coronavirus-sus.th.uptodown.com
Open in
urlscan Pro
104.109.75.95
Public Scan
Effective URL: https://coronavirus-sus.th.uptodown.com/android
Submission Tags: phishing malicious Search All
Submission: On July 30 via api from US
Summary
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on June 16th 2020. Valid for: a year.
This is the only time coronavirus-sus.th.uptodown.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN20940 (AKAMAI-ASN1, EU)
PTR: a104-109-75-95.deploy.static.akamaitechnologies.com
018.coronavirus-sus.th.uptodown.com | |
coronavirus-sus.th.uptodown.com | |
stc.utdstc.com | |
img.utdstc.com |
ASN15169 (GOOGLE, US)
adservice.google.com | |
www.googletagservices.com | |
adservice.google.de |
ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net
securepubads.g.doubleclick.net |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-224-199-29.fra2.r.cloudfront.net
c.amazon-adsystem.com |
ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com
bidder.criteo.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-77-12.eu-central-1.compute.amazonaws.com
ice.360yield.com |
ASN15169 (GOOGLE, US)
1867295b7002b7a6364d17870678b003.safeframe.googlesyndication.com |
ASN15169 (GOOGLE, US)
tpc.googlesyndication.com | |
cdn.ampproject.org |
ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net |
Domain | Requested by | |
---|---|---|
11 | tpc.googlesyndication.com |
securepubads.g.doubleclick.net
coronavirus-sus.th.uptodown.com cdn.ampproject.org pagead2.googlesyndication.com tpc.googlesyndication.com |
11 | img.utdstc.com |
coronavirus-sus.th.uptodown.com
stc.utdstc.com |
11 | stc.utdstc.com |
coronavirus-sus.th.uptodown.com
stc.utdstc.com |
7 | pagead2.googlesyndication.com |
coronavirus-sus.th.uptodown.com
pagead2.googlesyndication.com securepubads.g.doubleclick.net www.googletagservices.com |
6 | securepubads.g.doubleclick.net |
ssm.codes
securepubads.g.doubleclick.net coronavirus-sus.th.uptodown.com www.googletagservices.com |
5 | cdn.ampproject.org |
securepubads.g.doubleclick.net
|
5 | static.criteo.net |
ssm.codes
static.criteo.net securepubads.g.doubleclick.net coronavirus-sus.th.uptodown.com |
3 | googleads.g.doubleclick.net |
pagead2.googlesyndication.com
coronavirus-sus.th.uptodown.com |
3 | www.googletagservices.com |
securepubads.g.doubleclick.net
pagead2.googlesyndication.com |
3 | bidder.criteo.com |
ssm.codes
static.criteo.net |
3 | www.google.com |
2 redirects
coronavirus-sus.th.uptodown.com
|
3 | c.amazon-adsystem.com |
ssm.codes
c.amazon-adsystem.com |
2 | aax-eu.amazon-adsystem.com |
1 redirects
c.amazon-adsystem.com
|
2 | ice.360yield.com |
ssm.codes
|
2 | www.google-analytics.com |
1 redirects
coronavirus-sus.th.uptodown.com
|
2 | adservice.google.com |
ssm.codes
pagead2.googlesyndication.com |
2 | coronavirus-sus.th.uptodown.com | 1 redirects |
2 | 018.coronavirus-sus.th.uptodown.com | 2 redirects |
1 | adservice.google.de |
pagead2.googlesyndication.com
|
1 | 1867295b7002b7a6364d17870678b003.safeframe.googlesyndication.com |
securepubads.g.doubleclick.net
|
1 | adx.adform.net |
ssm.codes
|
1 | www.google.de |
coronavirus-sus.th.uptodown.com
|
1 | stats.g.doubleclick.net | 1 redirects |
1 | adservice.google.nl |
ssm.codes
|
1 | ssm.codes |
coronavirus-sus.th.uptodown.com
|
82 | 25 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
uptodown.com DigiCert SHA2 Secure Server CA |
2020-06-16 - 2021-09-15 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2020-07-20 - 2021-07-20 |
a year | crt.sh |
*.google.nl GTS CA 1O1 |
2020-07-07 - 2020-09-29 |
3 months | crt.sh |
*.google.com GTS CA 1O1 |
2020-07-07 - 2020-09-29 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1O1 |
