stocks0495.4sql.net Open in urlscan Pro
185.27.134.172 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://22cb6f21b5.allnoises.com/
Effective URL:
http://stocks0495.4sql.net/?i=1
Submission: On November 27 via manual (November 27th 2024, 7:36:48 am UTC) from US — Scanned from GB

Summary HTTP 18 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 4 countries across 5 domains to perform 18 HTTP transactions. The main IP is 185.27.134.172, located in United Kingdom and belongs to WILDCARD-AS Wildcard UK Limited, GB. The main domain is stocks0495.4sql.net.

This is the only time stocks0495.4sql.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	185.27.134.221 185.27.134.221	34119 (WILDCARD-...) (WILDCARD-AS Wildcard UK Limited)
6	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
1	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
4	185.27.134.172 185.27.134.172	34119 (WILDCARD-...) (WILDCARD-AS Wildcard UK Limited)
1	2800:6c0:2::c... 2800:6c0:2::c:272	27823 (Dattatec.com) (Dattatec.com)
18	6

4 185.27.134.221 (United Kingdom)

ASN34119 (WILDCARD-AS Wildcard UK Limited, GB)

22cb6f21b5.allnoises.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f194.1e100.net

ep1.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ep2.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.27.134.172 (United Kingdom)

ASN34119 (WILDCARD-AS Wildcard UK Limited, GB)

stocks0495.4sql.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2800:6c0:2::c:272 (Buenos Aires, Argentina)

ASN27823 (Dattatec.com, AR)

bofatecnico.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110	206 KB
4	4sql.net stocks0495.4sql.net	29 KB
4	allnoises.com 22cb6f21b5.allnoises.com	28 KB
3	adtrafficquality.google ep1.adtrafficquality.google — Cisco Umbrella Rank: 389 ep2.adtrafficquality.google — Cisco Umbrella Rank: 403	19 KB
1	bofatecnico.com bofatecnico.com
18	5

	Domain	Requested by
6	pagead2.googlesyndication.com	22cb6f21b5.allnoises.com pagead2.googlesyndication.com
4	stocks0495.4sql.net	22cb6f21b5.allnoises.com stocks0495.4sql.net
4	22cb6f21b5.allnoises.com	22cb6f21b5.allnoises.com
2	ep2.adtrafficquality.google	pagead2.googlesyndication.com ep2.adtrafficquality.google
1	bofatecnico.com	stocks0495.4sql.net
1	ep1.adtrafficquality.google	pagead2.googlesyndication.com
18	6

This site contains no links.

Subject Issuer	Validity	Valid
*.g.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
adtrafficquality.google WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh

This page contains 6 frames:

Primary Page: http://stocks0495.4sql.net/?i=1
Frame ID: 04421D7BAFCAE372F10C9F687D1B90D3
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/html/r20241120/r20190131/zrt_lookup_fy2021.html
Frame ID: F47D27E502E5F79F7DF44021CC289339
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-5629369099858293&output=html&h=90&slotname=2347483291&adk=1497421304&adf=683863926&pi=t.ma~as.2347483291&w=728&lmt=1732356908&url=http%3A%2F%2F22cb6f21b5.allnoises.com%2F%3Fi%3D1&wgl=1&dt=1732693004405&bpp=107&bdt=135&idt=259&shv=r20241120&mjsv=m202411140101&ptt=5&saldr=sd&abxe=1&eoidce=1&correlator=7405626026968&frm=20&pv=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=8&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31088728%2C31088961%2C95345967&oid=2&pvsid=2114952946866931&tmod=2077500944&uas=0&nvt=1&ref=http%3A%2F%2F22cb6f21b5.allnoises.com%2F&fc=896&brdim=30%2C30%2C30%2C30%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&nt=1&ifi=1&uci=a!1&fsb=1&dtd=277
Frame ID: 8157D8EC021C5590A723C2074212C6DC
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-5629369099858293&output=html&adk=1812271804&adf=3025194257&abgtt=1&lmt=1732356908&plat=3%3A16%2C4%3A16%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=http%3A%2F%2F22cb6f21b5.allnoises.com%2F%3Fi%3D1&pra=7&wgl=1&aihb=0&aiof=4&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~3~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33~38&aifxl=29_18~30_19&aiixl=29_5~30_6&aiict=1&itsi=-1&aiapm=0.3221&aiapmi=0.33938&aiombap=1&aief=1&dt=1732693004512&bpp=2&bdt=242&idt=180&shv=r20241120&mjsv=m202411140101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_slotnames=2347483291&nras=1&correlator=7405626026968&frm=20&pv=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31088728%2C31088961%2C95345967&oid=2&pvsid=2114952946866931&tmod=2077500944&uas=0&nvt=1&fsapi=1&ref=http%3A%2F%2F22cb6f21b5.allnoises.com%2F&fc=896&brdim=30%2C30%2C30%2C30%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&bz=1&nt=1&ifi=2&uci=a!2&fsb=1&dtd=188
Frame ID: 4FE48156C8C613476F05CC6958CB4065
Requests: 1 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Frame ID: DCCA79A356A1723364CADC05783DE43A
Requests: 1 HTTP requests in this frame

