ip170.ip-51-89-105.eu
Open in
urlscan Pro
51.89.105.170
Malicious Activity!
Public Scan
Submission: On November 06 via api from BY — Scanned from GB
Summary
This is the only time ip170.ip-51-89-105.eu was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Libero (Online)Domain & IP information
ASN16276 (OVH, FR)
PTR: ip170.ip-51-89-105.eu
ip170.ip-51-89-105.eu |
ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-115.fra2.r.cloudfront.net
i1.plug.it |
ASN16509 (AMAZON-02, US)
PTR: server-108-138-1-25.fra56.r.cloudfront.net
c.amazon-adsystem.com |
ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-75.fra60.r.cloudfront.net
sb.scorecardresearch.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-19.fra2.r.cloudfront.net
i.plug.it |
ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com |
ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-244-226.eu-central-1.compute.amazonaws.com
italiaonline.profiles.tagger.opecloud.com |
ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com |
ASN15169 (GOOGLE, US)
7deeb05b02c217becaec6af92d145ac8.safeframe.googlesyndication.com |
ASN15169 (GOOGLE, US)
tpc.googlesyndication.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 7deeb05b02c217becaec6af92d145ac8.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 149 |
63 KB |
6 |
doubleclick.net
1 redirects
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 |
180 KB |
5 |
ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 406 |
104 KB |
5 |
ip-51-89-105.eu
ip170.ip-51-89-105.eu |
87 KB |
3 |
gstatic.com
fonts.gstatic.com |
65 KB |
3 |
iolam.it
www.iolam.it — Cisco Umbrella Rank: 293470 |
173 KB |
3 |
plug.it
i1.plug.it — Cisco Umbrella Rank: 344750 i.plug.it — Cisco Umbrella Rank: 273675 |
8 KB |
2 |
google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1359 www.google.com — Cisco Umbrella Rank: 2 |
11 KB |
2 |
scorecardresearch.com
1 redirects
sb.scorecardresearch.com — Cisco Umbrella Rank: 172 |
743 B |
2 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31 |
2 KB |
2 |
amazon-adsystem.com
1 redirects
c.amazon-adsystem.com — Cisco Umbrella Rank: 306 |
65 KB |
1 |
opecloud.com
italiaonline.profiles.tagger.opecloud.com — Cisco Umbrella Rank: 294980 |
|
1 |
wt-eu02.net
italiaonline01.wt-eu02.net — Cisco Umbrella Rank: 265757 |
900 B |
45 | 13 |
Domain | Requested by | |
---|---|---|
6 | tpc.googlesyndication.com |
securepubads.g.doubleclick.net
tpc.googlesyndication.com ip170.ip-51-89-105.eu |
6 | securepubads.g.doubleclick.net |
1 redirects
ip170.ip-51-89-105.eu
securepubads.g.doubleclick.net |
5 | cdn.ampproject.org |
securepubads.g.doubleclick.net
|
5 | pagead2.googlesyndication.com |
securepubads.g.doubleclick.net
tpc.googlesyndication.com |
5 | ip170.ip-51-89-105.eu |
ip170.ip-51-89-105.eu
|
3 | fonts.gstatic.com |
fonts.googleapis.com
|
3 | www.iolam.it |
ip170.ip-51-89-105.eu
|
2 | sb.scorecardresearch.com |
1 redirects
ip170.ip-51-89-105.eu
|
2 | fonts.googleapis.com |
i1.plug.it
securepubads.g.doubleclick.net |
2 | c.amazon-adsystem.com |
1 redirects
ip170.ip-51-89-105.eu
|
2 | i1.plug.it |
ip170.ip-51-89-105.eu
i1.plug.it |
1 | www.google.com |
tpc.googlesyndication.com
|
1 | 7deeb05b02c217becaec6af92d145ac8.safeframe.googlesyndication.com |
securepubads.g.doubleclick.net
|
1 | italiaonline.profiles.tagger.opecloud.com |
www.iolam.it
|
1 | fundingchoicesmessages.google.com |
www.iolam.it
|
1 | i.plug.it |
ip170.ip-51-89-105.eu
|
1 | italiaonline01.wt-eu02.net |
ip170.ip-51-89-105.eu
|
45 | 17 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.libero.it |
aiuto.libero.it |
registrazione.libero.it |
siviaggia.it |
www.italiaonline.it |
info.libero.it |
privacy.italiaonline.it |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.plug.it Sectigo RSA Domain Validation Secure Server CA |
2022-12-05 - 2024-01-05 |
a year | crt.sh |
www.iolam.it Sectigo RSA Domain Validation Secure Server CA |
2023-01-09 - 2024-02-03 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-10-16 - 2024-01-08 |
3 months | crt.sh |
*.wt-eu02.net Sectigo RSA Domain Validation Secure Server CA |
2023-01-13 - 2024-02-13 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-10-16 - 2024-01-08 |
3 months | crt.sh |
