donotbelieveherlies.com
Open in
urlscan Pro
192.185.225.63
Public Scan
Effective URL: http://donotbelieveherlies.com/dnbherlhome.php
Submission: On January 14 via api from US — Scanned from DE
Summary
This is the only time donotbelieveherlies.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
16 | 192.185.225.63 192.185.225.63 | 46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1) | |
1 | 2606:4700:303... 2606:4700:3036::ac43:9214 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 192.229.221.25 192.229.221.25 | 15133 (EDGECAST) (EDGECAST) | |
1 1 | 151.101.193.21 151.101.193.21 | 54113 (FASTLY) (FASTLY) | |
1 | 2600:9000:238... 2600:9000:238d:4e00:14:6bfc:5740:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
6 | 2a00:1450:400... 2a00:1450:4001:830::2002 | 15169 (GOOGLE) (GOOGLE) | |
2 | 52.218.250.160 52.218.250.160 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 2a00:1450:400... 2a00:1450:4001:813::2002 | 15169 (GOOGLE) (GOOGLE) | |
1 | 54.68.106.248 54.68.106.248 | 16509 (AMAZON-02) (AMAZON-02) | |
3 | 2a00:1450:400... 2a00:1450:4001:81c::2001 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:80f::2004 | 15169 (GOOGLE) (GOOGLE) | |
38 | 11 |
ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: dainippon.com.ar
donotbelieveherlies.com |
ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com |
ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2.amazonaws.com
s3-us-west-2.amazonaws.com |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-68-106-248.us-west-2.compute.amazonaws.com
www.trustedsite.com |
ASN15169 (GOOGLE, US)
tpc.googlesyndication.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
16 |
donotbelieveherlies.com
donotbelieveherlies.com |
657 KB |
9 |
googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 tpc.googlesyndication.com — Cisco Umbrella Rank: 157 |
225 KB |
2 |
doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 |
5 KB |
2 |
amazonaws.com
s3-us-west-2.amazonaws.com |
2 KB |
2 |
paypalobjects.com
www.paypalobjects.com — Cisco Umbrella Rank: 2611 |
2 KB |
1 |
google.com
www.google.com — Cisco Umbrella Rank: 2 |
1 KB |
1 |
trustedsite.com
www.trustedsite.com — Cisco Umbrella Rank: 21059 |
998 B |
1 |
ywxi.net
cdn.ywxi.net — Cisco Umbrella Rank: 12269 |
6 KB |
1 |
paypal.com
1 redirects
www.paypal.com — Cisco Umbrella Rank: 3015 |
975 B |
1 |
moonmodule.com
www.moonmodule.com — Cisco Umbrella Rank: 693938 |
8 KB |
38 | 10 |
Domain | Requested by | |
---|---|---|
16 | donotbelieveherlies.com |
donotbelieveherlies.com
|
6 | pagead2.googlesyndication.com |
donotbelieveherlies.com
pagead2.googlesyndication.com tpc.googlesyndication.com |
3 | tpc.googlesyndication.com |
pagead2.googlesyndication.com
tpc.googlesyndication.com |
2 | googleads.g.doubleclick.net |
pagead2.googlesyndication.com
|
2 | s3-us-west-2.amazonaws.com |
cdn.ywxi.net
|
2 | www.paypalobjects.com |
donotbelieveherlies.com
|
1 | www.google.com |
tpc.googlesyndication.com
|
1 | www.trustedsite.com |
cdn.ywxi.net
|
1 | cdn.ywxi.net |
donotbelieveherlies.com
|
1 | www.paypal.com | 1 redirects |
1 | www.moonmodule.com |
donotbelieveherlies.com
|
38 | 11 |
This site contains links to these domains. Also see Links.
