brunbcolcolombaiaferrer8.atsnx.com Open in urlscan Pro
185.27.134.124 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://7v2v.short.gy/3KnAyS
Effective URL:
http://brunbcolcolombaiaferrer8.atsnx.com/?i=1
Submission: On February 24 via manual (February 24th 2023, 8:08:59 pm UTC) from UY — Scanned from DE

Summary HTTP 34 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 11 IPs in 3 countries across 9 domains to perform 34 HTTP transactions. The main IP is 185.27.134.124, located in United Kingdom and belongs to WILDCARD-AS Wildcard UK Limited, GB. The main domain is brunbcolcolombaiaferrer8.atsnx.com.

This is the only time brunbcolcolombaiaferrer8.atsnx.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Banco de la República Oriental del Uruguay (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1 1	52.59.165.42 52.59.165.42	16509 (AMAZON-02) (AMAZON-02)
14	185.27.134.124 185.27.134.124	34119 (WILDCARD-...) (WILDCARD-AS Wildcard UK Limited)
2	2a00:1450:400... 2a00:1450:400d:802::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80e::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:80c::2004	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:400d:804::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400d:806::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:808::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80a::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400d:80a::2001	15169 (GOOGLE) (GOOGLE)
34	11

1 52.59.165.42 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: eu-ip-1.short.io

7v2v.short.gy	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 185.27.134.124 (United Kingdom)

ASN34119 (WILDCARD-AS Wildcard UK Limited, GB)

brunbcolcolombaiaferrer8.atsnx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:802::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80e::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80c::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400d:804::2002 (Ireland)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:806::2002 (Ireland)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80e::2002 (Ireland)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:808::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80a::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:80a::2001 (Ireland)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	atsnx.com brunbcolcolombaiaferrer8.atsnx.com	964 KB
9	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 140	206 KB
3	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 35	9 KB
3	google.com www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 73	2 KB
2	gstatic.com www.gstatic.com	163 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 8947	531 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 855	601 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 36	988 B
1	short.gy 1 redirects 7v2v.short.gy	344 B
34	9

	Domain	Requested by
14	brunbcolcolombaiaferrer8.atsnx.com	brunbcolcolombaiaferrer8.atsnx.com
6	pagead2.googlesyndication.com	brunbcolcolombaiaferrer8.atsnx.com pagead2.googlesyndication.com tpc.googlesyndication.com
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	www.google.com	brunbcolcolombaiaferrer8.atsnx.com tpc.googlesyndication.com
2	www.gstatic.com	brunbcolcolombaiaferrer8.atsnx.com www.google.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	fonts.googleapis.com	brunbcolcolombaiaferrer8.atsnx.com
1	7v2v.short.gy	1 redirects
34	11

This site contains links to these domains. Also see Links.

Domain
www.portal.brou.com.uy

Subject Issuer	Validity	Valid
*.gstatic.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh

This page contains 6 frames:

Primary Page: http://brunbcolcolombaiaferrer8.atsnx.com/?i=1
Frame ID: 1D5B11058FAECE39BE1871949584E9E8
Requests: 28 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20190131/zrt_lookup.html
Frame ID: 012AF49235981635234A7DD1423D0E04
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6325096445581587&output=html&adk=1812271804&adf=3025194257&lmt=1677269335&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=http%3A%2F%2Fbrunbcolcolombaiaferrer8.atsnx.com%2F%3Fi%3D1&ea=0&pra=5&wgl=1&dt=1677269334838&bpp=4&bdt=630&idt=345&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7510173101062&frm=20&pv=2&ga_vid=1913086300.1677269335&ga_sid=1677269335&ga_hid=1807178484&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C44774606&oid=2&pvsid=3639116061105144&tmod=1820941285&uas=0&nvt=1&fsapi=1&ref=http%3A%2F%2Fbrunbcolcolombaiaferrer8.atsnx.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=366
Frame ID: 509D61A27BCEDA93209086B1867970FE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6325096445581587&output=html&h=280&slotname=9540245809&adk=298986885&adf=1795251393&pi=t.ma~as.9540245809&w=1200&fwrn=4&fwrnh=100&lmt=1677269335&rafmt=1&format=1200x280&url=http%3A%2F%2Fbrunbcolcolombaiaferrer8.atsnx.com%2F%3Fi%3D1&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1677269334842&bpp=1&bdt=634&idt=367&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7510173101062&frm=20&pv=1&ga_vid=1913086300.1677269335&ga_sid=1677269335&ga_hid=1807178484&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1060&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C44774606&oid=2&pvsid=3639116061105144&tmod=1820941285&uas=0&nvt=1&ref=http%3A%2F%2Fbrunbcolcolombaiaferrer8.atsnx.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=yFsZAsdVsR&p=http%3A//brunbcolcolombaiaferrer8.atsnx.com&dtd=372
Frame ID: BCD707D1CD8F59927737B328061213AD
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FE4F0359428ACE28F7A89148788FC6B0
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5462144384BC0C8234AE30FF4CD956E2
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

