xn--2000-93dyvqh1a1b.xn--p1ai
Open in
urlscan Pro
Puny
обелиск2000.рф IDN
176.28.64.77
Malicious Activity!
Public Scan
Submitted URL: https://cutt.ly/qPTvSpj
Effective URL: http://xn--2000-93dyvqh1a1b.xn--p1ai/.tmb/wetransfer/we.php
Submission: On February 21 via manual from US — Scanned from DE
Effective URL: http://xn--2000-93dyvqh1a1b.xn--p1ai/.tmb/wetransfer/we.php
Submission: On February 21 via manual from US — Scanned from DE
Summary
This website contacted 13 IPs
in 6 countries
across 18 domains to perform 64 HTTP transactions.
The main IP is 176.28.64.77, located in
Orenburg, Russian Federation and
belongs to FCOMM-AS, RU.
The main domain is xn--2000-93dyvqh1a1b.xn--p1ai.
This is the only time xn--2000-93dyvqh1a1b.xn--p1ai was scanned on urlscan.io!
This is the only time xn--2000-93dyvqh1a1b.xn--p1ai was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: WeTransfer (Online)Domain & IP information
41
176.28.64.77
(Orenburg, Russian Federation)
ASN47684 (FCOMM-AS, RU)
ASN47684 (FCOMM-AS, RU)
| xn--2000-93dyvqh1a1b.xn--p1ai |
11
44.240.108.244
(Boardman, United States)
ASN16509 (AMAZON-02, US)
PTR: ec2-44-240-108-244.us-west-2.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-44-240-108-244.us-west-2.compute.amazonaws.com
| ids.ad.gt |
2
34.213.88.197
(Boardman, United States)
ASN16509 (AMAZON-02, US)
PTR: ec2-34-213-88-197.us-west-2.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-34-213-88-197.us-west-2.compute.amazonaws.com
| aufp.io | |
| p.ad.gt |
2
185.33.221.50
(Amsterdam, Netherlands)
ASN29990 (ASN-APPNEX, US)
PTR: 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ASN29990 (ASN-APPNEX, US)
PTR: 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
| secure.adnxs.com |
2
15.197.193.217
(United States)
ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
| match.adsrvr.org |
3
142.250.185.130
(United States)
ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
| cm.g.doubleclick.net |
2
52.31.13.93
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-13-93.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-13-93.eu-west-1.compute.amazonaws.com
| match.prod.bidr.io |
1
69.173.144.139
(Frankfurt am Main, Germany)
ASN26667 (RUBICONPROJECT, US)
ASN26667 (RUBICONPROJECT, US)
| token.rubiconproject.com |
1
44.229.246.90
(Boardman, United States)
ASN16509 (AMAZON-02, US)
PTR: ec2-44-229-246-90.us-west-2.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-44-229-246-90.us-west-2.compute.amazonaws.com
| a.ad.gt |
1
54.201.71.145
(Boardman, United States)
ASN16509 (AMAZON-02, US)
PTR: ec2-54-201-71-145.us-west-2.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-54-201-71-145.us-west-2.compute.amazonaws.com
| pixels.ad.gt |
2
2a03:2880:f02d:12:face:b00c:0:3
(Frankfurt am Main, Germany)
ASN32934 (FACEBOOK, US)
ASN32934 (FACEBOOK, US)
| connect.facebook.net |
1
35.244.159.8
(Kansas City, United States)
ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
| u.openx.net |
2
2a03:2880:f12d:83:face:b00c:0:25de
(Frankfurt am Main, Germany)
ASN32934 (FACEBOOK, US)
ASN32934 (FACEBOOK, US)
| www.facebook.com |
2
34.249.107.120
