login.powershelltech.com
Open in
urlscan Pro
104.167.215.179
Public Scan
URL:
https://login.powershelltech.com/
Submission: On August 09 via automatic, source certstream-suspicious — Scanned from US
Submission: On August 09 via automatic, source certstream-suspicious — Scanned from US
Summary
This website contacted 25 IPs
in 1 countries
across 25 domains to perform 31 HTTP transactions.
The main IP is 104.167.215.179, located in
Dallas, United States and
belongs to BERRYBYTE BerryByte, GB.
The main domain is login.powershelltech.com.
TLS certificate: Issued by E6 on August 9th 2024. Valid for: 3 months.
This is the only time login.powershelltech.com was scanned on urlscan.io!
TLS certificate: Issued by E6 on August 9th 2024. Valid for: 3 months.
This is the only time login.powershelltech.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
1
104.167.215.179
(Dallas, United States)
ASN60841 (BERRYBYTE BerryByte, GB)
PTR: 104-167-215-179.ipv4.berrybyte.network
ASN60841 (BERRYBYTE BerryByte, GB)
PTR: 104-167-215-179.ipv4.berrybyte.network
| login.powershelltech.com |
15
2600:1f18:61c0:2206:c250:dfe5:4831:3500
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
ASN14618 (AMAZON-AES, US)
| d.adroll.com |
1
2a03:2880:f003:100:face:b00c:0:3
(Ashburn, United States)
ASN32934 (FACEBOOK, US)
ASN32934 (FACEBOOK, US)
| connect.facebook.net |
2
35.211.178.172
(North Charleston, United States)
ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com
ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com
| x.bidswitch.net |
2
142.251.174.154
(Farmingdale, United States)
ASN15169 (GOOGLE, US)
PTR: qc-in-f154.1e100.net
ASN15169 (GOOGLE, US)
PTR: qc-in-f154.1e100.net
| cm.g.doubleclick.net |
2
172.64.151.101
(San Francisco, United States)
ASN13335 (CLOUDFLARENET, US)
ASN13335 (CLOUDFLARENET, US)
| dsum-sec.casalemedia.com |
2
35.244.154.8
(Kansas City, United States)
ASN15169 (GOOGLE, US)
PTR: 8.154.244.35.bc.googleusercontent.com
ASN15169 (GOOGLE, US)
PTR: 8.154.244.35.bc.googleusercontent.com
| idsync.rlcdn.com |
1
107.178.254.65
(Kansas City, United States)
ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
| pippio.com |
2
34.98.64.218
(Kansas City, United States)
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
| us-u.openx.net |
2
34.200.65.202
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-65-202.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-65-202.compute-1.amazonaws.com
| ups.analytics.yahoo.com |
2
35.71.139.29
(United States)
ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
| eb2.3lift.com |
2
68.67.179.166
(North Bergen, United States)
ASN29990 (ASN-APPNEX, US)
PTR: 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ASN29990 (ASN-APPNEX, US)
PTR: 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
| ib.adnxs.com |
1
34.196.148.143
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-196-148-143.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-196-148-143.compute-1.amazonaws.com
| ipv4.d.adroll.com |
1
2600:1f18:61c0:2209:b4e7:32e0:5867:653d
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
ASN14618 (AMAZON-AES, US)
| x.adroll.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 18 |
adroll.com
12 redirects
