windows-security-alert-n4lum.ondigitalocean.app
Open in
urlscan Pro
2a06:98c1:58::60
Malicious Activity!
Public Scan
Submission: On April 30 via api from US — Scanned from DE
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 17th 2023. Valid for: a year.
This is the only time windows-security-alert-n4lum.ondigitalocean.app was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Tech Support Scam (Consumer)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
25 | 2a06:98c1:58::60 2a06:98c1:58::60 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:806::2008 | 15169 (GOOGLE) (GOOGLE) | |
1 | 195.201.57.90 195.201.57.90 | 24940 (HETZNER-AS) (HETZNER-AS) | |
2 | 2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3 | 32934 (FACEBOOK) (FACEBOOK) | |
1 | 2a02:26f0:170... 2a02:26f0:1700:1af::f03 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 2001:4860:480... 2001:4860:4802:32::36 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de | 32934 (FACEBOOK) (FACEBOOK) | |
1 | 188.114.96.3 188.114.96.3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
33 | 9 |
ASN13335 (CLOUDFLARENET, US)
windows-security-alert-n4lum.ondigitalocean.app |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN24940 (HETZNER-AS, DE)
PTR: static.90.57.201.195.clients.your-server.de
ipwho.is |
ASN32934 (FACEBOOK, US)
connect.facebook.net |
ASN20940 (AKAMAI-ASN1, NL)
support.microsoft.com |
ASN32934 (FACEBOOK, US)
www.facebook.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
25 |
ondigitalocean.app
windows-security-alert-n4lum.ondigitalocean.app |
843 KB |
2 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180 |
72 KB |
1 |
userstatics.com
userstatics.com — Cisco Umbrella Rank: 92039 |
652 B |
1 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 97 |
274 B |
1 |
google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2404 |
276 B |
1 |
microsoft.com
support.microsoft.com — Cisco Umbrella Rank: 8002 |
|
1 |
ipwho.is
ipwho.is — Cisco Umbrella Rank: 86761 |
985 B |
1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39 |
99 KB |
33 | 8 |
Domain | Requested by | |
---|---|---|
25 | windows-security-alert-n4lum.ondigitalocean.app |
windows-security-alert-n4lum.ondigitalocean.app
|
2 | connect.facebook.net |
windows-security-alert-n4lum.ondigitalocean.app
connect.facebook.net |
1 | userstatics.com |
windows-security-alert-n4lum.ondigitalocean.app
|
1 | www.facebook.com |
windows-security-alert-n4lum.ondigitalocean.app
|
1 | region1.google-analytics.com |
www.googletagmanager.com
|
1 | support.microsoft.com |
windows-security-alert-n4lum.ondigitalocean.app
|
1 | ipwho.is |
windows-security-alert-n4lum.ondigitalocean.app
|
1 | www.googletagmanager.com |
windows-security-alert-n4lum.ondigitalocean.app
|
33 | 8 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
ondigitalocean.app Cloudflare Inc ECC CA-3 |
2023-09-17 - 2024-09-16 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2024-04-16 - 2024-07-09 |
3 months | crt.sh |
ipwho.is GoGetSSL ECC DV CA |
2024-03-13 - 2025-03-13 |
a year | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2024-02-09 - 2024-05-08 |
3 months | crt.sh |
support.microsoft.com Microsoft Azure TLS Issuing CA 02 |
2023-05-18 - 2024-05-12 |
a year | crt.sh |
userstatics.com E1 |
2024-03-28 - 2024-06-26 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://windows-security-alert-n4lum.ondigitalocean.app/
Frame ID: A27BD31A3698AD522C564C1DE60C286B