2020-07-07 - 2020-09-29 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2020-07-07 - 2020-09-29 |
3 months | crt.sh |
c.amazon-adsystem.com Amazon |
2019-10-07 - 2020-09-29 |
a year | crt.sh |
www.google.de GTS CA 1O1 |
2020-07-07 - 2020-09-29 |
3 months | crt.sh |
*.criteo.com DigiCert ECC Secure Server CA |
2020-06-22 - 2020-09-20 |
3 months | crt.sh |
*.360yield.com Amazon |
2019-09-24 - 2020-10-24 |
a year | crt.sh |
track.adform.net DigiCert SHA2 Secure Server CA |
2019-09-16 - 2021-09-20 |
2 years | crt.sh |
aax-eu.amazon-adsystem.com Amazon |
2020-06-15 - 2021-06-15 |
a year | crt.sh |
tpc.googlesyndication.com GTS CA 1O1 |
2020-07-07 - 2020-09-29 |
3 months | crt.sh |
*.criteo.net DigiCert ECC Secure Server CA |
2020-06-22 - 2020-09-20 |
3 months | crt.sh |
misc-sni.google.com GTS CA 1O1 |
2020-07-07 - 2020-09-29 |
3 months | crt.sh |
www.google.com GTS CA 1O1 |
2020-07-07 - 2020-09-29 |
3 months | crt.sh |
This page contains 8 frames:
Primary Page:
https://coronavirus-sus.th.uptodown.com/android
Frame ID: 10CF8EA0938F9F93AD3C40E5C9AFA63B
Requests: 48 HTTP requests in this frame
Frame:
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=oath_r1u_dm_cnv&dcc=t
Frame ID: 6796D8F8BF79BC7FCD323B5903F2EF04
Requests: 1 HTTP requests in this frame
Frame:
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvNXlB1al0LcWNHL_u1Dso6Q6CdbnP7Xek9ttAe68_Azkvft6bslDsKav-qLrkUkYBG6tUltac9tMGEth9HGDAFoFA0Ui48G2FzjgkfLkr3dmScORnTurfXVPpkUPEd1LyA7uuWkPeOi04ZHNxLb0_DjaATuwAjpfq-m0JAsnjlcOTBVp4lv0aLDo8S_xilnMmar3ZacfWh7dKBroXRGLKBt1Ki_-yBq5uzGKs5KUfnVEptKwMWPoI8dQ_HnrvGaZXVZ148jDA94jS6EyLOgSXA0ZFDsXEznRxWMI995ChDRdSUvlehedchT1Y8XA&sai=AMfl-YTkomur_EaiYutLeWAvtQXOrl2pSUAVTJrsaqhrfibHMSdge8Vd6e2z8pRxt86saYfEaELrL_JnzMfVo6M74qLNIZGAOrIKW7HYDAKjHjY_6XTqCPVzFM2MIX7oLys7&sig=Cg0ArKJSzOSArOYeo9GYEAE&urlfix=1&adurl=
Frame ID: F47D9A29FF7B723D984CE75971D12215
Requests: 18 HTTP requests in this frame
Frame:
https://cdn.ampproject.org/rtv/032007280015000/amp4ads-v0.js
Frame ID: 6994679442EF387F87C1017E00E05993
Requests: 15 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/html/r20200728/r20190131/zrt_lookup.html
Frame ID: 96A0033C8A8A1B08217CD4FD20C7D8EB
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0337387298854186&output=html&h=250&slotname=1389044399&adk=1759255392&adf=915425905&w=970&psa=0&guci=1.2.0.0.2.2.0.0&format=970x250&url=https%3A%2F%2Fcoronavirus-sus.th.uptodown.com%2Fandroid&ea=0&flash=0&wgl=1&adsid=NT&dt=1596145624618&bpp=11&bdt=331&idt=144&shv=r20200728&cbv=r20190131&ptt=9&saldr=aa&correlator=1212574016385&frm=23&ife=4&pv=2&ga_vid=1274431920.1596145624&ga_sid=1596145625&ga_hid=100401425&ga_fc=1&iag=3&icsg=2698&nhd=1&dssz=12&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=265&ady=305&biw=1600&bih=1200&isw=970&ish=250&ifk=1134472565&scr_x=0&scr_y=0&eid=21066647&oid=3&pvsid=107421888957006&pem=740&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.960v6usgaisq&fsb=1&dtd=158
Frame ID: 68D92CD427DEC871EFEB07089CCBB34E
Requests: 1 HTTP requests in this frame
Frame:
https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: A1769F033889BFA93B4F64C8BCF2944B
Requests: 1 HTTP requests in this frame
Frame:
https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: 94480D9667B9C5B8A290D35D211C1209
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://018.coronavirus-sus.th.uptodown.com/
HTTP 301
https://018.coronavirus-sus.th.uptodown.com/ HTTP 301
https://coronavirus-sus.th.uptodown.com/ HTTP 301
https://coronavirus-sus.th.uptodown.com/android Page URL
Detected technologies
Nginx (Web Servers) ExpandDetected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Page Statistics
34 Outgoing links
These are links going to different origins than the main page.
