coloradoinvestigations.com Open in urlscan Pro
74.63.160.31 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://coloradoinvestigations.com/
Effective URL:
https://coloradoinvestigations.com/
Submission: On March 08 via api (March 8th 2023, 9:58:43 pm UTC) from US — Scanned from DE

Summary HTTP 18 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 3 domains to perform 18 HTTP transactions. The main IP is 74.63.160.31, located in United States and belongs to ASN-VINS, US. The main domain is coloradoinvestigations.com.
TLS certificate: Issued by R3 on January 12th 2023. Valid for: 3 months.

This is the only time coloradoinvestigations.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 10	74.63.160.31 74.63.160.31	13649 (ASN-VINS) (ASN-VINS)
5	2a00:1450:400... 2a00:1450:400d:80a::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::200d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80a::2003	15169 (GOOGLE) (GOOGLE)
18	5

10 74.63.160.31 (United States) 1 redirects

ASN13649 (ASN-VINS, US)
PTR: fontana.hostworks.com

coloradoinvestigations.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400d:80a::200e (Ireland)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80a::2003 (Ireland)

ASN15169 (GOOGLE, US)

ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	coloradoinvestigations.com 1 redirects coloradoinvestigations.com	62 KB
7	google.com apis.google.com — Cisco Umbrella Rank: 106 accounts.google.com — Cisco Umbrella Rank: 71	137 KB
1	gstatic.com ssl.gstatic.com	5 KB
18	3

	Domain	Requested by
10	coloradoinvestigations.com	1 redirects coloradoinvestigations.com
5	apis.google.com	coloradoinvestigations.com apis.google.com accounts.google.com
2	accounts.google.com	apis.google.com coloradoinvestigations.com
1	ssl.gstatic.com	accounts.google.com
18	4

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.uscity.net
www.courts.state.co.us

Subject Issuer	Validity	Valid
coloradoinvestigations.com R3	`2023-01-12` - `2023-04-12`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://coloradoinvestigations.com/
Frame ID: 73403E848A5E8C2D7503B2014BD644BD
Requests: 12 HTTP requests in this frame

Frame: https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&origin=https%3A%2F%2Fcoloradoinvestigations.com&url=https%3A%2F%2Fcoloradoinvestigations.com%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.Kkp5jCVP1mE.O%2Fd%3D1%2Frs%3DAHpOoo_7Y6tSvjE22-7l-mORgYNGctXqXw%2Fm%3D__features__
Frame ID: AD8260D64C285E6E103900174239DF17
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fcoloradoinvestigations.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.Kkp5jCVP1mE.O%2Fd%3D1%2Frs%3DAHpOoo_7Y6tSvjE22-7l-mORgYNGctXqXw%2Fm%3D__features__
Frame ID: D3B92BA8FCCFF88C3F351A937894EC90
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Condello & Associates

Page URL History Show full URLs

http://coloradoinvestigations.com/ HTTP 301
https://coloradoinvestigations.com/ Page URL

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]*accounts\.google\.com/o/oauth2

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Page Statistics

18
Requests

94 %
HTTPS

75 %
IPv6

3
Domains

4
Subdomains

5
IPs

3
Countries

204 kB
Transfer

452 kB
Size

1
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/pages/Condello-Associates/1632910446981225

Search URL Search Domain Scan URL

URL: https://twitter.com/#!/Condello2011

Search URL Search Domain Scan URL

URL: http://www.uscity.net/
Title: uscity.net directory

Search URL Search Domain Scan URL

URL: http://www.courts.state.co.us/chs/court/forms/selfhelpcenter.htm
Title: Colorado Legal Forms

Search URL Search Domain Scan URL

URL: http://www.courts.state.co.us/supct/rules/2006/2006_04.pdf
Title: Colo. Rules of Civil Proc.