Frame: http://bofatecnico.com/testamento/
Frame ID: E39189E19BD784C20B531CD9FAC50372
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Entrar

Page URL History Show full URLs

http://22cb6f21b5.allnoises.com/ HTTP 307
https://22cb6f21b5.allnoises.com/ HTTP 307
http://22cb6f21b5.allnoises.com/ Page URL
http://22cb6f21b5.allnoises.com/?i=1 Page URL
http://stocks0495.4sql.net/ HTTP 307
https://stocks0495.4sql.net/ HTTP 307
http://stocks0495.4sql.net/ Page URL
http://stocks0495.4sql.net/?i=1 Page URL

Detected technologies

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Page Statistics

18
Requests

44 %
HTTPS

33 %
IPv6

5
Domains

6
Subdomains

6
IPs

4
Countries

282 kB
Transfer

703 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://22cb6f21b5.allnoises.com/ HTTP 307
https://22cb6f21b5.allnoises.com/ HTTP 307
http://22cb6f21b5.allnoises.com/ Page URL
http://22cb6f21b5.allnoises.com/?i=1 Page URL
http://stocks0495.4sql.net/ HTTP 307
https://stocks0495.4sql.net/ HTTP 307
http://stocks0495.4sql.net/ Page URL
http://stocks0495.4sql.net/?i=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://22cb6f21b5.allnoises.com/ HTTP 307
https://22cb6f21b5.allnoises.com/ HTTP 307
http://22cb6f21b5.allnoises.com/

Request Chain 3

http://pagead2.googlesyndication.com/pagead/show_ads.js HTTP 307
https://pagead2.googlesyndication.com/pagead/show_ads.js

Request Chain 13

http://stocks0495.4sql.net/ HTTP 307
https://stocks0495.4sql.net/ HTTP 307
http://stocks0495.4sql.net/

18 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/ Show response
22cb6f21b5.allnoises.com/
Redirect Chain

http://22cb6f21b5.allnoises.com/
https://22cb6f21b5.allnoises.com/
http://22cb6f21b5.allnoises.com/

835 B
1 KB

31ms
31ms

Document
text/html

185.27.134.221
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: http://22cb6f21b5.allnoises.com/
Protocol: HTTP/1.1
Server: 185.27.134.221 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: b3b2854fd5adbfdda72e103742791a2733c218f44509b8f9526f8c4052ec62a3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Cache-Control: no-cache
Connection: keep-alive
Content-Length: 835
Content-Type: text/html
Date: Wed, 27 Nov 2024 07:36:44 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Server: nginx

