | crt.sh |
*.tiktok.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1 |
2021-12-13 - 2023-01-13 |
a year | crt.sh |
tag.demandbase.com Go Daddy Secure Certificate Authority - G2 |
2022-08-17 - 2023-09-18 |
a year | crt.sh |
misc.google.com GTS CA 1C3 |
2022-09-26 - 2022-12-19 |
3 months | crt.sh |
www.googleadservices.com GTS CA 1C3 |
2022-09-26 - 2022-12-19 |
3 months | crt.sh |
api.demandbase.com Go Daddy Secure Certificate Authority - G2 |
2022-09-16 - 2023-10-18 |
a year | crt.sh |
www.google.com GTS CA 1C3 |
2022-09-26 - 2022-12-19 |
3 months | crt.sh |
*.google.com.au GTS CA 1C3 |
2022-09-12 - 2022-12-05 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://exlec.com/teams/logs/
Frame ID: 0CD02CC2F2CAEFCFAD2279F3CE43BA05
Requests: 53 HTTP requests in this frame
Screenshot
Page Title
Sign inDetected technologies
Facebook (Widgets) ExpandDetected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
Linkedin Insight Tag (Analytics) Expand
Detected patterns
- snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Polyfill (JavaScript Libraries) Expand
Detected patterns
- /polyfill\.min\.js
Segment (Analytics) Expand
Detected patterns
- cdn\.segment\.com/analytics\.js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 41- https://match.prod.bidr.io/cookie-sync/demandbase HTTP 303
- https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1 HTTP 303
- https://segments.company-target.com/log?vendor=choca&user_id=AAxlOU7GrpAAACGOdC0HQQ
- https://id.rlcdn.com/464526.gif HTTP 307
- https://id.rlcdn.com/1000.gif?memo=CI6tHBoNCOyP3ZoGEgUI6AcQAEIASgA HTTP 307
- https://segments.company-target.com/log?vendor=liveramp&user_id=Xc1297aSZiK8Bzv-vC7K-wX-7tYYrdP34sroKc0pVwMhb1KMc
- https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1330564&time=1666664428126&url=https%3A%2F%2Fexlec.com%2Fteams%2Flogs%2F HTTP 302
- https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1330564&time=1666664428126&url=https%3A%2F%2Fexlec.com%2Fteams%2Flogs%2F&cookiesTest=true HTTP 302
- https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1330564%26time%3D1666664428126%26url%3Dhttps%253A%252F%252Fexlec.com%252Fteams%252Flogs%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
- https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1330564&time=1666664428126&url=https%3A%2F%2Fexlec.com%2Fteams%2Flogs%2F&cookiesTest=true&liSync=true HTTP 302
- https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=41e4cec8-2bc4-4b2f-bde1-68da86938f58
55 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
exlec.com/teams/logs/ |
11 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
application-016e212c8ea7ce4c0ffbf47a534fa99dc96443ff7c6ff9ea206ff7dc8c52a7e0.css
handshake-production-cdn.joinhandshake.com/assets/ |
572 KB 572 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
18cce89b3dc1d5f99696.chunk.css
handshake-production-cdn.joinhandshake.com/dist/ |
2 MB 2 MB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
polyfill.min.js
polyfill.io/v3/ |
101 B 417 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
application_limited-23aaab36deb7367c89759868537508ae44a294e047004d0c9cdb8f7f8f9b6b05.js
handshake-production-cdn.joinhandshake.com/assets/manifests/ |
556 KB 556 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
microsoft_logo_ed9c9eb0dce17d752bedea6b5acda6d9.png
aadcdn.msftauth.net/shared/1.0/content/images/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
/
sessions.bugsnag.com/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.min.js
cdn.segment.com/analytics.js/v1/pnQHEivdIUFd9xRvgislwwVfPIFaAskT/ |
358 KB 56 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
/
sessions.bugsnag.com/ |
21 B 35 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
application-479b440e969ce5d39ec3531e366c8ded93c630624895137e17149d37e238d731.js
handshake-production-cdn.joinhandshake.com/assets/manifests/ |
0 1 MB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
frameworks-ffad89b451548d544f87d9504132bfef0279c3a5443127504a87558f32531736.js
handshake-production-cdn.joinhandshake.com/assets/manifests/ |
0 2 MB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
566715fd189d97b07386.bundle.es2015.js
handshake-production-cdn.joinhandshake.com/dist/ |
0 345 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
53c4b16e36eabe1eccd0.bundle.es2015.js
handshake-production-cdn.joinhandshake.com/dist/ |
0 3 MB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
suisse-intl-regular-web-s-16e3e6bf4b3c5534f419f3fd73b3d5a4fb4761e077ba1e7586bc236137d907d1.woff2
handshake-production-cdn.joinhandshake.com/assets/ |
17 KB 17 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