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-107-120.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-107-120.eu-west-1.compute.amazonaws.com
| ad.360yield.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 41 |
function sub() { [native code] }. |
5 MB |
| 14 |
ad.gt
2 redirects
ids.ad.gt — Cisco Umbrella Rank: 3929 p.ad.gt — Cisco Umbrella Rank: 4910 a.ad.gt — Cisco Umbrella Rank: 4375 pixels.ad.gt — Cisco Umbrella Rank: 4858 |
18 KB |
| 3 |
doubleclick.net
2 redirects
cm.g.doubleclick.net — Cisco Umbrella Rank: 175 |
1 KB |
| 2 |
360yield.com
2 redirects
ad.360yield.com — Cisco Umbrella Rank: 621 |
684 B |
| 2 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 97 |
386 B |
| 2 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 126 |
115 KB |
| 2 |
bidr.io
2 redirects
match.prod.bidr.io — Cisco Umbrella Rank: 444 |
1 KB |
| 2 |
pubmatic.com
2 redirects
image2.pubmatic.com — Cisco Umbrella Rank: 752 |
624 B |
| 2 |
adsrvr.org
2 redirects
match.adsrvr.org — Cisco Umbrella Rank: 295 |
963 B |
| 2 |
adnxs.com
2 redirects
secure.adnxs.com — Cisco Umbrella Rank: 350 |
2 KB |
| 1 |
taboola.com
trc.taboola.com — Cisco Umbrella Rank: 571 |
229 B |
| 1 |
openx.net
u.openx.net — Cisco Umbrella Rank: 636 |
305 B |
| 1 |
rubiconproject.com
token.rubiconproject.com — Cisco Umbrella Rank: 593 |
214 B |
| 1 |
mathtag.com
1 redirects
sync.mathtag.com — Cisco Umbrella Rank: 387 |
684 B |
| 1 |
aufp.io
aufp.io — Cisco Umbrella Rank: 5595 |
3 KB |
| 1 |
google.com
www.google.com — Cisco Umbrella Rank: 2 |
548 B |
| 1 |
cutt.ly
1 redirects
cutt.ly — Cisco Umbrella Rank: 65940 |
487 B |
| 0 |
sonobi.com
Failed
sync.go.sonobi.com Failed |
|
| 64 | 18 |
| Domain | Requested by | |
|---|---|---|
| 41 | xn--2000-93dyvqh1a1b.xn--p1ai |
xn--2000-93dyvqh1a1b.xn--p1ai
|
| 11 | ids.ad.gt |
2 redirects
xn--2000-93dyvqh1a1b.xn--p1ai
|
| 3 | cm.g.doubleclick.net |
2 redirects
xn--2000-93dyvqh1a1b.xn--p1ai
|
| 2 | ad.360yield.com | 2 redirects |
| 2 | www.facebook.com |
xn--2000-93dyvqh1a1b.xn--p1ai
|
| 2 | connect.facebook.net |
xn--2000-93dyvqh1a1b.xn--p1ai
connect.facebook.net |
| 2 | match.prod.bidr.io | 2 redirects |
| 2 | image2.pubmatic.com | 2 redirects |
| 2 | match.adsrvr.org | 2 redirects |
| 2 | secure.adnxs.com | 2 redirects |
| 1 | trc.taboola.com |
xn--2000-93dyvqh1a1b.xn--p1ai
|
| 1 | u.openx.net |
xn--2000-93dyvqh1a1b.xn--p1ai
|
| 1 | pixels.ad.gt |
xn--2000-93dyvqh1a1b.xn--p1ai
|
| 1 | a.ad.gt |
xn--2000-93dyvqh1a1b.xn--p1ai
|
| 1 | token.rubiconproject.com |
xn--2000-93dyvqh1a1b.xn--p1ai
|
| 1 | sync.mathtag.com | 1 redirects |
| 1 | p.ad.gt |
xn--2000-93dyvqh1a1b.xn--p1ai
|
| 1 | aufp.io |
xn--2000-93dyvqh1a1b.xn--p1ai
|
| 1 | www.google.com |
xn--2000-93dyvqh1a1b.xn--p1ai
|
| 1 | cutt.ly | 1 redirects |
| 0 | sync.go.sonobi.com Failed |
xn--2000-93dyvqh1a1b.xn--p1ai
|
| 64 | 21 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| www.google.com GTS CA 1C3 |
2022-02-07 - 2022-05-02 |
3 months | crt.sh |
| *.ad.gt Amazon |
2021-06-09 - 2022-07-08 |
a year | crt.sh |
| aufp.io Amazon |
2021-11-26 - 2022-12-24 |
a year | crt.sh |
| *.facebook.com DigiCert SHA2 High Assurance Server CA |