Title: <img class=logo1 src=https://stc.utdstc.com/img/imagelogo.png alt="ดาวน์โหลด, ค้นหา, แชร์">
Search URL Search Domain Scan URL
Title: ไลฟ์สไตล์
Search URL Search Domain Scan URL
Title: สุขภาพและฟิตเนส
Search URL Search Domain Scan URL
Title: Governo do Brasil
Search URL Search Domain Scan URL
Title: Governo do Brasil
Search URL Search Domain Scan URL
Title: Huawei Health
Search URL Search Domain Scan URL
Title: Samsung Health
Search URL Search Domain Scan URL
Title: Mi Fit
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title: Tep
Search URL Search Domain Scan URL
Title: Relive
Search URL Search Domain Scan URL
Title: Stretching
Search URL Search Domain Scan URL
Title: Windows
Search URL Search Domain Scan URL
Title: Mac
Search URL Search Domain Scan URL
Title: แอป Uptodown
Search URL Search Domain Scan URL
Title: การสื่อสาร
Search URL Search Domain Scan URL
Title: ความสามารถในการผลิต
Search URL Search Domain Scan URL
Title: มัลติมีเดีย
Search URL Search Domain Scan URL
Title: เกม
Search URL Search Domain Scan URL
Title: เครื่องมือ
Search URL Search Domain Scan URL
Title: About us
Search URL Search Domain Scan URL
Title: Terms of service
Search URL Search Domain Scan URL
Title: นโยบายด้านความเป็นส่วนตัวและคุกกี้
Search URL Search Domain Scan URL
Title: We're hiring
Search URL Search Domain Scan URL
Title: ติดต่อเรา
Search URL Search Domain Scan URL
Title: โซนสำหรับนักพัฒนา
Search URL Search Domain Scan URL
Title: Developers terms of service
Search URL Search Domain Scan URL
Title: วิดเจ็ตสำหรับพับลิชเชอร์
Search URL Search Domain Scan URL
Title: DMCA
Search URL Search Domain Scan URL
Title: OEM and device manufacturers
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: click here.
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://018.coronavirus-sus.th.uptodown.com/
HTTP 301
https://018.coronavirus-sus.th.uptodown.com/ HTTP 301
https://coronavirus-sus.th.uptodown.com/ HTTP 301
https://coronavirus-sus.th.uptodown.com/android Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 25- https://www.google-analytics.com/r/collect?v=1&_v=j83&aip=1&a=1196624178&t=pageview&_s=1&dl=https%3A%2F%2Fcoronavirus-sus.th.uptodown.com%2Fandroid&ul=en-us&de=UTF-8&dt=Coronav%C3%ADrus-SUS%202.0.5%20%E0%B8%AA%E0%B8%B3%E0%B8%AB%E0%B8%A3%E0%B8%B1%E0%B8%9A%20Android%20-%20%E0%B8%94%E0%B8%B2%E0%B8%A7%E0%B8%99%E0%B9%8C%E0%B9%82%E0%B8%AB%E0%B8%A5%E0%B8%94&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=1305499711&gjid=1420460988&cid=1274431920.1596145624&tid=UA-313498-1&_gid=367117673.1596145624&_r=1&z=6245013 HTTP 302
- https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-313498-1&cid=1274431920.1596145624&jid=1305499711&_gid=367117673.1596145624&gjid=1420460988&_v=j83&z=6245013 HTTP 302
- https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-313498-1&cid=1274431920.1596145624&jid=1305499711&_v=j83&z=6245013 HTTP 302
- https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-313498-1&cid=1274431920.1596145624&jid=1305499711&_v=j83&z=6245013&slf_rd=1&random=2186344423
- https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=oath_r1u_dm_cnv HTTP 302
- https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=oath_r1u_dm_cnv&dcc=t
- https://www.google.com/pagead/drt/ui HTTP 302
- https://googleads.g.doubleclick.net/pagead/drt/si
82 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
android
coronavirus-sus.th.uptodown.com/ Redirect Chain
|
103 KB 22 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app.th.625.css
stc.utdstc.com/css/ |
187 KB 34 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
th.v10.625.js
stc.utdstc.com/js/ |
173 KB 54 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
uptodown.js
ssm.codes/smart-tag/ |
349 KB 100 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
integrator.js
adservice.google.nl/adsid/ |
109 B 829 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
integrator.js
adservice.google.com/adsid/ |
109 B 168 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pubads_impl_2020072301.js
securepubads.g.doubleclick.net/gpt/ |
253 KB 90 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo_new.png
stc.utdstc.com/img/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
