login.powershelltech.com
Open in
urlscan Pro
104.167.215.179
Public Scan
Submission: On August 09 via automatic, source certstream-suspicious — Scanned from US
Summary
TLS certificate: Issued by E6 on August 9th 2024. Valid for: 3 months.
This is the only time login.powershelltech.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN60841 (BERRYBYTE BerryByte, GB)
PTR: 104-167-215-179.ipv4.berrybyte.network
login.powershelltech.com |
ASN14618 (AMAZON-AES, US)
d.adroll.com |
ASN32934 (FACEBOOK, US)
connect.facebook.net |
ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net |
ASN15169 (GOOGLE, US)
PTR: qc-in-f154.1e100.net
cm.g.doubleclick.net |
ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com |
ASN15169 (GOOGLE, US)
PTR: 8.154.244.35.bc.googleusercontent.com
idsync.rlcdn.com |
ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net |
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-65-202.compute-1.amazonaws.com
ups.analytics.yahoo.com |
ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com |
ASN29990 (ASN-APPNEX, US)
PTR: 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-196-148-143.compute-1.amazonaws.com
ipv4.d.adroll.com |
ASN14618 (AMAZON-AES, US)
x.adroll.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
18 |
adroll.com
12 redirects
s.adroll.com — Cisco Umbrella Rank: 5194 d.adroll.com — Cisco Umbrella Rank: 2660 ipv4.d.adroll.com — Cisco Umbrella Rank: 15429 x.adroll.com — Cisco Umbrella Rank: 8113 |
45 KB |
3 |
ucarecdn.com
ucarecdn.com — Cisco Umbrella Rank: 28783 |
469 KB |
2 |
adnxs.com
1 redirects
ib.adnxs.com — Cisco Umbrella Rank: 383 |
2 KB |
2 |
3lift.com
1 redirects
eb2.3lift.com — Cisco Umbrella Rank: 632 |
982 B |
2 |
yahoo.com
1 redirects
ups.analytics.yahoo.com — Cisco Umbrella Rank: 612 |
559 B |
2 |
openx.net
1 redirects
us-u.openx.net — Cisco Umbrella Rank: 864 |
516 B |
2 |
linkedin.com
1 redirects
px.ads.linkedin.com — Cisco Umbrella Rank: 669 |
902 B |
2 |
rlcdn.com
2 redirects
idsync.rlcdn.com — Cisco Umbrella Rank: 689 |
832 B |
2 |
casalemedia.com
1 redirects
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 1102 |
2 KB |
2 |
doubleclick.net
2 redirects
cm.g.doubleclick.net — Cisco Umbrella Rank: 363 |
1 KB |
2 |
bidswitch.net
1 redirects
x.bidswitch.net — Cisco Umbrella Rank: 499 |
1 KB |
2 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 104 |
|
2 |
acscdn.com
acscdn.com — Cisco Umbrella Rank: 35241 |
62 KB |
1 |
taboola.com
sync.taboola.com — Cisco Umbrella Rank: 2197 |
366 B |
1 |
pubmatic.com
image2.pubmatic.com — Cisco Umbrella Rank: 1373 |
585 B |
1 |
outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 1277 |
360 B |
1 |
rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 555 |
1 KB |
1 |
pippio.com
1 redirects
pippio.com — Cisco Umbrella Rank: 1285 |
634 B |
1 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 236 |
60 KB |
1 |
pubtrky.com
pubtrky.com — Cisco Umbrella Rank: 22393 |
431 B |
1 |
gstatic.com
fonts.gstatic.com |
24 KB |
1 |
icons8.com
img.icons8.com — Cisco Umbrella Rank: 53568 |
738 B |
1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112 |
102 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110 |
1 KB |
1 |
powershelltech.com
login.powershelltech.com |
13 KB |
31 | 25 |
Domain | Requested by | |
---|---|---|
15 | d.adroll.com |
12 redirects
s.adroll.com
login.powershelltech.com |
