startd0wnload22x.com
Open in
urlscan Pro
188.72.236.34
Public Scan
Effective URL: https://startd0wnload22x.com/GcrKe5df719a4160df814a97c81d2d8cf908b45f4a921?q=&s1=3664_5vv5&s3=63c874075ad2dd00011f105f
Submission: On January 18 via manual from JP — Scanned from JP
Summary
TLS certificate: Issued by R3 on January 17th 2023. Valid for: 3 months.
This is the only time startd0wnload22x.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 198.134.116.17 198.134.116.17 | 27257 (WEBAIR-IN...) (WEBAIR-INTERNET) | |
2 2 | 51.161.115.163 51.161.115.163 | 16276 (OVH) (OVH) | |
1 1 | 198.134.116.30 198.134.116.30 | 27257 (WEBAIR-IN...) (WEBAIR-INTERNET) | |
1 1 | 51.83.143.92 51.83.143.92 | 16276 (OVH) (OVH) | |
2 4 | 2606:4700:e2:... 2606:4700:e2::ac40:891b | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 2 | 2606:4700:10:... 2606:4700:10::6816:4aab | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 1 | 23.23.100.235 23.23.100.235 | 14618 (AMAZON-AES) (AMAZON-AES) | |
2 | 2404:6800:400... 2404:6800:4004:826::200e | 15169 (GOOGLE) (GOOGLE) | |
1 2 | 23.235.244.212 23.235.244.212 | 20454 (SSASN2) (SSASN2) | |
1 | 94.237.103.119 94.237.103.119 | 202053 (UPCLOUD) (UPCLOUD) | |
1 1 | 107.20.106.95 107.20.106.95 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 1 | 3.226.146.143 3.226.146.143 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 | 34.91.234.242 34.91.234.242 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
1 | 188.72.236.34 188.72.236.34 | () () | |
10 | 8 |
ASN16276 (OVH, FR)
PTR: ns572483.ip-51-161-115.net
t3.lowtid.com | |
t1.blowingwnd.com |
ASN13335 (CLOUDFLARENET, US)
whos.amung.us | |
widgets.amung.us |
ASN14618 (AMAZON-AES, US)
PTR: ec2-23-23-100-235.compute-1.amazonaws.com
pritha-ner.com |
ASN202053 (UPCLOUD, FI)
PTR: 94-237-103-119.de-fra1.upcloud.host
1d5e051bc65.traffic-c.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-107-20-106-95.compute-1.amazonaws.com
brko.admobe.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-226-146-143.compute-1.amazonaws.com
setupspeedyhighlyinfo-file.info |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 242.234.91.34.bc.googleusercontent.com
track.gositego.live |
Apex Domain Subdomains |
Transfer | |
---|---|---|
4 |
popmyads.com
2 redirects
popmyads.com — Cisco Umbrella Rank: 174033 |
3 KB |
2 |
prpops.com
1 redirects
prpops.com — Cisco Umbrella Rank: 439866 |
19 KB |
2 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 22 |
20 KB |
2 |
amung.us
1 redirects
whos.amung.us — Cisco Umbrella Rank: 15593 widgets.amung.us — Cisco Umbrella Rank: 15634 |
704 B |
1 |
startd0wnload22x.com
startd0wnload22x.com |
6 KB |
1 |
gositego.live
track.gositego.live — Cisco Umbrella Rank: 270411 |
510 B |
1 |
setupspeedyhighlyinfo-file.info
1 redirects
setupspeedyhighlyinfo-file.info |
359 B |
1 |
admobe.com
1 redirects
brko.admobe.com — Cisco Umbrella Rank: 597008 |
339 B |
1 |
traffic-c.com
1d5e051bc65.traffic-c.com |
1 KB |
1 |
pritha-ner.com
1 redirects
pritha-ner.com — Cisco Umbrella Rank: 796609 |