2021-11-30 - 2022-02-28 |
3 months | crt.sh |
| *.openx.net GeoTrust RSA CA 2018 |
2021-07-08 - 2022-08-08 |
a year | crt.sh |
| *.taboola.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-11-28 - 2022-12-29 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
http://xn--2000-93dyvqh1a1b.xn--p1ai/.tmb/wetransfer/we.php
Frame ID: F34E528543B0533F5B295AF838B43359
Requests: 69 HTTP requests in this frame
Screenshot
Page Title
WeTransfer account | WeTransferPage URL History Show full URLs
-
https://cutt.ly/qPTvSpj
HTTP 301
http://xn--2000-93dyvqh1a1b.xn--p1ai/.tmb/wetransfer/we.php Page URL
Detected technologies
PHP
(Programming Languages)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- \.php(?:$|\?)
Facebook
(Widgets)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Google Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
OpenX
(Advertising Networks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- https?://[^/]*\.openx\.net
Rubicon Project
(Advertising Networks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- https?://[^/]*\.rubiconproject\.com
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://cutt.ly/qPTvSpj
HTTP 301
http://xn--2000-93dyvqh1a1b.xn--p1ai/.tmb/wetransfer/we.php Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 49- https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=20a06f62-6d9f-46c4-b9ff-083d4f0ec6d7&adnxs_id=$UID HTTP 307
- https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3D20a06f62-6d9f-46c4-b9ff-083d4f0ec6d7%26adnxs_id%3D%24UID HTTP 302
- https://ids.ad.gt/api/v1/match?id=20a06f62-6d9f-46c4-b9ff-083d4f0ec6d7&adnxs_id=6815026037153373109
- https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=20a06f62-6d9f-46c4-b9ff-083d4f0ec6d7 HTTP 302
- https://match.adsrvr.org/track/cmb/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=20a06f62-6d9f-46c4-b9ff-083d4f0ec6d7 HTTP 302
- https://ids.ad.gt/api/v1/t_match?tdid=718c591c-80b0-42e6-a145-3dd9c62d9140&id=20a06f62-6d9f-46c4-b9ff-083d4f0ec6d7
- https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3D20a06f62-6d9f-46c4-b9ff-083d4f0ec6d7 HTTP 302
- https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3D20a06f62-6d9f-46c4-b9ff-083d4f0ec6d7 HTTP 302
- https://ids.ad.gt/api/v1/pbm_match?pbm=10DC44FE-26BC-4A26-B68E-55851E499E1B&id=20a06f62-6d9f-46c4-b9ff-083d4f0ec6d7
- https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=20a06f62-6d9f-46c4-b9ff-083d4f0ec6d7 HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm=&google_sc=&google_ula=450542624&id=20a06f62-6d9f-46c4-b9ff-083d4f0ec6d7&google_tc= HTTP 302
- https://ids.ad.gt/api/v1/g_match?id=20a06f62-6d9f-46c4-b9ff-083d4f0ec6d7&google_gid=CAESEBTtgJEmQhNuj9WkUuOwCbI&google_cver=1&google_ula=450542624,0
- https://ids.ad.gt/api/v1/g_hosted?id=20a06f62-6d9f-46c4-b9ff-083d4f0ec6d7 HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=MjBhMDZmNjItNmQ5Zi00NmM0LWI5ZmYtMDgzZDRmMGVjNmQ3
- https://match.prod.bidr.io/cookie-sync/audigent?buyer_user_id=20a06f62-6d9f-46c4-b9ff-083d4f0ec6d7 HTTP 303
- https://match.prod.bidr.io/cookie-sync/audigent?buyer_user_id=20a06f62-6d9f-46c4-b9ff-083d4f0ec6d7&_bee_ppp=1 HTTP 303