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://coloradoinvestigations.com/ HTTP 301
https://coloradoinvestigations.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
coloradoinvestigations.com/
Redirect Chain

http://coloradoinvestigations.com/
https://coloradoinvestigations.com/

14 KB
15 KB

1304ms
311ms

Document
text/html

74.63.160.31
ASN-VINS

General

Check archive.org

Show headers Download Go to

Full URL: https://coloradoinvestigations.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 74.63.160.31 , United States, ASN13649 (ASN-VINS, US),
Reverse DNS: fontana.hostworks.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 64d74d6fc0b5703d3df2d7505575776f454f6a2f423f3345c844f291984b84e3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private
Content-Length: 14762
Content-Type: text/html
Date: Wed, 08 Mar 2023 21:58:36 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET

Redirect headers

Content-Length: 158
Content-Type: text/html; charset=UTF-8
Date: Wed, 08 Mar 2023 21:58:34 GMT
Location: https://coloradoinvestigations.com/
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET

GET
H/1.1 200
OK dbg1.css
coloradoinvestigations.com/ 2 KB
3 KB 160ms
159ms Stylesheet
text/css 74.63.160.31
ASN-VINS

General

Check archive.org

Show headers Download Go to

Full URL: https://coloradoinvestigations.com/dbg1.css
Requested by: Host: coloradoinvestigations.com
URL: https://coloradoinvestigations.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 74.63.160.31 , United States, ASN13649 (ASN-VINS, US),
Reverse DNS: fontana.hostworks.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 0014dc454a336b64a2ab684464e4afd5c9e79b074691e214c0eb2fe8c6bd2984

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://coloradoinvestigations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Wed, 08 Mar 2023 21:58:36 GMT
Last-Modified: Thu, 21 Jun 2012 18:12:02 GMT
Server: Microsoft-IIS/8.5
ETag: "045305bd94fcd1:0"
X-Powered-By: ASP.NET
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 2395

GET
H/1.1 200
OK logo_facebook.png
coloradoinvestigations.com/ 4 KB
4 KB 324ms
164ms Image
image/png 74.63.160.31
ASN-VINS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://coloradoinvestigations.com/logo_facebook.png
Requested by: Host: coloradoinvestigations.com
URL: https://coloradoinvestigations.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 74.63.160.31 , United States, ASN13649 (ASN-VINS, US),
Reverse DNS: fontana.hostworks.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 775fbba1e96177181dc9d688b84d6dc0bd4bfbeee9af02b762fd69e9155526fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://coloradoinvestigations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Wed, 08 Mar 2023 21:58:36 GMT
Last-Modified: Tue, 03 Jul 2012 21:58:48 GMT
Server: Microsoft-IIS/8.5
ETag: "01cf456759cd1:0"
X-Powered-By: ASP.NET
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 3795

GET
H/1.1 200
OK logo_twitter.png
coloradoinvestigations.com/ 4 KB
4 KB 466ms
160ms Image
image/png 74.63.160.31
ASN-VINS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://coloradoinvestigations.com/logo_twitter.png
Requested by: Host: coloradoinvestigations.com
URL: https://coloradoinvestigations.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 74.63.160.31 , United States, ASN13649 (ASN-VINS, US),
Reverse DNS: fontana.hostworks.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: a4b0463c475a3ddf3b2d8f64b3b234626515483ccca860bccec1569758a7056f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://coloradoinvestigations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Wed, 08 Mar 2023 21:58:36 GMT
Last-Modified: Tue, 03 Jul 2012 21:58:49 GMT
Server: Microsoft-IIS/8.5
ETag: "80b28c66759cd1:0"
X-Powered-By: ASP.NET
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 3753

GET
H/1.1 200
OK condello_logo.png
coloradoinvestigations.com/ 17 KB
18 KB 474ms
162ms Image
image/png 74.63.160.31
ASN-VINS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://coloradoinvestigations.com/condello_logo.png
Requested by: Host: coloradoinvestigations.com
URL: https://coloradoinvestigations.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 74.63.160.31 , United States, ASN13649 (ASN-VINS, US),
Reverse DNS: fontana.hostworks.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 31883af90a64c0055ef12754a70758076c706dc0f0f0c12ac89771c6f82dd95f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://coloradoinvestigations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Wed, 08 Mar 2023 21:58:36 GMT
Last-Modified: Fri, 15 Jun 2012 21:00:11 GMT
Server: Microsoft-IIS/8.5
ETag: "80ff38da394bcd1:0"
X-Powered-By: ASP.NET
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 17730