621 B |
1 |
trffclb.com
1 redirects
ron.trffclb.com — Cisco Umbrella Rank: 306945 |
294 B |
1 |
blowingwnd.com
1 redirects
t1.blowingwnd.com — Cisco Umbrella Rank: 261341 |
306 B |
1 |
c4ptainn3lson.xyz
1 redirects
go.c4ptainn3lson.xyz |
267 B |
1 |
lowtid.com
1 redirects
t3.lowtid.com — Cisco Umbrella Rank: 170389 |
367 B |
1 |
celxkpdir.com
1 redirects
click-v4.celxkpdir.com — Cisco Umbrella Rank: 72644 |
240 B |
0 |
xpprinx2.com
Failed
xpprinx2.com Failed |
|
10 | 16 |
Domain | Requested by | |
---|---|---|
4 | popmyads.com | 2 redirects |
2 | prpops.com |
1 redirects
popmyads.com
|
2 | www.google-analytics.com |
popmyads.com
www.google-analytics.com |
1 | startd0wnload22x.com | |
1 | track.gositego.live | |
1 | setupspeedyhighlyinfo-file.info | 1 redirects |
1 | brko.admobe.com | 1 redirects |
1 | 1d5e051bc65.traffic-c.com | |
1 | pritha-ner.com | 1 redirects |
1 | widgets.amung.us | |
1 | whos.amung.us | 1 redirects |
1 | ron.trffclb.com | 1 redirects |
1 | t1.blowingwnd.com | 1 redirects |
1 | go.c4ptainn3lson.xyz | 1 redirects |
1 | t3.lowtid.com | 1 redirects |
1 | click-v4.celxkpdir.com | 1 redirects |
0 | xpprinx2.com Failed |
startd0wnload22x.com
|
10 | 17 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-06-03 - 2023-06-02 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2022-12-12 - 2023-03-06 |
3 months | crt.sh |
traffic-c.com R3 |
2022-12-09 - 2023-03-09 |
3 months | crt.sh |
track.gositego.live Sectigo RSA Domain Validation Secure Server CA |
2022-05-31 - 2023-05-28 |
a year | crt.sh |
startd0wnload22x.com R3 |
2023-01-17 - 2023-04-17 |
3 months | crt.sh |
This page contains 1 frames:
Frame:
https://xpprinx2.com//565/?ip=31.204.145.172&utm_term=&utm_source=AAd0yGMPKgUAMVcCAEpQFwASAO7xJesA&utm_content=338447
Frame ID: 88322FE27D2CB56B54684467CF6E4CD6
Requests: 10 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://click-v4.celxkpdir.com/click?i=LwvJPnrZ15o_0
HTTP 302
https://t3.lowtid.com/s.php?p=c:4ljkfd1stuas5a3tw&d=61b87b159bd23420f125f716&pid=LwvJPnrZ15o_0&s=4... HTTP 302
https://go.c4ptainn3lson.xyz/redirect?feed=491151&url=t3.lowtid.com&subid=custom_123j1djb25.nl.windows.ch... HTTP 302
https://t1.blowingwnd.com/v.php?p=c:p7561zmdc76notiux&d=63a38fcb569f180e9d0810d1&s=491151.447785_garss... HTTP 302
https://ron.trffclb.com/f.php?p=c:9qopki6xwqp7b0yj1&d=603611c5b7eaf46891533240&s=ys_491151.447785_ga... HTTP 302
https://popmyads.com/serve/52264/64661/szqpmqqoapdpgpq/aHR0cDovL3RyYWZmaXgxMy5jb20= Page URL
-
https://popmyads.com/gget
HTTP 302
http://pritha-ner.com/0646613550?adTagId=20111650-aa5d-11e6-a4a9-0e855f2e0669&fallbackUrl=https://... HTTP 302
https://popmyads.com/return/30?clickid=4cdd6821-9780-11ed-92a5-1280cfb74907 Page URL
-
https://popmyads.com/returngo/MTY3NDA4MTI4MlE2RjcwVFlSVjk2Mk1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA...
HTTP 302
http://prpops.com/p/sjbi/direct/t:0646613550 Page URL
-
http://prpops.com/p/sjbi/direct/t:0646613550?prc_c=1674081283&prc_r=eyJIVFRQX1VTRVJfQUdFTlQiOi...