- https://ids.ad.gt/api/v1/beeswax_match?beeswax_id=AAGIwU7EJ0cAAHGCGqMDZQ&id=20a06f62-6d9f-46c4-b9ff-083d4f0ec6d7
- https://sync.mathtag.com/sync/img?redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmediamath_match%3Fuser_id%3D%5BMM_UUID%5D%26id%3D20a06f62-6d9f-46c4-b9ff-083d4f0ec6d7 HTTP 302
- https://ids.ad.gt/api/v1/mediamath_match?user_id=914b6213-a35b-4100-81d7-ae4c730c8358&id=20a06f62-6d9f-46c4-b9ff-083d4f0ec6d7
- https://ids.ad.gt/api/v1/rub?id=20a06f62-6d9f-46c4-b9ff-083d4f0ec6d7 HTTP 302
- https://token.rubiconproject.com/token?pid=50242&puid=20a06f62-6d9f-46c4-b9ff-083d4f0ec6d7&gdpr=0
- https://ad.360yield.com/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3D20a06f62-6d9f-46c4-b9ff-083d4f0ec6d7%26impr_uid%3D%7BPUB_USER_ID%7D HTTP 302
- https://ad.360yield.com/ul_cb/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3D20a06f62-6d9f-46c4-b9ff-083d4f0ec6d7%26impr_uid%3D%7BPUB_USER_ID%7D HTTP 302
- https://ids.ad.gt/api/v1/impr_match?id=20a06f62-6d9f-46c4-b9ff-083d4f0ec6d7&impr_uid=73a96611-efa7-4c0f-ba35-f9f2a06fc4b0
64 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
we.php
xn--2000-93dyvqh1a1b.xn--p1ai/.tmb/wetransfer/ Redirect Chain
|
231 KB 231 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ec.js
xn--2000-93dyvqh1a1b.xn--p1ai/.tmb/wetransfer/files/ |
3 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ecommerce.js
xn--2000-93dyvqh1a1b.xn--p1ai/.tmb/wetransfer/files/ |
1 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
1853083501571805.js
xn--2000-93dyvqh1a1b.xn--p1ai/.tmb/wetransfer/files/ |
308 KB 308 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
fbevents.js
xn--2000-93dyvqh1a1b.xn--p1ai/.tmb/wetransfer/files/ |
99 KB 99 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
367.htm
xn--2000-93dyvqh1a1b.xn--p1ai/.tmb/wetransfer/files/ |
25 KB 26 KB |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
haloid
xn--2000-93dyvqh1a1b.xn--p1ai/.tmb/wetransfer/files/ |
6 KB 6 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
analytics.js
xn--2000-93dyvqh1a1b.xn--p1ai/.tmb/wetransfer/files/ |
49 KB 49 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
367
xn--2000-93dyvqh1a1b.xn--p1ai/.tmb/wetransfer/files/ |
3 KB 3 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
gtm_002.js
xn--2000-93dyvqh1a1b.xn--p1ai/.tmb/wetransfer/files/ |
114 KB 114 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
uwt.js
xn--2000-93dyvqh1a1b.xn--p1ai/.tmb/wetransfer/files/ |
14 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
conversion_async.js
xn--2000-93dyvqh1a1b.xn--p1ai/.tmb/wetransfer/files/ |
38 KB 39 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
c1d2aa5e.js
xn--2000-93dyvqh1a1b.xn--p1ai/.tmb/wetransfer/files/ |
38 KB 38 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
gtm.js
xn--2000-93dyvqh1a1b.xn--p1ai/.tmb/wetransfer/files/ |
179 KB 179 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
fonts.css
xn--2000-93dyvqh1a1b.xn--p1ai/.tmb/wetransfer/files/ |
824 B 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
a
xn--2000-93dyvqh1a1b.xn--p1ai/.tmb/wetransfer/files/ |