GET
H/1.1 200
OK line_yellow.gif
coloradoinvestigations.com/ 841 B
1 KB 476ms
163ms Image
image/gif 74.63.160.31
ASN-VINS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://coloradoinvestigations.com/line_yellow.gif
Requested by: Host: coloradoinvestigations.com
URL: https://coloradoinvestigations.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 74.63.160.31 , United States, ASN13649 (ASN-VINS, US),
Reverse DNS: fontana.hostworks.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 02df9b3a46576376218d4a2bb6c1900fc251889c47898bec67309bbba6dbd8ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://coloradoinvestigations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Wed, 08 Mar 2023 21:58:36 GMT
Last-Modified: Tue, 18 Jan 2005 18:38:26 GMT
Server: Microsoft-IIS/8.5
ETag: "03d73e58cfdc41:0"
X-Powered-By: ASP.NET
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 841

GET
H/1.1 200
OK visa.gif
coloradoinvestigations.com/ 1 KB
1 KB 481ms
167ms Image
image/gif 74.63.160.31
ASN-VINS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://coloradoinvestigations.com/visa.gif
Requested by: Host: coloradoinvestigations.com
URL: https://coloradoinvestigations.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 74.63.160.31 , United States, ASN13649 (ASN-VINS, US),
Reverse DNS: fontana.hostworks.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 27441dd94c3246f7e489442e41e6b5addb290c5286416f7214b5303869cf13fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://coloradoinvestigations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Wed, 08 Mar 2023 21:58:36 GMT
Last-Modified: Tue, 18 Jan 2005 18:38:26 GMT
Server: Microsoft-IIS/8.5
ETag: "03d73e58cfdc41:0"
X-Powered-By: ASP.NET
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 1286

GET
H/1.1 200
OK mc.gif
coloradoinvestigations.com/ 1 KB
2 KB 332ms
165ms Image
image/gif 74.63.160.31
ASN-VINS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://coloradoinvestigations.com/mc.gif
Requested by: Host: coloradoinvestigations.com
URL: https://coloradoinvestigations.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 74.63.160.31 , United States, ASN13649 (ASN-VINS, US),
Reverse DNS: fontana.hostworks.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 086e0300b4657aada8a8d344f887fa01e2a770b911056276d52c3c493353d995

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://coloradoinvestigations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Wed, 08 Mar 2023 21:58:36 GMT
Last-Modified: Tue, 18 Jan 2005 18:38:26 GMT
Server: Microsoft-IIS/8.5
ETag: "03d73e58cfdc41:0"
X-Powered-By: ASP.NET
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 1367

GET
H2 200 plusone.js Show response
apis.google.com/js/ 54 KB
21 KB 213ms
86ms Script
text/javascript 2a00:1450:400d:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Host: coloradoinvestigations.com
URL: https://coloradoinvestigations.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c41179dbf1f74b08e7fc7a53b07b77e545cb077450debb17635c39ceebca411

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://coloradoinvestigations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 Mar 2023 21:58:37 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21025
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "c47fe3be899f7376"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Mar 2023 21:58:37 GMT

GET
H/1.1 200
OK backnew.jpg
coloradoinvestigations.com/ 15 KB
15 KB 465ms
324ms Image
image/jpeg 74.63.160.31
ASN-VINS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://coloradoinvestigations.com/backnew.jpg
Requested by: Host: coloradoinvestigations.com
URL: https://coloradoinvestigations.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 74.63.160.31 , United States, ASN13649 (ASN-VINS, US),
Reverse DNS: fontana.hostworks.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: c01d388887a1bb3a33b5e015b5012feecec0816258f29eb91869b8927fa75e79

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://coloradoinvestigations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Wed, 08 Mar 2023 21:58:36 GMT
Last-Modified: Tue, 18 Jan 2005 18:38:26 GMT
Server: Microsoft-IIS/8.5
ETag: "03d73e58cfdc41:0"
X-Powered-By: ASP.NET
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 14956

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.Kkp5jCVP1mE.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_7Y6tSvjE22-7l-mORgYNGctXqXw/ 150 KB
52 KB 53ms
53ms Script
text/javascript 2a00:1450:400d:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.Kkp5jCVP1mE.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_7Y6tSvjE22-7l-mORgYNGctXqXw/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2cc97bae038e7c0e3d529a676369d9a0dbada1b0dfec5a32f0d444fb09015762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://coloradoinvestigations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 10:41:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40640
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52777
x-xss-protection: 0
last-modified: Wed, 01 Feb 2023 16:56:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Mar 2024 10:41:17 GMT