eBROU - BROU

Page URL History Show full URLs

https://7v2v.short.gy/3KnAyS HTTP 302
http://brunbcolcolombaiaferrer8.atsnx.com/ Page URL
http://brunbcolcolombaiaferrer8.atsnx.com/?i=1 Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Ionicons (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+ionicons(?:\.min)?\.css

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

34
Requests

59 %
HTTPS

82 %
IPv6

9
Domains

11
Subdomains

11
IPs

3
Countries

1346 kB
Transfer

4182 kB
Size

4
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.portal.brou.com.uy/
Title: Portal BROU

Search URL Search Domain Scan URL

URL: https://www.portal.brou.com.uy/web/guest/institucional/seguridad/tu-banco-seguro
Title: Seguridad

Search URL Search Domain Scan URL

URL: https://www.portal.brou.com.uy/web/guest/contactenos
Title: Gestión de Reclamos

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://7v2v.short.gy/3KnAyS HTTP 302
http://brunbcolcolombaiaferrer8.atsnx.com/ Page URL
http://brunbcolcolombaiaferrer8.atsnx.com/?i=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://7v2v.short.gy/3KnAyS HTTP 302
http://brunbcolcolombaiaferrer8.atsnx.com/

34 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/ Show response
brunbcolcolombaiaferrer8.atsnx.com/
Redirect Chain

https://7v2v.short.gy/3KnAyS
http://brunbcolcolombaiaferrer8.atsnx.com/

845 B
837 B

468ms
50ms

Document
text/html

185.27.134.124
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: http://brunbcolcolombaiaferrer8.atsnx.com/
Protocol: HTTP/1.1
Server: 185.27.134.124 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: 640acdcf3be900b5c943caadf515ab145763aaa2d51c4e1591b2baf05d0a56c9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Fri, 24 Feb 2023 20:08:52 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

Redirect headers

Date: Fri, 24 Feb 2023 20:08:52 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
connection: close
content-length: 0
content-type: text/html; charset=utf-8
location: http://brunbcolcolombaiaferrer8.atsnx.com/
pragma: no-cache
x-content-type-options: nosniff
x-powered-by: Short.io link shortener

GET
H/1.1 200
OK aes.js Show response
brunbcolcolombaiaferrer8.atsnx.com/ 30 KB
31 KB 50ms
50ms Script
application/javascript 185.27.134.124
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: http://brunbcolcolombaiaferrer8.atsnx.com/aes.js
Requested by: Host: brunbcolcolombaiaferrer8.atsnx.com
URL: http://brunbcolcolombaiaferrer8.atsnx.com/
Protocol: HTTP/1.1
Server: 185.27.134.124 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: d2701c86a2a31a641520e72121749dbbabeed4b1a59aece20bbf14f9c9de82bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://brunbcolcolombaiaferrer8.atsnx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 24 Feb 2023 20:08:52 GMT
Last-Modified: Sat, 08 Aug 2015 08:10:59 GMT
Server: nginx
ETag: "55c5b993-79e6"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 31206

GET
H/1.1 200
OK Primary Request / Show response
brunbcolcolombaiaferrer8.atsnx.com/ 212 KB
144 KB 739ms
739ms Document
text/html 185.27.134.124
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: http://brunbcolcolombaiaferrer8.atsnx.com/?i=1
Requested by: Host: brunbcolcolombaiaferrer8.atsnx.com
URL: http://brunbcolcolombaiaferrer8.atsnx.com/
Protocol: HTTP/1.1
Server: 185.27.134.124 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: 902ecde9df5f612c94b28e854e8b05809ced25aaa2632ac46914208b42d7cb17