roboto-300.woff
stc.utdstc.com/fonts/ |
19 KB 19 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
roboto-100.woff
stc.utdstc.com/fonts/ |
19 KB 19 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
35 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
flags.png
stc.utdstc.com/img/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
roboto-400.woff
stc.utdstc.com/fonts/ |
18 KB 19 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
roboto-900.woff
stc.utdstc.com/fonts/ |
19 KB 19 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
uptodown.woff
stc.utdstc.com/fonts/ |
11 KB 11 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
45 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
apstag.js
c.amazon-adsystem.com/aax2/ |
102 KB 26 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
42 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
imagelogo.png
stc.utdstc.com/img/ |
619 B 962 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
coronavirus-sus-android.png:75
img.utdstc.com/icons/ |
2 KB 2 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
coronavirus-sus.jpg:300
img.utdstc.com/screen/13/ |
6 KB 6 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
coronavirus-sus-1.jpg:300
img.utdstc.com/screen/13/ |
6 KB 6 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
coronavirus-sus-2.jpg:300
img.utdstc.com/screen/13/ |
6 KB 6 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
coronavirus-sus-3.jpg:300
img.utdstc.com/screen/13/ |
7 KB 8 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
coronavirus-sus-4.jpg:300
img.utdstc.com/screen/13/ |
4 KB 4 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
coronavirus-sus-5.jpg:300
img.utdstc.com/screen/13/ |
7 KB 7 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ Redirect Chain
|
42 B 106 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bid
c.amazon-adsystem.com/e/dtb/ |
117 B 515 B |
XHR
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ |
6 KB 3 KB |
XHR
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
cdb
bidder.criteo.com/ |
0 161 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hb
ice.360yield.com/ |
105 B 332 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hb
ice.360yield.com/ |
105 B 332 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
adx.adform.net/adx/ |
10 B 466 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
iu3
aax-eu.amazon-adsystem.com/s/ Frame 6796 Redirect Chain
|
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
coronavirus-sus-6.jpg:300
img.utdstc.com/screen/13/ |
7 KB 7 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
coronavirus-sus-7.jpg:300
img.utdstc.com/screen/13/ |
2 KB 2 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
coronavirus-sus-8.jpg:300
img.utdstc.com/screen/13/ |
2 KB 2 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ads
securepubads.g.doubleclick.net/gampad/ |
6 KB 4 KB |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
container.html
1867295b7002b7a6364d17870678b003.safeframe.googlesyndication.com/safeframe/1-0-37/html/ |
0 0 |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ |
0 0 |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ads
securepubads.g.doubleclick.net/gampad/ |
41 KB 11 KB |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
publishertag.prebid.js
static.criteo.net/js/ld/ |
72 KB 22 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
publishertag.prebid.js
static.criteo.net/js/ld/ |
72 KB 22 KB |
XHR
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
view
securepubads.g.doubleclick.net/pcs/ Frame F47D |
0 0 |
Fetch
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
publishertag.js
static.criteo.net/js/ld/ Frame F47D |
103 KB 31 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F47D |
105 KB 32 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
osd.js
www.googletagservices.com/activeview/js/current/ |
71 KB 27 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
cdb
bidder.criteo.com/ Frame F47D |
0 161 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame F47D |
214 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame F47D |