s.adroll.com — Cisco Umbrella Rank: 5194 d.adroll.com — Cisco Umbrella Rank: 2660 ipv4.d.adroll.com — Cisco Umbrella Rank: 15429 x.adroll.com — Cisco Umbrella Rank: 8113 |
45 KB |
| 3 |
ucarecdn.com
ucarecdn.com — Cisco Umbrella Rank: 28783 |
469 KB |
| 2 |
adnxs.com
1 redirects
ib.adnxs.com — Cisco Umbrella Rank: 383 |
2 KB |
| 2 |
3lift.com
1 redirects
eb2.3lift.com — Cisco Umbrella Rank: 632 |
982 B |
| 2 |
yahoo.com
1 redirects
ups.analytics.yahoo.com — Cisco Umbrella Rank: 612 |
559 B |
| 2 |
openx.net
1 redirects
us-u.openx.net — Cisco Umbrella Rank: 864 |
516 B |
| 2 |
linkedin.com
1 redirects
px.ads.linkedin.com — Cisco Umbrella Rank: 669 |
902 B |
| 2 |
rlcdn.com
2 redirects
idsync.rlcdn.com — Cisco Umbrella Rank: 689 |
832 B |
| 2 |
casalemedia.com
1 redirects
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 1102 |
2 KB |
| 2 |
doubleclick.net
2 redirects
cm.g.doubleclick.net — Cisco Umbrella Rank: 363 |
1 KB |
| 2 |
bidswitch.net
1 redirects
x.bidswitch.net — Cisco Umbrella Rank: 499 |
1 KB |
| 2 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 104 |
|
| 2 |
acscdn.com
acscdn.com — Cisco Umbrella Rank: 35241 |
62 KB |
| 1 |
taboola.com
sync.taboola.com — Cisco Umbrella Rank: 2197 |
366 B |
| 1 |
pubmatic.com
image2.pubmatic.com — Cisco Umbrella Rank: 1373 |
585 B |
| 1 |
outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 1277 |
360 B |
| 1 |
rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 555 |
1 KB |
| 1 |
pippio.com
1 redirects
pippio.com — Cisco Umbrella Rank: 1285 |
634 B |
| 1 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 236 |
60 KB |
| 1 |
pubtrky.com
pubtrky.com — Cisco Umbrella Rank: 22393 |
431 B |
| 1 |
gstatic.com
fonts.gstatic.com |
24 KB |
| 1 |
icons8.com
img.icons8.com — Cisco Umbrella Rank: 53568 |
738 B |
| 1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112 |
102 KB |
| 1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110 |
1 KB |
| 1 |
powershelltech.com
login.powershelltech.com |
13 KB |
| 31 | 25 |
| Domain | Requested by | |
|---|---|---|
| 15 | d.adroll.com |
12 redirects
s.adroll.com
login.powershelltech.com |
| 3 | ucarecdn.com |
login.powershelltech.com
|
| 2 | ib.adnxs.com |
1 redirects
login.powershelltech.com
|
| 2 | eb2.3lift.com |
1 redirects
login.powershelltech.com
|
| 2 | ups.analytics.yahoo.com |
1 redirects
login.powershelltech.com
|
| 2 | us-u.openx.net |
1 redirects
login.powershelltech.com
|
| 2 | px.ads.linkedin.com |
1 redirects
login.powershelltech.com
|
| 2 | idsync.rlcdn.com | 2 redirects |
| 2 | dsum-sec.casalemedia.com |
1 redirects
login.powershelltech.com
|
| 2 | cm.g.doubleclick.net | 2 redirects |
| 2 | x.bidswitch.net |
1 redirects
login.powershelltech.com
|
| 2 | www.google-analytics.com |
www.googletagmanager.com
|
| 2 | acscdn.com |
login.powershelltech.com
acscdn.com |
| 1 | x.adroll.com |
login.powershelltech.com
|
| 1 | ipv4.d.adroll.com |
login.powershelltech.com
|
| 1 | sync.taboola.com |
login.powershelltech.com
|
| 1 | image2.pubmatic.com |
login.powershelltech.com
|
| 1 | sync.outbrain.com |
login.powershelltech.com
|
| 1 | pixel.rubiconproject.com |
login.powershelltech.com
|
| 1 | pippio.com | 1 redirects |
| 1 | connect.facebook.net |
s.adroll.com