3 | ucarecdn.com |
login.powershelltech.com
|
2 | ib.adnxs.com |
1 redirects
login.powershelltech.com
|
2 | eb2.3lift.com |
1 redirects
login.powershelltech.com
|
2 | ups.analytics.yahoo.com |
1 redirects
login.powershelltech.com
|
2 | us-u.openx.net |
1 redirects
login.powershelltech.com
|
2 | px.ads.linkedin.com |
1 redirects
login.powershelltech.com
|
2 | idsync.rlcdn.com | 2 redirects |
2 | dsum-sec.casalemedia.com |
1 redirects
login.powershelltech.com
|
2 | cm.g.doubleclick.net | 2 redirects |
2 | x.bidswitch.net |
1 redirects
login.powershelltech.com
|
2 | www.google-analytics.com |
www.googletagmanager.com
|
2 | acscdn.com |
login.powershelltech.com
acscdn.com |
1 | x.adroll.com |
login.powershelltech.com
|
1 | ipv4.d.adroll.com |
login.powershelltech.com
|
1 | sync.taboola.com |
login.powershelltech.com
|
1 | image2.pubmatic.com |
login.powershelltech.com
|
1 | sync.outbrain.com |
login.powershelltech.com
|
1 | pixel.rubiconproject.com |
login.powershelltech.com
|
1 | pippio.com | 1 redirects |
1 | connect.facebook.net |
s.adroll.com
|
1 | pubtrky.com |
acscdn.com
|
1 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | s.adroll.com |
login.powershelltech.com
|
1 | img.icons8.com |
login.powershelltech.com
|
1 | www.googletagmanager.com |
login.powershelltech.com
|
1 | fonts.googleapis.com |
login.powershelltech.com
|
1 | login.powershelltech.com | |
31 | 28 |
This site contains links to these domains. Also see Links.
Domain |
---|
discord.gg |
github.com |
youradexchange.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
login.powershelltech.com E6 |
2024-08-09 - 2024-11-07 |
3 months | crt.sh |
acscdn.com WE1 |
2024-06-25 - 2024-09-23 |
3 months | crt.sh |
upload.video.google.com WR2 |
2024-07-30 - 2024-10-22 |
3 months | crt.sh |
*.google-analytics.com WR2 |
2024-07-30 - 2024-10-22 |
3 months | crt.sh |
cps3.ucarecdn.com R11 |
2024-06-10 - 2024-09-08 |
3 months | crt.sh |
1004834818.rsc.cdn77.org E6 |
2024-06-23 - 2024-09-21 |
3 months | crt.sh |
s.adroll.com Amazon RSA 2048 M02 |
2024-05-03 - 2025-06-01 |
a year | crt.sh |
*.gstatic.com WR2 |
2024-07-30 - 2024-10-22 |
3 months | crt.sh |
pubtrky.com WE1 |
2024-07-14 - 2024-10-12 |
3 months | crt.sh |
d.adroll.com Amazon RSA 2048 M01 |
2023-10-09 - 2024-11-06 |
a year | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2024-05-19 - 2024-08-17 |
3 months | crt.sh |
*.adroll.com Amazon RSA 2048 M02 |
2024-07-03 - 2025-07-31 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://login.powershelltech.com/
Frame ID: 9FCD941E12BAE5110E47D566F03F083E
Requests: 31 HTTP requests in this frame
Screenshot
Page Title
DuckHTMLDetected technologies
AdRoll (Advertising Networks) ExpandDetected patterns
- (?:a|s)\.adroll\.com
AppNexus (Advertising Networks) Expand
Detected patterns
- adnxs\.(?:net|com)
Facebook (Widgets) Expand
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Google Analytics (Analytics) Expand
Detected patterns
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtag/js
OpenX (Advertising Networks) Expand
Detected patterns
- https?://[^/]*\.openx\.net
PubMatic (Advertising Networks) Expand
Detected patterns
- https?://[^/]*\.pubmatic\.com
Rubicon Project (Advertising Networks) Expand
Detected patterns
- https?://[^/]*\.rubiconproject\.com
Page Statistics
5 Outgoing links
These are links going to different origins than the main page.
