leads-service.atlantm.by Open in urlscan Pro
178.159.46.16 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://leads-service.atlantm.by/
Effective URL:
https://leads-service.atlantm.by/auth
Submission: On July 19 via automatic, source certstream-suspicious (July 19th 2024, 2:34:18 am UTC) — Scanned from DE

Summary HTTP 16 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 16 HTTP transactions. The main IP is 178.159.46.16, located in Belarus and belongs to ACTIVECLOUD-BY-AS, BY. The main domain is leads-service.atlantm.by.
TLS certificate: Issued by R11 on July 19th 2024. Valid for: 3 months.

This is the only time leads-service.atlantm.by was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	178.159.46.16 178.159.46.16	202090 (ACTIVECLO...) (ACTIVECLOUD-BY-AS)
2	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c06::54	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
16	4

10 178.159.46.16 (Belarus)

ASN202090 (ACTIVECLOUD-BY-AS, BY)

leads-service.atlantm.by	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c06::54 (Brussels, Belgium)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	atlantm.by leads-service.atlantm.by	749 KB
3	google.com accounts.google.com — Cisco Umbrella Rank: 46	85 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	2 KB
1	gstatic.com fonts.gstatic.com	15 KB
16	4

	Domain	Requested by
10	leads-service.atlantm.by	leads-service.atlantm.by
3	accounts.google.com	leads-service.atlantm.by accounts.google.com
2	fonts.googleapis.com	leads-service.atlantm.by
1	fonts.gstatic.com	fonts.googleapis.com
16	4

This site contains no links.

Subject Issuer	Validity	Valid
leads-service.atlantm.by R11	`2024-07-19` - `2024-10-17`	3 months	crt.sh
upload.video.google.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
accounts.google.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.gstatic.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://leads-service.atlantm.by/auth
Frame ID: 26080C73C982723C173091B3B509D34D
Requests: 15 HTTP requests in this frame

Frame: https://accounts.google.com/gsi/button?theme=outline&text=signin_with&width=280&type=standard&size=large&client_id=309444956774-d7ugv7chvoci08h4ods8qum7d3crmtsv.apps.googleusercontent.com&iframe_id=gsi_454809_188742&as=Nbq5qryi4rvF1yMLRkljeQ
Frame ID: 96F3CA297A4B7C6BC88A3FC5894ABB62
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Лиды Атлант-М

Page URL History Show full URLs

https://leads-service.atlantm.by/ Page URL
https://leads-service.atlantm.by/auth Page URL

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

accounts\.google\.com/gsi/client

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

16
Requests

100 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

851 kB
Transfer

2764 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://leads-service.atlantm.by/ Page URL
https://leads-service.atlantm.by/auth Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
leads-service.atlantm.by/ 1 KB
985 B 558ms
75ms Document
text/html 178.159.46.16
ACTIVECLOUD-BY-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://leads-service.atlantm.by/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

178.159.46.16 , Belarus, ASN202090 (ACTIVECLOUD-BY-AS, BY),

Reverse DNS

Software

nginx / TAGER (OZiTAG)

Resource Hash

77be0900dfe852344c9b29888a4b4743d0b432e70454276197c7a7a1308021a1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: data: blob: 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-security-policy: default-src 'self' http: https: data: blob: 'unsafe-inline'
content-type: text/html; charset=utf-8
date: Fri, 19 Jul 2024 02:34:13 GMT
etag: W/"6696e249-49b"
last-modified: Tue, 16 Jul 2024 21:12:41 GMT
referrer-policy: no-referrer-when-downgrade
server: nginx
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: TAGER (OZiTAG)
x-xss-protection: 1; mode=block

GET
H2 200 chunk-vendors.fafc6227.js
leads-service.atlantm.by/js/ 2 MB
595 KB 83ms
79ms Script
application/javascript 178.159.46.16
ACTIVECLOUD-BY-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://leads-service.atlantm.by/js/chunk-vendors.fafc6227.js

Requested by

Host: leads-service.atlantm.by
URL: https://leads-service.atlantm.by/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

178.159.46.16 , Belarus, ASN202090 (ACTIVECLOUD-BY-AS, BY),

Reverse DNS

Software

nginx / TAGER (OZiTAG)

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: data: blob: 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://leads-service.atlantm.by/
Origin: https://leads-service.atlantm.by
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 02:34:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 16 Jul 2024 21:12:41 GMT
server: nginx
content-security-policy: default-src 'self' http: https: data: blob: 'unsafe-inline'
etag: W/"6696e249-23acd7"
x-powered-by: TAGER (OZiTAG)
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
x-xss-protection: 1; mode=block
expires: Fri, 26 Jul 2024 02:34:13 GMT