|
| 1 | pubtrky.com |
acscdn.com
|
| 1 | fonts.gstatic.com |
fonts.googleapis.com
|
| 1 | s.adroll.com |
login.powershelltech.com
|
| 1 | img.icons8.com |
login.powershelltech.com
|
| 1 | www.googletagmanager.com |
login.powershelltech.com
|
| 1 | fonts.googleapis.com |
login.powershelltech.com
|
| 1 | login.powershelltech.com | |
| 31 | 28 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| discord.gg |
| github.com |
| youradexchange.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| login.powershelltech.com E6 |
2024-08-09 - 2024-11-07 |
3 months | crt.sh |
| acscdn.com WE1 |
2024-06-25 - 2024-09-23 |
3 months | crt.sh |
| upload.video.google.com WR2 |
2024-07-30 - 2024-10-22 |
3 months | crt.sh |
| *.google-analytics.com WR2 |
2024-07-30 - 2024-10-22 |
3 months | crt.sh |
| cps3.ucarecdn.com R11 |
2024-06-10 - 2024-09-08 |
3 months | crt.sh |
| 1004834818.rsc.cdn77.org E6 |
2024-06-23 - 2024-09-21 |
3 months | crt.sh |
| s.adroll.com Amazon RSA 2048 M02 |
2024-05-03 - 2025-06-01 |
a year | crt.sh |
| *.gstatic.com WR2 |
2024-07-30 - 2024-10-22 |
3 months | crt.sh |
| pubtrky.com WE1 |
2024-07-14 - 2024-10-12 |
3 months | crt.sh |
| d.adroll.com Amazon RSA 2048 M01 |
2023-10-09 - 2024-11-06 |
a year | crt.sh |
| *.facebook.com DigiCert SHA2 High Assurance Server CA |
2024-05-19 - 2024-08-17 |
3 months | crt.sh |
| *.adroll.com Amazon RSA 2048 M02 |
2024-07-03 - 2025-07-31 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://login.powershelltech.com/
Frame ID: 9FCD941E12BAE5110E47D566F03F083E
Requests: 31 HTTP requests in this frame
Screenshot
Page Title
DuckHTMLDetected technologies
AdRoll
(Advertising Networks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- (?:a|s)\.adroll\.com
AppNexus
(Advertising Networks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- adnxs\.(?:net|com)
Facebook
(Widgets)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Google Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
Google Font API
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Google Tag Manager
(Tag Managers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- googletagmanager\.com/gtag/js
OpenX
(Advertising Networks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- https?://[^/]*\.openx\.net
PubMatic
(Advertising Networks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- https?://[^/]*\.pubmatic\.com
Rubicon Project
(Advertising Networks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- https?://[^/]*\.rubiconproject\.com
Page Statistics
5 Outgoing links
These are links going to different origins than the main page.
URL: https://discord.gg/WJrVhYbrdQ
Title: Discord
Title: Discord
Search URL Search Domain Scan URL
URL: https://discord.gg/3pkmzwKd56
Search URL Search Domain Scan URL
URL: https://discord.gg/xjdrgx9PMf
Title: Click here to put your ad here
Title: Click here to put your ad here
Search URL Search Domain Scan URL
URL: https://github.com/ranguyafk/duckhtml2/tree/duck
Title: ‎ ‎ Github
Title: ‎ ‎ Github
Search URL Search Domain Scan URL
URL: https://youradexchange.com/ad/visit.php?al=1