Requests: 33 HTTP requests in this frame
Frame:
https://support.microsoft.com/en-us/windows
Frame ID: AA355334452C919BE36D3673303B465D
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Security centerDetected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Facebook (Widgets) Expand
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Font Awesome (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google Analytics (Analytics) Expand
Detected patterns
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtag/js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
33 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
windows-security-alert-n4lum.ondigitalocean.app/ |
25 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
296 KB 99 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles.css
windows-security-alert-n4lum.ondigitalocean.app/css/ |
9 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.css
windows-security-alert-n4lum.ondigitalocean.app/css/ |
27 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bg1.jpg
windows-security-alert-n4lum.ondigitalocean.app/images/ |
550 B 550 B |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bg2.jpg
windows-security-alert-n4lum.ondigitalocean.app/images/ |
550 B 550 B |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
minimize.jpg
windows-security-alert-n4lum.ondigitalocean.app/images/ |
2 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
kxFy-clip.png
windows-security-alert-n4lum.ondigitalocean.app/images/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
qsbs-firewall.png
windows-security-alert-n4lum.ondigitalocean.app/images/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
s-S4-acc.png
windows-security-alert-n4lum.ondigitalocean.app/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Z5BR-network.png
windows-security-alert-n4lum.ondigitalocean.app/images/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
uZbx-si.png
windows-security-alert-n4lum.ondigitalocean.app/images/ |
24 KB 24 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
-EBq-current.png
windows-security-alert-n4lum.ondigitalocean.app/images/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nOxp-sett.png
windows-security-alert-n4lum.ondigitalocean.app/images/ |
842 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
microsoft.png
windows-security-alert-n4lum.ondigitalocean.app/images/ |
239 B 583 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cross.png
windows-security-alert-n4lum.ondigitalocean.app/images/ |
395 KB 396 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
re.gif
windows-security-alert-n4lum.ondigitalocean.app/images/ |
14 KB 15 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
windows-security-alert-n4lum.ondigitalocean.app/js/ |
202 KB 59 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
windows-security-alert-n4lum.ondigitalocean.app/js/ |
115 KB 30 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.js
windows-security-alert-n4lum.ondigitalocean.app/js/ |
3 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
scripts.js
windows-security-alert-n4lum.ondigitalocean.app/js/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
ipwho.is/ |
713 B 985 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
218 KB 59 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
windows
support.microsoft.com/en-us/ Frame AA35 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iicme4.mp3