Redirect headers

Location: http://22cb6f21b5.allnoises.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H/1.1 200
OK aes.js Show response
22cb6f21b5.allnoises.com/ 13 KB
14 KB 31ms
31ms Script
application/javascript 185.27.134.221
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: http://22cb6f21b5.allnoises.com/aes.js
Requested by: Host: 22cb6f21b5.allnoises.com
URL: http://22cb6f21b5.allnoises.com/
Protocol: HTTP/1.1
Server: 185.27.134.221 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: 5069425b121346b36f730910d05402d50920fc2178b01e0c878b71af4ef1eb96

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://22cb6f21b5.allnoises.com/

Response headers

ETag: "652c192f-35a5"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13733
Date: Wed, 27 Nov 2024 07:36:44 GMT
Content-Type: application/javascript
Last-Modified: Sun, 15 Oct 2023 16:54:07 GMT
Server: nginx

GET
H/1.1 200
OK / Show response
22cb6f21b5.allnoises.com/ 810 B
1 KB 35ms
34ms Document
text/html 185.27.134.221
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: http://22cb6f21b5.allnoises.com/?i=1
Requested by: Host: 22cb6f21b5.allnoises.com
URL: http://22cb6f21b5.allnoises.com/
Protocol: HTTP/1.1
Server: 185.27.134.221 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: da87044e290d1cc006e78a565adaaa94621058c8c55e0eee425fbb2d7f28ad78

Request headers

Referer: http://22cb6f21b5.allnoises.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=2592000, public, proxy-revalidate
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Wed, 27 Nov 2024 07:36:44 GMT
ETag: "162-62791c62e08e6"
Expires: Fri, 27 Dec 2024 07:36:44 GMT
Last-Modified: Sat, 23 Nov 2024 10:15:08 GMT
Server: nginx
Transfer-Encoding: chunked

GET
H3

200

show_ads.js Show response
pagead2.googlesyndication.com/pagead/
Redirect Chain

http://pagead2.googlesyndication.com/pagead/show_ads.js
https://pagead2.googlesyndication.com/pagead/show_ads.js

25 KB
10 KB

114ms
45ms

Script
text/javascript

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: 22cb6f21b5.allnoises.com
URL: http://22cb6f21b5.allnoises.com/?i=1

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

684944690bf72fb8b0c2cb19880322a166bd81599bced2eee94c2dcec26a20e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://22cb6f21b5.allnoises.com/

Response headers

content-encoding: br
etag: 9931620136552019695
x-content-type-options: nosniff
expires: Wed, 27 Nov 2024 07:36:44 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Wed, 27 Nov 2024 07:36:44 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 10123
x-xss-protection: 0
server: cafe

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://pagead2.googlesyndication.com/pagead/show_ads.js
Non-Authoritative-Reason: DNS

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 156 KB
52 KB 55ms
55ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

577dddf1f1cd1ed7f56cfc2ee28630e8c9b04b35593e3ab937131a5db886ac55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://22cb6f21b5.allnoises.com/

Response headers

content-encoding: br
etag: 5292973950349023257
x-content-type-options: nosniff
expires: Wed, 27 Nov 2024 07:36:44 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Wed, 27 Nov 2024 07:36:44 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 53315
x-xss-protection: 0
server: cafe

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/ 434 KB
144 KB 66ms
66ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5629369099858293&plah=22cb6f21b5.allnoises.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

488b2d36743b90a06b820a5a5c654cb9b60ad6db4922944631ecd8e13cd294db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://22cb6f21b5.allnoises.com/

Response headers

content-encoding: br
etag: 8668037925044884036
x-content-type-options: nosniff
expires: Wed, 27 Nov 2024 07:36:44 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Wed, 27 Nov 2024 07:36:44 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 147671
x-xss-protection: 0
server: cafe

GET
H3 200 zrt_lookup_fy2021.html
pagead2.googlesyndication.com/pagead/html/r20241120/r20190131/ Frame F47D 0
0 104ms
35ms Document
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/html/r20241120/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5629369099858293&plah=22cb6f21b5.allnoises.com