HTTP 302
https://1d5e051bc65.traffic-c.com/?p=4554&media_type=mainstream&pi=04_MS_DP_TrafficCompany_cert&click_id=34146... Page URL
-
https://brko.admobe.com/gsdagsdag/gsdagasd/?utm_source=1080&utm_campaign=11211032&clck=5xmmfqes3ez7x...
HTTP 302
https://setupspeedyhighlyinfo-file.info/IBfxOfZBi6eBbC-FgLQKTx-hYRRDiEvqJmJjAhBCi6Y?clck=5xmmfqes3ez7xqwev0fswg08c,1... HTTP 302
https://track.gositego.live/click?pid=3664&offer_id=17742&sub1=D8EXhz6yO6F0x2uOKaAy-jZ9hkcmDktT&sub2=5vv5 Page URL
- https://startd0wnload22x.com/GcrKe5df719a4160df814a97c81d2d8cf908b45f4a921?q=&s1=3664_5vv5&s3=63c874075ad... Page URL
Detected technologies
Google Analytics (Analytics) ExpandDetected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://click-v4.celxkpdir.com/click?i=LwvJPnrZ15o_0
HTTP 302
https://t3.lowtid.com/s.php?p=c:4ljkfd1stuas5a3tw&d=61b87b159bd23420f125f716&pid=LwvJPnrZ15o_0&s=447785_garss.tv HTTP 302
https://go.c4ptainn3lson.xyz/redirect?feed=491151&url=t3.lowtid.com&subid=custom_123j1djb25.nl.windows.chrome&query=447785_garss.tv&pub_clickid=63c873fe0f160431a528d65a HTTP 302
https://t1.blowingwnd.com/v.php?p=c:p7561zmdc76notiux&d=63a38fcb569f180e9d0810d1&s=491151.447785_garss.tv&d2=t3.lowtid.com&s2=491151&d1=31 HTTP 302
https://ron.trffclb.com/f.php?p=c:9qopki6xwqp7b0yj1&d=603611c5b7eaf46891533240&s=ys_491151.447785_garss.tv HTTP 302
https://popmyads.com/serve/52264/64661/szqpmqqoapdpgpq/aHR0cDovL3RyYWZmaXgxMy5jb20= Page URL
-
https://popmyads.com/gget
HTTP 302
http://pritha-ner.com/0646613550?adTagId=20111650-aa5d-11e6-a4a9-0e855f2e0669&fallbackUrl=https://popmyads.com/return/30 HTTP 302
https://popmyads.com/return/30?clickid=4cdd6821-9780-11ed-92a5-1280cfb74907 Page URL
-
https://popmyads.com/returngo/MTY3NDA4MTI4MlE2RjcwVFlSVjk2Mk1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMDkuMC41NDE0Ljc0IFNhZmFyaS81MzcuMzY=/30/1600x1200/8/4/0
HTTP 302
http://prpops.com/p/sjbi/direct/t:0646613550 Page URL
-
http://prpops.com/p/sjbi/direct/t:0646613550?prc_c=1674081283&prc_r=eyJIVFRQX1VTRVJfQUdFTlQiOiJNb3ppbGxhXC81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXRcLzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZVwvMTA5LjAuNTQxNC43NCBTYWZhcmlcLzUzNy4zNiJ9&prc_h=943104f29e91181961f21ddf4f55d1cea40bd71a0830daeed6db2e31b2974dbd&pr_tsid=06d7d14e1d1480f24caf05dd1c4e97a31e9ad2eb6669514039d5d4ca595d02c9&pr_tsids=fbc89021754964b6bd228ab864541484283882e49c3f2d9313d3129bc220b9ad
HTTP 302
https://1d5e051bc65.traffic-c.com/?p=4554&media_type=mainstream&pi=04_MS_DP_TrafficCompany_cert&click_id=341461cc8f85e688bdc6c8269b66a31935e2f8158e28b74538b556f3962fc66b&sub_id=7753721&transaction_id=S26582623 Page URL
-
https://brko.admobe.com/gsdagsdag/gsdagasd/?utm_source=1080&utm_campaign=11211032&clck=5xmmfqes3ez7xqwev0fswg08c,16543677,5,4554&sid=4554
HTTP 302
https://setupspeedyhighlyinfo-file.info/IBfxOfZBi6eBbC-FgLQKTx-hYRRDiEvqJmJjAhBCi6Y?clck=5xmmfqes3ez7xqwev0fswg08c,16543677,5,4554&sid=4554 HTTP 302