windows-security-alert-n4lum.ondigitalocean.app/media/ |
196 KB 197 KB |
Media
audio/mpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
467 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
speech.mp3
windows-security-alert-n4lum.ondigitalocean.app/media/ |
550 B 894 B |
Media
audio/mpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
windows-security-alert-n4lum.ondigitalocean.app/fonts/ |
21 KB 22 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.google-analytics.com/g/ |
0 276 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
637211488626768
connect.facebook.net/signals/config/ |
61 KB 13 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
0 274 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
script.js
userstatics.com/get/ |
133 B 652 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fontawesome-webfont.woff2
windows-security-alert-n4lum.ondigitalocean.app/fonts/ |
65 KB 65 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
microsoft.png
windows-security-alert-n4lum.ondigitalocean.app/images/ |
239 B 447 B |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Tech Support Scam (Consumer)32 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 function| gtag object| dataLayer object| t function| getVariableFromURl string| ph0ne1 function| fbq function| _fbq function| _0x2a7f93 function| _0x4a8d function| _0x36de function| $ function| jQuery function| _0x504c function| _0x55fa object| bootstrap function| _0x595f76 function| _0x1b87 function| _0x281f function| startScan function| _0x9f2a function| _0x3a16 function| playSound string| ipadd string| city string| country string| isp string| currtime object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal20 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
support.microsoft.com/signin-oidc | Name: .AspNetCore.OpenIdConnect.Nonce.CfDJ8CiTzr73KWNFsUGcHEnPeJpyYkIKhFoUKwu-Yux7co5g5el638nnFzAuRuvKa7ogmnJH2g_E-Vi3dcfN2kdyNZ7gegHdO985VW6zHvqB8QL7dsGAAZl25igQvaccF3fOKjZKjYoKLgoredlgBpdXTc-YRw4I3u2uqCfNvz1CZYC9Cj3KvjxdlV4PR_7QlF1en5QouxSaKFnEq82C18N4zhUhnij929EM1qqIkZ5M6YsE1DyNXt4Td8AihIIHofudF0S-dkLtoKPNtL2OkvWHIHA Value: N |
|
windows-security-alert-n4lum.ondigitalocean.app/ | Name: PHPREFS Value: full |
|
.windows-security-alert-n4lum.ondigitalocean.app/ | Name: _ga_3BT9JSDGGD Value: GS1.1.1714520663.1.0.1714520663.0.0.0 |
|
.windows-security-alert-n4lum.ondigitalocean.app/ | Name: _ga Value: GA1.1.51081286.1714520664 |
|
support.microsoft.com/ | Name: EXPID Value: 24ca5307-9f06-4dfb-a257-9858afd127a5 |
|
.windows-security-alert-n4lum.ondigitalocean.app/ | Name: _fbp Value: fb.2.1714520663815.239436651 |
|
login.microsoftonline.com/ | Name: buid Value: 0.AU8AMe_N-B6jSkuT5F9XHpElWhkrJ-4RRD9DjyhcE8tv1AcBAAA.AQABGgEAAADnfolhJpSnRYB1SVj-Hgd8ICRN6SI0vUdVMr8cLiU4VQNXC3dxfpiuxIhBan2xIvFHW4tem5wspKqdoQoCTJEsNQT5WSFHDTJ38jc7pvCe856xjAv47VLZ48eHYyMcPqEgAA |
|
.login.microsoftonline.com/ | Name: esctx Value: PAQABBwEAAADnfolhJpSnRYB1SVj-Hgd8B8jwCzuMa7LkKqHQHTI6dGBM4BBVl8kQLrujPS-ILlqlSN0BjZ-mLthaEOST5zkb3kDSKfYals0pJMgMmoXsrqgpe_FX9b4mKTlXxblLKjVM3mQ-wu0CZHjSbK-J4LTmlIHJmNM1NF7pOFrTfW_b79Qu2T_ljDCKHSAO827myFYgAA |
|
.login.microsoftonline.com/ | Name: esctx-LmBeCc5gJyI Value: AQABCQEAAADnfolhJpSnRYB1SVj-Hgd8hjl0698Lz5wUrMI5-fuypUOChuhZjIy2Eq_O9XbugAChhcKIRHq6aG0xj8QvplVsIx3TSY4YJdERQIyLCEYr-hjr1GVWwwVgGEhaTNMQ1t05O9LVfJhIBoGhn_G3uPn9RyNCN3Ry83ei_G7uLOHcRCAA |
|
