login.goveseva.org.in
Open in
urlscan Pro
111.118.215.189
Malicious Activity!
Public Scan
URL:
http://login.goveseva.org.in/
Submission Tags: public
Submission: On January 26 via api from AU — Scanned from AU
Submission Tags: public
Submission: On January 26 via api from AU — Scanned from AU
Summary
This website contacted 31 IPs
in 8 countries
across 30 domains to perform 72 HTTP transactions.
The main IP is 111.118.215.189, located in
India and
belongs to PUBLIC-DOMAIN-REGISTRY, US.
The main domain is login.goveseva.org.in.
This is the only time login.goveseva.org.in was scanned on urlscan.io!
This is the only time login.goveseva.org.in was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Nexi (Banking)Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 22 | 111.118.215.189 111.118.215.189 | 394695 (PUBLIC-DO...) (PUBLIC-DOMAIN-REGISTRY) | |
| 1 | 104.26.5.7 104.26.5.7 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 1 3 | 52.74.236.208 52.74.236.208 | 16509 (AMAZON-02) (AMAZON-02) | |
| 1 | 104.65.228.244 104.65.228.244 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
| 1 | 185.198.117.126 185.198.117.126 | 35051 (NEXI-AS) (NEXI-AS) | |
| 1 | 13.250.236.77 13.250.236.77 | 16509 (AMAZON-02) (AMAZON-02) | |
| 1 1 | 52.76.143.168 52.76.143.168 | 16509 (AMAZON-02) (AMAZON-02) | |
| 1 | 52.76.3.172 52.76.3.172 | 16509 (AMAZON-02) (AMAZON-02) | |
| 3 | 141.101.120.11 141.101.120.11 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 2 | 104.22.74.171 104.22.74.171 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 1 | 172.64.151.83 172.64.151.83 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 1 | 67.202.105.33 67.202.105.33 | 32748 (STEADFAST) (STEADFAST) | |
| 3 | 13.33.33.104 13.33.33.104 | 16509 (AMAZON-02) (AMAZON-02) | |
| 1 | 35.158.32.185 35.158.32.185 | 16509 (AMAZON-02) (AMAZON-02) | |
| 1 | 67.202.105.32 67.202.105.32 | 32748 (STEADFAST) (STEADFAST) | |
| 1 | 63.140.48.156 63.140.48.156 | 16509 (AMAZON-02) (AMAZON-02) | |
| 1 | 13.33.33.57 13.33.33.57 | 16509 (AMAZON-02) (AMAZON-02) | |
| 2 | 13.33.88.45 13.33.88.45 | 16509 (AMAZON-02) (AMAZON-02) | |
| 1 | 104.26.13.60 104.26.13.60 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 1 | 172.64.167.31 172.64.167.31 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 2 2 | 146.59.148.16 146.59.148.16 | 16276 (OVH) (OVH) | |
| 3 5 | 104.69.166.9 104.69.166.9 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
| 1 | 104.18.35.34 104.18.35.34 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 4 10 | 54.251.140.206 54.251.140.206 | 16509 (AMAZON-02) (AMAZON-02) | |
| 4 4 | 142.251.12.156 142.251.12.156 | 15169 (GOOGLE) (GOOGLE) | |
| 4 | 104.122.20.13 104.122.20.13 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
| 1 | 13.33.88.11 13.33.88.11 | 16509 (AMAZON-02) (AMAZON-02) | |
| 1 | 52.77.159.4 52.77.159.4 | 16509 (AMAZON-02) (AMAZON-02) | |
| 1 5 | 63.251.14.3 63.251.14.3 | 32475 (SINGLEHOP...) (SINGLEHOP-LLC) | |
| 4 4 | 3.227.167.227 3.227.167.227 | 14618 (AMAZON-AES) (AMAZON-AES) | |
| 1 2 | 13.107.42.14 13.107.42.14 | 8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
| 1 1 | 34.126.167.117 34.126.167.117 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
| 1 | 35.76.241.249 35.76.241.249 | 16509 (AMAZON-02) (AMAZON-02) | |
| 2 2 | 54.169.203.49 54.169.203.49 | 16509 (AMAZON-02) (AMAZON-02) | |
| 2 2 | 35.71.131.137 35.71.131.137 | 16509 (AMAZON-02) (AMAZON-02) | |
| 1 2 | 151.101.194.49 151.101.194.49 | 54113 (FASTLY) (FASTLY) | |
| 2 2 | 104.254.148.251 104.254.148.251 | 29990 (ASN-APPNEX) (ASN-APPNEX) | |
| 1 | 75.2.13.80 75.2.13.80 | () () | |
| 72 | 31 |
22
111.118.215.189
(India)
ASN394695 (PUBLIC-DOMAIN-REGISTRY, US)
PTR: server1.voicetongues.com
ASN394695 (PUBLIC-DOMAIN-REGISTRY, US)
PTR: server1.voicetongues.com
| login.goveseva.org.in |
3
52.74.236.208
(Singapore)
ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-236-208.ap-southeast-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-236-208.ap-southeast-1.compute.amazonaws.com
| dpm.demdex.net |
1
104.65.228.244
(Singapore)
ASN16625 (AKAMAI-AS, US)
PTR: a104-65-228-244.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS, US)
PTR: a104-65-228-244.deploy.static.akamaitechnologies.com
| assets.adobedtm.com |
1
13.250.236.77
(Singapore)
ASN16509 (AMAZON-02, US)
PTR: ec2-13-250-236-77.ap-southeast-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-13-250-236-77.ap-southeast-1.compute.amazonaws.com
| nexipayments.demdex.net |
1
52.76.143.168
(Singapore)
ASN16509 (AMAZON-02, US)
PTR: ec2-52-76-143-168.ap-southeast-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-52-76-143-168.ap-southeast-1.compute.amazonaws.com
| cm.everesttech.net |
1
52.76.3.172
(Singapore)
ASN16509 (AMAZON-02, US)
PTR: ec2-52-76-3-172.ap-southeast-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-52-76-3-172.ap-southeast-1.compute.amazonaws.com
| nexipayments.tt.omtrdc.net |
1
67.202.105.33
(Palos Park, United States)
ASN32748 (STEADFAST, US)
PTR: ip33.67-202-105.static.steadfastdns.net
ASN32748 (STEADFAST, US)
PTR: ip33.67-202-105.static.steadfastdns.net
| ic.tynt.com |
3
13.33.33.104
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-104.sin2.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-104.sin2.r.cloudfront.net
| get.s-onetag.com |
1
35.158.32.185
(Frankfurt am Main, Germany)
ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-32-185.eu-central-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-32-185.eu-central-1.compute.amazonaws.com
| pd.sharethis.com |
1
67.202.105.32
(Palos Park, United States)
ASN32748 (STEADFAST, US)
PTR: ip32.67-202-105.static.steadfastdns.net
