lnfo-supporto-eclient.66-29-135-13.cprapid.com
Open in
urlscan Pro
66.29.135.13
Malicious Activity!
Public Scan
Submitted URL: https://ld-ute.info/myDESlO
Effective URL: https://lnfo-supporto-eclient.66-29-135-13.cprapid.com/uld-ust/it/index.php?&sessionid=57d8bdcaa54bd3dded0377f19146d3af
Submission: On April 04 via api from US — Scanned from IT
Effective URL: https://lnfo-supporto-eclient.66-29-135-13.cprapid.com/uld-ust/it/index.php?&sessionid=57d8bdcaa54bd3dded0377f19146d3af
Submission: On April 04 via api from US — Scanned from IT
Summary
This website contacted 13 IPs
in 6 countries
across 22 domains to perform 45 HTTP transactions.
The main IP is 66.29.135.13, located in
United States and
belongs to NAMECHEAP-NET, US.
The main domain is lnfo-supporto-eclient.66-29-135-13.cprapid.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on April 2nd 2023. Valid for: 3 months.
This is the only time lnfo-supporto-eclient.66-29-135-13.cprapid.com was scanned on urlscan.io!
TLS certificate: Issued by cPanel, Inc. Certification Authority on April 2nd 2023. Valid for: 3 months.
This is the only time lnfo-supporto-eclient.66-29-135-13.cprapid.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Banco Desio (Banking)Domain & IP information
14
66.29.135.13
(United States)
ASN22612 (NAMECHEAP-NET, US)
ASN22612 (NAMECHEAP-NET, US)
| lnfo-supporto-eclient.66-29-135-13.cprapid.com |
2
2a02:26f0:780::5f65:3672
(Frankfurt am Main, Germany)
ASN20940 (AKAMAI-ASN1, NL)
ASN20940 (AKAMAI-ASN1, NL)
| ds-aksb-a.akamaihd.net |
15
52.18.161.223
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-161-223.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-161-223.eu-west-1.compute.amazonaws.com
| dpm.demdex.net |
2
2a02:26f0:6c00:195::51e
(Frankfurt am Main, Germany)
ASN20940 (AKAMAI-ASN1, NL)
ASN20940 (AKAMAI-ASN1, NL)
| dmtags.scotiabank.com |
1
34.240.58.209
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-34-240-58-209.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-34-240-58-209.eu-west-1.compute.amazonaws.com
| scotiabank.demdex.net |
1
15.236.125.10
(Paris, France)
ASN16509 (AMAZON-02, US)
PTR: ec2-15-236-125-10.eu-west-3.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-15-236-125-10.eu-west-3.compute.amazonaws.com
| somniture.scotiabank.com |
1
54.72.144.202
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-144-202.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-144-202.eu-west-1.compute.amazonaws.com
| cm.everesttech.net |
2
185.83.142.19
(Amsterdam, Netherlands)
ASN29990 (ASN-APPNEX, US)
PTR: 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ASN29990 (ASN-APPNEX, US)
PTR: 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
| ib.adnxs.com |
1
67.202.105.23
(Palos Park, United States)
ASN32748 (STEADFAST, US)
PTR: ip23.67-202-105.static.steadfastdns.net
ASN32748 (STEADFAST, US)
PTR: ip23.67-202-105.static.steadfastdns.net
| dp2.33across.com |
2
142.250.185.66
(United States)
ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
| cm.g.doubleclick.net |
1
15.197.193.217
(United States)
ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
| match.adsrvr.org |
1
34.111.234.236
(Kansas City, United States)
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 236.234.111.34.bc.googleusercontent.com
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 236.234.111.34.bc.googleusercontent.com