suisse-intl-bold-web-s-0d17fbdfb3f4556ed15e3e9bfa9c1664decabc8ffc5ed94eba88282140efd604.woff2
handshake-production-cdn.joinhandshake.com/assets/ |
17 KB 18 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
suisse-intl-medium-web-s-f0999005738574a32c42beb8cbcbd65943e4cc31b16cd65b2ec7071d61bac930.woff2
handshake-production-cdn.joinhandshake.com/assets/ |
17 KB 18 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/j/ |
4 B 204 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
1 B 434 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
p
api.segment.io/v1/ |
21 B 168 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
t
api.segment.io/v1/ |
21 B 168 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
p
api.segment.io/v1/ |
21 B 168 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
t
api.segment.io/v1/ |
21 B 169 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
323 KB 97 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
214 KB 75 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
insight.min.js
snap.licdn.com/li.lms-analytics/ |
996 B 689 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
collect
www.google-analytics.com/j/ |
2 B 22 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
118 KB 47 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
102 KB 27 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
obtp.js
amplify.outbrain.com/cp/ |
8 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
extreme-ip-lookup.com/json/ |
575 B 723 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ping.min.js
cdn.pdst.fm/ |
26 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
events.js
analytics.tiktok.com/i18n/pixel/ |
124 KB 37 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
anonymous_id
exlec.com/sessions/ |
708 B 822 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ae38a8d18ce3fbd6.min.js
tag.demandbase.com/ |
77 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
8 B 76 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
pdst-events-prod-sink
us-central1-adaptive-growth.cloudfunctions.net/ |
0 0 |
Fetch
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
pdst-events-prod-sink
us-central1-adaptive-growth.cloudfunctions.net/ |
0 0 |
Preflight
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
insight.old.min.js
snap.licdn.com/li.lms-analytics/ |
8 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
collect
www.google-analytics.com/g/ |
0 17 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
conversion_async.js
www.googleadservices.com/pagead/ |
41 KB 15 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
collect
www.google-analytics.com/ |
35 B 55 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
log
segments.company-target.com/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
log
segments.company-target.com/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
ip.json
api.company-target.com/api/v2/ |
467 B 952 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.com/ads/ |
42 B 501 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.com.au/ads/ |
42 B 501 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
p.adsymptotic.com/d/px/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
646099589226753
connect.facebook.net/signals/config/ |
293 KB 84 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cachedClickId
tr.outbrain.com/ |
35 B 239 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
unifiedPixel
tr.outbrain.com/ |
43 B 256 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
identify.js
analytics.tiktok.com/i18n/pixel/ |
114 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
config.js
analytics.tiktok.com/i18n/pixel/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
collect
www.google-analytics.com/ |
35 B 55 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
0 185 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- segments.company-target.com
- URL
- https://segments.company-target.com/log?vendor=choca&user_id=AAxlOU7GrpAAACGOdC0HQQ
- Domain
- segments.company-target.com
- URL
- https://segments.company-target.com/log?vendor=liveramp&user_id=Xc1297aSZiK8Bzv-vC7K-wX-7tYYrdP34sroKc0pVwMhb1KMc
- Domain
- p.adsymptotic.com
- URL
- https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=41e4cec8-2bc4-4b2f-bde1-68da86938f58
- Domain
- analytics.tiktok.com
- URL
- https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=CBMJC5RC77U606K821BG&hostname=exlec.com