2 KB 2 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.google.com/pagead/1p-user-list/778938880/ |
42 B 548 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
en.js
xn--2000-93dyvqh1a1b.xn--p1ai/.tmb/wetransfer/files/ |
7 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
dXWFQjiW1jxWCFG0hOVpqrk4h9vGeanc_002.js
xn--2000-93dyvqh1a1b.xn--p1ai/.tmb/wetransfer/files/ |
753 B 1004 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
transfer_login_styles.css
xn--2000-93dyvqh1a1b.xn--p1ai/.tmb/wetransfer/files/ |
28 KB 28 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
dXWFQjiW1jxWCFG0hOVpqrk4h9vGeanc.js
xn--2000-93dyvqh1a1b.xn--p1ai/.tmb/wetransfer/files/ |
8 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
wetransfer-pane.png
xn--2000-93dyvqh1a1b.xn--p1ai/.tmb/wetransfer/files/ |
3 MB 3 MB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
lock.js
xn--2000-93dyvqh1a1b.xn--p1ai/.tmb/wetransfer/files/ |
822 KB 822 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
adsct
xn--2000-93dyvqh1a1b.xn--p1ai/.tmb/wetransfer/files/ |
31 B 247 B |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
getuid.gif
xn--2000-93dyvqh1a1b.xn--p1ai/.tmb/wetransfer/files/ |
43 B 279 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
generic.gif
xn--2000-93dyvqh1a1b.xn--p1ai/.tmb/wetransfer/files/ |
70 B 306 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
UCookieSetPug.htm
xn--2000-93dyvqh1a1b.xn--p1ai/.tmb/wetransfer/files/ |
559 B 559 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
pixel.gif
xn--2000-93dyvqh1a1b.xn--p1ai/.tmb/wetransfer/files/ |
43 B 279 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
g_hosted.gif
xn--2000-93dyvqh1a1b.xn--p1ai/.tmb/wetransfer/files/ |
43 B 279 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
audigent.gif
xn--2000-93dyvqh1a1b.xn--p1ai/.tmb/wetransfer/files/ |
43 B 279 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
img.gif
xn--2000-93dyvqh1a1b.xn--p1ai/.tmb/wetransfer/files/ |
43 B 279 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
rub.txt
xn--2000-93dyvqh1a1b.xn--p1ai/.tmb/wetransfer/files/ |
559 B 559 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
halo_match.gif
xn--2000-93dyvqh1a1b.xn--p1ai/.tmb/wetransfer/files/ |
43 B 279 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
getpixels.txt
xn--2000-93dyvqh1a1b.xn--p1ai/.tmb/wetransfer/files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
cm.gif
xn--2000-93dyvqh1a1b.xn--p1ai/.tmb/wetransfer/files/ |
43 B 279 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
dXWFQjiW1jxWCFG0hOVpqrk4h9vGeanc.js
xn--2000-93dyvqh1a1b.xn--p1ai/assets/scripts/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
fonts.css
xn--2000-93dyvqh1a1b.xn--p1ai/assets/styles/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
transfer_login_styles.css
xn--2000-93dyvqh1a1b.xn--p1ai/assets/styles/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
4 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
943 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ActiefGrotesque-W-Regular.woff
xn--2000-93dyvqh1a1b.xn--p1ai/.tmb/wetransfer/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