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 14- https://d.adroll.com/cm/b/out?adroll_fpc=7ec5575e7cc7ba9fd73ee7434f9c6e62-1723231793330&pv=70626654881.74738&arrfrr=https%3A%2F%2Flogin.powershelltech.com%2F&advertisable=HN2UPZXOOBF6XDGSKCXFCJ HTTP 302
- https://x.bidswitch.net/sync?dsp_id=44&user_id=Nzg0NmNiYzg3ZGZhYTVmNzk3MTI3Mzg5NDNjNjhlYjE HTTP 302
- https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=Nzg0NmNiYzg3ZGZhYTVmNzk3MTI3Mzg5NDNjNjhlYjE
- https://d.adroll.com/cm/g/out?adroll_fpc=7ec5575e7cc7ba9fd73ee7434f9c6e62-1723231793330&pv=70626654881.74738&arrfrr=https%3A%2F%2Flogin.powershelltech.com%2F&advertisable=HN2UPZXOOBF6XDGSKCXFCJ HTTP 302
- https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=eEbLyH36pfeXEnOJQ8aOsQ HTTP 302
- https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=artb&google_hm=eEbLyH36pfeXEnOJQ8aOsQ&google_tc= HTTP 302
- https://d.adroll.com/cm/g/in
- https://d.adroll.com/cm/index/out?adroll_fpc=7ec5575e7cc7ba9fd73ee7434f9c6e62-1723231793330&pv=70626654881.74738&arrfrr=https%3A%2F%2Flogin.powershelltech.com%2F&advertisable=HN2UPZXOOBF6XDGSKCXFCJ HTTP 302
- https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=Nzg0NmNiYzg3ZGZhYTVmNzk3MTI3Mzg5NDNjNjhlYjE&expiration=1754767793 HTTP 302
- https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=Nzg0NmNiYzg3ZGZhYTVmNzk3MTI3Mzg5NDNjNjhlYjE&expiration=1754767793&C=1
- https://d.adroll.com/cm/l/out?adroll_fpc=7ec5575e7cc7ba9fd73ee7434f9c6e62-1723231793330&pv=70626654881.74738&arrfrr=https%3A%2F%2Flogin.powershelltech.com%2F&advertisable=HN2UPZXOOBF6XDGSKCXFCJ HTTP 302
- https://idsync.rlcdn.com/377928.gif?partner_uid=7846cbc87dfaa5f79712738943c68eb1 HTTP 307
- https://idsync.rlcdn.com/1000.gif?memo=CMiIFxIrCicIARDqIhogNzg0NmNiYzg3ZGZhYTVmNzk3MTI3Mzg5NDNjNjhlYjEQABoNCLHc2bUGEgUI6AcQAEIASgA HTTP 307
- https://pippio.com/api/sync?pid=5324&it=1&iv=7ff360378405e78533b1279fec9774ffca459255edd6a62a1ebbe94c3e86f677791426b5417dce21&_=2 HTTP 307
- https://px.ads.linkedin.com/db_sync?pid=10339&puuid=7ff360378405e78533b1279fec9774ffca459255edd6a62a1ebbe94c3e86f677791426b5417dce21&rand=07209572 HTTP 302
- https://px.ads.linkedin.com/db_sync?pid=10339&puuid=7ff360378405e78533b1279fec9774ffca459255edd6a62a1ebbe94c3e86f677791426b5417dce21&rand=07209572&expected_cookie=5aae0c82-fcaf-4e99-aa37-eedfc1a1669c
- https://d.adroll.com/cm/n/out?adroll_fpc=7ec5575e7cc7ba9fd73ee7434f9c6e62-1723231793330&pv=70626654881.74738&arrfrr=https%3A%2F%2Flogin.powershelltech.com%2F&advertisable=HN2UPZXOOBF6XDGSKCXFCJ HTTP 302
- https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=Nzg0NmNiYzg3ZGZhYTVmNzk3MTI3Mzg5NDNjNjhlYjE&expires=365
- https://d.adroll.com/cm/o/out?adroll_fpc=7ec5575e7cc7ba9fd73ee7434f9c6e62-1723231793330&pv=70626654881.74738&arrfrr=https%3A%2F%2Flogin.powershelltech.com%2F&advertisable=HN2UPZXOOBF6XDGSKCXFCJ HTTP 302
- https://us-u.openx.net/w/1.0/sd?id=537103138&val=7846cbc87dfaa5f79712738943c68eb1&gdpr=0&gdpr_consent= HTTP 302
- https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=7846cbc87dfaa5f79712738943c68eb1&gdpr=0&gdpr_consent=
- https://d.adroll.com/cm/outbrain/out?adroll_fpc=7ec5575e7cc7ba9fd73ee7434f9c6e62-1723231793330&pv=70626654881.74738&arrfrr=https%3A%2F%2Flogin.powershelltech.com%2F&advertisable=HN2UPZXOOBF6XDGSKCXFCJ HTTP 302