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Microsoft (Consumer)66 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| initializeToastr function| fullscreenCapable function| launchIntoFullscreen function| UNSAFE__HandshakeI18n function| bugsnag function| _ function| $ function| jQuery object| jQuery112405332036101828981 object| Select2 object| ko object| Handshake string| PAGE_CHANGE_EVENT function| puts function| getUrlVar function| getUrlParams function| urlsafeEncode64 function| urlsafeDecode64 function| removeFromArray function| capitalizeString function| endsWith function| getPathName function| getPath function| stickyElementOnScroll function| stickyRow object| imagePaths object| segment_helper object| analytics string| GoogleAnalyticsObject function| ga object| UNSAFE__i18n boolean| unauthenticatedBugsnag object| bugsnagClient boolean| segmentDocumentEventTrackersInitialized object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| dataLayer function| normalize object| google_tag_manager function| postscribe object| google_tag_manager_external number| len string| _linkedin_data_partner_id function| fbq function| _fbq function| obApi function| getIP function| pdst string| TiktokAnalyticsObject object| ttq function| onYouTubeIframeAPIReady function| gtag object| Demandbase function| lintrk boolean| _already_called_lintrk8 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.exlec.com/ | Name: _gid Value: GA1.2.438553447.1666664424 |
|
.exlec.com/ | Name: _gat Value: 1 |
|
.exlec.com/ | Name: ajs_anonymous_id Value: %229804ba10-3607-4983-b85f-1d80a03a3522%22 |
|
.exlec.com/ | Name: _gcl_au Value: 1.1.1154691628.1666664427 |
|
.exlec.com/ | Name: _gat_UA-58165706-1 Value: 1 |
|
exlec.com/ | Name: __pdst Value: f19fa699f71a4410acf3aa9f36c05210 |
|
.exlec.com/ | Name: _ga_4M16ZMP2G5 Value: GS1.1.1666664427.1.0.1666664428.0.0.0 |
|
.exlec.com/ | Name: _ga Value: GA1.2.656187691.1666664424 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
aadcdn.msftauth.net
amplify.outbrain.com
analytics.tiktok.com
api.company-target.com
api.segment.io
cdn.pdst.fm
cdn.segment.com
connect.facebook.net
exlec.com
extreme-ip-lookup.com
handshake-production-cdn.joinhandshake.com
p.adsymptotic.com
polyfill.io
segments.company-target.com
sessions.bugsnag.com
snap.licdn.com
stats.g.doubleclick.net
tag.demandbase.com
tr.outbrain.com
us-central1-adaptive-growth.cloudfunctions.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.com.au
www.googleadservices.com
www.googletagmanager.com
analytics.tiktok.com
p.adsymptotic.com
segments.company-target.com
104.65.229.95
142.251.10.157
142.251.12.113
142.251.12.94
151.101.1.26
152.199.39.242
157.240.15.13
157.240.15.35
172.107.159.62
172.217.194.105
172.253.118.97
198.252.104.144
216.239.36.54
23.45.116.81
23.52.40.74
35.190.88.7
35.227.208.115
35.244.142.80
52.26.88.131
52.84.251.128
52.85.44.219
54.192.150.100
66.225.223.31
74.125.24.154
01f9af31241983b9313916763efd351ec8e6cfe0097d93cc45d718ccc32286fb
028e61342f23d8785109e734a407fa9f2e1611d3142a54b02cabafd871296e5f
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
156544cd13b925123ef0a1b00a86d757161c0352c181070c26ffd2988316db74
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1e2b4dc77092b79976e923ff6ad8180b5c315bab3aae682425c604c729b486ff
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa
44021f8b62e841f256de85b089e50531ece5f5d0f48ed0439558006cc96e5ea7
47bcc16c316c698b60302a65557a931be680b895d98415057c5cb873f53788d2
58eb078138465791e2469afb08a61f43915ba7348a3e8096ffb2142f3305b768
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6eb1a85c484ea6b5692b2846247099262ca28243d78e5ee99077f3f7a0ecc77a
7817ee889e9c73351b96c97c740c9dd746ba87ebd6c6fcab3cd77cd021920ce7
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83cf8149ef742c4af7261b8fb4029470a341d867454da9f8fc145042cc1e5c52
8419704ac95ce8968ecd2c438dec904810f9864de0898656a8f45c446c7e1f18
898d455067378e41a9d31bc6dd809afca6ff4defc671e06d82aff31740db52f8
89cb0bca591268620d211f9755885ca99935d83358986e11dbc1f2677bddc040
8f0234cadec8f9755a2b8aa9a745c354a5fbbff63a241a774c156cf93d375413
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1
ba274704a49e3798c8534fcb44f78871c5e5660ce2653767233930dd3def3540
ba462c71e05995a2cec96395d8d73fadf68549970c71d3f82a62bd8f4886778a
bc52385be77ae5a9787fef27810dc3d6424c79c681dae3311688b6bc09937427
bfa8da72e8d895c5fbe216a4182390481510ef1a15e2e5e0099931882918b9f5
c08612ebc30172aca39a390dfec4092f69c4a2aaff4ddd86f949739a76cff62a
cb8d40d1eb7e2dc885affcf0012d9e1a73c270d843e8b890d36538e52d0a0342
cc4dce71c55fb8e3c2296f0b7f7eefb366f9e0d874918e703b51fc9663f95ff9
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
dbdfd67cbff37388edec11154461ee56acdba6bb123d5fb9ee62bcb0e812b7d3
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f664b8138c2da6ec7565500a7cc839da6372614a31dc04c5a2169a26b8d9767c
f8486cf55c57486f26236be045e02ada380d1ee0378008375cf54295c23954c8