565 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
GT-Super-WT-Regular.woff
xn--2000-93dyvqh1a1b.xn--p1ai/.tmb/wetransfer/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
GT-Super-WT-Super.woff
xn--2000-93dyvqh1a1b.xn--p1ai/.tmb/wetransfer/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ActiefGrotesque-W-Medium.woff
xn--2000-93dyvqh1a1b.xn--p1ai/.tmb/wetransfer/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
halo_match
ids.ad.gt/api/v1/ |
43 B 630 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
haloid
aufp.io/api/v1/ |
6 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
367
p.ad.gt/api/v1/p/ |
25 KB 8 KB |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
match
ids.ad.gt/api/v1/ Redirect Chain
|
43 B 565 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
t_match
ids.ad.gt/api/v1/ Redirect Chain
|
43 B 569 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pbm_match
ids.ad.gt/api/v1/ Redirect Chain
|
43 B 572 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
g_match
ids.ad.gt/api/v1/ Redirect Chain
|
43 B 572 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
pixel
cm.g.doubleclick.net/ Redirect Chain
|
170 B 188 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
beeswax_match
ids.ad.gt/api/v1/ Redirect Chain
|
43 B 478 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
mediamath_match
ids.ad.gt/api/v1/ Redirect Chain
|
43 B 484 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
token
token.rubiconproject.com/ Redirect Chain
|
0 214 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
367
a.ad.gt/api/v1/u/matches/ |
3 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
getpixels
pixels.ad.gt/api/v1/ |
0 344 B |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
99 KB 26 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cm
u.openx.net/w/1.0/ |
43 B 305 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
1853083501571805
connect.facebook.net/signals/config/ |
310 KB 89 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.facebook.com/tr/ |
44 B 295 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
impr_match
ids.ad.gt/api/v1/ Redirect Chain
|
43 B 484 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cm
trc.taboola.com/sg/audigent/1/ |
43 B 229 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
us
sync.go.sonobi.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
halo_match
ids.ad.gt/api/v1/ |
43 B 656 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
/
www.facebook.com/tr/ |
44 B 91 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- sync.go.sonobi.com
- URL
- https://sync.go.sonobi.com/us?https://ids.ad.gt/api/v1/son_match?id=20a06f62-6d9f-46c4-b9ff-083d4f0ec6d7&uid=[UID]