Title: Discord
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Click here to put your ad here
Search URL Search Domain Scan URL
Title: ‎ ‎ Github
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 14- https://d.adroll.com/cm/b/out?adroll_fpc=7ec5575e7cc7ba9fd73ee7434f9c6e62-1723231793330&pv=70626654881.74738&arrfrr=https%3A%2F%2Flogin.powershelltech.com%2F&advertisable=HN2UPZXOOBF6XDGSKCXFCJ HTTP 302
- https://x.bidswitch.net/sync?dsp_id=44&user_id=Nzg0NmNiYzg3ZGZhYTVmNzk3MTI3Mzg5NDNjNjhlYjE HTTP 302
- https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=Nzg0NmNiYzg3ZGZhYTVmNzk3MTI3Mzg5NDNjNjhlYjE
- https://d.adroll.com/cm/g/out?adroll_fpc=7ec5575e7cc7ba9fd73ee7434f9c6e62-1723231793330&pv=70626654881.74738&arrfrr=https%3A%2F%2Flogin.powershelltech.com%2F&advertisable=HN2UPZXOOBF6XDGSKCXFCJ HTTP 302
- https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=eEbLyH36pfeXEnOJQ8aOsQ HTTP 302
- https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=artb&google_hm=eEbLyH36pfeXEnOJQ8aOsQ&google_tc= HTTP 302
- https://d.adroll.com/cm/g/in
- https://d.adroll.com/cm/index/out?adroll_fpc=7ec5575e7cc7ba9fd73ee7434f9c6e62-1723231793330&pv=70626654881.74738&arrfrr=https%3A%2F%2Flogin.powershelltech.com%2F&advertisable=HN2UPZXOOBF6XDGSKCXFCJ HTTP 302
- https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=Nzg0NmNiYzg3ZGZhYTVmNzk3MTI3Mzg5NDNjNjhlYjE&expiration=1754767793 HTTP 302
- https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=Nzg0NmNiYzg3ZGZhYTVmNzk3MTI3Mzg5NDNjNjhlYjE&expiration=1754767793&C=1
- https://d.adroll.com/cm/l/out?adroll_fpc=7ec5575e7cc7ba9fd73ee7434f9c6e62-1723231793330&pv=70626654881.74738&arrfrr=https%3A%2F%2Flogin.powershelltech.com%2F&advertisable=HN2UPZXOOBF6XDGSKCXFCJ HTTP 302
- https://idsync.rlcdn.com/377928.gif?partner_uid=7846cbc87dfaa5f79712738943c68eb1 HTTP 307
- https://idsync.rlcdn.com/1000.gif?memo=CMiIFxIrCicIARDqIhogNzg0NmNiYzg3ZGZhYTVmNzk3MTI3Mzg5NDNjNjhlYjEQABoNCLHc2bUGEgUI6AcQAEIASgA HTTP 307
- https://pippio.com/api/sync?pid=5324&it=1&iv=7ff360378405e78533b1279fec9774ffca459255edd6a62a1ebbe94c3e86f677791426b5417dce21&_=2 HTTP 307
- https://px.ads.linkedin.com/db_sync?pid=10339&puuid=7ff360378405e78533b1279fec9774ffca459255edd6a62a1ebbe94c3e86f677791426b5417dce21&rand=07209572 HTTP 302
- https://px.ads.linkedin.com/db_sync?pid=10339&puuid=7ff360378405e78533b1279fec9774ffca459255edd6a62a1ebbe94c3e86f677791426b5417dce21&rand=07209572&expected_cookie=5aae0c82-fcaf-4e99-aa37-eedfc1a1669c
- https://d.adroll.com/cm/n/out?adroll_fpc=7ec5575e7cc7ba9fd73ee7434f9c6e62-1723231793330&pv=70626654881.74738&arrfrr=https%3A%2F%2Flogin.powershelltech.com%2F&advertisable=HN2UPZXOOBF6XDGSKCXFCJ HTTP 302
- https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=Nzg0NmNiYzg3ZGZhYTVmNzk3MTI3Mzg5NDNjNjhlYjE&expires=365
- https://d.adroll.com/cm/o/out?adroll_fpc=7ec5575e7cc7ba9fd73ee7434f9c6e62-1723231793330&pv=70626654881.74738&arrfrr=https%3A%2F%2Flogin.powershelltech.com%2F&advertisable=HN2UPZXOOBF6XDGSKCXFCJ HTTP 302
- https://us-u.openx.net/w/1.0/sd?id=537103138&val=7846cbc87dfaa5f79712738943c68eb1&gdpr=0&gdpr_consent= HTTP 302
- https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=7846cbc87dfaa5f79712738943c68eb1&gdpr=0&gdpr_consent=