https://track.gositego.live/click?pid=3664&offer_id=17742&sub1=D8EXhz6yO6F0x2uOKaAy-jZ9hkcmDktT&sub2=5vv5 Page URL
- https://startd0wnload22x.com/GcrKe5df719a4160df814a97c81d2d8cf908b45f4a921?q=&s1=3664_5vv5&s3=63c874075ad2dd00011f105f Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://click-v4.celxkpdir.com/click?i=LwvJPnrZ15o_0 HTTP 302
- https://t3.lowtid.com/s.php?p=c:4ljkfd1stuas5a3tw&d=61b87b159bd23420f125f716&pid=LwvJPnrZ15o_0&s=447785_garss.tv HTTP 302
- https://go.c4ptainn3lson.xyz/redirect?feed=491151&url=t3.lowtid.com&subid=custom_123j1djb25.nl.windows.chrome&query=447785_garss.tv&pub_clickid=63c873fe0f160431a528d65a HTTP 302
- https://t1.blowingwnd.com/v.php?p=c:p7561zmdc76notiux&d=63a38fcb569f180e9d0810d1&s=491151.447785_garss.tv&d2=t3.lowtid.com&s2=491151&d1=31 HTTP 302
- https://ron.trffclb.com/f.php?p=c:9qopki6xwqp7b0yj1&d=603611c5b7eaf46891533240&s=ys_491151.447785_garss.tv HTTP 302
- https://popmyads.com/serve/52264/64661/szqpmqqoapdpgpq/aHR0cDovL3RyYWZmaXgxMy5jb20=
- https://whos.amung.us/swidget/popmyads.png HTTP 307
- https://widgets.amung.us/draw/?w=small&n=13900&c=ffc20e000000&p=left
- https://popmyads.com/gget HTTP 302
- http://pritha-ner.com/0646613550?adTagId=20111650-aa5d-11e6-a4a9-0e855f2e0669&fallbackUrl=https://popmyads.com/return/30 HTTP 302
- https://popmyads.com/return/30?clickid=4cdd6821-9780-11ed-92a5-1280cfb74907
- https://popmyads.com/returngo/MTY3NDA4MTI4MlE2RjcwVFlSVjk2Mk1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMDkuMC41NDE0Ljc0IFNhZmFyaS81MzcuMzY=/30/1600x1200/8/4/0 HTTP 302
- http://prpops.com/p/sjbi/direct/t:0646613550
- http://prpops.com/p/sjbi/direct/t:0646613550?prc_c=1674081283&prc_r=eyJIVFRQX1VTRVJfQUdFTlQiOiJNb3ppbGxhXC81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXRcLzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZVwvMTA5LjAuNTQxNC43NCBTYWZhcmlcLzUzNy4zNiJ9&prc_h=943104f29e91181961f21ddf4f55d1cea40bd71a0830daeed6db2e31b2974dbd&pr_tsid=06d7d14e1d1480f24caf05dd1c4e97a31e9ad2eb6669514039d5d4ca595d02c9&pr_tsids=fbc89021754964b6bd228ab864541484283882e49c3f2d9313d3129bc220b9ad HTTP 302
- https://1d5e051bc65.traffic-c.com/?p=4554&media_type=mainstream&pi=04_MS_DP_TrafficCompany_cert&click_id=341461cc8f85e688bdc6c8269b66a31935e2f8158e28b74538b556f3962fc66b&sub_id=7753721&transaction_id=S26582623
- https://brko.admobe.com/gsdagsdag/gsdagasd/?utm_source=1080&utm_campaign=11211032&clck=5xmmfqes3ez7xqwev0fswg08c,16543677,5,4554&sid=4554 HTTP 302
- https://setupspeedyhighlyinfo-file.info/IBfxOfZBi6eBbC-FgLQKTx-hYRRDiEvqJmJjAhBCi6Y?clck=5xmmfqes3ez7xqwev0fswg08c,16543677,5,4554&sid=4554 HTTP 302
- https://track.gositego.live/click?pid=3664&offer_id=17742&sub1=D8EXhz6yO6F0x2uOKaAy-jZ9hkcmDktT&sub2=5vv5
10 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
aHR0cDovL3RyYWZmaXgxMy5jb20=
popmyads.com/serve/52264/64661/szqpmqqoapdpgpq/ Redirect Chain
|
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
widgets.amung.us/draw/ Redirect Chain
|