| ml314.com |
1
52.57.150.20
(Frankfurt am Main, Germany)
ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-150-20.eu-central-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-150-20.eu-central-1.compute.amazonaws.com
| ps.eyeota.net |
1
212.82.100.182
(Dublin, Ireland)
ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com
ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com
| cms.analytics.yahoo.com |
2
108.138.7.10
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-10.fra56.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-10.fra56.r.cloudfront.net
| ads.scorecardresearch.com |
1
54.154.146.140
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-146-140.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-146-140.eu-west-1.compute.amazonaws.com
| sync.crwdcntrl.net |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 16 |
demdex.net
2 redirects
dpm.demdex.net — Cisco Umbrella Rank: 215 scotiabank.demdex.net — Cisco Umbrella Rank: 58667 |
19 KB |
| 15 |
everesttech.net
8 redirects
cm.everesttech.net — Cisco Umbrella Rank: 1165 sync-tm.everesttech.net — Cisco Umbrella Rank: 652 |
4 KB |
| 14 |
cprapid.com
1 redirects
lnfo-supporto-eclient.66-29-135-13.cprapid.com |
7 MB |
| 3 |
amazon-adsystem.com
2 redirects
s.amazon-adsystem.com — Cisco Umbrella Rank: 301 |
2 KB |
| 3 |
scotiabank.com
dmtags.scotiabank.com — Cisco Umbrella Rank: 177290 somniture.scotiabank.com — Cisco Umbrella Rank: 126003 |
16 KB |
| 2 |
scorecardresearch.com
2 redirects
ads.scorecardresearch.com — Cisco Umbrella Rank: 3158 |
752 B |
| 2 |
navdmp.com
1 redirects
navdmp.com — Cisco Umbrella Rank: 5063 cdn.navdmp.com — Cisco Umbrella Rank: 6503 |
230 B |
| 2 |
doubleclick.net
2 redirects
cm.g.doubleclick.net — Cisco Umbrella Rank: 228 |
705 B |
| 2 |
adnxs.com
2 redirects
ib.adnxs.com — Cisco Umbrella Rank: 230 |
2 KB |
| 2 |
akamaihd.net
ds-aksb-a.akamaihd.net — Cisco Umbrella Rank: 5870 |
5 KB |
| 2 |
ld-ute.info
2 redirects
ld-ute.info |
429 B |
| 1 |
onaudience.com
1 redirects
pixel.onaudience.com — Cisco Umbrella Rank: 3081 |
247 B |
| 1 |
crwdcntrl.net
1 redirects
sync.crwdcntrl.net — Cisco Umbrella Rank: 805 |
205 B |
| 1 |
yahoo.com
1 redirects
cms.analytics.yahoo.com — Cisco Umbrella Rank: 1087 |
702 B |
| 1 |
eyeota.net
1 redirects
ps.eyeota.net — Cisco Umbrella Rank: 1128 |
418 B |
| 1 |
ml314.com
1 redirects
ml314.com — Cisco Umbrella Rank: 1845 |
343 B |
| 1 |
quantserve.com
1 redirects
cms.quantserve.com — Cisco Umbrella Rank: 712 |
427 B |
| 1 |
adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 368 |
265 B |
| 1 |
rfihub.com
1 redirects
p.rfihub.com — Cisco Umbrella Rank: 855 |
729 B |
| 1 |
twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 687 |
395 B |
| 1 |
33across.com
dp2.33across.com — Cisco Umbrella Rank: 11569 |
69 B |
| 1 |
mathtag.com
1 redirects
sync.mathtag.com — Cisco Umbrella Rank: 507 |
696 B |
| 45 | 22 |
| Domain | Requested by | |
|---|---|---|
| 15 | dpm.demdex.net |
2 redirects
lnfo-supporto-eclient.66-29-135-13.cprapid.com
|
| 14 | sync-tm.everesttech.net |
7 redirects
lnfo-supporto-eclient.66-29-135-13.cprapid.com
|
| 14 | lnfo-supporto-eclient.66-29-135-13.cprapid.com |
1 redirects
lnfo-supporto-eclient.66-29-135-13.cprapid.com
|
| 3 | s.amazon-adsystem.com | 2 redirects |
| 2 | ads.scorecardresearch.com | 2 redirects |