- https://d.adroll.com/cm/outbrain/out?adroll_fpc=7ec5575e7cc7ba9fd73ee7434f9c6e62-1723231793330&pv=70626654881.74738&arrfrr=https%3A%2F%2Flogin.powershelltech.com%2F&advertisable=HN2UPZXOOBF6XDGSKCXFCJ HTTP 302
- https://sync.outbrain.com/cookie-sync?p=adroll&uid=Nzg0NmNiYzg3ZGZhYTVmNzk3MTI3Mzg5NDNjNjhlYjE&gdpr=0&gdpr_consent=&us_privacy=1---
- https://d.adroll.com/cm/pubmatic/out?adroll_fpc=7ec5575e7cc7ba9fd73ee7434f9c6e62-1723231793330&pv=70626654881.74738&arrfrr=https%3A%2F%2Flogin.powershelltech.com%2F&advertisable=HN2UPZXOOBF6XDGSKCXFCJ HTTP 302
- https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=Nzg0NmNiYzg3ZGZhYTVmNzk3MTI3Mzg5NDNjNjhlYjE&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
- https://d.adroll.com/cm/r/out?adroll_fpc=7ec5575e7cc7ba9fd73ee7434f9c6e62-1723231793330&pv=70626654881.74738&arrfrr=https%3A%2F%2Flogin.powershelltech.com%2F&advertisable=HN2UPZXOOBF6XDGSKCXFCJ HTTP 302
- https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=Nzg0NmNiYzg3ZGZhYTVmNzk3MTI3Mzg5NDNjNjhlYjE&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA HTTP 302
- https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=Nzg0NmNiYzg3ZGZhYTVmNzk3MTI3Mzg5NDNjNjhlYjE&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true
- https://d.adroll.com/cm/taboola/out?adroll_fpc=7ec5575e7cc7ba9fd73ee7434f9c6e62-1723231793330&pv=70626654881.74738&arrfrr=https%3A%2F%2Flogin.powershelltech.com%2F&advertisable=HN2UPZXOOBF6XDGSKCXFCJ HTTP 302
- https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=Nzg0NmNiYzg3ZGZhYTVmNzk3MTI3Mzg5NDNjNjhlYjE
- https://d.adroll.com/cm/triplelift/out?adroll_fpc=7ec5575e7cc7ba9fd73ee7434f9c6e62-1723231793330&pv=70626654881.74738&arrfrr=https%3A%2F%2Flogin.powershelltech.com%2F&advertisable=HN2UPZXOOBF6XDGSKCXFCJ HTTP 302
- https://eb2.3lift.com/xuid?mid=4714&xuid=Nzg0NmNiYzg3ZGZhYTVmNzk3MTI3Mzg5NDNjNjhlYjE&dongle=c85e HTTP 302
- https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=Nzg0NmNiYzg3ZGZhYTVmNzk3MTI3Mzg5NDNjNjhlYjE&dongle=c85e&gdpr=0&cmp_cs=&us_privacy=
- https://d.adroll.com/cm/x/out?adroll_fpc=7ec5575e7cc7ba9fd73ee7434f9c6e62-1723231793330&pv=70626654881.74738&arrfrr=https%3A%2F%2Flogin.powershelltech.com%2F&advertisable=HN2UPZXOOBF6XDGSKCXFCJ HTTP 302
- https://ib.adnxs.com/setuid?entity=172&code=Nzg0NmNiYzg3ZGZhYTVmNzk3MTI3Mzg5NDNjNjhlYjE HTTP 307
- https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DNzg0NmNiYzg3ZGZhYTVmNzk3MTI3Mzg5NDNjNjhlYjE
31 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
login.powershelltech.com/ |
13 KB 13 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
aclib.js
acscdn.com/script/ |
124 KB 40 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
308 KB 102 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
duckhtml.png
ucarecdn.com/cf91fdbc-e959-4737-9276-c5ddb93799a8/ |
99 KB 100 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
play--v1.png
img.icons8.com/material-outlined/24/000000/ |
220 B 738 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Untitled.png
ucarecdn.com/3d7bda8d-652f-4a81-a32f-3ac1e0e2f610/ |
369 KB 370 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
roundtrip.js
s.adroll.com/j/HN2UPZXOOBF6XDGSKCXFCJ/ |