Domain |
---|
discord.gg |
Subject Issuer | Validity | Valid | |
---|---|---|---|
moonmodule.com GTS CA 1P5 |
2023-12-03 - 2024-03-02 |
3 months | crt.sh |
www.paypal.com DigiCert SHA2 Extended Validation Server CA |
2023-10-12 - 2024-10-31 |
a year | crt.sh |
*.ywxi.net Amazon RSA 2048 M02 |
2023-06-05 - 2024-07-03 |
a year | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2023-12-11 - 2024-03-04 |
3 months | crt.sh |
*.trustedsite.com Amazon RSA 2048 M03 |
2023-12-27 - 2025-01-24 |
a year | crt.sh |
tpc.googlesyndication.com GTS CA 1C3 |
2023-12-11 - 2024-03-04 |
3 months | crt.sh |
www.google.com GTS CA 1C3 |
2023-12-11 - 2024-03-04 |
3 months | crt.sh |
This page contains 6 frames:
Primary Page:
http://donotbelieveherlies.com/dnbherlhome.php
Frame ID: 2E470DDFBE35EEFB9967C9AB2CEC801A
Requests: 29 HTTP requests in this frame
Frame:
http://donotbelieveherlies.com/media/silence.mp3
Frame ID: 2F59B75B278381536E07CD0EC549734F
Requests: 2 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/zrt_lookup_fy2021.html
Frame ID: A2C8FA3545725662A733C95E6286D957
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7113232945286848&output=html&adk=1812271804&adf=3025194257&lmt=1705267218&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x540_l%7C260x540_r&format=0x0&url=http%3A%2F%2Fdonotbelieveherlies.com%2Fdnbherlhome.php&ea=0&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslcwct=150&asacwct=25&aslmct=0.7&asamct=0.7&dt=1705267217841&bpp=3&bdt=299&idt=205&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8608331361048&frm=20&pv=2&ga_vid=99040403.1705267218&ga_sid=1705267218&ga_hid=611262881&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95320890&oid=2&pvsid=3925671484793423&tmod=1137085832&uas=0&nvt=1&fsapi=1&ref=http%3A%2F%2Fdonotbelieveherlies.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=222
Frame ID: 0404A450BB26B922E91CA13F55F15833
Requests: 1 HTTP requests in this frame
Frame:
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F9155D3BD16B10DB982F2728A53A7F3E
Requests: 3 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/aframe
Frame ID: 32558658296EBE63DC354FBED6AC875E
Requests: 2 HTTP requests in this frame
Screenshot
Page Title
Do Not Believe Her LiesPage URL History Show full URLs
- http://donotbelieveherlies.com/ Page URL
- http://donotbelieveherlies.com/dnbherlhome.php Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- \.php(?:$|\?)
PayPal (Payment Processors) Expand
Detected patterns
- <input[^>]+_s-xclick
- paypalobjects\.com
Google AdSense (Advertising Networks) Expand
Detected patterns
- googlesyndication\.com/
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://donotbelieveherlies.com/ Page URL
- http://donotbelieveherlies.com/dnbherlhome.php Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 11- https://www.paypal.com/en_US/i/scr/pixel.gif HTTP 301
- https://www.paypalobjects.com/en_US/i/scr/pixel.gif
38 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
donotbelieveherlies.com/ |
62 B 390 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
dnbherlhome.php
donotbelieveherlies.com/ |
10 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.css
donotbelieveherlies.com/css/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fonts.css
donotbelieveherlies.com/css/ |
2 KB 727 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dnbherlogo.png
donotbelieveherlies.com/images/ |
13 KB 13 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hn.gif
www.moonmodule.com/cs/dm/ |
7 KB 8 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fivelogo.png
donotbelieveherlies.com/images/ |
39 KB 39 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
6logo.png
donotbelieveherlies.com/images/ |
198 KB 199 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sevenlogo.png
donotbelieveherlies.com/images/ |
8 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
thornburylink.png
donotbelieveherlies.com/images/ |
52 KB 52 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
discord_logo.png
donotbelieveherlies.com/images/ |
32 KB 32 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
btn_donate_SM.gif
www.paypalobjects.com/en_US/i/btn/ |
1 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pixel.gif
www.paypalobjects.com/en_US/i/scr/ Redirect Chain
|
43 B 185 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dnbhl.png
donotbelieveherlies.com/images/ |
37 KB 38 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
warning_.png
donotbelieveherlies.com/images/ |
76 KB 76 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1.js
cdn.ywxi.net/js/ |
20 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ |
146 KB 50 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
silence.mp3
donotbelieveherlies.com/media/ Frame 2F59 |
0 0 |
Document
audio/mpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mus1.mp3
donotbelieveherlies.com/media/ |
97 KB 0 |
Media
audio/mpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mainbg.jpg
donotbelieveherlies.com/images/ |
192 KB 192 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
Chalkduster.woff2
donotbelieveherlies.com/fonts/chalk/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
client.json
s3-us-west-2.amazonaws.com/mfesecure-public/host/donotbelieveherlies.com/ |
176 B 1011 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
client.json