GET
H2 200 index.952727bd.js Show response
leads-service.atlantm.by/js/ 10 KB
4 KB 78ms
75ms Script
application/javascript 178.159.46.16
ACTIVECLOUD-BY-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://leads-service.atlantm.by/js/index.952727bd.js

Requested by

Host: leads-service.atlantm.by
URL: https://leads-service.atlantm.by/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

178.159.46.16 , Belarus, ASN202090 (ACTIVECLOUD-BY-AS, BY),

Reverse DNS

Software

nginx / TAGER (OZiTAG)

Resource Hash

eb26c3213bc1e735ace24554ab4c4e5186e25c0ee8ba5c3d018368f73699b80c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: data: blob: 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://leads-service.atlantm.by/
Origin: https://leads-service.atlantm.by
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 02:34:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 16 Jul 2024 21:12:41 GMT
server: nginx
content-security-policy: default-src 'self' http: https: data: blob: 'unsafe-inline'
etag: W/"6696e249-26be"
x-powered-by: TAGER (OZiTAG)
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
x-xss-protection: 1; mode=block
expires: Fri, 26 Jul 2024 02:34:13 GMT

GET
H2 200 chunk-vendors.07685813.css
leads-service.atlantm.by/css/ 107 KB
23 KB 153ms
150ms Stylesheet
text/css 178.159.46.16
ACTIVECLOUD-BY-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://leads-service.atlantm.by/css/chunk-vendors.07685813.css

Requested by

Host: leads-service.atlantm.by
URL: https://leads-service.atlantm.by/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

178.159.46.16 , Belarus, ASN202090 (ACTIVECLOUD-BY-AS, BY),

Reverse DNS

Software

nginx / TAGER (OZiTAG)

Resource Hash

220b6df760a7ee8148361ef5d975916c1fa52bddd65cc7a47bc3331564ba6151

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: data: blob: 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://leads-service.atlantm.by/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 02:34:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 16 Jul 2024 21:11:50 GMT
server: nginx
content-security-policy: default-src 'self' http: https: data: blob: 'unsafe-inline'
etag: W/"6696e216-1ac23"
x-powered-by: TAGER (OZiTAG)
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=604800
x-xss-protection: 1; mode=block
expires: Fri, 26 Jul 2024 02:34:13 GMT

GET
H2 200 index.ec4af341.css
leads-service.atlantm.by/css/ 22 B
432 B 220ms
218ms Stylesheet
text/css 178.159.46.16
ACTIVECLOUD-BY-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://leads-service.atlantm.by/css/index.ec4af341.css

Requested by

Host: leads-service.atlantm.by
URL: https://leads-service.atlantm.by/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

178.159.46.16 , Belarus, ASN202090 (ACTIVECLOUD-BY-AS, BY),

Reverse DNS

Software

nginx / TAGER (OZiTAG)

Resource Hash

637d7965e8b5410bc846dd6bad5d109512abc4182a535de0bd11f26ad0fbd5d2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: data: blob: 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://leads-service.atlantm.by/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 02:34:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 16 Jul 2024 21:11:50 GMT
server: nginx
content-security-policy: default-src 'self' http: https: data: blob: 'unsafe-inline'
etag: W/"6696e216-16"
x-powered-by: TAGER (OZiTAG)
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=604800
x-xss-protection: 1; mode=block
expires: Fri, 26 Jul 2024 02:34:13 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
959 B 195ms
66ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito

Requested by

Host: leads-service.atlantm.by
URL: https://leads-service.atlantm.by/css/chunk-vendors.07685813.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab535a911215b95d5c4be7dc2858f6f2cdbfaa716f0395759092bd4d768485cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://leads-service.atlantm.by/css/chunk-vendors.07685813.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 19 Jul 2024 02:34:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 19 Jul 2024 00:59:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 19 Jul 2024 02:34:14 GMT

GET
H2 200 Primary Request auth Show response
leads-service.atlantm.by/ 662 B
758 B 75ms
74ms Document
text/html 178.159.46.16
ACTIVECLOUD-BY-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://leads-service.atlantm.by/auth

Requested by

Host: leads-service.atlantm.by
URL: https://leads-service.atlantm.by/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

178.159.46.16 , Belarus, ASN202090 (ACTIVECLOUD-BY-AS, BY),

Reverse DNS

Software

nginx / TAGER (OZiTAG)

Resource Hash

406b6af2376f55618a0f2589144f8c35af4a80b698293fdd2d57ee693b5de7e7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: data: blob: 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://leads-service.atlantm.by/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-security-policy: default-src 'self' http: https: data: blob: 'unsafe-inline'
content-type: text/html; charset=utf-8
date: Fri, 19 Jul 2024 02:34:14 GMT
etag: W/"664468ae-296"
last-modified: Wed, 15 May 2024 07:47:58 GMT
referrer-policy: no-referrer-when-downgrade
server: nginx
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: TAGER (OZiTAG)
x-xss-protection: 1; mode=block