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://22cb6f21b5.allnoises.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age: 45436
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4128
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 26 Nov 2024 18:59:28 GMT
etag: 17661348622971093804
expires: Tue, 10 Dec 2024 18:59:28 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 400 ads
pagead2.googlesyndication.com/pagead/ Frame 8157 0
0 142ms
83ms Document
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-5629369099858293&output=html&h=90&slotname=2347483291&adk=1497421304&adf=683863926&pi=t.ma~as.2347483291&w=728&lmt=1732356908&url=http%3A%2F%2F22cb6f21b5.allnoises.com%2F%3Fi%3D1&wgl=1&dt=1732693004405&bpp=107&bdt=135&idt=259&shv=r20241120&mjsv=m202411140101&ptt=5&saldr=sd&abxe=1&eoidce=1&correlator=7405626026968&frm=20&pv=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=8&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31088728%2C31088961%2C95345967&oid=2&pvsid=2114952946866931&tmod=2077500944&uas=0&nvt=1&ref=http%3A%2F%2F22cb6f21b5.allnoises.com%2F&fc=896&brdim=30%2C30%2C30%2C30%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&nt=1&ifi=1&uci=a!1&fsb=1&dtd=277

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://22cb6f21b5.allnoises.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 27 Nov 2024 07:36:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
pagead2.googlesyndication.com/pagead/ Frame 4FE4 0
0 86ms
46ms Document
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-5629369099858293&output=html&adk=1812271804&adf=3025194257&abgtt=1&lmt=1732356908&plat=3%3A16%2C4%3A16%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=http%3A%2F%2F22cb6f21b5.allnoises.com%2F%3Fi%3D1&pra=7&wgl=1&aihb=0&aiof=4&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~3~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33~38&aifxl=29_18~30_19&aiixl=29_5~30_6&aiict=1&itsi=-1&aiapm=0.3221&aiapmi=0.33938&aiombap=1&aief=1&dt=1732693004512&bpp=2&bdt=242&idt=180&shv=r20241120&mjsv=m202411140101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_slotnames=2347483291&nras=1&correlator=7405626026968&frm=20&pv=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31088728%2C31088961%2C95345967&oid=2&pvsid=2114952946866931&tmod=2077500944&uas=0&nvt=1&fsapi=1&ref=http%3A%2F%2F22cb6f21b5.allnoises.com%2F&fc=896&brdim=30%2C30%2C30%2C30%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&bz=1&nt=1&ifi=2&uci=a!2&fsb=1&dtd=188

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://22cb6f21b5.allnoises.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 27 Nov 2024 07:36:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
ep1.adtrafficquality.google/getconfig/ 17 KB
13 KB 102ms
52ms XHR
application/json 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gda&tv=r20241120&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

cafe /

Resource Hash

f2f972cdc430ea01917dd566be5fefac377220754f7c2a446bb69adbb0a32395

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://22cb6f21b5.allnoises.com/

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 13038
date: Wed, 27 Nov 2024 07:36:44 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H/1.1 404
Not Found favicon.ico
22cb6f21b5.allnoises.com/ 12 KB
12 KB 33ms
32ms Other
text/html 185.27.134.221
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: http://22cb6f21b5.allnoises.com/favicon.ico
Protocol: HTTP/1.1
Server: 185.27.134.221 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: 051fe0603378b7efb7fe29a6950c1b4b4749a5d2a079d2d092aa2b7be4a69687

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://22cb6f21b5.allnoises.com/?i=1

Response headers

Cache-Control: max-age=5, public, proxy-revalidate
ETag: "2e85-606d97182b7f0"
Connection: keep-alive
Content-Length: 11909
Date: Wed, 27 Nov 2024 07:36:44 GMT
Content-Type: text/html; charset=UTF-8
Last-Modified: Wed, 04 Oct 2023 00:54:02 GMT
Server: nginx

GET
H2 200 sodar2.js Show response
ep2.adtrafficquality.google/sodar/ 18 KB
7 KB 133ms
44ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://22cb6f21b5.allnoises.com/