Request headers

Referer: http://brunbcolcolombaiaferrer8.atsnx.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Fri, 24 Feb 2023 20:08:53 GMT
Expires: Fri, 24 Feb 2023 20:08:52 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H2 404 recaptcha__es.js
www.gstatic.com/recaptcha/releases/5JGZgxkKwe0uOXDdUvSaNtk_/ 0
0 344ms
222ms Script
text/html 2a00:1450:400d:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5JGZgxkKwe0uOXDdUvSaNtk_/recaptcha__es.js

Requested by

Host: brunbcolcolombaiaferrer8.atsnx.com
URL: http://brunbcolcolombaiaferrer8.atsnx.com/?i=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://brunbcolcolombaiaferrer8.atsnx.com/
Origin: http://brunbcolcolombaiaferrer8.atsnx.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 20:08:54 GMT
x-content-type-options: nosniff
server: sffe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1621
x-xss-protection: 0

GET
H/1.1 200
OK fonts.css
brunbcolcolombaiaferrer8.atsnx.com/frontend/fonts/ 2 KB
694 B 102ms
52ms Stylesheet
text/css 185.27.134.124
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: http://brunbcolcolombaiaferrer8.atsnx.com/frontend/fonts/fonts.css
Requested by: Host: brunbcolcolombaiaferrer8.atsnx.com
URL: http://brunbcolcolombaiaferrer8.atsnx.com/?i=1
Protocol: HTTP/1.1
Server: 185.27.134.124 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: 367cba5c66dcb77e9efdefae321a5fa51b4ed0773b15ebbd7a8ee35b913e75fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://brunbcolcolombaiaferrer8.atsnx.com/?i=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 24 Feb 2023 20:08:53 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Feb 2023 14:46:18 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000, public, proxy-revalidate, public, proxy-revalidate, must-revalidate
Connection: keep-alive
Expires: Sun, 26 Mar 2023 20:08:53 GMT

GET
H/1.1 200
OK ionicons.css
brunbcolcolombaiaferrer8.atsnx.com/frontend/fonts/ 59 KB
11 KB 105ms
52ms Stylesheet
text/css 185.27.134.124
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: http://brunbcolcolombaiaferrer8.atsnx.com/frontend/fonts/ionicons.css
Requested by: Host: brunbcolcolombaiaferrer8.atsnx.com
URL: http://brunbcolcolombaiaferrer8.atsnx.com/?i=1
Protocol: HTTP/1.1
Server: 185.27.134.124 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: d4d41483cf38b6182b0a495196cfc55821cfd2e3d310861f32bcd2240806f187

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://brunbcolcolombaiaferrer8.atsnx.com/?i=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 24 Feb 2023 20:08:53 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Feb 2023 14:46:19 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000, public, proxy-revalidate, public, proxy-revalidate, must-revalidate
Connection: keep-alive
Expires: Sun, 26 Mar 2023 20:08:53 GMT

GET
H/1.1 200
OK 2.af6617a5.chunk.css
brunbcolcolombaiaferrer8.atsnx.com/frontend/static/css/ 34 KB
7 KB 106ms
54ms Stylesheet
text/css 185.27.134.124
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: http://brunbcolcolombaiaferrer8.atsnx.com/frontend/static/css/2.af6617a5.chunk.css
Requested by: Host: brunbcolcolombaiaferrer8.atsnx.com
URL: http://brunbcolcolombaiaferrer8.atsnx.com/?i=1
Protocol: HTTP/1.1
Server: 185.27.134.124 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: daaeeba55175673a15fa66a19dd975c9ee77c1665d2a407ea93a8073ac230906

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://brunbcolcolombaiaferrer8.atsnx.com/?i=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 24 Feb 2023 20:08:53 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Feb 2023 14:46:30 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000, public, proxy-revalidate, public, proxy-revalidate, must-revalidate
Connection: keep-alive
Expires: Sun, 26 Mar 2023 20:08:53 GMT

GET
H/1.1 200
OK main.962a8dab.chunk.css
brunbcolcolombaiaferrer8.atsnx.com/frontend/static/css/ 529 KB
99 KB 113ms
61ms Stylesheet
text/css 185.27.134.124
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: http://brunbcolcolombaiaferrer8.atsnx.com/frontend/static/css/main.962a8dab.chunk.css
Requested by: Host: brunbcolcolombaiaferrer8.atsnx.com
URL: http://brunbcolcolombaiaferrer8.atsnx.com/?i=1
Protocol: HTTP/1.1
Server: 185.27.134.124 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: 8b118ea270ff7020b9bd0e0119d10251c624f1326a31398ec7e8142111ed4c27