ASN32748 (STEADFAST, US)
PTR: ip32.67-202-105.static.steadfastdns.net
| de.tynt.com |
1
13.33.33.57
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-57.sin2.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-57.sin2.r.cloudfront.net
| onetag-geo.s-onetag.com |
2
13.33.88.45
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-45.sin2.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-45.sin2.r.cloudfront.net
| tags.crwdcntrl.net |
5
104.69.166.9
(Singapore)
ASN16625 (AKAMAI-AS, US)
PTR: a104-69-166-9.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS, US)
PTR: a104-69-166-9.deploy.static.akamaitechnologies.com
| tags.bluekai.com | |
| e.dlx.addthis.com | |
| stags.bluekai.com | |
| x.dlx.addthis.com |
10
54.251.140.206
(Singapore)
ASN16509 (AMAZON-02, US)
PTR: ec2-54-251-140-206.ap-southeast-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-54-251-140-206.ap-southeast-1.compute.amazonaws.com
| ps.eyeota.net |
4
142.251.12.156
(United States)
ASN15169 (GOOGLE, US)
PTR: se-in-f156.1e100.net
ASN15169 (GOOGLE, US)
PTR: se-in-f156.1e100.net
| cm.g.doubleclick.net |
4
104.122.20.13
(Singapore)
ASN16625 (AKAMAI-AS, US)
PTR: a104-122-20-13.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS, US)
PTR: a104-122-20-13.deploy.static.akamaitechnologies.com
| t.sharethis.com |
1
13.33.88.11
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-11.sin2.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-11.sin2.r.cloudfront.net
| data-beacons.s-onetag.com |
1
52.77.159.4
(Singapore)
ASN16509 (AMAZON-02, US)
PTR: ec2-52-77-159-4.ap-southeast-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-52-77-159-4.ap-southeast-1.compute.amazonaws.com
| c.ltmsphrcl.net |
4
3.227.167.227
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-227-167-227.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-227-167-227.compute-1.amazonaws.com
| i.liadm.com |
1
34.126.167.117
(Singapore)
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 117.167.126.34.bc.googleusercontent.com
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 117.167.126.34.bc.googleusercontent.com
| um.simpli.fi |
1
35.76.241.249
(Tokyo, Japan)
ASN16509 (AMAZON-02, US)
PTR: ec2-35-76-241-249.ap-northeast-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-35-76-241-249.ap-northeast-1.compute.amazonaws.com
| aa.agkn.com |
2
54.169.203.49
(Singapore)
ASN16509 (AMAZON-02, US)
PTR: ec2-54-169-203-49.ap-southeast-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-54-169-203-49.ap-southeast-1.compute.amazonaws.com
| bcp.crwdcntrl.net |
2
35.71.131.137
(United States)
ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
| match.adsrvr.org |
2
104.254.148.251
(Los Angeles, United States)
ASN29990 (ASN-APPNEX, US)
PTR: 893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
ASN29990 (ASN-APPNEX, US)
PTR: 893.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
| ib.adnxs.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 22 |
goveseva.org.in
login.goveseva.org.in |
562 KB |
| 10 |
eyeota.net
4 redirects
ps.eyeota.net — Cisco Umbrella Rank: 1008 |
6 KB |
| 6 |
s-onetag.com
get.s-onetag.com — Cisco Umbrella Rank: 3878 onetag-geo.s-onetag.com — Cisco Umbrella Rank: 4727 data-beacons.s-onetag.com — Cisco Umbrella Rank: 14997 connect-metrics-collector.s-onetag.com |
14 KB |
| 5 |
lijit.com
1 redirects
ap.lijit.com — Cisco Umbrella Rank: 592 ce.lijit.com — Cisco Umbrella Rank: 874 |
5 KB |
| 5 |
sharethis.com
pd.sharethis.com — Cisco Umbrella Rank: 11773 t.sharethis.com — Cisco Umbrella Rank: 6306 |
15 KB |
| 4 |
liadm.com
4 redirects
i.liadm.com — Cisco Umbrella Rank: 573 |
2 KB |
| 4 |
doubleclick.net
4 redirects
cm.g.doubleclick.net — Cisco Umbrella Rank: 211 |
2 KB |
| 4 |
crwdcntrl.net
2 redirects
tags.crwdcntrl.net — Cisco Umbrella Rank: 1156 bcp.crwdcntrl.net — Cisco Umbrella Rank: 885 |
27 KB |
| 4 |
demdex.net
1 redirects
dpm.demdex.net — Cisco Umbrella Rank: 197 nexipayments.demdex.net |
6 KB |
| 3 |
addthis.com
2 redirects
e.dlx.addthis.com — Cisco Umbrella Rank: 1925 x.dlx.addthis.com — Cisco Umbrella Rank: 1330 |
2 KB |
| 3 |
tynt.com
cdn.tynt.com — Cisco Umbrella Rank: 10164 ic.tynt.com — Cisco Umbrella Rank: 6443 de.tynt.com — Cisco Umbrella Rank: 1448 |
9 KB |
| 3 |
dtscout.com
t.dtscout.com — Cisco Umbrella Rank: 15760 |
5 KB |
| 3 |
everesttech.net
2 redirects
cm.everesttech.net — Cisco Umbrella Rank: 1000 sync-tm.everesttech.net — Cisco Umbrella Rank: 556 |
1 KB |
| 2 |
adnxs.com
2 redirects
ib.adnxs.com — Cisco Umbrella Rank: 203 |
2 KB |
| 2 |
adsrvr.org
2 redirects
match.adsrvr.org — Cisco Umbrella Rank: 304 |
916 B |
| 2 |
linkedin.com
1 redirects
px.ads.linkedin.com — Cisco Umbrella Rank: 353 |
1 KB |
| 2 |
bluekai.com
1 redirects
tags.bluekai.com — Cisco Umbrella Rank: 545 stags.bluekai.com — Cisco Umbrella Rank: 496 |
766 B |
| 2 |
onaudience.com
2 redirects
pixel.onaudience.com — Cisco Umbrella Rank: 2833 |
726 B |
| 2 |
amung.us
whos.amung.us — Cisco Umbrella Rank: 15937 widgets.amung.us — Cisco Umbrella Rank: 15031 |
4 KB |
| 2 |
omtrdc.net
nexipayments.tt.omtrdc.net nexipayments.sc.omtrdc.net |
1 KB |
| 1 |
agkn.com
aa.agkn.com — Cisco Umbrella Rank: 457 |
499 B |
| 1 |
simpli.fi
1 redirects
um.simpli.fi — Cisco Umbrella Rank: 767 |
602 B |
| 1 |
ltmsphrcl.net
c.ltmsphrcl.net — Cisco Umbrella Rank: 7608 |
432 B |
| 1 |
33across.com
cdn-tc.33across.com — Cisco Umbrella Rank: 20269 |
459 B |
| 1 |
dtssrv.com
a.dtssrv.com — Cisco Umbrella Rank: 25495 |
590 B |
| 1 |
dtscdn.com
t.dtscdn.com — Cisco Umbrella Rank: 17036 |
585 B |
| 1 |
nexi.it
www.nexi.it — Cisco Umbrella Rank: 647556 |
423 KB |
| 1 |
adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 475 |
12 KB |
| 1 |
waust.at
waust.at — Cisco Umbrella Rank: 42379 |
4 KB |
| 0 |
turn.com
Failed
d.turn.com Failed |
|
| 72 | 30 |
| Domain | Requested by | |
|---|---|---|
| 22 | login.goveseva.org.in |
login.goveseva.org.in
|
| 10 | ps.eyeota.net |
4 redirects
login.goveseva.org.in
data-beacons.s-onetag.com |
| 4 | i.liadm.com | 4 redirects |
| 4 | t.sharethis.com |
pd.sharethis.com
t.sharethis.com login.goveseva.org.in |
| 4 | cm.g.doubleclick.net | 4 redirects |
| 3 | ap.lijit.com |
1 redirects
login.goveseva.org.in
data-beacons.s-onetag.com |
| 3 | get.s-onetag.com |
t.dtscout.com
get.s-onetag.com |
| 3 | t.dtscout.com |
waust.at
t.dtscout.com |
| 3 | dpm.demdex.net |
1 redirects
login.goveseva.org.in
|
| 2 | ib.adnxs.com | 2 redirects |
| 2 | sync-tm.everesttech.net |
1 redirects
login.goveseva.org.in
|
| 2 | match.adsrvr.org | 2 redirects |
| 2 | bcp.crwdcntrl.net | 2 redirects |
| 2 | ce.lijit.com |
login.goveseva.org.in
|
| 2 | px.ads.linkedin.com |
1 redirects
login.goveseva.org.in
|
| 2 | e.dlx.addthis.com | 2 redirects |
| 2 | pixel.onaudience.com | 2 redirects |
| 2 | tags.crwdcntrl.net |
t.dtscout.com
cdn-tc.33across.com |
| 1 | connect-metrics-collector.s-onetag.com |
get.s-onetag.com
|
| 1 | aa.agkn.com |
login.goveseva.org.in
|
| 1 | um.simpli.fi | 1 redirects |
| 1 | x.dlx.addthis.com |
login.goveseva.org.in
|
| 1 | stags.bluekai.com | 1 redirects |
| 1 | c.ltmsphrcl.net |
tags.crwdcntrl.net
|
| 1 | data-beacons.s-onetag.com |
get.s-onetag.com
|
| 1 | cdn-tc.33across.com |
de.tynt.com
|
| 1 | tags.bluekai.com |
login.goveseva.org.in
|
| 1 | a.dtssrv.com |
t.dtscout.com
|
| 1 | t.dtscdn.com |
t.dtscout.com
|
| 1 | onetag-geo.s-onetag.com |
get.s-onetag.com
|
| 1 | nexipayments.sc.omtrdc.net |
login.goveseva.org.in
|
| 1 | de.tynt.com |
cdn.tynt.com
|
| 1 | pd.sharethis.com |
t.dtscout.com
login.goveseva.org.in |
| 1 | ic.tynt.com |
login.goveseva.org.in
|
| 1 | widgets.amung.us |
login.goveseva.org.in
|
| 1 | cdn.tynt.com |
waust.at
|
| 1 | whos.amung.us |
waust.at
|
| 1 | nexipayments.tt.omtrdc.net |
login.goveseva.org.in
|
| 1 | cm.everesttech.net | 1 redirects |
| 1 | nexipayments.demdex.net |
login.goveseva.org.in
|
| 1 | www.nexi.it |
login.goveseva.org.in
|
| 1 | assets.adobedtm.com |
login.goveseva.org.in
|
| 1 | waust.at |
login.goveseva.org.in
|
| 0 | d.turn.com Failed |
login.goveseva.org.in
|
| 72 | 44 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| www.nexi.it |
| apps.apple.com |
| play.google.com |
| appgallery.huawei.com |
| privati.nexi.it |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| *.demdex.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-09-26 - 2023-10-27 |
a year | crt.sh |
| assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-07-19 - 2023-08-19 |
a year | crt.sh |
| www.nexi.it GlobalSign RSA OV SSL CA 2018 |
2022-07-05 - 2023-08-06 |
a year | crt.sh |
| *.dtscout.com GTS CA 1P5 |
2022-11-30 - 2023-02-28 |
3 months | crt.sh |
| *.tynt.com Sectigo RSA Domain Validation Secure Server CA |
2022-09-07 - 2023-09-30 |
a year | crt.sh |
| *.s-onetag.com Amazon |
2022-12-04 - 2024-01-02 |
a year | crt.sh |
| sharethis.com Amazon |
2022-08-02 - 2023-08-31 |
a year | crt.sh |
| *.crwdcntrl.net Go Daddy Secure Certificate Authority - G2 |
2022-05-01 - 2023-06-02 |
a year | crt.sh |
| *.dtscdn.com GTS CA 1P5 |
2023-01-24 - 2023-04-24 |
3 months | crt.sh |
| sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-07-01 - 2023-07-01 |
a year | crt.sh |
| *.33across.com Sectigo RSA Domain Validation Secure Server CA |
2022-09-06 - 2023-09-30 |
a year | crt.sh |
| cert1.a1.atm.aqfer.net R3 |
2023-01-10 - 2023-04-10 |
3 months | crt.sh |
| *.ltmsphrcl.net Amazon RSA 2048 M02 |
2022-11-07 - 2023-12-06 |
a year | crt.sh |
| eyeota.net GoGetSSL RSA DV CA |
2022-03-18 - 2023-03-18 |
a year | crt.sh |
| *.lijit.com Go Daddy Secure Certificate Authority - G2 |
2022-06-27 - 2023-06-05 |
a year | crt.sh |
This page contains 9 frames:
Primary Page:
http://login.goveseva.org.in/
Frame ID: 89A98A7A2C134E9FF555EAA312E51135
Requests: 58 HTTP requests in this frame
Frame:
http://login.goveseva.org.in/Area%20Personale_files/box-a1ae2079824d1c48aa9ce06efb256f18.html
Frame ID: 1A0B930E4370FDF4E950E89CAEFEC42A
Requests: 1 HTTP requests in this frame
Frame:
http://login.goveseva.org.in/Area%20Personale_files/bframe.html
Frame ID: 398DCF6DDF1E9C108646FADECB9BE6D8
Requests: 3 HTTP requests in this frame
Frame:
https://nexipayments.demdex.net/dest5.html?d_nsid=0
Frame ID: D0571D7B05B70134C92FE741D8B980AA
Requests: 1 HTTP requests in this frame
Frame:
https://t.dtscout.com/idg/?su=51A016747701391768142000175A199F
Frame ID: FD1B7E764C13903C52C78F294AF8D14D
Requests: 1 HTTP requests in this frame
Frame:
https://cdn-tc.33across.com/lotame-sync.html
Frame ID: 9F2FEC69AE9ACA599726398B53D98637
Requests: 3 HTTP requests in this frame
Frame:
https://t.sharethis.com/a/t_.htm?ver=1.1109.23349&cid=c010&cls=C
Frame ID: 64354A978C6795C9BD822B35B49C08FE
Requests: 1 HTTP requests in this frame
Frame:
https://t.sharethis.com/1.1109.23349/a/AU/t_.js?cid=c010&cls=C
Frame ID: 19AA5857AA7A7244FB1A5AC0284C9983
Requests: 2 HTTP requests in this frame
Frame:
https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: E19B657AE9048837775247068D4A13F8
Requests: 2 HTTP requests in this frame
Screenshot
Page Title
Area PersonaleDetected technologies
Google Tag Manager
(Tag Managers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <!-- (?:End )?Google Tag Manager -->
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
9 Outgoing links
These are links going to different origins than the main page.