Response headers

content-encoding: gzip
etag: "1727224258380615"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options: nosniff
expires: Wed, 27 Nov 2024 07:36:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 27 Nov 2024 07:36:45 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: private, max-age=3000
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 6445
x-xss-protection: 0
server: sffe

GET
H2 200 runner.html
ep2.adtrafficquality.google/sodar/sodar2/232/ Frame DCCA 0
0 103ms
33ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://22cb6f21b5.allnoises.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 2754
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000
content-encoding: gzip
content-length: 5005
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 27 Nov 2024 06:50:51 GMT
expires: Wed, 27 Nov 2024 07:40:51 GMT
last-modified: Mon, 23 Sep 2024 18:12:21 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

/ Show response
stocks0495.4sql.net/
Redirect Chain

http://stocks0495.4sql.net/
https://stocks0495.4sql.net/
http://stocks0495.4sql.net/

830 B
1 KB

32ms
32ms

Document
text/html

185.27.134.172
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: http://stocks0495.4sql.net/
Requested by: Host: 22cb6f21b5.allnoises.com
URL: http://22cb6f21b5.allnoises.com/?i=1
Protocol: HTTP/1.1
Server: 185.27.134.172 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: 2e56ba156fd29a30538b821fcec5b78c0f10a997b67ead57e751dcc3d0d3986f

Request headers

Referer: http://22cb6f21b5.allnoises.com/?i=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Cache-Control: no-cache
Connection: keep-alive
Content-Length: 830
Content-Type: text/html
Date: Wed, 27 Nov 2024 07:36:45 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Server: nginx

Redirect headers

Location: http://stocks0495.4sql.net/
Non-Authoritative-Reason: HttpsUpgrades

GET
H/1.1 200
OK aes.js Show response
stocks0495.4sql.net/ 13 KB
14 KB 31ms
31ms Script
application/javascript 185.27.134.172
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: http://stocks0495.4sql.net/aes.js
Requested by: Host: stocks0495.4sql.net
URL: http://stocks0495.4sql.net/
Protocol: HTTP/1.1
Server: 185.27.134.172 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: 5069425b121346b36f730910d05402d50920fc2178b01e0c878b71af4ef1eb96

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://stocks0495.4sql.net/

Response headers

ETag: "652c28ff-35a5"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13733
Date: Wed, 27 Nov 2024 07:36:45 GMT
Content-Type: application/javascript
Last-Modified: Sun, 15 Oct 2023 18:01:35 GMT
Server: nginx

GET
H/1.1 200
OK Primary Request / Show response
stocks0495.4sql.net/ 7 KB
7 KB 42ms
42ms Document
text/html 185.27.134.172
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: http://stocks0495.4sql.net/?i=1
Requested by: Host: stocks0495.4sql.net
URL: http://stocks0495.4sql.net/
Protocol: HTTP/1.1
Server: 185.27.134.172 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: 426fc9f83a7b643a09ec48141478695eea45415a4a6459af8f0f69c89e077280

Request headers

Referer: http://stocks0495.4sql.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=2592000, public, proxy-revalidate
Connection: keep-alive
Content-Length: 7244
Content-Type: text/html; charset=UTF-8
Date: Wed, 27 Nov 2024 07:36:45 GMT
ETag: "1c4c-62787545d8393"
Expires: Fri, 27 Dec 2024 07:36:45 GMT
Last-Modified: Fri, 22 Nov 2024 21:47:29 GMT
Server: nginx

GET
H/1.1 404
Not Found 400
stocks0495.4sql.net/api/placeholder/800/ 7 KB
7 KB 38ms
38ms Image
text/html 185.27.134.172
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://stocks0495.4sql.net/api/placeholder/800/400
Requested by: Host: stocks0495.4sql.net
URL: http://stocks0495.4sql.net/?i=1
Protocol: HTTP/1.1
Server: 185.27.134.172 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: e05d6264434c3be30e1749d8c3f93865a957fbddfd81cfe811535fd4ec0edb77