96 KB 29 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
UcCO3FwrK3iLTeHuS_nVMrMxCp50SjIw2boKoduKmMEVuLyfAZ9hiA.woff2
fonts.gstatic.com/s/inter/v18/ |
23 KB 24 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ut.js
acscdn.com/script/ |
62 KB 23 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
hb.php
pubtrky.com/ut/ |
0 431 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/g/ |
0 0 |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
HN2UPZXOOBF6XDGSKCXFCJ
d.adroll.com/consent/check/ |
576 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
225 KB 60 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
BMIC6Q6R5JFGBBTL7Z3ZKF
d.adroll.com/segment/HN2UPZXOOBF6XDGSKCXFCJ/ |
42 B 2 KB |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sync
x.bidswitch.net/ul_cb/ Redirect Chain
|
43 B 510 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
in
d.adroll.com/cm/g/ Redirect Chain
|
42 B 822 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
rum
dsum-sec.casalemedia.com/ Redirect Chain
|
43 B 736 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
db_sync
px.ads.linkedin.com/ Redirect Chain
|
0 144 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tap.php
pixel.rubiconproject.com/ Redirect Chain
|
42 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sd
us-u.openx.net/w/1.0/ Redirect Chain
|
43 B 171 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cookie-sync
sync.outbrain.com/ Redirect Chain
|
0 360 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Pug
image2.pubmatic.com/AdServer/ Redirect Chain
|
42 B 585 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sync
ups.analytics.yahoo.com/ups/55980/ Redirect Chain
|
0 121 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rtb-h
sync.taboola.com/sg/adroll-network/1/ Redirect Chain
|
0 366 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
xuid
eb2.3lift.com/ Redirect Chain
|
37 B 474 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bounce
ib.adnxs.com/ Redirect Chain
|
43 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
BMIC6Q6R5JFGBBTL7Z3ZKF
ipv4.d.adroll.com/seg4/HN2UPZXOOBF6XDGSKCXFCJ/ |
42 B 588 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
trigger
x.adroll.com/attribution/ |
2 B 643 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
duckhtml.png
ucarecdn.com/cf91fdbc-e959-4737-9276-c5ddb93799a8/ |
99 KB 0 |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/g/ |
0 0 |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
44 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| Adcash function| AtcshAltNm string| rgxngibqxq object| aclib function| gtag object| dataLayer string| adroll_adv_id string| adroll_pix_id string| adroll_version boolean| __adroll_loaded object| adroll object| messages function| changeText function| showCookieNotice function| acceptCookies function| declineCookies function| redirectToGamePage function| openVideoPopup function| closeVideoPopup function| __adroll__ string| adroll_sid object| __adroll_consent_data object| __adroll object| adroll_form_fields object| adroll_third_party_forms object| adroll_third_party_detected object| adroll_snippet_errors boolean| user_engagement89 string| utsid-send object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| adroll_exp_list string| __adroll_url_category boolean| __adroll_consent string| __adroll_consent_user_country string| __adroll_consent_adv_country number| adroll_lex33_called function| fbq function| _fbq object| __adroll_pxl_assistant_track string| adroll_seg_eid string| adroll_rule_type43 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.powershelltech.com/ | Name: _ga Value: GA1.1.156963789.1723231793 |