URL: https://www.nexi.it/
Search URL Search Domain Scan URL
URL: https://www.nexi.it/accedi.html
Title: Cambia portale
Title: Cambia portale
Search URL Search Domain Scan URL
URL: https://apps.apple.com/it/app/nexi-pay/id518695175
Search URL Search Domain Scan URL
URL: https://play.google.com/store/apps/details?id=it.icbpi.mobile&hl=it
Search URL Search Domain Scan URL
URL: https://appgallery.huawei.com/#/app/C101454369
Search URL Search Domain Scan URL
URL: https://www.nexi.it/login-titolari.html
Title: Non sei tu?
Title: Non sei tu?
Search URL Search Domain Scan URL
URL: https://privati.nexi.it/recovery/intro
Title: Hai dimenticato le credenziali?
Title: Hai dimenticato le credenziali?
Search URL Search Domain Scan URL
URL: https://privati.nexi.it/registration/intro
Title: REGISTRATI
Title: REGISTRATI
Search URL Search Domain Scan URL
URL: https://www.nexi.it/content/dam/nexi/new-login-2019/informativa_privacy.pdf
Title: Privacy
Title: Privacy
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 26- https://cm.everesttech.net/cm/dd?d_uuid=20022644408311681273387463718483048804 HTTP 302
- https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y9L22wAAAEVxygM5
- https://pixel.onaudience.com/?partner=137085098&mapped=51A016747701391768142000175A199F HTTP 302
- https://pixel.onaudience.com/?partner=109&icm&cver&gdpr=0&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m HTTP 302
- https://tags.bluekai.com/site/33141?&id=9ba58e87da340fbd
- https://ps.eyeota.net/pixel?pid=c9gd671&t=gif&uid=cjb3Q2PS9tySsi4ddfWN2g%3D%3D&us_privacy=&33random=1674770140934.1&cat=33across HTTP 302
- https://ps.eyeota.net/pixel/bounce/?pid=c9gd671&t=gif&uid=cjb3Q2PS9tySsi4ddfWN2g%3D%3D&us_privacy=&33random=1674770140934.1&cat=33across HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=Mm1iU0tiUUVvOW03WUN6N016cXhMNlU2UTNTdkxQcXlRYklxY05hUmhPNWs&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=1&dc_orig=c9gd671&&referrer_pid=c9gd671 HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm=&google_sc=&google_hm=Mm1iU0tiUUVvOW03WUN6N016cXhMNlU2UTNTdkxQcXlRYklxY05hUmhPNWs&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=1&dc_orig=c9gd671&referrer_pid=c9gd671&google_tc= HTTP 302
- https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=1&dc_orig=c9gd671&referrer_pid=c9gd671&google_gid=CAESEAa6rjxClbsdYomBc841mqM&google_cver=1
- https://ps.eyeota.net/pixel?pid=c9gd671&t=gif&uid=cjb3Q2PS9tySsi4ddfWN2g%3D%3D&us_privacy=&33random=1674770140934.3&cat=33across HTTP 302
- https://ps.eyeota.net/pixel/bounce/?pid=c9gd671&t=gif&uid=cjb3Q2PS9tySsi4ddfWN2g%3D%3D&us_privacy=&33random=1674770140934.3&cat=33across HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=Mll3NFY0cXpjUkN3d1JkZ1hrSVRCRlpWT0otVjBtU0JwWFBaM3Z5Wl9oT0U&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=1&dc_orig=c9gd671&&referrer_pid=c9gd671 HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm=&google_sc=&google_hm=Mll3NFY0cXpjUkN3d1JkZ1hrSVRCRlpWT0otVjBtU0JwWFBaM3Z5Wl9oT0U&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=1&dc_orig=c9gd671&referrer_pid=c9gd671&google_tc= HTTP 302
- https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=1&dc_orig=c9gd671&referrer_pid=c9gd671&google_gid=CAESEE_vYRcyZTD_Xg50Si9yQ7o&google_cver=1
- https://ap.lijit.com/readerinfo/v2 HTTP 307
- https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
- http://t.sharethis.com/a/t_.htm?ver=1.1109.23349&cid=c010&cls=C HTTP 307
- https://t.sharethis.com/a/t_.htm?ver=1.1109.23349&cid=c010&cls=C
- https://i.liadm.com/s/59074?bidder_id=204553&bidder_uuid=GDZDKSZH3BAwElZiQ2m7hwyg&rnd=51232 HTTP 303
- https://i.liadm.com/s/59074?bidder_id=204553&bidder_uuid=GDZDKSZH3BAwElZiQ2m7hwyg&rnd=51232&_li_chk=true&previous_uuid=6cacb00fd0eb43cd9c921a7cd118414f HTTP 303
- https://e.dlx.addthis.com/e/a-3491/s-7601.xgi?ret=img&na_em=fa6fb2d73b771a6c422756f514e45a63 HTTP 302
- https://e.dlx.addthis.com/e/a-3491/s-7601.xgi?ret=img&na_em=fa6fb2d73b771a6c422756f514e45a63&rd=Y HTTP 302
- https://stags.bluekai.com/site/1407?partner=1&uhint=na_id=2023012621554600013490071287&redir=https%3A%2F%2Fx.dlx.addthis.com%2Fe%2Fbk_sync.xgi%3Fna_exid%3D%24_BK_UUID HTTP 302
- https://x.dlx.addthis.com/e/bk_sync.xgi?na_exid=ykuUnnhf99Y4X2JM
- https://px.ads.linkedin.com/db_sync?pid=15697&_psign=0a885fb568701ac53478d88866a10345&_pu&_puuid=GDZDKSZH3BAwElZiQ2m7hwyg&_redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D5014%263pid%3D${UUID}&_rand=64104 HTTP 302
- https://px.ads.linkedin.com/db_sync?pid=15697&_psign=0a885fb568701ac53478d88866a10345&_pu&_puuid=GDZDKSZH3BAwElZiQ2m7hwyg&_redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D5014%263pid%3D%24%7BUUID%7D&_rand=64104&expected_cookie=e98a9134-03fe-467b-adf7-519c9987e834
- https://um.simpli.fi/lj_match?r=84400 HTTP 302
- https://ce.lijit.com/merge?pid=2&3pid=3571775274154DCBA01B1F22C602C16E
- https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=GDZDKSZH3BAwElZiQ2m7hwyg&rnd=31801 HTTP 303
- https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=GDZDKSZH3BAwElZiQ2m7hwyg&rnd=31801&_li_chk=true&previous_uuid=29a5bc1e4ed046a68a3124dbd6c75123 HTTP 303
- https://aa.agkn.com/adscores/s.pixel?sid=9112307478&em=fa6fb2d73b771a6c422756f514e45a63&lsid=sovrn
- https://bcp.crwdcntrl.net/5/c=5436/tp=SVRN/tpid=GDZDKSZH3BAwElZiQ2m7hwyg/pv=y?https://ce.lijit.com/merge?pid=5001&3pid=${profile_id} HTTP 302
- https://bcp.crwdcntrl.net/5/ct=y/c=5436/tp=SVRN/tpid=GDZDKSZH3BAwElZiQ2m7hwyg/pv=y?https://ce.lijit.com/merge?pid=5001&3pid=${profile_id} HTTP 302
- https://ce.lijit.com/merge?pid=5001&3pid=d8ed19fd122ea536636db8a0f88f6d46
- https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