| 2 | cm.g.doubleclick.net | 2 redirects |
| 2 | ib.adnxs.com | 2 redirects |
| 2 | dmtags.scotiabank.com |
lnfo-supporto-eclient.66-29-135-13.cprapid.com
|
| 2 | ds-aksb-a.akamaihd.net |
lnfo-supporto-eclient.66-29-135-13.cprapid.com
|
| 2 | ld-ute.info | 2 redirects |
| 1 | pixel.onaudience.com | 1 redirects |
| 1 | sync.crwdcntrl.net | 1 redirects |
| 1 | cms.analytics.yahoo.com | 1 redirects |
| 1 | ps.eyeota.net | 1 redirects |
| 1 | ml314.com | 1 redirects |
| 1 | cms.quantserve.com | 1 redirects |
| 1 | match.adsrvr.org |
lnfo-supporto-eclient.66-29-135-13.cprapid.com
|
| 1 | p.rfihub.com | 1 redirects |
| 1 | analytics.twitter.com |
lnfo-supporto-eclient.66-29-135-13.cprapid.com
|
| 1 | cdn.navdmp.com |
lnfo-supporto-eclient.66-29-135-13.cprapid.com
|
| 1 | navdmp.com | 1 redirects |
| 1 | dp2.33across.com |
lnfo-supporto-eclient.66-29-135-13.cprapid.com
|
| 1 | sync.mathtag.com | 1 redirects |
| 1 | cm.everesttech.net | 1 redirects |
| 1 | somniture.scotiabank.com |
lnfo-supporto-eclient.66-29-135-13.cprapid.com
|
| 1 | scotiabank.demdex.net |
lnfo-supporto-eclient.66-29-135-13.cprapid.com
|
| 45 | 26 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| ihbnext.cedacri.it |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| lnfo-supporto-eclient.66-29-135-13.cprapid.com cPanel, Inc. Certification Authority |
2023-04-02 - 2023-07-01 |
3 months | crt.sh |
| a248.e.akamai.net DigiCert TLS RSA SHA256 2020 CA1 |
2022-06-28 - 2023-06-30 |
a year | crt.sh |
| apps.scotiabank.com Entrust Certification Authority - L1K |
2022-12-13 - 2024-01-13 |
a year | crt.sh |
| *.demdex.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-09-26 - 2023-10-27 |
a year | crt.sh |
| somniture.scotiabank.com Entrust Certification Authority - L1K |
2022-09-12 - 2023-10-12 |
a year | crt.sh |
| *.33across.com Sectigo RSA Domain Validation Secure Server CA |
2022-09-06 - 2023-09-30 |
a year | crt.sh |
| *.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2023-02-05 - 2024-02-05 |
a year | crt.sh |
| *.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020 |
2022-03-31 - 2023-05-02 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://lnfo-supporto-eclient.66-29-135-13.cprapid.com/uld-ust/it/index.php?&sessionid=57d8bdcaa54bd3dded0377f19146d3af
Frame ID: AAC5E03BAA10E3E0AE40FE74E70673EB
Requests: 20 HTTP requests in this frame
Frame:
https://scotiabank.demdex.net/dest5.html?d_nsid=0
Frame ID: 4621BFD75DF7DB8328BC200074145B47
Requests: 25 HTTP requests in this frame
Screenshot
Page Title
Account | Banco DesioPage URL History Show full URLs
-
https://ld-ute.info/myDESlO
HTTP 301
https://ld-ute.info/myDESlO/ HTTP 302
https://lnfo-supporto-eclient.66-29-135-13.cprapid.com/uld-ust/checkclient.php HTTP 302
https://lnfo-supporto-eclient.66-29-135-13.cprapid.com/uld-ust/it/index.php?&sessionid=57d8bdcaa54bd3dded0377f19146d3af Page URL
Detected technologies
PHP
(Programming Languages)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- \.php(?:$|\?)
React
(JavaScript Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <[^>]+data-react
AppNexus
(Advertising Networks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- adnxs\.(?:net|com)
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
URL: https://ihbnext.cedacri.it/
Title: Non ricordi i dati d'accesso?
Title: Non ricordi i dati d'accesso?