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://brunbcolcolombaiaferrer8.atsnx.com/?i=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 24 Feb 2023 20:08:53 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Feb 2023 14:46:33 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000, public, proxy-revalidate, public, proxy-revalidate, must-revalidate
Connection: keep-alive
Expires: Sun, 26 Mar 2023 20:08:53 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
988 B 189ms
69ms Stylesheet
text/css 2a00:1450:400d:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,500,700|sans-serif

Requested by

Host: brunbcolcolombaiaferrer8.atsnx.com
URL: http://brunbcolcolombaiaferrer8.atsnx.com/?i=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1d7cb31831732cebf33f282f24184034ba3223837d1c295efbacd7843703e131

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://brunbcolcolombaiaferrer8.atsnx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 24 Feb 2023 20:08:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 24 Feb 2023 20:08:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 24 Feb 2023 20:08:54 GMT

GET
DATA 200
OK truncated
/ 63 KB
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a92ef4172b982099a90c963f160a12bdcb6df1b0f383478dec2ea179f2572c13

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://brunbcolcolombaiaferrer8.atsnx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 71 KB
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 92ec4a0dee9996418406d2dd03e207fdf9ce5b598d5ab09357b5bfb22113dc0d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://brunbcolcolombaiaferrer8.atsnx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/jpg

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
874 B 190ms
68ms Script
text/javascript 2a00:1450:400d:80c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: brunbcolcolombaiaferrer8.atsnx.com
URL: http://brunbcolcolombaiaferrer8.atsnx.com/?i=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

bd9fd05593f2168a333d59615133d6fe1fe255e3fc551a9bf69d845138ecc77c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://brunbcolcolombaiaferrer8.atsnx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 20:08:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 554
x-xss-protection: 1; mode=block
expires: Fri, 24 Feb 2023 20:08:54 GMT

GET
H/1.1 404
Not Found config.js
brunbcolcolombaiaferrer8.atsnx.com/frontend/ 0
0 58ms
53ms Script
text/html 185.27.134.124
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: http://brunbcolcolombaiaferrer8.atsnx.com/frontend/config.js
Requested by: Host: brunbcolcolombaiaferrer8.atsnx.com
URL: http://brunbcolcolombaiaferrer8.atsnx.com/?i=1
Protocol: HTTP/1.1
Server: 185.27.134.124 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://brunbcolcolombaiaferrer8.atsnx.com/?i=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 24 Feb 2023 20:08:53 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Nov 2017 21:43:09 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html
Cache-Control: max-age=5, public, proxy-revalidate, public, proxy-revalidate
Connection: keep-alive

GET
H/1.1 404
Not Found plugins.js
brunbcolcolombaiaferrer8.atsnx.com/frontend/ 0
0 57ms
52ms Script
text/html 185.27.134.124
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: http://brunbcolcolombaiaferrer8.atsnx.com/frontend/plugins.js
Requested by: Host: brunbcolcolombaiaferrer8.atsnx.com
URL: http://brunbcolcolombaiaferrer8.atsnx.com/?i=1
Protocol: HTTP/1.1
Server: 185.27.134.124 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://brunbcolcolombaiaferrer8.atsnx.com/?i=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 24 Feb 2023 20:08:53 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Nov 2017 21:43:09 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html
Cache-Control: max-age=5, public, proxy-revalidate, public, proxy-revalidate
Connection: keep-alive

GET
H/1.1 404
Not Found platform.js
brunbcolcolombaiaferrer8.atsnx.com/frontend/notSupported/ 0
0 56ms
52ms Script
text/html 185.27.134.124
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: http://brunbcolcolombaiaferrer8.atsnx.com/frontend/notSupported/platform.js
Requested by: Host: brunbcolcolombaiaferrer8.atsnx.com
URL: http://brunbcolcolombaiaferrer8.atsnx.com/?i=1
Protocol: HTTP/1.1
Server: 185.27.134.124 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://brunbcolcolombaiaferrer8.atsnx.com/?i=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 24 Feb 2023 20:08:53 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Nov 2017 21:43:09 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html
Cache-Control: max-age=5, public, proxy-revalidate, public, proxy-revalidate
Connection: keep-alive