GET
H2 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.Kkp5jCVP1mE.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_7Y6tSvjE22-7l-mORgYNGctXqXw/ 103 KB
36 KB 106ms
106ms Script
text/javascript 2a00:1450:400d:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.Kkp5jCVP1mE.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_7Y6tSvjE22-7l-mORgYNGctXqXw/cb=gapi.loaded_1?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21bc00124c577ea9d745c5b2df19ecaae077dcb0018a293760d8337fa40a3e46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://coloradoinvestigations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 19:57:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 93653
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36709
x-xss-protection: 0
last-modified: Wed, 01 Feb 2023 16:56:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Mar 2024 19:57:44 GMT

GET fastbutton
apis.google.com/u/0/se/0/_/+1/ Frame AD82 0
0

GET
H2 200 postmessageRelay Show response
accounts.google.com/o/oauth2/ Frame D3B9 565 B
808 B 139ms
51ms Document
text/html 2a00:1450:4001:831::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fcoloradoinvestigations.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.Kkp5jCVP1mE.O%2Fd%3D1%2Frs%3DAHpOoo_7Y6tSvjE22-7l-mORgYNGctXqXw%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.Kkp5jCVP1mE.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_7Y6tSvjE22-7l-mORgYNGctXqXw/cb=gapi.loaded_1?le=scs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

169bfa95a1dcc7b049c1b246a99207ce20baddf8bc6d845f4b1b21627ae95382

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-xwoKFVVpSrrd8tIH14VJyg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport require-trusted-types-for 'script';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://coloradoinvestigations.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-xwoKFVVpSrrd8tIH14VJyg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport require-trusted-types-for 'script';report-uri /o/cspreport
content-type: text/html; charset=utf-8
date: Wed, 08 Mar 2023 21:58:37 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 cspreport
accounts.google.com/o/ Frame D3B9 0
251 B 51ms
49ms Other
text/html 2a00:1450:4001:831::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/cspreport

Requested by

Host: coloradoinvestigations.com
URL: https://coloradoinvestigations.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-JwEJUOH2beYGQjIdJjd3Ug' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport, require-trusted-types-for 'script';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fcoloradoinvestigations.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.Kkp5jCVP1mE.O%2Fd%3D1%2Frs%3DAHpOoo_7Y6tSvjE22-7l-mORgYNGctXqXw%2Fm%3D__features__
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Wed, 08 Mar 2023 21:58:37 GMT
content-security-policy: script-src 'report-sample' 'nonce-JwEJUOH2beYGQjIdJjd3Ug' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport, require-trusted-types-for 'script';report-uri /o/cspreport
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 611095756-postmessagerelay.js Show response
ssl.gstatic.com/accounts/o/ Frame D3B9 10 KB
5 KB 191ms
52ms Script
text/javascript 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.gstatic.com/accounts/o/611095756-postmessagerelay.js

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fcoloradoinvestigations.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.Kkp5jCVP1mE.O%2Fd%3D1%2Frs%3DAHpOoo_7Y6tSvjE22-7l-mORgYNGctXqXw%2Fm%3D__features__

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f173bffef77f251b9bea649b2ac1ce118c9b1daf0fc812bf22cba42a3a7bc293

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 21:13:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 175517
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4526
x-xss-protection: 0
last-modified: Thu, 02 Mar 2023 19:10:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="federated-signon-mpm-access"
vary: Accept-Encoding
report-to: {"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 05 Mar 2024 21:13:21 GMT

GET
H3 200 rpc:shindig_random.js Show response
apis.google.com/js/ Frame D3B9 17 KB
7 KB 113ms
112ms Script
text/javascript 2a00:1450:400d:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/rpc:shindig_random.js?onload=init

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98206a8bf18bed3b29230c781b1b7c4a3794ad881e3a0c0923a0fd8e5ae6914a

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 Mar 2023 21:58:37 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6902
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "41b44f2adbd065c2"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Mar 2023 21:58:37 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.Kkp5jCVP1mE.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_7Y6tSvjE22-7l-mORgYNGctXqXw/ Frame D3B9 57 KB
20 KB 53ms
53ms Script
text/javascript 2a00:1450:400d:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.Kkp5jCVP1mE.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_7Y6tSvjE22-7l-mORgYNGctXqXw/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/rpc:shindig_random.js?onload=init