- https://sync.outbrain.com/cookie-sync?p=adroll&uid=Nzg0NmNiYzg3ZGZhYTVmNzk3MTI3Mzg5NDNjNjhlYjE&gdpr=0&gdpr_consent=&us_privacy=1---
- https://d.adroll.com/cm/pubmatic/out?adroll_fpc=7ec5575e7cc7ba9fd73ee7434f9c6e62-1723231793330&pv=70626654881.74738&arrfrr=https%3A%2F%2Flogin.powershelltech.com%2F&advertisable=HN2UPZXOOBF6XDGSKCXFCJ HTTP 302
- https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=Nzg0NmNiYzg3ZGZhYTVmNzk3MTI3Mzg5NDNjNjhlYjE&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
- https://d.adroll.com/cm/r/out?adroll_fpc=7ec5575e7cc7ba9fd73ee7434f9c6e62-1723231793330&pv=70626654881.74738&arrfrr=https%3A%2F%2Flogin.powershelltech.com%2F&advertisable=HN2UPZXOOBF6XDGSKCXFCJ HTTP 302
- https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=Nzg0NmNiYzg3ZGZhYTVmNzk3MTI3Mzg5NDNjNjhlYjE&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA HTTP 302
- https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=Nzg0NmNiYzg3ZGZhYTVmNzk3MTI3Mzg5NDNjNjhlYjE&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true
- https://d.adroll.com/cm/taboola/out?adroll_fpc=7ec5575e7cc7ba9fd73ee7434f9c6e62-1723231793330&pv=70626654881.74738&arrfrr=https%3A%2F%2Flogin.powershelltech.com%2F&advertisable=HN2UPZXOOBF6XDGSKCXFCJ HTTP 302
- https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=Nzg0NmNiYzg3ZGZhYTVmNzk3MTI3Mzg5NDNjNjhlYjE
- https://d.adroll.com/cm/triplelift/out?adroll_fpc=7ec5575e7cc7ba9fd73ee7434f9c6e62-1723231793330&pv=70626654881.74738&arrfrr=https%3A%2F%2Flogin.powershelltech.com%2F&advertisable=HN2UPZXOOBF6XDGSKCXFCJ HTTP 302
- https://eb2.3lift.com/xuid?mid=4714&xuid=Nzg0NmNiYzg3ZGZhYTVmNzk3MTI3Mzg5NDNjNjhlYjE&dongle=c85e HTTP 302
- https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=Nzg0NmNiYzg3ZGZhYTVmNzk3MTI3Mzg5NDNjNjhlYjE&dongle=c85e&gdpr=0&cmp_cs=&us_privacy=
- https://d.adroll.com/cm/x/out?adroll_fpc=7ec5575e7cc7ba9fd73ee7434f9c6e62-1723231793330&pv=70626654881.74738&arrfrr=https%3A%2F%2Flogin.powershelltech.com%2F&advertisable=HN2UPZXOOBF6XDGSKCXFCJ HTTP 302
- https://ib.adnxs.com/setuid?entity=172&code=Nzg0NmNiYzg3ZGZhYTVmNzk3MTI3Mzg5NDNjNjhlYjE HTTP 307
- https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DNzg0NmNiYzg3ZGZhYTVmNzk3MTI3Mzg5NDNjNjhlYjE
31 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
/
login.powershelltech.com/ |
13 KB 13 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
aclib.js
acscdn.com/script/ |
124 KB 40 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css2
fonts.googleapis.com/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
www.googletagmanager.com/gtag/ |
308 KB 102 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
duckhtml.png
ucarecdn.com/cf91fdbc-e959-4737-9276-c5ddb93799a8/ |
99 KB 100 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
play--v1.png
img.icons8.com/material-outlined/24/000000/ |
220 B 738 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Untitled.png
ucarecdn.com/3d7bda8d-652f-4a81-a32f-3ac1e0e2f610/ |
369 KB 370 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
roundtrip.js
s.adroll.com/j/HN2UPZXOOBF6XDGSKCXFCJ/ |
96 KB 29 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
UcCO3FwrK3iLTeHuS_nVMrMxCp50SjIw2boKoduKmMEVuLyfAZ9hiA.woff2
fonts.gstatic.com/s/inter/v18/ |