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: http://stocks0495.4sql.net/?i=1

Response headers

Cache-Control: max-age=5, public, proxy-revalidate
ETag: "2e85-606d8b5b426a8"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11909
Date: Wed, 27 Nov 2024 07:36:45 GMT
Content-Type: text/html; charset=UTF-8
Last-Modified: Wed, 04 Oct 2023 00:01:31 GMT
Server: nginx

GET
H/1.1 200
OK /
bofatecnico.com/testamento/ Frame E391 0
0 1507ms
246ms Document
text/html 2800:6c0:2::c:272
Dattatec.com

General

Check archive.org

Show headers Download Go to

Full URL: http://bofatecnico.com/testamento/
Requested by: Host: stocks0495.4sql.net
URL: http://stocks0495.4sql.net/?i=1
Protocol: HTTP/1.1
Server: 2800:6c0:2::c:272 Buenos Aires, Argentina, ASN27823 (Dattatec.com, AR),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Referer: http://stocks0495.4sql.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Accept-Ranges: bytes
Connection: Upgrade, Keep-Alive
Content-Encoding: gzip
Content-Length: 462
Content-Type: text/html
Date: Wed, 27 Nov 2024 07:36:47 GMT
ETag: "7c9-627779f40b1ce-gzip"
Keep-Alive: timeout=10, max=200
Last-Modified: Fri, 22 Nov 2024 03:03:06 GMT
Server: Apache
Upgrade: h2,h2c
Vary: Accept-Encoding

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			22cb6f21b5.allnoises.com/	1970-01-21 10:54:13	Name: __test Value: 5750dd41c82158daa9e6d57e88942031
			stocks0495.4sql.net/	1970-01-21 10:54:13	Name: __test Value: 5750dd41c82158daa9e6d57e88942031

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://22cb6f21b5.allnoises.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://stocks0495.4sql.net/api/placeholder/800/400 Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

22cb6f21b5.allnoises.com
bofatecnico.com
ep1.adtrafficquality.google
ep2.adtrafficquality.google
pagead2.googlesyndication.com
stocks0495.4sql.net
172.217.16.194
172.217.18.2
185.27.134.172
185.27.134.221
2800:6c0:2::c:272
2a00:1450:4001:80b::2001
051fe0603378b7efb7fe29a6950c1b4b4749a5d2a079d2d092aa2b7be4a69687
2e56ba156fd29a30538b821fcec5b78c0f10a997b67ead57e751dcc3d0d3986f
426fc9f83a7b643a09ec48141478695eea45415a4a6459af8f0f69c89e077280
488b2d36743b90a06b820a5a5c654cb9b60ad6db4922944631ecd8e13cd294db
5069425b121346b36f730910d05402d50920fc2178b01e0c878b71af4ef1eb96
577dddf1f1cd1ed7f56cfc2ee28630e8c9b04b35593e3ab937131a5db886ac55
684944690bf72fb8b0c2cb19880322a166bd81599bced2eee94c2dcec26a20e0
b3b2854fd5adbfdda72e103742791a2733c218f44509b8f9526f8c4052ec62a3
da87044e290d1cc006e78a565adaaa94621058c8c55e0eee425fbb2d7f28ad78
e05d6264434c3be30e1749d8c3f93865a957fbddfd81cfe811535fd4ec0edb77
f2f972cdc430ea01917dd566be5fefac377220754f7c2a446bb69adbb0a32395
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

stocks0495.4sql.net Open in urlscan Pro 185.27.134.172 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

18 Requests

44 %HTTPS

33 %IPv6

5 Domains

6 Subdomains

6 IPs

4 Countries

282 kBTransfer

703 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

2 Cookies

2 Console Messages

Indicators

stocks0495.4sql.net Open in urlscan Pro
185.27.134.172 Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

44 %
HTTPS

33 %
IPv6

5
Domains

6
Subdomains

6
IPs

4
Countries

282 kB
Transfer

703 kB
Size

2
Cookies

18 HTTP transactions
0 data transactions