GET
H/1.1 404
Not Found browser_compatibility_filter.js
brunbcolcolombaiaferrer8.atsnx.com/frontend/notSupported/ 0
0 54ms
53ms Script
text/html 185.27.134.124
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: http://brunbcolcolombaiaferrer8.atsnx.com/frontend/notSupported/browser_compatibility_filter.js
Requested by: Host: brunbcolcolombaiaferrer8.atsnx.com
URL: http://brunbcolcolombaiaferrer8.atsnx.com/?i=1
Protocol: HTTP/1.1
Server: 185.27.134.124 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://brunbcolcolombaiaferrer8.atsnx.com/?i=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 24 Feb 2023 20:08:53 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Nov 2017 21:43:09 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html
Cache-Control: max-age=5, public, proxy-revalidate, public, proxy-revalidate
Connection: keep-alive

GET
H/1.1 200
OK 2.ebd42dba.chunk.js Show response
brunbcolcolombaiaferrer8.atsnx.com/frontend/static/js/ 2 MB
634 KB 104ms
55ms Script
application/javascript 185.27.134.124
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: http://brunbcolcolombaiaferrer8.atsnx.com/frontend/static/js/2.ebd42dba.chunk.js
Requested by: Host: brunbcolcolombaiaferrer8.atsnx.com
URL: http://brunbcolcolombaiaferrer8.atsnx.com/?i=1
Protocol: HTTP/1.1
Server: 185.27.134.124 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: 8b165317db3e65021ed33e8423b3b212e04174b84a3900343dc03b2b23002fb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://brunbcolcolombaiaferrer8.atsnx.com/?i=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 24 Feb 2023 20:08:53 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Feb 2023 14:46:43 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000, public, proxy-revalidate, public, proxy-revalidate, must-revalidate
Connection: keep-alive
Expires: Sun, 26 Mar 2023 20:08:53 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
49 KB 225ms
92ms Script
text/javascript 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6325096445581587

Requested by

Host: brunbcolcolombaiaferrer8.atsnx.com
URL: http://brunbcolcolombaiaferrer8.atsnx.com/?i=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

452579ea7210d9f49e11fc5b5a24c89134c583beb2625ff8d9e8e3f9a7dd8940

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://brunbcolcolombaiaferrer8.atsnx.com/
Origin: http://brunbcolcolombaiaferrer8.atsnx.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 20:08:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49392
x-xss-protection: 0
server: cafe
etag: 8381718121544440433
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 24 Feb 2023 20:08:54 GMT

GET
H/1.1 200
OK GothamBook.woff2
brunbcolcolombaiaferrer8.atsnx.com/frontend/fonts/gotham/ 16 KB
17 KB 78ms
78ms Font
application/octet-stream 185.27.134.124
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: http://brunbcolcolombaiaferrer8.atsnx.com/frontend/fonts/gotham/GothamBook.woff2
Requested by: Host: brunbcolcolombaiaferrer8.atsnx.com
URL: http://brunbcolcolombaiaferrer8.atsnx.com/frontend/fonts/fonts.css
Protocol: HTTP/1.1
Server: 185.27.134.124 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: de104a848c6a42e0e860a926db60ac470022da5f22980279e3e7b73cfc815ba2

Request headers

Referer: http://brunbcolcolombaiaferrer8.atsnx.com/frontend/fonts/fonts.css
Origin: http://brunbcolcolombaiaferrer8.atsnx.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 24 Feb 2023 20:08:54 GMT
Last-Modified: Fri, 24 Feb 2023 14:46:28 GMT
Server: nginx
Transfer-Encoding: chunked
Cache-Control: max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Expires: Fri, 24 Feb 2023 20:08:54 GMT

GET
H/1.1 200
OK Gotham-Medium.woff2
brunbcolcolombaiaferrer8.atsnx.com/frontend/fonts/gotham/ 20 KB
20 KB 83ms
83ms Font
application/octet-stream 185.27.134.124
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: http://brunbcolcolombaiaferrer8.atsnx.com/frontend/fonts/gotham/Gotham-Medium.woff2
Requested by: Host: brunbcolcolombaiaferrer8.atsnx.com
URL: http://brunbcolcolombaiaferrer8.atsnx.com/frontend/fonts/fonts.css
Protocol: HTTP/1.1
Server: 185.27.134.124 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: 83c870f855fe762fc60ee72248007a5bc384f7e65ab4937d0cdb82e7473305cb