login.microsoftonline.com/ | Name: fpc Value: AiQX6W_KWW5AqdZ2WKzagNhqwEtIAQAAAFh5w90OAAAA |
|
login.microsoftonline.com/ | Name: x-ms-gateway-slice Value: estsfd |
|
login.microsoftonline.com/ | Name: stsservicecookie Value: estsfd |
|
support.microsoft.com/ | Name: MicrosoftApplicationsTelemetryDeviceId Value: 252a3681-ad60-48a3-9278-ec0a549b93df |
|
support.microsoft.com/ | Name: ai_session Value: sJ2Rb9jZzYTd2ifB2IL1E9|1714520664655|1714520664655 |
|
.login.live.com/ | Name: uaid Value: bfb9bf97dafe4fb78c50851dd94d13de |
|
.login.live.com/ | Name: MSPRequ Value: id=12<=1714520665&co=0 |
|
.login.live.com/ | Name: OParams Value: 11O.Dt7Lf230DLH3TACop8EB73KXjXlDwt0RszJGHG2t8ZP5kIKztkzdQj6bu11feIIca63XkTGOBGQdxqrF9kYV3pX25WNEWc8srIzgIciYFAsTd0!EvOO4v80RTQdMlI40a0Id0dte46CLzotoK33tL43pZ9fleWPhEBmTmBSqXnE3D7*Tgd*XxCPiwFMhBvceKiPx3vQsOGQ8qNwbdy7BbFEmVyDUukiNk5v*qV7rFbcVAwiwgs*KKjArUJu1eDA1sJmvCwQClc12XBNdqr1Ij1c$ |
|
.microsoft.com/ | Name: MC1 Value: GUID=b12a7dd4968d477ea67f6f531690c7d7&HASH=b12a&LV=202404&V=4&LU=1714520666309 |
|
.microsoft.com/ | Name: MS0 Value: 5ae782b00b0d4eb68682cc08f7b2502c |
|
support.microsoft.com/ | Name: MSFPC Value: GUID=b12a7dd4968d477ea67f6f531690c7d7&HASH=b12a&LV=202404&V=4&LU=1714520666309 |
78 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
connect.facebook.net
ipwho.is
region1.google-analytics.com
support.microsoft.com
userstatics.com
windows-security-alert-n4lum.ondigitalocean.app
www.facebook.com
www.googletagmanager.com
188.114.96.3
195.201.57.90
2001:4860:4802:32::36
2a00:1450:4001:806::2008
2a02:26f0:1700:1af::f03
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a06:98c1:58::60
1576680c3c410d3d357a047b5af5bcb8fa7396663d9ae85ccd5631eb3fa4be3c
1a4a9d67323926c0b4fc12a7703b17890126983999c8eccd8b3f3ae0cb7e0fd8
236a19e10c49d547e19412eecf6908d7bbf7e479835d74220d6d50d5d18dfdfd
2ccf601cfa59425007d5abf684f820b534d58983e977ce525c1e8da54387c02c
4907b8bae449979126705305b615c7b9b0571b5dcbdf5bea0e0243e239b331af
4b436b0b6a47db85c88f83dc3fe3fd9a96c0a4018b28832165df929dffe0bc86
4edac0e461280f67e6d60a943a4a00fa2facd7cbaffefc4be84ee876ff710ba1
534005da6673059024215f36a4cab983faa7041190223bba39edd845f9445bc1
57924a44440b2707827d8952f474108eb4c741c6137aacbbf8dba6692c652b60
5c0ffef2e717422d961243d91ea1f7e6b52c2cb48a6cd44f9f84efee86c37c03
6eb095de99e6e28e651938cc166f09e38acd7ec7b914a7f97646a9a95887c6fa
713601c1e3e76d39801d007a718d2b536a7a081e31a51f22e99ff96d58e988e2
76f091cd5d485621321f9668b3d3584164fd3040337908b19b43ef842b6136e8
7d9ab165076915bc3854bab91e080fe05da9ccd8c9ae9058a3f1cf5fb09134c9
7f037abad8de1689487bae2f6dc271ddf90e50c40a038d7ab51828763e5e7bda
80d9ac80157192380c06abbf3e2a8df20614b87c4de9b40e20b805fe7a36b543
84f6d1248980a0b8823b1bf13c97242761f8a5a2190a8efd54acccbc077e9515
8d1c68bceb0a0f41a80e34a585c1bc72fb15effff23016f0a182b0c5a7cf27f0
a072681ff11d60e33eb625e1d75e828542f80c9362d905c3eb9626063e27b4cc
a59a8ed0264f362121131efcb7320a82074636d25ad2d0a63d713f8f5fe7b85b
bcae4ba85a18b6d57f6ca6c515a028699c442424a4e7963337675f7d1d14aa8f
df92b5b84104c3a751204b2643d981c7204ad679bcb9369b47127a089d3e72f3
df9690fea031319de38a437cb6d393026c4aae70642ed394c4254ed64f035b26
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
f6e7f3cc4d82a373a52123f1e417f6271c37d242156e6d02117f7de98a64d7a4
fa743072397830ae4b399969ef6b76dd8a9e1eaec634fd28c59c880d6b1856bd
fc59bbb18f923747b9cd3f3b23537ff09c5ad2fdfc1505a4800a3f269a234e65
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995