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: WeTransfer (Online)26 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| structuredClone object| gaplugins function| ga object| auth0EncodedConfig object| WT_PAGE_CONFIG function| initializeUiFromConfig function| initializeAuth0 object| LockConfiguration object| au object| google_tag_data object| auvars object| google_tag_manager object| dataLayer object| twttr function| GooglemKTybQhCsO function| google_trackConversion object| Auth0 function| Auth0Lock function| Auth0LockPasswordless object| lockJsScript function| docReady object| autag function| fbq function| _fbq object| gaGlobal object| gaData43 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| cutt.ly/ | Name: PHPSESSID Value: i2nfj99sb3abatrs1apklc0ela |
|
| xn--2000-93dyvqh1a1b.xn--p1ai/ | Name: PHPSESSID Value: ias9gmdr3h45jp2jq3cdn7sdd1 |
|
| .adnxs.com/ | Name: uuid2 Value: 6815026037153373109 |
|
| .doubleclick.net/ | Name: IDE Value: AHWqTUlHUuBh3N-F00torifxak3sn3rzoJDMKZdGS5RNu-L1P5KgSGsN0Tc-QKpXaxg |
|
| .pubmatic.com/ | Name: KTPCACOOKIE Value: true |
|
| .adsrvr.org/ | Name: TDID Value: 718c591c-80b0-42e6-a145-3dd9c62d9140 |
|
| .pubmatic.com/ | Name: KADUSERCOOKIE Value: 10DC44FE-26BC-4A26-B68E-55851E499E1B |
|
| .adsrvr.org/ | Name: TDCPM Value: CAEYBSABKAIyCwjM_6HFx9S6OhAFOAE. |
|
| .xn--2000-93dyvqh1a1b.xn--p1ai/ | Name: _ga Value: GA1.2.1582350849.1645454171 |
|
| .xn--2000-93dyvqh1a1b.xn--p1ai/ | Name: _gid Value: GA1.2.1545184017.1645454171 |
|
| .ad.gt/ | Name: last_seenadnxs Value: 1645454171152 |
|
| .ad.gt/ | Name: adnxs_id Value: 6815026037153373109 |
|
| .ad.gt/ | Name: first_seenadnxs Value: 1645454171152 |
|
| .ad.gt/ | Name: last_seeng_hosted Value: 1645454171153 |
|
| .ad.gt/ | Name: g_hosted Value: |
|
| .ad.gt/ | Name: last_seentd Value: 1645454171153 |
|
| .ad.gt/ | Name: tdid Value: 718c591c-80b0-42e6-a145-3dd9c62d9140 |
|
| .ad.gt/ | Name: first_seentd Value: 1645454171153 |
|
| .ad.gt/ | Name: last_seenpbm Value: 1645454171153 |
|
| .ad.gt/ | Name: pbm Value: 10DC44FE-26BC-4A26-B68E-55851E499E1B |
|
| .ad.gt/ | Name: first_seenpbm Value: 1645454171153 |
|
| .mathtag.com/ | Name: uuid Value: 914b6213-a35b-4100-81d7-ae4c730c8358 |
|
| .ad.gt/ | Name: last_seenadx Value: 1645454171155 |
|
| .ad.gt/ | Name: google_gid Value: CAESEBTtgJEmQhNuj9WkUuOwCbI |
|
| .ad.gt/ | Name: first_seenadx Value: 1645454171155 |
|
| .ad.gt/ | Name: halo_id Value: 0200j2q9gt07jv2yg08xizqr0bwpa0c0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj90fzd0bt1elzfjf1hl5r1i1kkc2jl |
|
| .ad.gt/ | Name: first_seenhaloid Value: 1645454171158 |
|
| .ad.gt/ | Name: last_seenrub Value: 1645454171370 |
|
| .ad.gt/ | Name: au_id Value: 20a06f62-6d9f-46c4-b9ff-083d4f0ec6d7 |
|
| .ad.gt/ | Name: rub Value: |
|
| .bidr.io/ | Name: bito Value: AAGIwU7EJ0cAAHGCGqMDZQ |
|
| .bidr.io/ | Name: bitoIsSecure Value: ok |
|
| .xn--2000-93dyvqh1a1b.xn--p1ai/ | Name: _fbp Value: fb.1.1645454171498.1167100785 |
|
| .ad.gt/ | Name: last_seenmediamath Value: 1645454171506 |
|
| .ad.gt/ | Name: user_id Value: 914b6213-a35b-4100-81d7-ae4c730c8358 |
|
| .ad.gt/ | Name: last_seenbeeswax Value: 1645454171576 |
|
| .ad.gt/ | Name: beeswax_id Value: AAGIwU7EJ0cAAHGCGqMDZQ |
|
| .ad.gt/ | Name: au_idmatch Value: {"apn": "2022-02-21", "ttd": "2022-02-21", "pub": "2022-02-21", "adx": "2022-02-21", "halo": "2022-02-21", "goo": "2022-02-21", "impr": "2022-02-21", "taboola": "2022-02-21", "son": "2022-02-21"} |
|
| .360yield.com/ | Name: tuuid Value: 73a96611-efa7-4c0f-ba35-f9f2a06fc4b0 |