- https://match.adsrvr.org/track/cmb/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
- https://ps.eyeota.net/match?uid=df8d79bb-277b-48cc-9599-f2d63202596e&bid=1e2n4ou
- https://sync-tm.everesttech.net/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26referrer_pid%3D51md42u HTTP 302
- https://sync-tm.everesttech.net/ct/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26referrer_pid%3D51md42u&_test=Y9L24QAArvt18wBh
- https://ib.adnxs.com/getuid?https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24UID%26bid%3D2cr76e1%26referrer_pid%3D51md42u HTTP 307
- https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fps.eyeota.net%252Fmatch%253Fuid%253D%2524UID%2526bid%253D2cr76e1%2526referrer_pid%253D51md42u HTTP 302
- https://ps.eyeota.net/match?uid=496015191900367372&bid=2cr76e1&referrer_pid=51md42u
- https://dpm.demdex.net/ibs:dpid=30064&dpuuid=185f01453f7-fb4000001084281&redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D6j5b2cv%26uid%3D%24%7BDD_UUID%7D%26referrer_pid%3D51md42u HTTP 302
- https://ps.eyeota.net/match?bid=6j5b2cv&uid=20022644408311681273387463718483048804&referrer_pid=51md42u
72 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
/
login.goveseva.org.in/ |
300 KB 60 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
launch-a40afd213c32.min.js.download
login.goveseva.org.in/Area%20Personale_files/ |
228 KB 93 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
style.css
login.goveseva.org.in/Area%20Personale_files/ |
537 KB 101 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery-3.5.1.min.js.download
login.goveseva.org.in/Area%20Personale_files/ |
87 KB 39 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
style(1).css
login.goveseva.org.in/Area%20Personale_files/ |
17 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
stylepop.css
login.goveseva.org.in/ |
805 B 750 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
logo--light-double.svg
login.goveseva.org.in/Area%20Personale_files/ |
1 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
app_store.svg
login.goveseva.org.in/Area%20Personale_files/ |
15 KB 16 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
google_play.svg
login.goveseva.org.in/Area%20Personale_files/ |
25 KB 25 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
huawei-store.svg
login.goveseva.org.in/Area%20Personale_files/ |
22 KB 22 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
logo--dark-double.svg
login.goveseva.org.in/Area%20Personale_files/ |
1 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
app.js
login.goveseva.org.in/ |
522 B 554 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
co.js
waust.at/ |
8 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
id
dpm.demdex.net/ |
371 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
AppMeasurement.min.js
assets.adobedtm.com/extensions/EP40e3bec801244c59a61bf06eb622a63c/ |
33 KB 12 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
login_pt_background_02.jpg
www.nexi.it/content/dam/nexi/portale-titolari/pagine-login/portale-titolari/ |
422 KB 423 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
karbon-medium-webfont.woff
login.goveseva.org.in/Area%20Personale_files/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
karbon-regular-webfont.woff
login.goveseva.org.in/Area%20Personale_files/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
karbon-semibold-webfont.woff
login.goveseva.org.in/Area%20Personale_files/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
box-a1ae2079824d1c48aa9ce06efb256f18.html
login.goveseva.org.in/Area%20Personale_files/ Frame 1A0B |
3 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bframe.html
login.goveseva.org.in/Area%20Personale_files/ Frame 398D |
8 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
KarbonApp-Medium.ttf
login.goveseva.org.in/Area%20Personale_files/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
KarbonApp-Regular.ttf
login.goveseva.org.in/Area%20Personale_files/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
KarbonApp-Semibold.ttf
login.goveseva.org.in/Area%20Personale_files/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
styles__ltr.css
login.goveseva.org.in/Area%20Personale_files/ Frame 398D |
51 KB 26 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
recaptcha__it.js.download
login.goveseva.org.in/Area%20Personale_files/ Frame 398D |
345 KB 167 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
dest5.html
nexipayments.demdex.net/ Frame D057 |
7 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ibs:dpid=411&dpuuid=Y9L22wAAAEVxygM5
dpm.demdex.net/ Redirect Chain
|
42 B 942 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
delivery
nexipayments.tt.omtrdc.net/rest/v1/ |
375 B 942 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
t.dtscout.com/i/ |
8 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
/
whos.amung.us/pingjs/ |
28 B 312 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
tc.js
cdn.tynt.com/ |
17 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
/
widgets.amung.us/colwid/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
p
ic.tynt.com/b/ |
35 B 573 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
t.dtscout.com/idg/ Frame FD1B |
1 KB 771 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
tag.min.js
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ |
30 KB 10 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
dtscout
pd.sharethis.com/pd/ |
2 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
t.dtscout.com/pv/ |
50 B 330 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
v2
de.tynt.com/deb/ |
811 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
s16889782490153