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
645 B 66ms
65ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat&display=swap

Requested by

Host: leads-service.atlantm.by
URL: https://leads-service.atlantm.by/auth

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1e37b616b4dfba2c95070068b1f9811becb1f042c5eb0199ed38dcfd1f0960cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://leads-service.atlantm.by/auth
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 19 Jul 2024 02:34:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 19 Jul 2024 00:51:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 19 Jul 2024 02:34:14 GMT

GET
H2 200 index-47274872.js Show response
leads-service.atlantm.by/auth/assets/ 105 KB
106 KB 79ms
78ms Script
application/javascript 178.159.46.16
ACTIVECLOUD-BY-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://leads-service.atlantm.by/auth/assets/index-47274872.js

Requested by

Host: leads-service.atlantm.by
URL: https://leads-service.atlantm.by/auth

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

178.159.46.16 , Belarus, ASN202090 (ACTIVECLOUD-BY-AS, BY),

Reverse DNS

Software

nginx / TAGER (OZiTAG)

Resource Hash

0ee75b80789835ed674aaf8c7f1e6e48426e5f55ed39ad3d03b0d6c72fdd607b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: data: blob: 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://leads-service.atlantm.by/auth
Origin: https://leads-service.atlantm.by
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 02:34:14 GMT
content-security-policy: default-src 'self' http: https: data: blob: 'unsafe-inline'
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 15 May 2024 07:47:58 GMT
server: nginx
etag: "664468ae-1a4b1"
x-powered-by: TAGER (OZiTAG)
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
accept-ranges: bytes
content-length: 107697
x-xss-protection: 1; mode=block

GET
H2 200 index-06bba74b.css
leads-service.atlantm.by/auth/assets/ 4 KB
4 KB 77ms
77ms Stylesheet
text/css 178.159.46.16
ACTIVECLOUD-BY-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://leads-service.atlantm.by/auth/assets/index-06bba74b.css

Requested by

Host: leads-service.atlantm.by
URL: https://leads-service.atlantm.by/auth

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

178.159.46.16 , Belarus, ASN202090 (ACTIVECLOUD-BY-AS, BY),

Reverse DNS

Software

nginx / TAGER (OZiTAG)

Resource Hash

06bba74b97e8186f0683baf3ab09bc38127f9549392a3e43024ae30a3652c52d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: data: blob: 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://leads-service.atlantm.by/auth
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 02:34:14 GMT
content-security-policy: default-src 'self' http: https: data: blob: 'unsafe-inline'
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 15 May 2024 07:47:58 GMT
server: nginx
etag: "664468ae-ff4"
x-powered-by: TAGER (OZiTAG)
x-frame-options: SAMEORIGIN
content-type: text/css
accept-ranges: bytes
content-length: 4084
x-xss-protection: 1; mode=block

GET
H2 200 client Show response
accounts.google.com/gsi/ 221 KB
84 KB 160ms
57ms Script
application/javascript 2a00:1450:400c:c06::54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/client

Requested by

Host: leads-service.atlantm.by
URL: https://leads-service.atlantm.by/auth/assets/index-47274872.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::54 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b6e72fc6e83ae68194085bee7a4473b2408f6476b4f538565f8a569599c263d9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hzR0amApmPIN0BuMJyDrxQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://leads-service.atlantm.by/auth
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 02:34:14 GMT
content-security-policy: script-src 'report-sample' 'nonce-hzR0amApmPIN0BuMJyDrxQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Fri, 19 Jul 2024 02:34:14 GMT

GET
H2 200 logo.svg
leads-service.atlantm.by/auth/ 13 KB
13 KB 75ms
75ms Image
image/svg+xml 178.159.46.16
ACTIVECLOUD-BY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://leads-service.atlantm.by/auth/logo.svg

Requested by

Host: leads-service.atlantm.by
URL: https://leads-service.atlantm.by/auth

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

178.159.46.16 , Belarus, ASN202090 (ACTIVECLOUD-BY-AS, BY),

Reverse DNS

Software

nginx / TAGER (OZiTAG)

Resource Hash

7c9bfec0454e04deaf95a624967c430a66af43fa53d845f621fc3124d7768580

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: data: blob: 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://leads-service.atlantm.by/auth
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 02:34:14 GMT
content-security-policy: default-src 'self' http: https: data: blob: 'unsafe-inline'
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 15 May 2024 07:47:58 GMT
server: nginx
etag: "664468ae-3234"
x-powered-by: TAGER (OZiTAG)
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes
content-length: 12852
x-xss-protection: 1; mode=block