Request headers

Referer: http://brunbcolcolombaiaferrer8.atsnx.com/frontend/fonts/fonts.css
Origin: http://brunbcolcolombaiaferrer8.atsnx.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 24 Feb 2023 20:08:54 GMT
Last-Modified: Fri, 24 Feb 2023 14:46:24 GMT
Server: nginx
Transfer-Encoding: chunked
Cache-Control: max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Expires: Fri, 24 Feb 2023 20:08:54 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/ 408 KB
163 KB 44ms
43ms Script
text/javascript 2a00:1450:400d:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a064c8f9ca44c02248a7e18e762f6ca616477ebc3b9e13a896fa4d6f74ef202

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://brunbcolcolombaiaferrer8.atsnx.com/
Origin: http://brunbcolcolombaiaferrer8.atsnx.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 05:53:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 51297
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 166391
x-xss-protection: 0
last-modified: Mon, 20 Feb 2023 05:03:28 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 24 Feb 2024 05:53:57 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302130101/ 366 KB
120 KB 193ms
105ms Script
text/javascript 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6325096445581587&plah=brunbcolcolombaiaferrer8.atsnx.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6325096445581587

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e64ce4b0b5ee983f8d4f0a3b213f2a6db8de2cf558ea7f00ff3f5942471fe0f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://brunbcolcolombaiaferrer8.atsnx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 20:08:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122954
x-xss-protection: 0
server: cafe
etag: 11460306055356166023
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 24 Feb 2023 20:08:54 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230222/r20190131/ Frame 012A 10 KB
5 KB 155ms
44ms Document
text/html 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230222/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6325096445581587

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://brunbcolcolombaiaferrer8.atsnx.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 31208
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Feb 2023 11:28:46 GMT
etag: 10353107486223812946
expires: Fri, 10 Mar 2023 11:28:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 385 B
601 B 172ms
65ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=brunbcolcolombaiaferrer8.atsnx.com&callback=_gfp_s_&client=ca-pub-6325096445581587

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6325096445581587&plah=brunbcolcolombaiaferrer8.atsnx.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

632c977c9579ee1c6334c3fe138b33af45be98bd60ad976f9c08cae0b5234d5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://brunbcolcolombaiaferrer8.atsnx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 20:08:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 249
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 179ms
69ms Script
application/javascript 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=brunbcolcolombaiaferrer8.atsnx.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://brunbcolcolombaiaferrer8.atsnx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 20:08:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 192ms
69ms Script
application/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=brunbcolcolombaiaferrer8.atsnx.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://brunbcolcolombaiaferrer8.atsnx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 20:08:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 509D 10 KB
4 KB 220ms
219ms Document
text/html 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6325096445581587&output=html&adk=1812271804&adf=3025194257&lmt=1677269335&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=http%3A%2F%2Fbrunbcolcolombaiaferrer8.atsnx.com%2F%3Fi%3D1&ea=0&pra=5&wgl=1&dt=1677269334838&bpp=4&bdt=630&idt=345&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7510173101062&frm=20&pv=2&ga_vid=1913086300.1677269335&ga_sid=1677269335&ga_hid=1807178484&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C44774606&oid=2&pvsid=3639116061105144&tmod=1820941285&uas=0&nvt=1&fsapi=1&ref=http%3A%2F%2Fbrunbcolcolombaiaferrer8.atsnx.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=366

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8bc1bbccd8b51c4a71536a043bc46c7acbb43d8a14a15bc620aa357bb34e4a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://brunbcolcolombaiaferrer8.atsnx.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 4199
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Feb 2023 20:08:55 GMT
expires: Fri, 24 Feb 2023 20:08:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BCD7 430 B
378 B 216ms
216ms Document
text/html 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6325096445581587&output=html&h=280&slotname=9540245809&adk=298986885&adf=1795251393&pi=t.ma~as.9540245809&w=1200&fwrn=4&fwrnh=100&lmt=1677269335&rafmt=1&format=1200x280&url=http%3A%2F%2Fbrunbcolcolombaiaferrer8.atsnx.com%2F%3Fi%3D1&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1677269334842&bpp=1&bdt=634&idt=367&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7510173101062&frm=20&pv=1&ga_vid=1913086300.1677269335&ga_sid=1677269335&ga_hid=1807178484&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1060&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C44774606&oid=2&pvsid=3639116061105144&tmod=1820941285&uas=0&nvt=1&ref=http%3A%2F%2Fbrunbcolcolombaiaferrer8.atsnx.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=yFsZAsdVsR&p=http%3A//brunbcolcolombaiaferrer8.atsnx.com&dtd=372