23 KB 24 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
ut.js
acscdn.com/script/ |
62 KB 23 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H3 |
hb.php
pubtrky.com/ut/ |
0 431 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
www.google-analytics.com/g/ |
0 0 |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
HN2UPZXOOBF6XDGSKCXFCJ
d.adroll.com/consent/check/ |
576 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
225 KB 60 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
BMIC6Q6R5JFGBBTL7Z3ZKF
d.adroll.com/segment/HN2UPZXOOBF6XDGSKCXFCJ/ |
42 B 2 KB |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
sync
x.bidswitch.net/ul_cb/ Redirect Chain
|
43 B 510 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
in
d.adroll.com/cm/g/ Redirect Chain
|
42 B 822 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
rum
dsum-sec.casalemedia.com/ Redirect Chain
|
43 B 736 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
db_sync
px.ads.linkedin.com/ Redirect Chain
|
0 144 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
tap.php
pixel.rubiconproject.com/ Redirect Chain
|
42 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sd
us-u.openx.net/w/1.0/ Redirect Chain
|
43 B 171 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
cookie-sync
sync.outbrain.com/ Redirect Chain
|
0 360 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Pug
image2.pubmatic.com/AdServer/ Redirect Chain
|
42 B 585 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sync
ups.analytics.yahoo.com/ups/55980/ Redirect Chain
|
0 121 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
rtb-h
sync.taboola.com/sg/adroll-network/1/ Redirect Chain
|
0 366 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
xuid
eb2.3lift.com/ Redirect Chain
|
37 B 474 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bounce
ib.adnxs.com/ Redirect Chain
|
43 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
BMIC6Q6R5JFGBBTL7Z3ZKF
ipv4.d.adroll.com/seg4/HN2UPZXOOBF6XDGSKCXFCJ/ |
42 B 588 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
trigger
x.adroll.com/attribution/ |
2 B 643 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
duckhtml.png
ucarecdn.com/cf91fdbc-e959-4737-9276-c5ddb93799a8/ |
99 KB 0 |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
www.google-analytics.com/g/ |
0 0 |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
44 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| Adcash function| AtcshAltNm string| rgxngibqxq object| aclib function| gtag object| dataLayer string| adroll_adv_id string| adroll_pix_id string| adroll_version boolean| __adroll_loaded object| adroll object| messages function| changeText function| showCookieNotice function| acceptCookies function| declineCookies function| redirectToGamePage function| openVideoPopup function| closeVideoPopup function| __adroll__ string| adroll_sid object| __adroll_consent_data object| __adroll object| adroll_form_fields object| adroll_third_party_forms object| adroll_third_party_detected object| adroll_snippet_errors boolean| user_engagement89 string| utsid-send object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| adroll_exp_list string| __adroll_url_category boolean| __adroll_consent string| __adroll_consent_user_country string| __adroll_consent_adv_country number| adroll_lex33_called function| fbq function| _fbq object| __adroll_pxl_assistant_track string| adroll_seg_eid string| adroll_rule_type43 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .powershelltech.com/ | Name: _ga Value: GA1.1.156963789.1723231793 |