364 B 530 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
30
popmyads.com/return/ Redirect Chain
|
1 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
t:0646613550
prpops.com/p/sjbi/direct/ Redirect Chain
|
50 KB 18 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/j/ |
2 B 205 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
1d5e051bc65.traffic-c.com/ Redirect Chain
|
1 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
click
track.gositego.live/ Redirect Chain
|
256 B 510 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
GcrKe5df719a4160df814a97c81d2d8cf908b45f4a921
startd0wnload22x.com/ |
5 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
xpprinx2.com//565/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- xpprinx2.com
- URL
- https://xpprinx2.com//565/?ip=31.204.145.172&utm_term=&utm_source=AAd0yGMPKgUAMVcCAEpQFwASAO7xJesA&utm_content=338447
Verdicts & Comments Add Verdict or Comment
1 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontentvisibilityautostatechange12 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
prpops.com/p/sjbi/direct | Name: woa1quur7O Value: e6f0b4a9fd9bed46984e81d09babe2c88f78244d9076e3858e6e893e71aae4af7ed9d41ddd0f5f5ec059c5039c6bca69f427d44d835e53a6dcd3d603591a5af7 |
|
prpops.com/p/sjbi/direct | Name: biscuit_suus99w8 Value: 8147e4a4797e6cc6d7d3b18a4770c24738620755d6e70a6914f1f5028b3a752d |
|
pritha-ner.com/ | Name: 604f7b6f-0cd4-4d20-93c1-e91664c5b996 Value: 4ce04e5a-9780-11ed-92a5-1280cfb74907 |
|
.popmyads.com/ | Name: _ga Value: GA1.2.1295631719.1674081283 |
|
.popmyads.com/ | Name: _gid Value: GA1.2.1093135203.1674081283 |
|
.popmyads.com/ | Name: _gat Value: 1 |
|
.1d5e051bc65.traffic-c.com/ | Name: rts-trck Value: 1 |
|
.traffic-c.com/ | Name: t-uuid Value: 5xmmfqes7a9pvyfa28uo8g48o |
|
.traffic-c.com/ | Name: traffic-back Value: ok |
|
setupspeedyhighlyinfo-file.info/ | Name: session Value: D8EXhz6yO6F0x2uOKaAy-jZ9hkcmDktT |
|
track.gositego.live/ | Name: afclick Value: 63c874075ad2dd00011f105f |
|
track.gositego.live/ | Name: afoffers Value: {"17742":1674081287} |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | frame-ancestors 'none' |
X-Frame-Options | DENY |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
1d5e051bc65.traffic-c.com
brko.admobe.com
click-v4.celxkpdir.com
go.c4ptainn3lson.xyz
popmyads.com
pritha-ner.com
prpops.com
ron.trffclb.com
setupspeedyhighlyinfo-file.info
startd0wnload22x.com
t1.blowingwnd.com
t3.lowtid.com
track.gositego.live
whos.amung.us
widgets.amung.us
www.google-analytics.com
xpprinx2.com
xpprinx2.com
107.20.106.95
188.72.236.34
198.134.116.17
198.134.116.30
23.23.100.235
23.235.244.212
2404:6800:4004:826::200e
2606:4700:10::6816:4aab
2606:4700:e2::ac40:891b
3.226.146.143
34.91.234.242
51.161.115.163
51.83.143.92
94.237.103.119
24e6cf799df89b3c367d81937305fe25eab7a8d5d83de1f196e99c0d4af65dc0
29bdfa59f0600a8b92556e6054c4e96976d3241b807b66241ffd51e151fecb61
60feec4fb4c7b2ac9512ba82513b3e0d61d3bee227669b123b107488b0786240