gr.news-front.info
Open in
urlscan Pro
186.2.163.162
Malicious Activity!
Public Scan
Submission: On May 21 via manual from CA
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on March 27th 2020. Valid for: 3 months.
This is the only time gr.news-front.info was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic (Online)Domain & IP information
ASN262254 (DDOS-GUARD CORP., BZ)
PTR: ddos-guard.net
gr.news-front.info |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
PTR: 137.102.96.34.bc.googleusercontent.com
dev.visualwebsiteoptimizer.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-107-22-214-169.compute-1.amazonaws.com
i.kissmetrics.com |
ASN16509 (AMAZON-02, US)
PTR: server-52-222-150-171.fra53.r.cloudfront.net
scripts.kissmetrics.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN15169 (GOOGLE, US)
PTR: fra15s29-in-f2.1e100.net
www.googleadservices.com |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net |
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-232-23-106.compute-1.amazonaws.com
trk.kissmetrics.com |
ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com
sp.analytics.yahoo.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
aweber-static.com
assets.aweber-static.com |
163 KB |
4 |
news-front.info
gr.news-front.info |
141 KB |
3 |
linkedin.com
2 redirects
px.ads.linkedin.com www.linkedin.com |
2 KB |
3 |
kissmetrics.com
i.kissmetrics.com scripts.kissmetrics.com trk.kissmetrics.com |
16 KB |
2 |
facebook.com
www.facebook.com |
396 B |
2 |
google.de
www.google.de |
213 B |
2 |
google.com
1 redirects
www.google.com |
287 B |
2 |
doubleclick.net
1 redirects
stats.g.doubleclick.net googleads.g.doubleclick.net |
1 KB |
2 |
yimg.com
s.yimg.com |
6 KB |
2 |
facebook.net
connect.facebook.net |
161 KB |
2 |
bing.com
bat.bing.com |
8 KB |
2 |
google-analytics.com
1 redirects
www.google-analytics.com |
18 KB |
2 |
visualwebsiteoptimizer.com
dev.visualwebsiteoptimizer.com |
2 KB |
1 |
yahoo.com
sp.analytics.yahoo.com |
529 B |
1 |
licdn.com
snap.licdn.com |
2 KB |
1 |
googleadservices.com
www.googleadservices.com |
11 KB |
1 |
googletagmanager.com
www.googletagmanager.com |
38 KB |
33 | 17 |
Domain | Requested by | |
---|---|---|
6 | assets.aweber-static.com |
gr.news-front.info
|
4 | gr.news-front.info |
gr.news-front.info
|
2 | www.facebook.com |
gr.news-front.info
|
2 | px.ads.linkedin.com |
1 redirects
gr.news-front.info
|
2 | www.google.de |
gr.news-front.info
|
2 | www.google.com |
1 redirects
gr.news-front.info
|
2 | s.yimg.com |
gr.news-front.info
s.yimg.com |
2 | connect.facebook.net |
gr.news-front.info
connect.facebook.net |
2 | bat.bing.com |
gr.news-front.info
|
2 | www.google-analytics.com |
1 redirects
www.googletagmanager.com
|
2 | dev.visualwebsiteoptimizer.com |
gr.news-front.info
|
1 | sp.analytics.yahoo.com |
s.yimg.com
|
1 | trk.kissmetrics.com |
scripts.kissmetrics.com
|
1 | googleads.g.doubleclick.net |
www.googleadservices.com
|
1 | www.linkedin.com | 1 redirects |
1 | stats.g.doubleclick.net | 1 redirects |
1 | snap.licdn.com |
gr.news-front.info
|
1 | www.googleadservices.com |
www.googletagmanager.com
|
1 | scripts.kissmetrics.com |
gr.news-front.info
|
1 | i.kissmetrics.com |
gr.news-front.info
|
1 | www.googletagmanager.com |
gr.news-front.info
|
33 | 21 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
gr.news-front.info Let's Encrypt Authority X3 |
2020-03-27 - 2020-06-25 |
3 months | crt.sh |
o2.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3 |
2020-05-21 - 2020-07-12 |
2 months | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2020-05-05 - 2020-07-28 |
3 months | crt.sh |
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2 |