|
| .powershelltech.com/ | Name: _ga_8X677NPBRV Value: GS1.1.1723231793.1.0.1723231793.0.0.0 |
|
| .d.adroll.com/ | Name: receive-cookie-deprecation Value: 1 |
|
| .adroll.com/ | Name: receive-cookie-deprecation Value: 1 |
|
| .login.powershelltech.com/ | Name: __adroll_fpc Value: 7ec5575e7cc7ba9fd73ee7434f9c6e62-1723231793330 |
|
| .login.powershelltech.com/ | Name: __ar_v4 Value: %7CHN2UPZXOOBF6XDGSKCXFCJ%3A20240808%3A1%7CBMIC6Q6R5JFGBBTL7Z3ZKF%3A20240808%3A1 |
|
| .casalemedia.com/ | Name: CMID Value: ZrZuMUt3uVIAAHjZAVgg1wAA |
|
| .casalemedia.com/ | Name: CMPS Value: 101 |
|
| .casalemedia.com/ | Name: CMPRO Value: 101 |
|
| .bidswitch.net/ | Name: tuuid Value: cd51c95c-0268-47a0-a7a5-012a6c714ba0 |
|
| .bidswitch.net/ | Name: c Value: 1723231793 |
|
| .bidswitch.net/ | Name: tuuid_lu Value: 1723231793 |
|
| x.adroll.com/ | Name: ar_debug Value: 1 |
|
| .3lift.com/ | Name: tluidp Value: 769294468562711035968 |
|
| .3lift.com/ | Name: tluid Value: 769294468562711035968 |
|
| .adnxs.com/ | Name: XANDR_PANID Value: 4BaGIj5-BbmZy--Ka0kil2ebJpgcG4RL0AAG23Q0oljLUaHMK54oCFAPdjbVCsVuEE4C5yLCComsxpWPM8acNNtdYAG4siFc60PlU_1oCmY. |
|
| .adnxs.com/ | Name: receive-cookie-deprecation Value: 1 |
|
| .adnxs.com/ | Name: uuid2 Value: 3395018173741841791 |
|
| .openx.net/ | Name: i Value: f784fc41-6e46-486f-944c-e7c5f3595722|1723231793 |
|
| .adnxs.com/ | Name: anj Value: dTM7k!M4/rD>6NRF']wIg2Ilef9*z=!]tbPl@/@8$-^=$UfY:%av.7pC^6mOatIxb@*>GmAO_#5`bxg/Zr42CazH@`CcB(#:W`O`]5+d>5s0*f3If)y3KL9D3I?+AjO(L. |
|
| .rlcdn.com/ | Name: rlas3 Value: ZEOJ9Qrk9A82s8BHOjqiNgFW6KvzvbpNkUxnCkeAAXo= |
|
| .taboola.com/ | Name: t_gid Value: d89a9f42-3203-4504-8827-5392244d8069-tuctdaff3b1 |
|
| .taboola.com/ | Name: t_pt_gid Value: d89a9f42-3203-4504-8827-5392244d8069-tuctdaff3b1 |
|
| .pubmatic.com/ | Name: KRTBCOOKIE_10 Value: 22808-Nzg0NmNiYzg3ZGZhYTVmNzk3MTI3Mzg5NDNjNjhlYjE&KRTB&22883-Nzg0NmNiYzg3ZGZhYTVmNzk3MTI3Mzg5NDNjNjhlYjE&KRTB&23504-Nzg0NmNiYzg3ZGZhYTVmNzk3MTI3Mzg5NDNjNjhlYjE&KRTB&23615-Nzg0NmNiYzg3ZGZhYTVmNzk3MTI3Mzg5NDNjNjhlYjE |
|
| .pubmatic.com/ | Name: PugT Value: 1723231792 |
|
| .rlcdn.com/ | Name: pxrc Value: CLHc2bUGEgUI6AcQABIFCOhHEAA= |
|
| .doubleclick.net/ | Name: IDE Value: AHWqTUmeUbcxXMu0-23K2nn0BJh8kJB9ENUOnJmtOWgIq77qkhT8c59MEx8npgNyduA |
|
| .d.adroll.com/ | Name: __adroll Value: 7846cbc87dfaa5f79712738943c68eb1-g_1723231793-a_1723231793 |
|
| .adroll.com/ | Name: __adroll_shared Value: 7846cbc87dfaa5f79712738943c68eb1-g_1723231793-a_1723231793 |
|
| .pippio.com/ | Name: did Value: r5NaTwuFceny6S8U |
|
| .pippio.com/ | Name: didts Value: 1723231793 |
|
| .pippio.com/ | Name: nnls Value: |
|
| .pippio.com/ | Name: pxrc Value: CLHc2bUGEgYIgr0rEAA= |
|
| .rubiconproject.com/ | Name: audit_p Value: 1|o2U/8VqWLgvjlzmf6tp37XPRNbF5kSLFAMYnGaoaTbeMaGpsUGBQ3stVmwSrRASkf8yAJxSueImM1KxoLazIt7kxm0k08nop+R4DB+iLIkEWFdGr1LuDtXSXlvvwZZM3owev1PxkmDYEnN314Ad8VNr01/3S478Z0DlQPMsxkUD/LZQ4L1jJmQ5/8Wu8VjpS3TYsX/cuoqHQD5U7tEfUTQ== |