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://ld-ute.info/myDESlO
HTTP 301
https://ld-ute.info/myDESlO/ HTTP 302
https://lnfo-supporto-eclient.66-29-135-13.cprapid.com/uld-ust/checkclient.php HTTP 302
https://lnfo-supporto-eclient.66-29-135-13.cprapid.com/uld-ust/it/index.php?&sessionid=57d8bdcaa54bd3dded0377f19146d3af Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 10- https://dpm.demdex.net/id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0AAF22CE52827A080A490D4D%40AdobeOrg&d_nsid=0&ts=1680618274355 HTTP 302
- https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0AAF22CE52827A080A490D4D%40AdobeOrg&d_nsid=0&ts=1680618274355
- https://cm.everesttech.net/cm/dd?d_uuid=30798947634505520712221769874533117509 HTTP 302
- https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZCwzIgAAAGetjwNx
- https://sync.mathtag.com/sync/img?mt_exid=10004&mt_exuid=30798947634505520712221769874533117509&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D269%26dpuuid%3D[MM_UUID]%26ddsuuid%3d30798947634505520712221769874533117509 HTTP 302
- https://dpm.demdex.net/ibs:dpid=269&dpuuid=6b77642c-3323-4d00-a41f-9de878a1fadd&ddsuuid=30798947634505520712221769874533117509
- https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID HTTP 307
- https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID HTTP 302
- https://dpm.demdex.net/ibs:dpid=358&dpuuid=563973373466405347
- https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MzA3OTg5NDc2MzQ1MDU1MjA3MTIyMjE3Njk4NzQ1MzMxMTc1MDk= HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=MzA3OTg5NDc2MzQ1MDU1MjA3MTIyMjE3Njk4NzQ1MzMxMTc1MDk=&google_tc= HTTP 302
- https://dpm.demdex.net/ibs:dpid=771&dpuuid=&google_error=3?gdpr=0&gdpr_consent=
- https://navdmp.com/req?adID=30798947634505520712221769874533117509 HTTP 301
- https://cdn.navdmp.com/req?adID=30798947634505520712221769874533117509
- https://p.rfihub.com/cm?in=1&pub=7085 HTTP 302
- https://dpm.demdex.net/ibs:dpid=1121&dpuuid=46971944493137750
- https://cms.quantserve.com/pixel/p-vj4AYjBqd6VJ2.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
- https://dpm.demdex.net/ibs:dpid=1175&&dpuuid=I-gEwibvBJI4vgaUcOwbkSDpVcM45Q_HI-XbnOLe
- https://ml314.com/utsync.ashx?eid=50112&et=0&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D22052%26dpuuid%3D[PersonID] HTTP 302
- https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3634737373513252971
- https://ps.eyeota.net/match?bid=6j5b2cv&uid=30798947634505520712221769874533117509&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D HTTP 302
- https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
- https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=30798947634505520712221769874533117509&gdpr=0&gdpr_consent= HTTP 302
- https://dpm.demdex.net/ibs:dpid=30646?dpuuid=
- https://ads.scorecardresearch.com/p?c1=9&c2=6034944&c3=2&cs_xi=30798947634505520712221769874533117509&rn=1680618274583&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D73426%26dpuuid%3D30798947634505520712221769874533117509 HTTP 302
- https://ads.scorecardresearch.com/p2?c1=9&c2=6034944&c3=2&cs_xi=30798947634505520712221769874533117509&rn=1680618274583&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D73426%26dpuuid%3D30798947634505520712221769874533117509 HTTP 302
- https://dpm.demdex.net/ibs:dpid=73426&dpuuid=30798947634505520712221769874533117509
- https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=30798947634505520712221769874533117509?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} HTTP 302
- https://dpm.demdex.net/ibs:dpid=121998&dpuuid=
- https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
- https://sync-tm.everesttech.net/ct/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&_test=ZCwzJAAATEeHTQAn
- https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
- https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90&_test=ZCwzJAAATr6H0wAn
- https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
- https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=ZCwzJAAATrqJvQAn
- https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
- https://sync-tm.everesttech.net/ct/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D&_test=ZCwzJAAAAHqw7wBS