2017-06-30 - 2020-07-06 |
3 years | crt.sh |
*.kissmetrics.com RapidSSL RSA CA 2018 |
2019-06-25 - 2020-06-24 |
a year | crt.sh |
www.googleadservices.com GTS CA 1O1 |
2020-05-05 - 2020-07-28 |
3 months | crt.sh |
www.bing.com Microsoft IT TLS CA 2 |
2019-04-30 - 2021-04-30 |
2 years | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2020-05-14 - 2020-08-05 |
3 months | crt.sh |
*.yahoo.com DigiCert SHA2 High Assurance Server CA |
2020-05-19 - 2020-07-03 |
a month | crt.sh |
*.licdn.com DigiCert SHA2 Secure Server CA |
2019-04-01 - 2021-05-07 |
2 years | crt.sh |
www.google.de GTS CA 1O1 |
2020-05-05 - 2020-07-28 |
3 months | crt.sh |
px.ads.linkedin.com DigiCert SHA2 Secure Server CA |
2020-03-04 - 2020-09-04 |
6 months | crt.sh |
*.g.doubleclick.net GTS CA 1O1 |
2020-04-28 - 2020-07-21 |
3 months | crt.sh |
www.google.com GTS CA 1O1 |
2020-05-05 - 2020-07-28 |
3 months | crt.sh |
*.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA |
2020-03-04 - 2020-08-31 |
6 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://gr.news-front.info/hoif/2020excel/rfq.php?logn=
Frame ID: A60AE3D298A96D1A049494EAD9B8BB9D
Requests: 33 HTTP requests in this frame
Screenshot
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- url /\.php(?:$|\?)/i
Facebook (Widgets) Expand
Detected patterns
- script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Google Analytics (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Google Tag Manager (Tag Managers) Expand
Detected patterns
- html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
- html /<!-- (?:End )?Google Tag Manager -->/i
Visual Website Optimizer (Analytics) Expand
Detected patterns
- html /<!-- (?:Start|End) Visual Website Optimizer A?Synchronous Code -->/i
- script /dev\.visualwebsiteoptimizer\.com/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery[.-]([\d.]*\d)[^/]*\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 20- https://www.google-analytics.com/r/collect?v=1&_v=j82&a=276219606&t=pageview&_s=1&dl=https%3A%2F%2Fgr.news-front.info%2Fhoif%2F2020excel%2Frfq.php%3Flogn%3D&ul=en-us&de=UTF-8&dt=Request%20for%20Quotation&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAAB~&jid=410145506&gjid=2101629162&cid=50922595.1590085129&tid=UA-1759093-10&_gid=2038639678.1590085129&_r=1>m=2wg5e15J4XPK&z=580339555 HTTP 302
- https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-1759093-10&cid=50922595.1590085129&jid=410145506&_gid=2038639678.1590085129&gjid=2101629162&_v=j82&z=580339555 HTTP 302
- https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1759093-10&cid=50922595.1590085129&jid=410145506&_v=j82&z=580339555 HTTP 302
- https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-1759093-10&cid=50922595.1590085129&jid=410145506&_v=j82&z=580339555&slf_rd=1&random=1006465859
- https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=256865&url=https%3A%2F%2Fgr.news-front.info%2Fhoif%2F2020excel%2Frfq.php%3Flogn%3D&time=1590085128708 HTTP 302
- https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D256865%26url%3Dhttps%253A%252F%252Fgr.news-front.info%252Fhoif%252F2020excel%252Frfq.php%253Flogn%253D%26time%3D1590085128708%26liSync%3Dtrue HTTP 302
- https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=256865&url=https%3A%2F%2Fgr.news-front.info%2Fhoif%2F2020excel%2Frfq.php%3Flogn%3D&time=1590085128708&liSync=true
33 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
rfq.php
gr.news-front.info/hoif/2020excel/ |
11 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
MaskedPassword.js
gr.news-front.info/hoif/2020excel/ |
17 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.50315030.css
assets.aweber-static.com/www/assets/css/ |