*.google.com GTS CA 1C3 |
2023-10-16 - 2024-01-08 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2023-10-16 - 2024-01-08 |
3 months | crt.sh |
tpc.googlesyndication.com GTS CA 1C3 |
2023-10-16 - 2024-01-08 |
3 months | crt.sh |
www.google.com GTS CA 1C3 |
2023-10-16 - 2024-01-08 |
3 months | crt.sh |
misc-sni.google.com GTS CA 1C3 |
2023-10-16 - 2024-01-08 |
3 months | crt.sh |
This page contains 6 frames:
Primary Page:
http://ip170.ip-51-89-105.eu/
Frame ID: A40E17C0D15536DB308E23888200D41C
Requests: 25 HTTP requests in this frame
Frame:
http://i.plug.it/iplug/js/lib/iol/analytics/ads/banners/_adv.js?_t=1699269242053
Frame ID: C2FF622C2596CD8A88C902A598BA71E6
Requests: 1 HTTP requests in this frame
Frame:
https://7deeb05b02c217becaec6af92d145ac8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: BAC060C4542281EE5C4CB168F01C955B
Requests: 1 HTTP requests in this frame
Frame:
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F8A8FD3D4CF41F600851F8A661BD820B
Requests: 3 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/aframe
Frame ID: 9A20BCD4CE9E7C2FF60165E8A33591D8
Requests: 2 HTTP requests in this frame
Frame:
https://cdn.ampproject.org/rtv/032310301456000/amp4ads-v0.mjs
Frame ID: 70C7BF673161FE942EA9B85F5573E2D2
Requests: 15 HTTP requests in this frame
Screenshot
Page Title
Libero Mail - loginDetected technologies
Google AdSense (Advertising Networks) ExpandDetected patterns
- googlesyndication\.com/
Prebid (Advertising Networks) Expand
Detected patterns
- /prebid\.js
Page Statistics
9 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: AIUTO
Search URL Search Domain Scan URL
Title: Registrati ora
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Chi siamo
Search URL Search Domain Scan URL
Title: Note Legali
Search URL Search Domain Scan URL
Title: Privacy
Search URL Search Domain Scan URL
Title: Cookie Policy
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 3- http://c.amazon-adsystem.com/aax2/apstag.js HTTP 301
- https://c.amazon-adsystem.com/aax2/apstag.js
- https://sb.scorecardresearch.com/b?c1=2&c2=33012141&cs_ucfr=0&ns__t=1699269242038&ns_c=UTF-8&c7=http%3A%2F%2Fip170.ip-51-89-105.eu%2F%3Fclient_id%3D%3Fservice_id%3Demail%26ret_url%3Dhttp%3A%2F%2Fwebmail.libero.lt%2Fcp%2Fdefault.jsp0.0021461086651843875&c8=Libero%20Mail%20-%20login HTTP 302
- https://sb.scorecardresearch.com/b2?c1=2&c2=33012141&cs_ucfr=0&ns__t=1699269242038&ns_c=UTF-8&c7=http%3A%2F%2Fip170.ip-51-89-105.eu%2F%3Fclient_id%3D%3Fservice_id%3Demail%26ret_url%3Dhttp%3A%2F%2Fwebmail.libero.lt%2Fcp%2Fdefault.jsp0.0021461086651843875&c8=Libero%20Mail%20-%20login
- http://securepubads.g.doubleclick.net/tag/js/gpt.js HTTP 302
- https://securepubads.g.doubleclick.net/tag/js/gpt.js
45 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
ip170.ip-51-89-105.eu/ |
29 KB 29 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
i1.plug.it/mail/login/2020/libero/css/ |
26 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
iam2.0.js
www.iolam.it/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
prebid.js
www.iolam.it/js/ |
445 KB 142 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
apstag.js
c.amazon-adsystem.com/aax2/ Redirect Chain
|
265 KB 65 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iam2.0.js
www.iolam.it/js/ |
139 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1WVfw4Yw8xor.png
ip170.ip-51-89-105.eu/images/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
wpJ0jqagdDSx.svg
ip170.ip-51-89-105.eu/fonts/ |
5 KB 5 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
zlIY73HV9ZcD.js
ip170.ip-51-89-105.eu/js/ |
6 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
0sBN1QtxZSRY.js
ip170.ip-51-89-105.eu/js/ |
45 KB 45 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
7 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
wt
italiaonline01.wt-eu02.net/215973748390194/ |
43 B 900 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
b2
sb.scorecardresearch.com/ Redirect Chain
|
0 225 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.svg
i1.plug.it/mail/login/2020/libero/img/ |
5 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ |
15 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ |
16 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
_adv.js
i.plug.it/iplug/js/lib/iol/analytics/ads/banners/ Frame C2FF |
25 B 585 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pub-2033535132705533
fundingchoicesmessages.google.com/i/ |
22 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gpt.js
securepubads.g.doubleclick.net/tag/js/ Redirect Chain
|
99 KB 31 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
targeting
italiaonline.profiles.tagger.opecloud.com/v1/ Frame |
0 0 |
Preflight
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
targeting
italiaonline.profiles.tagger.opecloud.com/v1/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/ |
425 KB 133 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ppub_config
securepubads.g.doubleclick.net/pagead/ |
43 B 586 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ads
securepubads.g.doubleclick.net/gampad/ |
69 KB 15 KB |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sodar
pagead2.googlesyndication.com/getconfig/ |
16 KB 12 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
container.html
7deeb05b02c217becaec6af92d145ac8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BAC0 |
6 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sodar2.js
tpc.googlesyndication.com/sodar/ |
17 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F8A8 |
13 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aframe
www.google.com/recaptcha/api2/ Frame 9A20 |
829 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
amp4ads-v0.mjs
cdn.ampproject.org/rtv/032310301456000/ Frame 70C7 |
196 KB 56 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/032310301456000/v0/ Frame 70C7 |
15 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/032310301456000/v0/ Frame 70C7 |
95 KB 28 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/032310301456000/v0/ Frame 70C7 |
5 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
amp-form-0.1.mjs
cdn.ampproject.org/rtv/032310301456000/v0/ Frame 70C7 |
40 KB 13 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ Frame 70C7 |
14 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 70C7 |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 70C7 |
295 B 537 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
14763004658117789537
tpc.googlesyndication.com/simgad/4770466390203846603/ Frame 70C7 |
18 KB 18 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame 70C7 |
206 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame 70C7 |
209 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame 70C7 |
213 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
pagead2.googlesyndication.com/bg/ Frame F8A8 |
38 KB 15 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 70C7 |
33 KB 33 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sodar
pagead2.googlesyndication.com/pagead/ Frame 9A20 |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
adview
securepubads.g.doubleclick.net/pagead/ Frame 70C7 |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
generate_204
tpc.googlesyndication.com/ Frame F8A8 |
0 10 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sodar
pagead2.googlesyndication.com/pagead/ |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
activeview
pagead2.googlesyndication.com/pcs/ Frame 70C7 |
42 B 64 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- italiaonline.profiles.tagger.opecloud.com
- URL
- http://italiaonline.profiles.tagger.opecloud.com/v1/targeting?url=http%3A%2F%2Fip170.ip-51-89-105.eu%2F%3Fclient_id%3D%3Fservice_id%3Demail%26ret_url%3Dhttp%3A%2F%2Fwebmail.libero.lt%2Fcp%2Fdefault.jsp0.0021461086651843875&gdpr_applies=0