119 KB 42 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pixel.gif
static.criteo.net/images/ Frame F47D |
43 B 260 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pixel.gif
static.criteo.net/images/ Frame F47D |
43 B 260 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
view
securepubads.g.doubleclick.net/pcs/ Frame F47D |
0 0 |
Fetch
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
amp4ads-v0.js
cdn.ampproject.org/rtv/032007280015000/ Frame 6994 |
206 KB 56 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
amp-ad-exit-0.1.js
cdn.ampproject.org/rtv/032007280015000/v0/ Frame 6994 |
16 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
amp-analytics-0.1.js
cdn.ampproject.org/rtv/032007280015000/v0/ Frame 6994 |
96 KB 29 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
amp-fit-text-0.1.js
cdn.ampproject.org/rtv/032007280015000/v0/ Frame 6994 |
4 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
amp-form-0.1.js
cdn.ampproject.org/rtv/032007280015000/v0/ Frame 6994 |
48 KB 16 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame 6994 |
211 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
8285715419372089492
tpc.googlesyndication.com/daca_images/simgad/ Frame 6994 |
19 KB 19 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 6994 |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 6994 |
295 B 414 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
www.google.com/ads/measurement/ Frame 6994 |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adview
securepubads.g.doubleclick.net/pagead/ Frame 6994 |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
integrator.js
adservice.google.de/adsid/ Frame F47D |
109 B 168 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
integrator.js
adservice.google.com/adsid/ Frame F47D |
109 B 168 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20200728/r20190131/ Frame F47D |
223 KB 84 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200728/r20190131/ Frame 96A0 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
si
googleads.g.doubleclick.net/pagead/drt/ Frame 6994 Redirect Chain
|
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ads
googleads.g.doubleclick.net/pagead/ Frame 68D9 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sodar
pagead2.googlesyndication.com/getconfig/ Frame F47D |
7 KB 6 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
osd.js
www.googletagservices.com/activeview/js/current/ Frame F47D |
71 KB 27 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
8285715419372089492
tpc.googlesyndication.com/daca_images/simgad/ Frame 6994 |
19 KB 19 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 6994 |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 6994 |
295 B 356 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sodar2.js
tpc.googlesyndication.com/sodar/ Frame F47D |
14 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame A176 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gen_204
pagead2.googlesyndication.com/pagead/ Frame F47D |
0 55 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sodar
pagead2.googlesyndication.com/getconfig/ |
7 KB 6 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
imagelogo.png
stc.utdstc.com/img/ |
619 B 962 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
coronavirus-sus-android.png:75
img.utdstc.com/icons/ |
2 KB 2 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sodar2.js
tpc.googlesyndication.com/sodar/ |
14 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame 9448 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
activeview
pagead2.googlesyndication.com/pcs/ Frame F47D |
42 B 173 B |
Fetch
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gen_204
pagead2.googlesyndication.com/pagead/ |
0 55 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
csm
bidder.criteo.com/ Frame F47D |
0 161 B |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