nexipayments.sc.omtrdc.net/b/ss/nexipayments.production/1/JS-2.22.1-LBWB/ |
43 B 534 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
onetag-geo.s-onetag.com/ |
535 B 940 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
lt.min.js
tags.crwdcntrl.net/lt/c/3825/ |
52 KB 16 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
t.dtscdn.com/widget/ |
0 585 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
e
a.dtssrv.com/ |
20 B 590 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
33141
tags.bluekai.com/site/ Redirect Chain
|
62 B 437 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
lotame-sync.html
cdn-tc.33across.com/ Frame 9F2F |
343 B 459 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
match
ps.eyeota.net/ Redirect Chain
|
70 B 440 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
match
ps.eyeota.net/ Redirect Chain
|
70 B 440 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
t.dhj
t.sharethis.com/1/d/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
dtscout
pd.sharethis.com/pd/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
dataBeacons.min.js
data-beacons.s-onetag.com/ |
6 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sync.min.js
tags.crwdcntrl.net/lt/c/16311/ Frame 9F2F |
32 KB 10 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
map
c.ltmsphrcl.net/6/ Frame 9F2F |
156 B 432 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
v2
ap.lijit.com/readerinfo/ Redirect Chain
|
41 B 468 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
t_.htm
t.sharethis.com/a/ Frame 6435 Redirect Chain
|
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
t_.js
t.sharethis.com/1.1109.23349/a/AU/ Frame 19AA |
20 KB 9 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
a.gif
t.sharethis.com/d/ Frame 19AA |
0 289 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bk_sync.xgi
x.dlx.addthis.com/e/ Redirect Chain
|
43 B 604 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
db_sync
px.ads.linkedin.com/ Redirect Chain
|
0 360 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
merge
ce.lijit.com/ Redirect Chain
|
43 B 679 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
s.pixel
aa.agkn.com/adscores/ Redirect Chain
|
43 B 499 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Portal.html
get.s-onetag.com/underground-sync-portal/ Frame E19B |
85 B 463 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Portal.js
get.s-onetag.com/underground-sync-portal/ Frame E19B |
766 B 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
merge
ce.lijit.com/ Redirect Chain
|
43 B 682 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
pixel
ps.eyeota.net/ |
844 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
sovrn_standalone_beacon.js
ap.lijit.com/www/sovrn_beacon_standalone/ |
6 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
match
ps.eyeota.net/ Redirect Chain
|
70 B 440 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
match
d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjg0NTA1NDYvdC8w/url/https://ps.eyeota.net/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
lons7jax
sync-tm.everesttech.net/ct/upi/pid/ Redirect Chain
|
85 B 170 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
match
ps.eyeota.net/ Redirect Chain
|
70 B 440 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
match
ps.eyeota.net/ Redirect Chain
|
70 B 440 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
metrics
connect-metrics-collector.s-onetag.com/ |
0 73 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- pd.sharethis.com
- URL
- https://pd.sharethis.com/pd/dtscout?_t_=px&url=http%3A%2F%2Flogin.goveseva.org.in%2F&event_source=dtscout&rnd=0.680564868187602&exptid=ZGOAAWPS9t0AAAAIcrrJAw%3D%3D&fcmp=false
- Domain
- d.turn.com
- URL
- https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjg0NTA1NDYvdC8w/url/https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=$!{TURN_UUID}&newuser=1&referrer_pid=51md42u
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Nexi (Banking)238 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| oncontentvisibilityautostatechange object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in object| ___target_traces function| mboxCreate function| mboxDefine function| mboxUpdate function| $ function| jQuery object| _wau string| wau_w_col object| WAU_ren function| WAU_colored function| WAU_colored_request function| WAU_r_u function| WAU_insert function| WAU_la function| WAU_addCommas function| WAU_lrd function| WAU_lrs function| WAU_cps function| docReady object| x string| x1 string| x2 object| Tynt object| _33Across function| __uspapi object| a object| cv object| _dtspv function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq object| s object| s_i_nexipayments.production object| __connect object| lotame_3825 number| char function| lotameIsCompatible function| lt3825_ba function| lt3825_b undefined| lt3825_c undefined| lt3825_ca undefined| lt3825_da function| lt3825_ea object| lt3825_e function| lt3825_fa function| lt3825_ga object| lt3825_ object| lt3825_ka object| lt3825_la object| lt3825_Qa object| lt3825_Ra object| lt3825_7 function| lt3825_aa function| lt3825_a function| lt3825_d function| lt3825_f function| lt3825_g function| lt3825_h function| lt3825_i function| lt3825_j function| lt3825_k function| lt3825_ia function| lt3825_ha function| lt3825_l function| lt3825_m function| lt3825_ja function| lt3825_n function| lt3825_o function| lt3825_p function| lt3825_q function| lt3825_r function| lt3825_pa function| lt3825_ma function| lt3825_na function| lt3825_t function| lt3825_oa function| lt3825_u function| lt3825_v function| lt3825_w function| lt3825_x function| lt3825_s