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e2286d46e63be3f55a8a71ad0c532ae5cf9b0a540cdbfca319773a9f6ee7542

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 00:03:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78927
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20750
x-xss-protection: 0
last-modified: Wed, 01 Feb 2023 16:56:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Mar 2024 00:03:11 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: apis.google.com
URL: https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&origin=https%3A%2F%2Fcoloradoinvestigations.com&url=https%3A%2F%2Fcoloradoinvestigations.com%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.Kkp5jCVP1mE.O%2Fd%3D1%2Frs%3DAHpOoo_7Y6tSvjE22-7l-mORgYNGctXqXw%2Fm%3D__features__

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			coloradoinvestigations.com/	1969-12-31 23:59:59	Name: ASPSESSIONIDQERSCRSA Value: DFOLNHLDEBPPBILFFEHFGELD

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://apis.google.com/js/plusone.js(Line 64) Message: Mixed Content: The page at 'https://coloradoinvestigations.com/' was loaded over HTTPS, but requested an insecure frame 'http://developers.google.com/#_methods=onPlusOne%2C_ready%2C_close%2C_open%2C_resizeMe%2C_renderstart%2Concircled%2Cdrefresh%2Cerefresh&id=I0_1678312717633&_gfid=I0_1678312717633&parent=https%3A%2F%2Fcoloradoinvestigations.com&pfname=&rpctoken=14723314'. This request has been blocked; the content must be served over HTTPS.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
apis.google.com
coloradoinvestigations.com
ssl.gstatic.com
apis.google.com
2a00:1450:4001:831::200d
2a00:1450:400d:80a::2003
2a00:1450:400d:80a::200e
74.63.160.31
0014dc454a336b64a2ab684464e4afd5c9e79b074691e214c0eb2fe8c6bd2984
02df9b3a46576376218d4a2bb6c1900fc251889c47898bec67309bbba6dbd8ab
086e0300b4657aada8a8d344f887fa01e2a770b911056276d52c3c493353d995
169bfa95a1dcc7b049c1b246a99207ce20baddf8bc6d845f4b1b21627ae95382
1e2286d46e63be3f55a8a71ad0c532ae5cf9b0a540cdbfca319773a9f6ee7542
21bc00124c577ea9d745c5b2df19ecaae077dcb0018a293760d8337fa40a3e46
27441dd94c3246f7e489442e41e6b5addb290c5286416f7214b5303869cf13fd
2cc97bae038e7c0e3d529a676369d9a0dbada1b0dfec5a32f0d444fb09015762
31883af90a64c0055ef12754a70758076c706dc0f0f0c12ac89771c6f82dd95f
5c41179dbf1f74b08e7fc7a53b07b77e545cb077450debb17635c39ceebca411
64d74d6fc0b5703d3df2d7505575776f454f6a2f423f3345c844f291984b84e3
775fbba1e96177181dc9d688b84d6dc0bd4bfbeee9af02b762fd69e9155526fd
98206a8bf18bed3b29230c781b1b7c4a3794ad881e3a0c0923a0fd8e5ae6914a
a4b0463c475a3ddf3b2d8f64b3b234626515483ccca860bccec1569758a7056f
c01d388887a1bb3a33b5e015b5012feecec0816258f29eb91869b8927fa75e79
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f173bffef77f251b9bea649b2ac1ce118c9b1daf0fc812bf22cba42a3a7bc293

coloradoinvestigations.com Open in urlscan Pro 74.63.160.31 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

18 Requests

94 %HTTPS

75 %IPv6

3 Domains

4 Subdomains

5 IPs

3 Countries

204 kBTransfer

452 kBSize

1 Cookies

5 Outgoing links

Page URL History

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

1 Cookies

2 Console Messages

Indicators

coloradoinvestigations.com Open in urlscan Pro
74.63.160.31 Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

94 %
HTTPS

75 %
IPv6

3
Domains

4
Subdomains

5
IPs

3
Countries

204 kB
Transfer

452 kB
Size

1
Cookies

18 HTTP transactions
0 data transactions