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Libero (Online)52 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 string| ex1 string| newurl function| druid_track object| IOL string| crtg_nid object| iol_adv_config object| pubAdsCfg function| Fingerprint function| letter_or_dot function| do_text_select function| Autocomplete undefined| arrValues function| checkparams function| showMpu function| get_editorial function| show_editorial function| show_editorial_premium function| getRandonIndexArray undefined| nSdkInstancestatic undefined| rnd undefined| nielsenMetadata string| iol_login_page_id object| iol_analytics_tracking_conf function| Hunt object| iat string| classFunc function| createElement boolean| iamInitialized object| grumi function| __an6na521li18__ string| bG9hZGVyX2pz string| Y2FjaGVkX2pz object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| googletag object| ggeac object| google_js_reporting_queue undefined| google_measure_js_timing number| google_unique_id object| gaGlobal object| GoogleGcLKhOms object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager7 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
italiaonline01.wt-eu02.net/215973748390194 | Name: wteid_215973748390194 Value: 4169926924200025049 |
|
italiaonline01.wt-eu02.net/215973748390194 | Name: wtsid_215973748390194 Value: 1 |
|
.scorecardresearch.com/ | Name: UID Value: 12Efe82a6950ee8a2393a391699269242 |
|
italiaonline01.wt-eu02.net/ | Name: wt_nbg_Q3 Value: !AV0lY2A4VoHam448MzkSP47aGUgI1y7SceazZRtKXg+hwIMzo3g7ZDnYr9gtaWltb4A4TZlL/3h4kA== |
|
.ip-51-89-105.eu/ | Name: __gads Value: ID=9c34f2ff45b4832b:T=1699269244:RT=1699269244:S=ALNI_MbmJoz7Fh6b3leJUCtmasSMRjJvjA |
|
.ip-51-89-105.eu/ | Name: __gpi Value: UID=00000cb703f3ba73:T=1699269244:RT=1699269244:S=ALNI_MaBt2t-1K5OnLJ-BRe4NeSMdi_VgQ |
|
.doubleclick.net/ | Name: IDE Value: AHWqTUlYf49sYPFFdEWMHxJqF-zTRXaYliTk2yX7ludnBLvVXfnwYPku-TkU6YrPmfo |
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
7deeb05b02c217becaec6af92d145ac8.safeframe.googlesyndication.com
c.amazon-adsystem.com
cdn.ampproject.org
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
i.plug.it
i1.plug.it
ip170.ip-51-89-105.eu
italiaonline.profiles.tagger.opecloud.com
italiaonline01.wt-eu02.net
pagead2.googlesyndication.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.google.com
www.iolam.it
italiaonline.profiles.tagger.opecloud.com
108.138.1.25
13.225.78.115
13.225.78.19
18.193.244.226
18.66.147.75
185.54.150.20
213.209.30.161
2a00:1450:4001:808::2002
2a00:1450:4001:80e::2001
2a00:1450:4001:810::2001
2a00:1450:4001:811::2002
2a00:1450:4001:81c::2004
2a00:1450:4001:828::200a
2a00:1450:4001:82b::2001
2a00:1450:4001:82f::2003
2a00:1450:4001:831::200e
51.89.105.170
0718476f9aeec1cbd746c569d6768a28c021163de52ceb5c7d89005484f16b8e
0f4aa6137f1a6881202fc5acf9f7ab8d687c5b9950d7627bf86b56c711ff2969
17e49df09dd14c40d50c5e4693c448e99cfee8ee79aa5a9c5bd2be5be3105562
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
2170f04df3b7e03e3439440b22f30247a1ee0606d4a0253e159c8a725372ac8f
21d7579b5b7d351e245b32baa71866d1a494f0da53c81c45e6e2c70fd4a7c357
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
44b748b890bd935c0b3e5ade361e771456c7372e38dbe8a948ada16737b7f482
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4c1e0a18936835e8e11a3ff965a1f67672e1b328c3b6782a7dd20b498acebe2a
511012baed760fe89283ad7c58c6cd638cbbe7de96bb21658434daae3542b6b0
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
54ea3b729d9ff4a499d3bf59b0497606ceb27b7100c60d74d28467224f3983f9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
641e28d4f30fee9fd061d1027af53fd40685ce377a0a76aac23e105a6aca492c
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
6a15af42dcf8e6705a1ecea1dc8a864ce0c050b8c2dc5365d760f6f8b2477825
6efa283977000649a48e619b134ad5c50cb28b585af87972e4d3f31f24e15b2d
75a49c3cd6a3060b2dfd44578c89fa08af06fbde0fd015bcf1b125383eaaec0b
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8239d985179b5598a3b76db41bbd8842530e4e37e82665dc6449ed97b20c6227
9282f02f48390e9fca6de654609cc3bd1dc96e7530a16304adb635f19bb78033
9cce5cc0f001809778760bfd3610105d6b603d3383b3a74180b0febccb1a61fd
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
ba622f81f692dd7f4b54e5379346086874eff141a501881982c5a5b3b2370df8
cc73f85c572bc2c190626494e3148539c6359d533eb0af6b16a84ac53b80aae7
cebbb0189a54f6f3c9deef327089354368711bf8641db99197fa86b25e3e2f38
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8cf20f6e98c91ff5a877209649b0839bb06e5751793babfb0dbbbb60a9e811a
eb97f750d5607e2544524de92d09cf088fee2d4484d14eeb16184448100df690
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fe1cbff3b475632d76e1931d466a06a8a230a4bda0100881d3d0d12acfb5565e