function| lt3825_y function| lt3825_z function| lt3825_qa function| lt3825_A function| lt3825_B function| lt3825_ra function| lt3825_C function| lt3825_D function| lt3825_sa function| lt3825_E function| lt3825_F function| lt3825_G function| lt3825_ta function| lt3825_I function| lt3825_J function| lt3825_H function| lt3825_ua function| lt3825_K function| lt3825_L function| lt3825_va function| lt3825_wa function| lt3825_M function| lt3825_xa function| lt3825_ya function| lt3825_za function| lt3825_Da function| lt3825_Aa function| lt3825_Ba function| lt3825_Ca function| lt3825_Ea function| lt3825_Ga function| lt3825_Fa function| lt3825_N function| lt3825_Ha function| lt3825_Ia function| lt3825_Ja function| lt3825_Ka function| lt3825_La function| lt3825_Ma function| lt3825_Na function| lt3825_Oa function| lt3825_Pa function| lt3825_O function| lt3825_Sa function| lt3825_P function| lt3825_Q function| lt3825_R function| lt3825_S function| lt3825_Ta function| lt3825_T function| lt3825_U function| lt3825_Ua function| lt3825_Va function| lt3825_V function| lt3825_W function| lt3825_X function| lt3825_Y function| lt3825_Wa function| lt3825_Ya function| lt3825_Xa function| lt3825_Z function| lt3825__ function| lt3825_0 function| lt3825_1 function| lt3825_4 function| lt3825__a function| lt3825_1a function| lt3825_0a function| lt3825_3a function| lt3825_2a function| lt3825_2 function| lt3825_4a function| lt3825_5a function| lt3825_3 function| lt3825_Za function| lt3825_6a function| lt3825_7a function| lt3825_8a function| lt3825_9a function| lt3825_5 function| lt3825_6 function| lt3825_$a function| lt3825_ab function| lt3825_bb function| lt3825_cb function| lt3825_db function| lt3825_eb function| lt3825_fb function| lt3825_gb function| lt3825_hb function| lt3825_ib function| lt3825_8 function| lt3825_lb function| lt3825_mb function| lt3825_kb function| lt3825_jb function| lt3825_ob function| lt3825_nb function| lt3825_qb function| lt3825_pb function| lt3825_rb function| lt3825_sb function| lt3825_tb function| lt3825_ub function| lt3825_vb function| lt3825_wb function| lt3825_yb function| lt3825_Bb function| lt3825_Ab function| lt3825_xb function| lt3825_Eb function| lt3825_zb function| lt3825_Cb function| lt3825_Gb function| lt3825_Fb function| lt3825_Hb function| lt3825_Db function| lt3825_Ib function| lt3825_Jb function| lt3825_Kb function| lt3825_9 function| lt3825_Lb function| lt3825_Mb function| lt3825_Nb function| lt3825_Ob function| lt3825_Pb function| lt3825_$ function| lt3825_Qb function| lt3825_Rb function| lt3825_Sb function| lt3825_Tb function| lt3825_Ub function| lt3825_Vb function| lt3825_Wb function| lt3825_Xb function| lt3825_Zb function| lt3825__b function| lt3825_0b function| lt3825_Yb object| __underground object| sovrn51 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| i.liadm.com/s | Name: _li_ss Value: CgASDw1IREV_EggKBgigARCdFA |
|
| .goveseva.org.in/ | Name: at_check Value: true |
|
| .demdex.net/ | Name: demdex Value: 20022644408311681273387463718483048804 |
|
| .goveseva.org.in/ | Name: AMCVS_6A724E255ED5F2A60A495E0E%40AdobeOrg Value: 1 |
|
| .goveseva.org.in/ | Name: mbox Value: session#7986846ba8e14766b1060816bec70167#1674771999|PC#7986846ba8e14766b1060816bec70167.38_0#1738014939 |
|
| .dpm.demdex.net/ | Name: dpm Value: 20022644408311681273387463718483048804 |
|
| .goveseva.org.in/ | Name: AMCV_6A724E255ED5F2A60A495E0E%40AdobeOrg Value: -1124106680%7CMCIDTS%7C19384%7CMCMID%7C13056340892684453762798217381605504987%7CMCAAMLH-1675374938%7C3%7CMCAAMB-1675374938%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1674777338s%7CNONE%7CMCSYNCSOP%7C411-19391%7CvVersion%7C5.2.0 |
|
| .dtscout.com/ | Name: m Value: 1 |
|
| .dtscout.com/ | Name: st Value: 1 |
|
| .dtscout.com/ | Name: oa Value: 1 |
|
| .dtscout.com/ | Name: df Value: 1674770139 |
|
| .dtscout.com/ | Name: l Value: 51A016747701391768142000175A199F |
|
| .goveseva.org.in/ | Name: __dtsu Value: 51A016747701391768142000175A199F |
|
| .tynt.com/ | Name: uid Value: cjb3Q2PS9tySsi4ddfWN2g== |
|
| .tynt.com/ | Name: pids Value: %5B%7B%22p%22%3A%224bbb341d17%22%2C%22f%22%3A1%2C%22ts%22%3A1674770140934%7D%2C%7B%22p%22%3A%226361f7f203%22%2C%22f%22%3A2%2C%22ts%22%3A1674770140934%7D%5D |
|
| .goveseva.org.in/ | Name: lotame_domain_check Value: goveseva.org.in |
|
| .dtscdn.com/ | Name: uid Value: 51A016747701391768142000175A199F |
|
| .eyeota.net/ | Name: mako_uid Value: 185f01453f7-fb4000001084281 |
|
| .eyeota.net/ | Name: SERVERID Value: 17025~DM |
|
| .onaudience.com/ | Name: cookie Value: 5a24b944a1b955c1 |
|
| .onaudience.com/ | Name: done_redirects109 Value: 1 |
|
| .sharethis.com/ | Name: pxcelAcc3PC Value: 1 |
|
| .doubleclick.net/ | Name: IDE Value: AHWqTUmJJX7Fs-yDCPYuLzjgMbXBie595zPqIKVhi-bmlkd_gYKA6-i_4CUwyWRRbEI |
|
| .t.sharethis.com/ | Name: pxcelPage_default_c010_C Value: 1_0_1674770143495 |
|
| .t.sharethis.com/ | Name: pxcelBcnLcy Value: 248 |
|
| .lijit.com/ | Name: ljt_reader Value: GDZDKSZH3BAwElZiQ2m7hwyg |
|
| .bluekai.com/ | Name: bku Value: ylT99met6Zm2DjzL |
|
| .linkedin.com/ | Name: li_sugr Value: e98a9134-03fe-467b-adf7-519c9987e834 |
|
| .ads.linkedin.com/ | Name: lang Value: v=2&lang=en-us |
|
| .linkedin.com/ | Name: bcookie Value: "v=2&1230dc73-f5c0-480e-8b5c-0804148339cb" |
|
| .linkedin.com/ | Name: lidc Value: "b=TGST03:s=T:r=T:a=T:p=T:g=2906:u=1:x=1:i=1674770144:t=1674856544:v=2:sig=AQE23ZvaK7V_DzZq4MiZ3iDGO3ZNZkI5" |
|
| .simpli.fi/ | Name: suid Value: 3571775274154DCBA01B1F22C602C16E |
|
| .adsrvr.org/ | Name: TDID Value: df8d79bb-277b-48cc-9599-f2d63202596e |
|
| .liadm.com/ | Name: lidid Value: 29a5bc1e-4ed0-46a6-8a31-24dbd6c75123 |
|