|
| .rubiconproject.com/ | Name: khaos Value: LZN3PTXQ-I-4HHA |
|
| .rubiconproject.com/ | Name: khaos_p Value: LZN3PTXQ-I-4HHA |
|
| .rubiconproject.com/ | Name: audit Value: 1|o2U/8VqWLgvjlzmf6tp37XPRNbF5kSLFAMYnGaoaTbeMaGpsUGBQ3stVmwSrRASkf8yAJxSueImM1KxoLazIt7kxm0k08nop+R4DB+iLIkEWFdGr1LuDtXSXlvvwZZM3owev1PxkmDYEnN314Ad8VNr01/3S478Z0DlQPMsxkUD/LZQ4L1jJmQ5/8Wu8VjpS3TYsX/cuoqHQD5U7tEfUTQ== |
|
| .rubiconproject.com/ | Name: receive-cookie-deprecation Value: 1 |
|
| .linkedin.com/ | Name: li_sugr Value: 5aae0c82-fcaf-4e99-aa37-eedfc1a1669c |
|
| .linkedin.com/ | Name: bcookie Value: "v=2&0f99cbb6-dbd9-48fc-884b-7791562ee75e" |
|
| .linkedin.com/ | Name: lidc Value: "b=OGST02:s=O:r=O:a=O:p=O:g=3318:u=1:x=1:i=1723231793:t=1723318193:v=2:sig=AQEemVD1eMK_AktQTVmhLxIHDpdB59xq" |
|
| .yahoo.com/ | Name: A3 Value: d=AQABBDJutmYCEL7VzJGaMVWc_zTElqfpjboFEgEBAQG_t2bAZtxC0iMA_eMAAA&S=AQAAAvRejUd_pwyXbvDni02tVoU |
|
| .analytics.yahoo.com/ | Name: IDSYNC Value: 1770~2k17 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
acscdn.com
cm.g.doubleclick.net
connect.facebook.net
d.adroll.com
dsum-sec.casalemedia.com
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
img.icons8.com
ipv4.d.adroll.com
login.powershelltech.com
pippio.com
pixel.rubiconproject.com
pubtrky.com
px.ads.linkedin.com
s.adroll.com
sync.outbrain.com
sync.taboola.com
ucarecdn.com
ups.analytics.yahoo.com
us-u.openx.net
www.google-analytics.com
www.googletagmanager.com
x.adroll.com
x.bidswitch.net
104.167.215.179
104.36.113.107
107.178.254.65
141.226.124.48
142.251.174.154
172.64.151.101
2600:141b:e800:2a::1721:2c94
2600:1f18:61c0:2206:c250:dfe5:4831:3500
2600:1f18:61c0:2209:b4e7:32e0:5867:653d
2600:9000:23cb:c800:6:9280:1080:93a1
2606:4700:3031::6815:b1a
2606:4700:3034::6815:86c
2607:f8b0:4004:c07::5f
2607:f8b0:4004:c21::5e
2607:f8b0:4004:c21::8b
2607:f8b0:400d:c04::61
2620:1ec:21::14
2a02:6ea0:e200::17
2a03:2880:f003:100:face:b00c:0:3
34.196.148.143
34.200.65.202
34.98.64.218
35.211.178.172
35.244.154.8
35.71.139.29
68.67.179.166
69.173.151.100
70.42.32.95
0deb5082ddbcd905a8d9fff21cf5dfd1afdac4744f149a4db2801af971850390
19d25a93c72655dd26b6ba890010146a467d8877bcffe2558a0effd5455f19ba
419512584bce569860168dcd1876ad0b233571812669568daed99388f4f72b01
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d424af8e6254a3ee915b6efdec3f0ed3fcbdedc67c83025148c9758701cd2d4
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
58f84980fafd373e6169985066589810c5a3a64991783daf574c19b17432b30e
7273903288595146a6b36aa2496a62e22d3dd83ba063356dc921ba6a1642b373
9efbecfd53080cd132fa4908c6b0c62f6b814b44061ee74c74e576587c9353ec
9f227f013bb6a7522fc683dad1df63530508a7fb470286dbfa901ad9efccd498
a251c0e72fff940ddd634cf0851df5469349cc4fb8a9354da36a69e65e38901c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
dd05e326cf8eac3b55acecf29c842ed73e6e6dd06491cf47f7e8800680ab3e33
e316368629d77dc310250a03185c68e58a2abe54c6517f04fd9fd258a4355257
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e651e896c95613069c72c4c4172d7f8cefc4987304d6219d93842e0ef58ccfcc
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629