|
| .360yield.com/ | Name: tuuid_lu Value: 1645454171 |
|
| .ad.gt/ | Name: last_seenhaloid Value: 1645454171973 |
|
| .ad.gt/ | Name: last_seenimprove Value: 1645454172131 |
|
| .ad.gt/ | Name: impr_uid Value: 73a96611-efa7-4c0f-ba35-f9f2a06fc4b0 |
10 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
a.ad.gt
ad.360yield.com
aufp.io
cm.g.doubleclick.net
connect.facebook.net
cutt.ly
ids.ad.gt
image2.pubmatic.com
match.adsrvr.org
match.prod.bidr.io
p.ad.gt
pixels.ad.gt
secure.adnxs.com
sync.go.sonobi.com
sync.mathtag.com
token.rubiconproject.com
trc.taboola.com
u.openx.net
www.facebook.com
www.google.com
xn--2000-93dyvqh1a1b.xn--p1ai
sync.go.sonobi.com
142.250.185.130
15.197.193.217
176.28.64.77
185.29.132.245
185.33.221.50
185.64.190.80
2606:4700:10::6816:e8
2a00:1450:4001:801::2004
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42::300
34.213.88.197
34.249.107.120
35.244.159.8
44.229.246.90
44.240.108.244
52.31.13.93
54.201.71.145
69.173.144.139
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1f39a1017906d512934d04cef8dbd816ebe0206eab872da92d30fdb554c84a89
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
3240c1e075f8d4b10177d8f3e550ff9f763bc2015e93061a0c6ccbb94541248f
38b65c451e98e9b1f65ee01205bf86e2309aa0a38db5d03fffcc6d3161f2e64c
42c52bdbaa9c00ee5d298c01ccd6399083ff9283156da45904f679542243fe24
4b59022f20ed865d2a5241757ad702172f32434fe14c210eb3d6adec159b948d
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
54bde3c3cc300bd1808e799f70340e9e34c512c24cb3e0e0856fec682b661a23
5676ecd136ca054f221159a34d87d16ac3aed235e8075691accf3a5ec8f901e6
5df59c03239cc69c4822ad03d3e963c67f82b46f7b19471355544a7296a81ab8
6136b1b39f8c75454cfe74139dbcca1c61c89481869a8070df87ad5ed2d1bbde
6dbba1863bcfe251266f22a6c3b047f788a4851623c58c7b6b750809f0885dad
7b18f49b87cf2ce19da6e9ddff3b99cdbb7d79baaddc3911a2d9b5ca74538994
7d7f514fd76fe4d43c85155b513159a4ee1cef33cc06887dbf7d28664deee651
85e50082d7ce113bfa87dbade18dbf747d1bacfcffdbd628296dcffa98a08f94
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
91c31a6fb698ef36708a1dab815d2644536e6816aeeba3109e92b7d1dc0a2281
9549286538bb1c7d9cec783ee33ffbae4f5566341e8efad47d31db235e5dba25
9bb105675ede758585d1566e00e352bb2e1eeb1ac4c6f5f01af7222effcd51bd
9bb8e625d45f42a5cdc8368dc31f86f450152eed11f59135e5e7bde24df434c7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a7e64756284a01baabdf92dcca8432a7e1bb7aea3a1f0cf43814f14738f65660
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
baa4bcc273d10ffc0ab585ec5c3cb3e03f701a057a6e0a54e2df9f2513e13058
c3d6b6d6a3b894733ca7a108ba1fe2e6caeaf7ab88fb6c5f4c623ba82a8047c1
c55508ea7ce1ad08364772fbfadb835d2b1d1b9238d345c45eee1943ada4ff6f
cde80e58fff4561911f7397ef39dca6cfd699cf91ae6a205ff0a38b248d9d2d4
da5dfff351e2e822c1f36fc9068b1c045265e7bd27c801f72bca96fc1f2b4e90
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7bf2df0a16db084dfa378e073c399b14fa4c48e92764bdb5497051f9786ce77
eb757840ff584d17f7fc070a06d1296efe56bbc968402e7bbd1a16fe63a64874
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f35f2f9cfc2e8ef101d1eac1257e1be0e2975d7531c681b30efe0aacf044ba9e