- https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
- https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D&_test=ZCwzJAAATumzkQBS
- https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
- https://sync-tm.everesttech.net/ct/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1&_test=ZCwzJAAATwq2pABS
- https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
- https://sync-tm.everesttech.net/ct/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0&_test=ZCwzJQAAAO9W5ABL
- https://pixel.onaudience.com/?partner=130&mapped=30798947634505520712221769874533117509&redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D161033%26dpuuid%3D%25m HTTP 302
- https://dpm.demdex.net/ibs:dpid=161033&dpuuid=
- https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433 HTTP 302
- https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433&dcc=t HTTP 302
- https://dpm.demdex.net/ibs:dpid=139200&dpuuid=ISCEddyvRPSDV9xVIwgtCg&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D HTTP 302
- https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=30798947634505520712221769874533117509
45 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
index.php
lnfo-supporto-eclient.66-29-135-13.cprapid.com/uld-ust/it/ Redirect Chain
|
58 KB 58 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
styles.86a72d8001092c40e429.css
lnfo-supporto-eclient.66-29-135-13.cprapid.com/uld-ust/it/css/ |
1 MB 1 MB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
094054a424e3-launch-edbf66c903b6.min.js
lnfo-supporto-eclient.66-29-135-13.cprapid.com/uld-ust/it/js/ |
238 KB 239 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
aksb.min.js
ds-aksb-a.akamaihd.net/ |
13 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
new-dmobile.png
lnfo-supporto-eclient.66-29-135-13.cprapid.com/uld-ust/it/images/ |
22 KB 22 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
icons8-region-50.png
lnfo-supporto-eclient.66-29-135-13.cprapid.com/uld-ust/it/images/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
icons8-phone-50.png
lnfo-supporto-eclient.66-29-135-13.cprapid.com/uld-ust/it/images/ |
990 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
.-6643-resource-loader.js
lnfo-supporto-eclient.66-29-135-13.cprapid.com/uld-ust/it/js/ |
221 B 476 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
.-6607-runtime.eff227375d548a03d4a2.js
lnfo-supporto-eclient.66-29-135-13.cprapid.com/uld-ust/it/js/ |
1 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
.-6204-main.b454267499c8d1dd0ee2.chunk.js
lnfo-supporto-eclient.66-29-135-13.cprapid.com/uld-ust/it/js/ |
5 MB 5 MB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
dF0
lnfo-supporto-eclient.66-29-135-13.cprapid.com/oJ0d/zt7x/3MnMW/33wsw/EcJYmNQk/ORoxZ2Ms/cVo0BWdH/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
rd
dpm.demdex.net/id/ Redirect Chain
|
5 KB 3 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
AppMeasurement.min.js
dmtags.scotiabank.com/launch/novaweb/27c34d6e7144/094054a424e3/b7f9de2492b6/hostedLibFiles/EP171e731c9ba34f1c950c36d26e3efd61/ |
33 KB 13 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
AppMeasurement_Module_ActivityMap.min.js
dmtags.scotiabank.com/launch/novaweb/27c34d6e7144/094054a424e3/b7f9de2492b6/hostedLibFiles/EP171e731c9ba34f1c950c36d26e3efd61/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
dest5.html
scotiabank.demdex.net/ Frame 4621 |
7 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
id
somniture.scotiabank.com/ |
48 B 482 B |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ibs:dpid=411&dpuuid=ZCwzIgAAAGetjwNx
dpm.demdex.net/ Redirect Chain
|
42 B 942 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ibs:dpid=269&dpuuid=6b77642c-3323-4d00-a41f-9de878a1fadd&ddsuuid=30798947634505520712221769874533117509
dpm.demdex.net/ Frame 4621 Redirect Chain
|
42 B 942 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ibs:dpid=358&dpuuid=563973373466405347
dpm.demdex.net/ Frame 4621 Redirect Chain
|
42 B 942 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
dp2.33across.com/ps/ Frame 4621 |
0 69 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ibs:dpid=771&dpuuid=&google_error=3
dpm.demdex.net/ Frame 4621 Redirect Chain
|