| .adsrvr.org/ | Name: TDCPM Value: CAEYBSABKAIyCwjumfzn2fy_OxAFOAE. |
|
| .crwdcntrl.net/ | Name: _cc_dc Value: 2 |
|
| .crwdcntrl.net/ | Name: _cc_id Value: d8ed19fd122ea536636db8a0f88f6d46 |
|
| .lijit.com/ | Name: _ljtrtb_2 Value: 3571775274154DCBA01B1F22C602C16E |
|
| .lijit.com/ | Name: _ljtrtb_5001 Value: d8ed19fd122ea536636db8a0f88f6d46 |
|
| .e.dlx.addthis.com/ | Name: na_tc Value: Y |
|
| .agkn.com/ | Name: ab Value: 0001%3AWrqJHotBycWavoF6dSpmIZWdY1vmoDTE |
|
| .adnxs.com/ | Name: uuid2 Value: 496015191900367372 |
|
| .addthis.com/ | Name: na_id Value: 2023012621554600013490071287 |
|
| .addthis.com/ | Name: na_tc Value: Y |
|
| .addthis.com/ | Name: uid Value: 63d2f6e2b533c317 |
|
| .addthis.com/ | Name: ouid Value: 63d2f6e200018b936a624173f1094e188f7a5c4cd466d10af816 |
|
| .dlx.addthis.com/ | Name: na_rn Value: 0 |
|
| .dlx.addthis.com/ | Name: na_sr Value: 20230126 |
|
| .dlx.addthis.com/ | Name: na_srp Value: 7601 |
|
| .dlx.addthis.com/ | Name: na_sc_e Value: 0 |
|
| .dlx.addthis.com/ | Name: na_sc_x Value: 1 |
7 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
a.dtssrv.com
aa.agkn.com
ap.lijit.com
assets.adobedtm.com
bcp.crwdcntrl.net
c.ltmsphrcl.net
cdn-tc.33across.com
cdn.tynt.com
ce.lijit.com
cm.everesttech.net
cm.g.doubleclick.net
connect-metrics-collector.s-onetag.com
d.turn.com
data-beacons.s-onetag.com
de.tynt.com
dpm.demdex.net
e.dlx.addthis.com
get.s-onetag.com
i.liadm.com
ib.adnxs.com
ic.tynt.com
login.goveseva.org.in
match.adsrvr.org
nexipayments.demdex.net
nexipayments.sc.omtrdc.net
nexipayments.tt.omtrdc.net
onetag-geo.s-onetag.com
pd.sharethis.com
pixel.onaudience.com
ps.eyeota.net
px.ads.linkedin.com
stags.bluekai.com
sync-tm.everesttech.net
t.dtscdn.com
t.dtscout.com
t.sharethis.com
tags.bluekai.com
tags.crwdcntrl.net
um.simpli.fi
waust.at
whos.amung.us
widgets.amung.us
www.nexi.it
x.dlx.addthis.com
d.turn.com
pd.sharethis.com
104.122.20.13
104.18.35.34
104.22.74.171
104.254.148.251
104.26.13.60
104.26.5.7
104.65.228.244
104.69.166.9
111.118.215.189
13.107.42.14
13.250.236.77
13.33.33.104
13.33.33.57
13.33.88.11
13.33.88.45
141.101.120.11
142.251.12.156
146.59.148.16
151.101.194.49
172.64.151.83
172.64.167.31
185.198.117.126
3.227.167.227
34.126.167.117
35.158.32.185
35.71.131.137
35.76.241.249
52.74.236.208
52.76.143.168
52.76.3.172
52.77.159.4
54.169.203.49
54.251.140.206
63.140.48.156
63.251.14.3
67.202.105.32
67.202.105.33
75.2.13.80
0485f940d3ee5a797d15cc0a25c5e6165168bf22b4a177795cab02fcdb28e7fe
0814a79883b4070863f8185270ea202fbb53791a439b221fd73afb146b0ded5d
0a6860b639d3f65209ac59599c26f7027aef515187c186b306a2e07c2c32e338
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
104d66d335ac672f50c7c042f372ca69e38effeb52104680d676789a35d03e69
131addda5379692aff3f337f4ccb4c051171dd38fc75a0cdfca1095db3345c7b
200ecb4319241577a666dec2e873db9de2695cd15169683a269321dc59279fdc
27ca5125c219441002caaa068a4e81147e6bb6554f2e6a0a09ffb1e8b4df79af
2a1106fe9ded31c3b8a7ebd572f416631870b9577b90bef751846cc23f247cfa
2b0081dc845e7e0592216659ea61c08bd87e6e50c2ea064e8f7e9d31edb829cd
366f8119b964e2fb98bc441aaedbaeb188176d855b151bf58eff15deb0a31fff
509bf9e83d3ca5add614196c02c8e0ce59731d3d1a10552c944b74d86019d866
50bee32bcf93d4bc896ac563ff885641e6e43b4814e9d2d141ed68e243deb758
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
57f461d70ea6aa694687fb33c4ee5987c2f4f45122ad378406920842dfad3d18
5a9832e8fbf9271704a38054b70a3623cc10a16404d01d23133ea1708c470f28
5e3c6b5c51b5fbf7691fa5d0adbcd05be694548d5f03aee7d59d7a8b092b5d27
6150a35c0f486c46cadf0e230e2aa159c7c23ecfbb5611b64ee3f25fcbff341f
64e35e6e3e1969550eda7af80ded7e8e7ffdc15dd6a2bfdc4ed9bf1cb82cc762
6691c17050e97fa3a70eb75b6da5d601b461af4d26b954f87dcddbf354f61eda
6d660c25e43c776058acf2be52f0d044c9bdf0461c3237e9c76d2203dc6aae57
70170e469d8d05527acab7e3335c6fe91e2966ddbb6e9ea6211260b8f717d120
7364dc66b30fac131c57fb24f1addde4ff79b344855fa6d79c451ff8d6dbc6a0
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7beca39d49e8bbc677063eb8e00aa86d3e1c1342cda2e33f9e439387333c0aa3
7fccdf59f5dec8ddbf11ed9f5e28cf80e6424389a35d5a4b76ef39f2df02f8be
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86dbb95c983a9c81e1806afa854b9713ec33ee7e279712e6eee946c6b2e8f92d
8a328eaf97de4600f72891d5658426d62b7afff1cc12667968e8db621a38322c
92c5b25edbc4647c55be848b92ea22fd4618cc3252a2364025262e18a7430f84
97205f0af2d4cd685b2cd78497e6805ce35c534433e36658a27f136964d3c70a
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9a2246d0f0a31cc7352260f2d876d803116e3c03f040c2674f1bd8570798ca31
9c61f60b366129bf27c265686c20b261c28d540dbbe03cbe5723e30c1b801b88
9dab070ee75ce06cf5e8bb6ab989f0130e40f216a1a717d6a0538a57f5143fec
9e8158f4be80ead5ed94ac1f4a6f1a634e33f59daeeb571a0541d82ea117b4d3
9fdff6db20a059bcfe2aed08c717329fd0e41cfdc19b71b940a0d50b29016131
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a22ea2c13b8179c675566ef9ce7a77c663056b6147674c851d898b21f6c68ee6
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
c2dff4d99eef4b35e8f498d841d785ec135749647ff00b3efd1a5d66f87e5241
c37a1253313f01ecf7b8d5ac83025a8059d161d955ecbe5254c99d4edf6989fc
c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f
c96d6c44d50646e4096806c2f0ba110954d52f55150d7b34d0d7ba6872486266
caf00dccdfb24b237c2e763929bbdbf10d64d66606688390a39c6456fbddb409
dc47b2acb976c562fd498eb6a4ed19b7c2fe735defc2d5e82bcda4be438424da
dc50ef7f80147b0a2407f5a560125db8b36c799d5a5a32b17d83fea8f03492e5
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0
ed313341bbd73a61ddacf268f494c9f85cb84e46f8954bde8a5260e21174f340
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7c483aaebdf98638068eb092f47ee4b98bcdce8aa4282104454292708089b1c
fa15cca73eeff8d841db82bb54f1e59f98047ac570f29e4daaafe4ee5c47a733