384 KB 63 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.5a555b6d.js
assets.aweber-static.com/www/assets/bundles/ |
106 KB 38 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendor.98010375.js
assets.aweber-static.com/www/assets/bundles/ |
82 KB 27 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lib.becade21.js
assets.aweber-static.com/www/assets/bundles/ |
24 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
xls22.png
gr.news-front.info/hoif/2020excel/ |
49 KB 49 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
134 KB 38 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
j.php
dev.visualwebsiteoptimizer.com/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SourceSansPro-Regular.967c60da.woff2
assets.aweber-static.com/www/assets/fonts/source-sans-pro/regular/ |
13 KB 13 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SourceSansPro-Semibold.5a4f76c9.woff2
assets.aweber-static.com/www/assets/fonts/source-sans-pro/semibold/ |
13 KB 13 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
i.js
i.kissmetrics.com/ |
39 B 321 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
7380cf13bcddad3f1993fd5b0f313c4c7c679d73.2.js
scripts.kissmetrics.com/ |
43 KB 15 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
45 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
conversion_async.js
www.googleadservices.com/pagead/ |
28 KB 11 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bat.js
bat.bing.com/ |
25 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
131 KB 31 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ytc.js
s.yimg.com/wi/ |
14 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
insight.min.js
snap.licdn.com/li.lms-analytics/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
v.gif
dev.visualwebsiteoptimizer.com/ |
35 B 215 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
default.jpg
gr.news-front.info/hoif/2020excel/ |
81 KB 82 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ Redirect Chain
|
42 B 106 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
137848689911278
connect.facebook.net/signals/config/ |
517 KB 130 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
px.ads.linkedin.com/ Redirect Chain
|
0 39 B |
Image
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1071267547/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0
bat.bing.com/action/ |
0 96 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
440422.json
s.yimg.com/wi/config/ |
2 B 492 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-user-list/1071267547/ |
42 B 112 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.de/pagead/1p-user-list/1071267547/ |
42 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
e
trk.kissmetrics.com/ |
43 B 376 B |
Other
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 249 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sp.pl
sp.analytics.yahoo.com/ |
0 529 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 147 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic (Online)49 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate function| MaskedPassword function| webpackJsonp function| jQuery function| $ function| ga object| dataLayer object| _vwo_code number| settings_timer number| _vwo_settings_timer object| _kmq string| _kmk function| _kms object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject object| _vis_opt_queue number| _vis_counter object| uetq function| fbq function| _fbq object| dotq string| _linkedin_partner_id object| _linkedin_data_partner_ids undefined| b string| _vwo_mt string| _vwo_tm object| vwo_iehack_queue object| gaplugins object| gaGlobal object| gaData function| lintrk boolean| _already_called_lintrk function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO function| UET object| YAHOO string| KM_KEY number| KM_INCLUDE_HOSTNAME number| KM_SKIP_PAGE_VIEW number| KM_HANDLE_PRERENDER object| KM function| KMQ undefined| KMCTT_SOURCE string| KMCTT_ORIGIN function| _kmil string| KM_COOKIE_DOMAIN12 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.news-front.info/ | Name: _fbp Value: fb.1.1590085128908.997413395 |