|
.powershelltech.com/ | Name: _ga_8X677NPBRV Value: GS1.1.1723231793.1.0.1723231793.0.0.0 |
|
.d.adroll.com/ | Name: receive-cookie-deprecation Value: 1 |
|
.adroll.com/ | Name: receive-cookie-deprecation Value: 1 |
|
.login.powershelltech.com/ | Name: __adroll_fpc Value: 7ec5575e7cc7ba9fd73ee7434f9c6e62-1723231793330 |
|
.login.powershelltech.com/ | Name: __ar_v4 Value: %7CHN2UPZXOOBF6XDGSKCXFCJ%3A20240808%3A1%7CBMIC6Q6R5JFGBBTL7Z3ZKF%3A20240808%3A1 |
|
.casalemedia.com/ | Name: CMID Value: ZrZuMUt3uVIAAHjZAVgg1wAA |
|
.casalemedia.com/ | Name: CMPS Value: 101 |
|
.casalemedia.com/ | Name: CMPRO Value: 101 |
|
.bidswitch.net/ | Name: tuuid Value: cd51c95c-0268-47a0-a7a5-012a6c714ba0 |
|
.bidswitch.net/ | Name: c Value: 1723231793 |
|
.bidswitch.net/ | Name: tuuid_lu Value: 1723231793 |
|
x.adroll.com/ | Name: ar_debug Value: 1 |
|
.3lift.com/ | Name: tluidp Value: 769294468562711035968 |
|
.3lift.com/ | Name: tluid Value: 769294468562711035968 |
|
.adnxs.com/ | Name: XANDR_PANID Value: 4BaGIj5-BbmZy--Ka0kil2ebJpgcG4RL0AAG23Q0oljLUaHMK54oCFAPdjbVCsVuEE4C5yLCComsxpWPM8acNNtdYAG4siFc60PlU_1oCmY. |
|
.adnxs.com/ | Name: receive-cookie-deprecation Value: 1 |
|
.adnxs.com/ | Name: uuid2 Value: 3395018173741841791 |
|
.openx.net/ | Name: i Value: f784fc41-6e46-486f-944c-e7c5f3595722|1723231793 |
|
.adnxs.com/ | Name: anj Value: dTM7k!M4/rD>6NRF']wIg2Ilef9*z=!]tbPl@/@8$-^=$UfY:%av.7pC^6mOatIxb@*>GmAO_#5`bxg/Zr42CazH@`CcB(#:W`O`]5+d>5s0*f3If)y3KL9D3I?+AjO(L. |
|
.rlcdn.com/ | Name: rlas3 Value: ZEOJ9Qrk9A82s8BHOjqiNgFW6KvzvbpNkUxnCkeAAXo= |
|
.taboola.com/ | Name: t_gid Value: d89a9f42-3203-4504-8827-5392244d8069-tuctdaff3b1 |
|
.taboola.com/ | Name: t_pt_gid Value: d89a9f42-3203-4504-8827-5392244d8069-tuctdaff3b1 |
|
.pubmatic.com/ | Name: KRTBCOOKIE_10 Value: 22808-Nzg0NmNiYzg3ZGZhYTVmNzk3MTI3Mzg5NDNjNjhlYjE&KRTB&22883-Nzg0NmNiYzg3ZGZhYTVmNzk3MTI3Mzg5NDNjNjhlYjE&KRTB&23504-Nzg0NmNiYzg3ZGZhYTVmNzk3MTI3Mzg5NDNjNjhlYjE&KRTB&23615-Nzg0NmNiYzg3ZGZhYTVmNzk3MTI3Mzg5NDNjNjhlYjE |
|
.pubmatic.com/ | Name: PugT Value: 1723231792 |
|
.rlcdn.com/ | Name: pxrc Value: CLHc2bUGEgUI6AcQABIFCOhHEAA= |
|
.doubleclick.net/ | Name: IDE Value: AHWqTUmeUbcxXMu0-23K2nn0BJh8kJB9ENUOnJmtOWgIq77qkhT8c59MEx8npgNyduA |
|
.d.adroll.com/ | Name: __adroll Value: 7846cbc87dfaa5f79712738943c68eb1-g_1723231793-a_1723231793 |
|
.adroll.com/ | Name: __adroll_shared Value: 7846cbc87dfaa5f79712738943c68eb1-g_1723231793-a_1723231793 |
|
.pippio.com/ | Name: did Value: r5NaTwuFceny6S8U |
|
.pippio.com/ | Name: didts Value: 1723231793 |
|
.pippio.com/ | Name: nnls Value: |
|
.pippio.com/ | Name: pxrc Value: CLHc2bUGEgYIgr0rEAA= |
|