GET
H2 200 JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
fonts.gstatic.com/s/montserrat/v26/ 15 KB
15 KB 184ms
57ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b5816bbfc52587979139951355fe4048da02ce60e40cef8e4a1efb6cd396281

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://leads-service.atlantm.by
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 16 Jul 2024 11:44:31 GMT
x-content-type-options: nosniff
age: 226183
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14940
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:46:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Jul 2025 11:44:31 GMT

GET
H2 200 style
accounts.google.com/gsi/ 533 B
585 B 53ms
51ms Stylesheet
text/css 2a00:1450:400c:c06::54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/style

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/gsi/client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::54 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-iPHVFQk0I51a-_J3Drox7Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://leads-service.atlantm.by/auth
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 02:34:14 GMT
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-iPHVFQk0I51a-_J3Drox7Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: text/css; charset=utf-8
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Fri, 19 Jul 2024 02:34:14 GMT

GET
H2 200 button
accounts.google.com/gsi/ Frame 96F3 0
0 181ms
95ms Document
text/html 2a00:1450:400c:c06::54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/button?theme=outline&text=signin_with&width=280&type=standard&size=large&client_id=309444956774-d7ugv7chvoci08h4ods8qum7d3crmtsv.apps.googleusercontent.com&iframe_id=gsi_454809_188742&as=Nbq5qryi4rvF1yMLRkljeQ

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/gsi/client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::54 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http script-src 'report-sample' 'nonce-iHXWsPrQoFZyVVwFbjZHIQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://leads-service.atlantm.by/auth
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http script-src 'report-sample' 'nonce-iHXWsPrQoFZyVVwFbjZHIQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
cross-origin-resource-policy: same-site
date: Fri, 19 Jul 2024 02:34:14 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 favicon.png
leads-service.atlantm.by/auth/ 1009 B
1 KB 76ms
76ms Other
image/png 178.159.46.16
ACTIVECLOUD-BY-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://leads-service.atlantm.by/auth/favicon.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

178.159.46.16 , Belarus, ASN202090 (ACTIVECLOUD-BY-AS, BY),

Reverse DNS

Software

nginx / TAGER (OZiTAG)

Resource Hash

90c7b0a477658571cce9170c2b9fd0f7d79185101c0a7613eeee31c2f71b57bb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: data: blob: 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://leads-service.atlantm.by/auth
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Jul 2024 02:34:15 GMT
content-security-policy: default-src 'self' http: https: data: blob: 'unsafe-inline'
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 15 May 2024 07:47:58 GMT
server: nginx
etag: "664468ae-3f1"
x-powered-by: TAGER (OZiTAG)
x-frame-options: SAMEORIGIN
content-type: image/png
accept-ranges: bytes
content-length: 1009
x-xss-protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' http: https: data: blob: 'unsafe-inline'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
fonts.googleapis.com
fonts.gstatic.com
leads-service.atlantm.by
178.159.46.16
2a00:1450:4001:80f::200a
2a00:1450:4001:82f::2003
2a00:1450:400c:c06::54
06bba74b97e8186f0683baf3ab09bc38127f9549392a3e43024ae30a3652c52d
0ee75b80789835ed674aaf8c7f1e6e48426e5f55ed39ad3d03b0d6c72fdd607b
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
1e37b616b4dfba2c95070068b1f9811becb1f042c5eb0199ed38dcfd1f0960cb
220b6df760a7ee8148361ef5d975916c1fa52bddd65cc7a47bc3331564ba6151
406b6af2376f55618a0f2589144f8c35af4a80b698293fdd2d57ee693b5de7e7
4b5816bbfc52587979139951355fe4048da02ce60e40cef8e4a1efb6cd396281
637d7965e8b5410bc846dd6bad5d109512abc4182a535de0bd11f26ad0fbd5d2
77be0900dfe852344c9b29888a4b4743d0b432e70454276197c7a7a1308021a1
7c9bfec0454e04deaf95a624967c430a66af43fa53d845f621fc3124d7768580
90c7b0a477658571cce9170c2b9fd0f7d79185101c0a7613eeee31c2f71b57bb
ab535a911215b95d5c4be7dc2858f6f2cdbfaa716f0395759092bd4d768485cb
b6e72fc6e83ae68194085bee7a4473b2408f6476b4f538565f8a569599c263d9
eb26c3213bc1e735ace24554ab4c4e5186e25c0ee8ba5c3d018368f73699b80c

leads-service.atlantm.by Open in urlscan Pro 178.159.46.16 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

16 Requests

100 %HTTPS

75 %IPv6

4 Domains

4 Subdomains

4 IPs

3 Countries

851 kBTransfer

2764 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

leads-service.atlantm.by Open in urlscan Pro
178.159.46.16 Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

100 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

851 kB
Transfer

2764 kB
Size

0
Cookies

16 HTTP transactions
0 data transactions