|
.news-front.info/ | Name: km_lv Value: 1590085129 |
|
.news-front.info/ | Name: km_ai Value: QpmOMiVDtp2F%2Fi9G7kv2L2LVqY0%3D |
|
.news-front.info/ | Name: km_vs Value: 1 |
|
.news-front.info/ | Name: kvcd Value: 1590085128771 |
|
.news-front.info/ | Name: _uetsid Value: 0cc0167c-d992-04c4-23c9-6677c9032a2e |
|
.news-front.info/ | Name: _gcl_au Value: 1.1.1504016882.1590085129 |
|
.gr.news-front.info/ | Name: _gid Value: GA1.3.2038639678.1590085129 |
|
.gr.news-front.info/ | Name: _ga Value: GA1.3.50922595.1590085129 |
|
.news-front.info/ | Name: _vwo_uuid_v2 Value: D0CD4D57816DB8849EF2A3D0C4CADAC45|36bf98aababa99e0b9435b7721bd425d |
|
.gr.news-front.info/ | Name: _gat Value: 1 |
|
.news-front.info/ | Name: __ddg1 Value: P5TzGrA3v0eg5moTh3F1 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
assets.aweber-static.com
bat.bing.com
connect.facebook.net
dev.visualwebsiteoptimizer.com
googleads.g.doubleclick.net
gr.news-front.info
i.kissmetrics.com
px.ads.linkedin.com
s.yimg.com
scripts.kissmetrics.com
snap.licdn.com
sp.analytics.yahoo.com
stats.g.doubleclick.net
trk.kissmetrics.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
107.22.214.169
151.101.14.49
172.217.18.162
186.2.163.162
212.82.100.181
2620:1ec:c11::200
2a00:1288:f03d:1fa::4000
2a00:1450:4001:800::2008
2a00:1450:4001:815::2002
2a00:1450:4001:816::2003
2a00:1450:4001:816::2004
2a00:1450:4001:81b::200e
2a00:1450:400c:c00::9c
2a02:26f0:fe00:1a1::25ea
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a05:f500:10:101::b93f:9105
2a05:f500:11:101::b93f:9001
34.232.23.106
34.96.102.137
52.222.150.171
0ec905e42bb0d9ed25f9fca9d0758f5c9b2b13e0dd1a09c357f34d921c2c6103
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
20f2b7c4f6f460542ac14424e621a9aa42dbdd98447feb325b3e81e322598860
23768166911088005c6207422478865b3342882b838fa66bea83d7a57038c472
2bc18c5e40b439c202bfa5d0a973c2a8c30ccdb6a83c85c5d0b55cd2abcad8b9
2cfdb08c07395b0be65df154f068ade61c1bfad7e3e3e2d0e40b85319fa95825
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
34d55fa077600216c8e0d01dc9682200a834c6092f11b8f3a4077be5ad74d9f1
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0
43c6c415e0250d62b72f26e96e93d7627dd05295cea6dca4f0429e43a91b3aa4
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4a58441133d85539974e4b136c25eaa5512ac1b018d4f6d53124a08c6f19b55e
4bbb02166c3396d0f40fa8ebe151e046e70e00d2d842fe40d4f215a81f0772b3
4cb61e44bf63a9e090e666898cd04d382e4c33b55b62cc5e9ff7dab055fbf787
4d4e4bf73adea4c9618bd375cbdd5bb1806a9a97bc7834aec68d21bb9c1e7442
547ea67155dac1c27efb550426c4848b7364357ed040fd531719c4797e356a1d
5b54138a1228bb354b4d200ba40bca6e8bf05c3476b3013daf8fa8162a414582
78a81c2a32cbd6675976ff2074623000dafc3e80bf6698801b9e369c0656a89c
7bfdd43f916226eb0c79a518ac4c84ce2fa961794ab83ec2f0d7f0238a4c8161
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
88ac03bb60640d37911839e3408fafc1fa5fa9f9c9dbd3de528066ec1b6597aa
94d0a85870b7bdcec55fc78eaa6bbb969af00dd6fc967be462dfe93e8b21c262
a5b1e114bf054a8b54d7af52fdd1a1f8d778d77ba39fb8ff5542ab8d92cdd41f
b3439248a0ddc569498787cc4d6c8a4c5918988f44fcfa1bd698e0d117968c9e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e92ff4ce1146308df78f46cf8c5f1fca84b22acc8422ca77b3120e6733aed692
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629