.rubiconproject.com/ | Name: audit_p Value: 1|o2U/8VqWLgvjlzmf6tp37XPRNbF5kSLFAMYnGaoaTbeMaGpsUGBQ3stVmwSrRASkf8yAJxSueImM1KxoLazIt7kxm0k08nop+R4DB+iLIkEWFdGr1LuDtXSXlvvwZZM3owev1PxkmDYEnN314Ad8VNr01/3S478Z0DlQPMsxkUD/LZQ4L1jJmQ5/8Wu8VjpS3TYsX/cuoqHQD5U7tEfUTQ== |
|
.rubiconproject.com/ | Name: khaos Value: LZN3PTXQ-I-4HHA |
|
.rubiconproject.com/ | Name: khaos_p Value: LZN3PTXQ-I-4HHA |
|
.rubiconproject.com/ | Name: audit Value: 1|o2U/8VqWLgvjlzmf6tp37XPRNbF5kSLFAMYnGaoaTbeMaGpsUGBQ3stVmwSrRASkf8yAJxSueImM1KxoLazIt7kxm0k08nop+R4DB+iLIkEWFdGr1LuDtXSXlvvwZZM3owev1PxkmDYEnN314Ad8VNr01/3S478Z0DlQPMsxkUD/LZQ4L1jJmQ5/8Wu8VjpS3TYsX/cuoqHQD5U7tEfUTQ== |
|
.rubiconproject.com/ | Name: receive-cookie-deprecation Value: 1 |
|
.linkedin.com/ | Name: li_sugr Value: 5aae0c82-fcaf-4e99-aa37-eedfc1a1669c |
|
.linkedin.com/ | Name: bcookie Value: "v=2&0f99cbb6-dbd9-48fc-884b-7791562ee75e" |
|
.linkedin.com/ | Name: lidc Value: "b=OGST02:s=O:r=O:a=O:p=O:g=3318:u=1:x=1:i=1723231793:t=1723318193:v=2:sig=AQEemVD1eMK_AktQTVmhLxIHDpdB59xq" |
|
.yahoo.com/ | Name: A3 Value: d=AQABBDJutmYCEL7VzJGaMVWc_zTElqfpjboFEgEBAQG_t2bAZtxC0iMA_eMAAA&S=AQAAAvRejUd_pwyXbvDni02tVoU |
|
.analytics.yahoo.com/ | Name: IDSYNC Value: 1770~2k17 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
acscdn.com
cm.g.doubleclick.net
connect.facebook.net
d.adroll.com
dsum-sec.casalemedia.com
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
img.icons8.com
ipv4.d.adroll.com
login.powershelltech.com
pippio.com
pixel.rubiconproject.com
pubtrky.com
px.ads.linkedin.com
s.adroll.com
sync.outbrain.com
sync.taboola.com
ucarecdn.com
ups.analytics.yahoo.com
us-u.openx.net
www.google-analytics.com
www.googletagmanager.com
x.adroll.com
x.bidswitch.net
104.167.215.179
104.36.113.107
107.178.254.65
141.226.124.48
142.251.174.154
172.64.151.101
2600:141b:e800:2a::1721:2c94
2600:1f18:61c0:2206:c250:dfe5:4831:3500
2600:1f18:61c0:2209:b4e7:32e0:5867:653d
2600:9000:23cb:c800:6:9280:1080:93a1
2606:4700:3031::6815:b1a
2606:4700:3034::6815:86c
2607:f8b0:4004:c07::5f
2607:f8b0:4004:c21::5e
2607:f8b0:4004:c21::8b
2607:f8b0:400d:c04::61
2620:1ec:21::14
2a02:6ea0:e200::17
2a03:2880:f003:100:face:b00c:0:3
34.196.148.143
34.200.65.202
34.98.64.218
35.211.178.172
35.244.154.8
35.71.139.29
68.67.179.166
69.173.151.100
70.42.32.95
0deb5082ddbcd905a8d9fff21cf5dfd1afdac4744f149a4db2801af971850390
19d25a93c72655dd26b6ba890010146a467d8877bcffe2558a0effd5455f19ba
419512584bce569860168dcd1876ad0b233571812669568daed99388f4f72b01
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d424af8e6254a3ee915b6efdec3f0ed3fcbdedc67c83025148c9758701cd2d4
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
58f84980fafd373e6169985066589810c5a3a64991783daf574c19b17432b30e
7273903288595146a6b36aa2496a62e22d3dd83ba063356dc921ba6a1642b373
9efbecfd53080cd132fa4908c6b0c62f6b814b44061ee74c74e576587c9353ec
9f227f013bb6a7522fc683dad1df63530508a7fb470286dbfa901ad9efccd498
a251c0e72fff940ddd634cf0851df5469349cc4fb8a9354da36a69e65e38901c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
dd05e326cf8eac3b55acecf29c842ed73e6e6dd06491cf47f7e8800680ab3e33
e316368629d77dc310250a03185c68e58a2abe54c6517f04fd9fd258a4355257
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e651e896c95613069c72c4c4172d7f8cefc4987304d6219d93842e0ef58ccfcc
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629