42 B 960 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
req
cdn.navdmp.com/ Frame 4621 Redirect Chain
|
6 B 77 B |
Image
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
adsct
analytics.twitter.com/i/ Frame 4621 |
43 B 395 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ibs:dpid=1121&dpuuid=46971944493137750
dpm.demdex.net/ Frame 4621 Redirect Chain
|
42 B 942 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
generic
match.adsrvr.org/track/cmf/ Frame 4621 |
70 B 265 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ibs:dpid=1175&&dpuuid=I-gEwibvBJI4vgaUcOwbkSDpVcM45Q_HI-XbnOLe
dpm.demdex.net/ Frame 4621 Redirect Chain
|
42 B 942 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ibs:dpid=22052&dpuuid=3634737373513252971
dpm.demdex.net/ Frame 4621 Redirect Chain
|
42 B 942 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
dpm.demdex.net/ Frame 4621 Redirect Chain
|
42 B 960 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ibs:dpid=30646
dpm.demdex.net/ Frame 4621 Redirect Chain
|
42 B 966 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ibs:dpid=73426&dpuuid=30798947634505520712221769874533117509
dpm.demdex.net/ Frame 4621 Redirect Chain
|
42 B 942 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ibs:dpid=121998&dpuuid=
dpm.demdex.net/ Frame 4621 Redirect Chain
|
42 B 960 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
5w3jqr4k
sync-tm.everesttech.net/ct/upi/pid/ Frame 4621 Redirect Chain
|
85 B 171 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
btu4jd3a
sync-tm.everesttech.net/ct/upi/pid/ Frame 4621 Redirect Chain
|
85 B 149 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ZMAwryCI
sync-tm.everesttech.net/ct/upi/pid/ Frame 4621 Redirect Chain
|
85 B 153 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
UH6TUt9n
sync-tm.everesttech.net/ct/upi/pid/ Frame 4621 Redirect Chain
|
85 B 149 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
ny75r2x0
sync-tm.everesttech.net/upi/pid/ Frame 4621 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame 4621 Redirect Chain
|
85 B 167 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
h0r58thg
sync-tm.everesttech.net/ct/upi/pid/ Frame 4621 Redirect Chain
|
85 B 172 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
mobile-phone.png
lnfo-supporto-eclient.66-29-135-13.cprapid.com/uld-ust/it/css/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
assets-8fd30bd010d9e2c7677ec339685f958b.woff
lnfo-supporto-eclient.66-29-135-13.cprapid.com/uld-ust/it/fonts/ |
30 KB 30 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
assets-00cecde981e3ef7491eba946f4b95fe0.woff
lnfo-supporto-eclient.66-29-135-13.cprapid.com/uld-ust/it/fonts/ |
31 KB 31 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
r7ifn0SL
sync-tm.everesttech.net/ct/upi/pid/ Frame 4621 Redirect Chain
|
85 B 153 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ibs:dpid=161033&dpuuid=
dpm.demdex.net/ Frame 4621 Redirect Chain
|
42 B 960 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ecm3
s.amazon-adsystem.com/ Frame 4621 Redirect Chain
|
43 B 479 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
b
ds-aksb-a.akamaihd.net/2/682023/ |
0 269 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- sync-tm.everesttech.net
- URL
- https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Banco Desio (Banking)25 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 boolean| credentialless object| w object| d object| AKSB number| resources object| REDUX_STATE object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in object| appEventData number| _dataLayerOverwriteMonitor object| webpackJsonp function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq function| AppMeasurement_Module_ActivityMap object| s object| antiClickjack object| RT18 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| lnfo-supporto-eclient.66-29-135-13.cprapid.com/ | Name: PHPSESSID Value: ckkeqm58o4ukdrr19os3qka7k0 |
|
| .demdex.net/ | Name: demdex Value: 30798947634505520712221769874533117509 |
|
| .cprapid.com/ | Name: AMCVS_0AAF22CE52827A080A490D4D%40AdobeOrg Value: 1 |
|
| .dpm.demdex.net/ | Name: dpm Value: 30798947634505520712221769874533117509 |
|