148 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| ssm_config object| googletag object| ggeac object| closure_memoize_cache_ object| googleToken object| googleIMState object| google_js_reporting_queue function| processGoogleToken function| pbjsChunk object| pbjs object| _pbjsGlobals object| regeneratorRuntime function| setImmediate function| clearImmediate boolean| smartTagLoaded object| ssmSmartTag function| add_lookup_suggest object| replys string| plataforma string| subdom string| url_portal string| url_prog string| url_subdomain_lang string| url_subdomain_lang_platform string| url_lang string| lang string| dominio string| url_basic function| getSubDom function| saveHtmlComments function| replaceHtmlComments function| removeComments function| loadjs function| langso function| GetURLParameter function| suscribir_boletin number| bloqueado number| bloqueo_time number| lookup_count number| lookup_selected string| lookup_value function| lookup function| fill function| del function| res function| hide_mmenu function| window_resize function| show_id function| fillHeaderLogin function| fillLoginMobile function| init function| cookie_terms function| setGDPRRequiredCookie function| setGDPRIsRequiredCookie function| setGDPRIsNotRequiredCookie function| GDPRRequired function| showCookieTermsForm function| acceptCookies function| scrollInfinityUserProfilePanelComments function| getMoreDataCommentsApps function| fillCommentsTemplate function| scrollInfinityUserProfilePanelDownload function| getMoreDataDownloadApps function| fillDownloadTemplate function| usersComments function| usersDownloads function| ssGoogle function| ssFacebook function| likebuttons function| notify function| open_screen function| prev_screen function| next_screen function| newComment function| isValidComment function| disableCommentButton function| setActualComment function| enviar_opinion function| votar function| votar_respuesta function| likedBefore function| responder_listado function| eliminar_respuesta function| eliminar_comentario number| lastOffsetUsed function| scrollInfinityVersions function| loadMoreDataVersions function| fillVersionSection function| scrollInfinity function| getMostAnswerComments function| getMostRecentComments function| getMostVotedComments function| voteComment function| voteCommentAnswer function| sendAnswerComment function| showFormAnswerComment function| sendComment function| fillCommentSection function| loadMoreData function| getMostVotedAnswers function| getMostRecentAnswers function| backToComments function| setDownloadApp function| $ function| jQuery function| SparkMD5 function| RateYo object| adlazy object| SF object| Redirect object| Share function| ajaxResponseBypass object| User object| Socialsignup object| Social object| InfScroll number| google_srt function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing string| GoogleAnalyticsObject function| ga object| apstag number| width object| google_tag_data object| gaplugins object| gaGlobal object| gaData boolean| apstagLOADED object| Criteo number| __google_ad_urls_id number| google_unique_id object| criteo_pubtag object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| google_reactive_ads_global_state object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| google_ad_modifications number| google_global_correlator object| google_prev_clients object| google_jobrunner object| GoogleGcLKhOms object| google_image_requests11 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.doubleclick.net/ | Name: DSID Value: NO_DATA |
|
.doubleclick.net/ | Name: IDE Value: AHWqTUnaHdD-4LonYhoDpNINsD4TWpJIYaj9SsVKs4qXllhhAztTU85ARPVPxTJv |
|
.amazon-adsystem.com/ | Name: ad-privacy Value: 0 |
|
.amazon-adsystem.com/ | Name: ad-id Value: A_q4wnOjxkmesXR61N39eM0 |
|
.uptodown.com/ | Name: __gads Value: ID=b687b68e56003c43-228c09fda5b6003b:T=1596145624:S=ALNI_Ma-2FOA1ZOrDDGsHe4-kbazHwGU0g |
|
.uptodown.com/ | Name: _gat Value: 1 |
|
.uptodown.com/ | Name: _gid Value: GA1.2.367117673.1596145624 |
|
.uptodown.com/ | Name: utd_red_lang Value: th |
|
.uptodown.com/ | Name: GDPR_REQUIRED Value: is |
|
.uptodown.com/ | Name: utd_red_platform Value: %2Fandroid |
|
.uptodown.com/ | Name: _ga Value: GA1.2.1274431920.1596145624 |
4 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
018.coronavirus-sus.th.uptodown.com
1867295b7002b7a6364d17870678b003.safeframe.googlesyndication.com
aax-eu.amazon-adsystem.com