s3-us-west-2.amazonaws.com/mfesecure-public/host/donotbelieveherlies.com/ |
176 B 1011 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/ |
402 KB 136 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/ Frame A2C8 |
9 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
silence.mp3
donotbelieveherlies.com/media/ Frame 2F59 |
144 B 493 B |
Media
audio/mpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ads
googleads.g.doubleclick.net/pagead/ Frame 0404 |
603 B 245 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ajax
www.trustedsite.com/rpc/ |
6 B 998 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
Chalkduster.woff
donotbelieveherlies.com/fonts/chalk/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
Chalkduster.ttf
donotbelieveherlies.com/fonts/chalk/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sodar
pagead2.googlesyndication.com/getconfig/ |
16 KB 12 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sodar2.js
tpc.googlesyndication.com/sodar/ |
17 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F915 |
13 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aframe
www.google.com/recaptcha/api2/ Frame 3255 |
829 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
pagead2.googlesyndication.com/bg/ Frame F915 |
39 KB 15 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sodar
pagead2.googlesyndication.com/pagead/ Frame 3255 |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
generate_204
tpc.googlesyndication.com/ Frame F915 |
0 10 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sodar
pagead2.googlesyndication.com/pagead/ |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- donotbelieveherlies.com
- URL
- https://donotbelieveherlies.com/fonts/chalk/Chalkduster.woff2
- Domain
- donotbelieveherlies.com
- URL
- https://donotbelieveherlies.com/fonts/chalk/Chalkduster.woff
- Domain
- donotbelieveherlies.com
- URL
- https://donotbelieveherlies.com/fonts/chalk/Chalkduster.ttf
Verdicts & Comments Add Verdict or Comment
32 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 boolean| FF object| adsbygoogle object| TrustedSite number| TrustedSite_done object| TrustedSiteInline object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter function| google_sa_impl number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms object| google_image_requests6 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
donotbelieveherlies.com/ | Name: PHPSESSID Value: f671316eb350683019e97d916eed8de7 |
|
.paypal.com/ | Name: ts Value: vreXpYrS%3D1799961617%26vteXpYrS%3D1705269017%26vr%3D09d8c56518d0a55120230fceff561473%26vt%3D09d8c56518d0a55120230fceff561472%26vtyp%3Dnew |
|
.paypal.com/ | Name: ts_c Value: vr%3D09d8c56518d0a55120230fceff561473%26vt%3D09d8c56518d0a55120230fceff561472 |
|
donotbelieveherlies.com/ | Name: trustedsite_visit Value: 1 |
|
.doubleclick.net/ | Name: test_cookie Value: CheckForPermission |
|
www.trustedsite.com/ | Name: AWSALBCORS Value: 5eWa5dh4yE+Nx3+y45X3IzUBXnm1kr9gOO6hDJG4J3DOSCraFPEI2waglO6ilYtiodJwoocpizBHYrgxRlhrINsYI0P1yYkCeMdQw7YRIlz/iv25Q0YxvlE9/s3Y |
6 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.ywxi.net
donotbelieveherlies.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
s3-us-west-2.amazonaws.com
tpc.googlesyndication.com
www.google.com
www.moonmodule.com
www.paypal.com
www.paypalobjects.com
www.trustedsite.com
donotbelieveherlies.com
151.101.193.21
192.185.225.63
192.229.221.25
2600:9000:238d:4e00:14:6bfc:5740:93a1
2606:4700:3036::ac43:9214
2a00:1450:4001:80f::2004
2a00:1450:4001:813::2002
2a00:1450:4001:81c::2001
2a00:1450:4001:830::2002
52.218.250.160
54.68.106.248
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
14b5d7c3924c61757c474bc44f30c807848d90bd1c92ddffa2dc6ec4320e620a
23b95882c02b4f81386d2ad7f82d870712548511b024da2bdf7216b4c8997bd4
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
3134da9bc25c3fd3a716949faa9af8240d3e61e0bd9cc57354fe3f48fa42ad51
387f353bee8f8030841326029d811b9d477c60fcb9f37e2437883a733c1e76d8
3c8f3d12c2504e3b30959244642a7e7040e01ff0a939bb23503a84fdc5e7b9aa
3eca2a68da062153365df72b0cb71b22dfdc0b806a9befa9223401edf0cc0ace
45d838064c8d865036d7e2d232a2cf5822fae306375ccdac59025dfda2504741
46e9d3ff1254ccd8a6fc7e7a0d5fc0c4adbaa873cd7b2f874911578fab92e7fd
4751ac9896b9421a6bd30fa4d1f675a89d7b593fefc735e9ef7e82aa04423c0d
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5785c953c42e70eb47ca489d49a19466d4871c3d73ecabaf03b5880dda220c5e
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
74971240d7f10c852bd49b1ae36b8a22be3257e8a6a224ea52b86c11a2a93157
822ab9f3476f2e671664ba2f92e225ba99f56c7659ed0af4f8f9144293687d77
a4aa9f775af34f63386d8b4d8a14fce2225c317c3f93cbafdeb5a8524eb542a1
aa6712eb0e791e104c18c2137127ff9125eaab6b9c35be9a96e4edb4575a39c7
ada60f1936ca0c4c720b27ca3808c0069dfee75af06f22368564a59ffe348d7b
b14234740394e59287bce1f6f3a594a8f221b382552b35658f1ef15d16ee662b
b9820804dc36dbf467d6a5aa80bcea126aecceba2022f621d35f109c6b3de84c
c7403f3381b165c419d584675263f82cb3a483ed8776ba64550c6177c05fc95c
ceebd1dec3a56c538fc467a90df1fee20022fc0e95395741183245c2d2e5b669
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e439ab908d5181dccc2a2994a2b3cc4d3232d1a77b906a8d366959f609850b40
e53ac74a3c3eb73bf8f78ae6906703a0f09b88c580c959eaabda47b6d6ca339b
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
faaee47a2aebd83bfad8235cc1023e00867176e3b5b9f5b11428ef70f7b77e6e