| .cprapid.com/ | Name: AMCV_0AAF22CE52827A080A490D4D%40AdobeOrg Value: 1176715910%7CMCIDTS%7C19452%7CMCMID%7C28595513837244503251425282358363603799%7CMCAAMLH-1681223074%7C6%7CMCAAMB-1681223074%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1680625474s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19459%7CvVersion%7C5.4.0 |
|
| .adnxs.com/ | Name: uuid2 Value: 563973373466405347 |
|
| .doubleclick.net/ | Name: test_cookie Value: CheckForPermission |
|
| .twitter.com/ | Name: personalization_id Value: "v1_db4a8CqJ9jJLNgzINAcnGg==" |
|
| .rfihub.com/ | Name: eud Value: H4sIAAAAAAAA_1vFxGtoZmFgZmhhZG5qZmgKAIu4mTUQAAAA |
|
| .rfihub.com/ | Name: rud Value: H4sIAAAAAAAA_-MSNDGzNDe0NDExsTQ2NDY3NzUQ4jPULY6ojDIJ8y7MS_YMBgC5pDLXIwAAAA |
|
| .rfihub.com/ | Name: ruds Value: H4sIAAAAAAAA_-MSNDGzNDe0NDExsTQ2NDY3NzUQ4jPULY6ojDIJ8y7MS_YMBgC5pDLXIwAAAA |
|
| .mathtag.com/ | Name: uuid Value: 6b77642c-3323-4d00-a41f-9de878a1fadd |
|
| .eyeota.net/ | Name: SERVERID Value: 20308~DM |
|
| .yahoo.com/ | Name: A3 Value: d=AQABBCQzLGQCEP6IoooOGNVAAMUVst0TZvkFEv__AP8AAAAAAOe6Jm0AAAAAgA&S=AQAAAtBreyGeFU9cB0GSwT0fw2Y |
|
| .demdex.net/ | Name: dextp Value: 269-1-1680618274830|358-1-1680618274931|601-1-1680618275032|771-1-1680618275133|822-1-1680618275234|1123-1-1680618275335|1121-1-1680618275436|903-1-1680618275537|1175-1-1680618275637|22052-1-1680618275738|30064-1-1680618275839|30646-1-1680618275940|73426-1-1680618276041|121998-1-1680618276141|144230-1-1680618276242|144231-1-1680618276343|144232-1-1680618276444|144233-1-1680618276547|144234-1-1680618276648|144235-1-1680618276749|144236-1-1680618276875|144237-1-1680618277048|161033-1-1680618277149|139200-1-1680618277250 |
|
| .onaudience.com/ | Name: cookie Value: 08f260cd1f589dd4 |
|
| .amazon-adsystem.com/ | Name: ad-id Value: A0d6BgRW2EgQuE4iD5wb1o4 |
|
| .amazon-adsystem.com/ | Name: ad-privacy Value: 0 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ads.scorecardresearch.com
analytics.twitter.com
cdn.navdmp.com
cm.everesttech.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
cms.quantserve.com
dmtags.scotiabank.com
dp2.33across.com
dpm.demdex.net
ds-aksb-a.akamaihd.net
ib.adnxs.com
ld-ute.info
lnfo-supporto-eclient.66-29-135-13.cprapid.com
match.adsrvr.org
ml314.com
navdmp.com
p.rfihub.com
pixel.onaudience.com
ps.eyeota.net
s.amazon-adsystem.com
scotiabank.demdex.net
somniture.scotiabank.com
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.mathtag.com
sync-tm.everesttech.net
103.229.205.243
104.244.42.195
108.138.7.10
141.94.171.216
142.250.185.66
15.197.193.217
15.236.125.10
151.101.2.49
185.83.142.19
193.0.160.131
212.82.100.182
2606:4700::6810:cf3
2620:116:800d:21:93ca:31d8:d86e:38f6
2a02:26f0:6c00:195::51e
2a02:26f0:780::5f65:3672
2a02:4780:27:1071:0:154e:e4d7:2
34.111.234.236
34.240.58.209
52.18.161.223
52.46.128.147
52.57.150.20
54.154.146.140
54.72.144.202
66.29.135.13
67.202.105.23
03225d14336379353bc306d8a809ea367fd0c30491c43c96918aa68783d1d9b0
046ae3fa806af4a70aaab566dd8ec6302f3350d67f1a956ba6f132aafa704ad4
0c4aa449c09de4bc7447e0cb5c76bb62c5bc82d3bb806678a2180165ba78a696
0d3fb2e7ae7c73168ae60ea986f26e12d61f78c9632d39b4a2c4654c00250fb8
1005d7e1cdba845abaf190203acd62ca9e994414be24e46ea8878be1374e2438
114ea0b2dfbba7ae939b3b84ce79969942a5eb9a06a84d1315a05cb9b45f7341
3e39d322fb71bfc4b1b3d6c872f210c9eeeaeb0d30aba632d2eb6e91344fbd62
462a66acbf50e933685e7587e9f1441df8225b2bb4d6b7bc5e757eccf4ff6575
4aa0cb13c447cd5d35729bf6bf5cd8a799834df440c838041646ebb8d8488926
5037b298c4193baf7e920bee2999d2ab852db7a3b6b09a38c25a78db92baf69b
5f45b253b0621b40b352b1ec52c4b2066bca8e71c5ac54d922459fc8109d9366
647869f1f836569f0ec4de08c629ffc442525b5ea97913fd90dc009caedd5649
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7f06def529e0076b37f65c60085a6b1c65f1bbab0b1f87c72c188018b5094966
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9219086b4f2c3bf77854b2e06ccd97ad32b9b7a140e65ff8b974a3bae6c7854c
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
bdcedcc0085acc0e4d5a4489b2d73c2aae3f918b17f31bafcf4d8e8b1cc772be
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
dbdd977f3b99730f4d43fc5661a1cf66df1381540cccd6c02c7a5a787cf7d063
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fde6372895f5b115abe65c37ae2a4f4769e43cfb6d826eb3f256477e6bb17fe0