adservice.google.com
adservice.google.de
adservice.google.nl
adx.adform.net
bidder.criteo.com
c.amazon-adsystem.com
cdn.ampproject.org
coronavirus-sus.th.uptodown.com
googleads.g.doubleclick.net
ice.360yield.com
img.utdstc.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
ssm.codes
static.criteo.net
stats.g.doubleclick.net
stc.utdstc.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
104.109.75.95
13.224.199.29
178.250.2.131
216.58.212.162
2606:4700:20::ac43:45cb
2a00:1450:4001:800::2001
2a00:1450:4001:801::2002
2a00:1450:4001:801::2003
2a00:1450:4001:815::2002
2a00:1450:4001:816::2001
2a00:1450:4001:816::200e
2a00:1450:4001:817::2004
2a00:1450:4001:818::2002
2a00:1450:4001:819::2002
2a00:1450:400c:c01::9b
2a02:2638::3
37.157.4.24
52.57.77.12
52.95.118.60
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
073c5040e8ee62ce265b9184911c7cd345a2fda8560570098ee73fcad73ac9f4
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
097f0f9038aba19030b90de3d7f09c4da2c4229e94f763add1719caf963b7d81
16969b0fc75ead83f454b5b3b1c93b27f2a2fa186f67b0d0be68abad8dcd2403
209ceea254b5cae8a4dd7e5d3556f1d0a079b3cc017f09f4d8868fee199df071
2a0c01ba057a92f6f239164122340b8087ce24dfdcfa652ace2371a7655e323e
2e3325db456620e768bfa6a930c1015b6fd4e8b967cbb88d07867883c9e5fa6d
309720733d24279bb255c9bfcdfb2792a24681d944f3f87ddcd5e94ba8a7fcd8
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
38bcfc645a00c9052f5a117ec13393fd5e342713e89394500a1c64baecf10293
391e115e1e27bf477f10940e7012e2b6e78f9b8585b1ef8681b4d5bd1e0b0f0b
40ef2b624fd0b3af4ccc737aed1267f6f71c199b6edb5f6297c15eb3be24bfd1
42f12b2ffdda5bc781197c783c933da14c47fe83fcd9a3110a3c6bf08ffc8bef
53f4bd2dde4f0edcfffd1af63f222548303fa095e13915385a0066c7ef6f2a2a
55b746d08f061ee964adb088db7f87a27ee9d5ea58bf6111f082a025942ddfce
5d095ae74e81cfa4c3f055dde1f80de7f29153a9db10c401d69144ad04a71cba
5d1dc200eea43da1fcbdd99f977309e0004ad62b2d8e774c95275600414638a1
6169227664082929623036474ef3ef07911612f5df6c231ded6305ea38bf7dc3
6a34daeab0affa7bfd4f4b6675905de21679c5378e1c5a0bdb03d15fbd52783f
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b2519ef21b9a13dc537b7f6bc6a4807978678fe7361f7d784beee2d81bc7a0c
6c244b38a3f62fee32b4e6f32a69d40865af2e1f7bc2dd73397b8fd0f96125e7
7301462cb27dcb0cf467822211f6cdd478be091ed9d776b29f426ce78c4a414f
757c862592d50b63588acee7c59cc67728b095d090674afd559d8589e044feb3
78f4a3114e3738eab1ffd31cbd3611435034197ecc40456f3ed43f82af4393d3
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
85c9f5710d1ba97b33666c06a9a1f3eb6033d4ae9efb70ff8147d63064367fa5
86a7422df31d4e15c7e46387372bc40976510c20a6dcdb67c64e060c792bad7f
8740f04a97202a2483d54a5781598c30cceac029a1522b6c5dd270250b9d1a17
8d00e4343987593afa91865c8407fea36971df89c736d5d70ad6d717d4992d1d
9059ff0edf771e3d6497d7bcad5b102becc6de65a4dced40c3b73ae78f83f7f6
a25dacac0ea7b4062eb143f375de8e49dfdaff0ad39288ab5fbebf590d4c77a4
a38bea48fb8a888dfeeb65fdc9e039d9b60c4c1ad46396f3314efbb1172d3345
a7c6d54a4075d623a55417c69a6d91cc39fee6770f4235e147ad28967fb210c3
aa1485262a6de20dbfca092b07b93d38b9752fdf7729b1cd7cc58d77500f193f
ab1c8b27e4cd295595653ef22f596a4b945273723066e2e0f7e035eaee738075
af2ebf3a4ab248d59348eeebe0d9c52cedc2aa2ea054ff37271a72f3cf8f04a8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3104088bc90840b424eaa34ae16ff1e26535c2bdf0c579a2c9939715d611eed
b5aa3814bc5665a3b655ea844ad90424da19d41e9b54bb3c3fe5c2fdec4b2304
bcf6aa6fb2ac5e1fd5d1e7a2577552902cfd8255c9557b7a512319c390431882
be31d790c31b5492e47a666b767d66be19e5b03bf9d37754ca793ba38feb0210
bf1325ce561c93e54c85fe261dca05c1d4954f0604daa0cb52742c9ae0adcd0a
dc24eaf9f6892a992a8ec0f4f0885ec5fb436046ac570b3d188dc5c3945ca525
ddbe4bd5ca1098933853c19146d5efea2bae5009162ee8d239246964f19df43d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e428af8551cc16730a407e1f40095c3fa7a8b8f25bb7f39575f6fceefc2ffe81
e53b6fb4cf38ed2f8b70583ae04bbf63b106f72b54ea383b76803c3dd88c1723
e5805ff82ac7e960beec601f53d5b3cdabff17e0e825368f485965bcfbf0b5be
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7cf473240521704b9b5a9bd0c4fc8b9c99dde60550a37c76931db4ac0b3c48b
f81be7df9b676cacd1fd08e43a238ee270e1d3e231939fe33cef31249f067fb2
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955