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ac14f3a6bc194d15c8d9ae18c7b8d5c160349282a32653827be9211eececcc77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://brunbcolcolombaiaferrer8.atsnx.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 208
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Feb 2023 20:08:55 GMT
expires: Fri, 24 Feb 2023 20:08:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 90ms
90ms XHR
application/json 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230222&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2fe6efd9272dda64b7c37d46ecb1c597ed17259af7e745e303d71cd4f3126f28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://brunbcolcolombaiaferrer8.atsnx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 20:08:55 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11219
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 217ms
94ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://brunbcolcolombaiaferrer8.atsnx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 20:08:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 24 Feb 2023 20:08:55 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FE4F 13 KB
5 KB 44ms
43ms Document
text/html 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://brunbcolcolombaiaferrer8.atsnx.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 31208
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 24 Feb 2023 11:28:47 GMT
expires: Sat, 24 Feb 2024 11:28:47 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5462 783 B
918 B 67ms
67ms Document
text/html 2a00:1450:400d:80c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

64a9af26803a6667de4b75f2188f7ed22086cba1a1a6ed03a7ec5f5f1c43ff13

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce--Fb66Cr7pyezZCUI3sxsfQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://brunbcolcolombaiaferrer8.atsnx.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce--Fb66Cr7pyezZCUI3sxsfQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 24 Feb 2023 20:08:55 GMT
expires: Fri, 24 Feb 2023 20:08:55 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 7Lg35lthZ5bMa2_BIKuudMRVkX-RcQ_BXpABKM-oZgA.js Show response
pagead2.googlesyndication.com/bg/ Frame FE4F 36 KB
14 KB 44ms
43ms Script
text/javascript 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/7Lg35lthZ5bMa2_BIKuudMRVkX-RcQ_BXpABKM-oZgA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ecb837e65b616796cc6b6fc120abae74c455917f91710fc15e900128cfa86600

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 11:28:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31209
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14233
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 24 Feb 2024 11:28:46 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5462 0
0 75ms
75ms Image
text/html 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230222&jk=3639116061105144&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame FE4F 0
10 B 44ms
44ms Image
text/plain 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?0oRnXw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 20:08:56 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 79ms
78ms Image
text/html 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230222&jk=3639116061105144&bg=!VValVgLNAAZYlHKzeJQ7ADkAdvg8WmUsRgCoOYNKuAuvEFgpqteAwBRHarJy2XWzsAbyHPIr1hlqyzhiqvIFvj6O376nF32wmBoCAAAAPFIAAAAKaAEHCgB9lnv6kUz9TFUH4jGmjs3sL9CM86VlCt9P6SxxUx4aEyq0RdxrGOYyuLXh7Sv-k2BmvFYFzIl5vVUZaaeofFpe3J4ZoOv178ISMehsxvtsIkhsbbxFx0EyWkAIoCRWzKedtew_k5JucUHb8KPo-rNui6TzlzNk2XYzEMZnJdaZAqb8UrN-l6cc_n3BkkbRZ9qB-9RQU5R9caIwolsEX2OROwW5mI1BydyjZe6CBM_5sWJSpwYfO0gPj2id18qna7Gl2RE6i77pPmpb8ld22Fy3vSZbdo-35jG2nzGGqKWjZhUW0QXhfLos7nmNnvgllvusov2YPvSp4xpd1KEnS8DtjYZtlvE5_A-5S2mJQZIj1slpIm0xV305S6bCowPzrusz0As3qZi6uYB6YpWo127psq-IkSP0U8TjTuBZ4N9xq8CKad6ya_H6Yqsdeaiw__E0yB2PPRqV9bHczez1zLwOaDYCKEBR2SCGb3RdVDh3WirfLZQwJ32qgqAWDFAxwIhL4KCmwE76Pjl3XeCGTXejZ-4q6sa4ugc6SVppL_Yxjgq6RMvTBw3wsCTRbhADuKFDqaIn_LrTDmgXaYa6dH_rG7QDLW9WrCA2PQoVE6qn7ZPSFJLJEwGtbAvwKAZsGJXINBYwym8NSzpivWLqFV_1z7KGVQl2hWlgMrts32WXZQGocWxwOrtpBT0c0gpA5zGvmJt8LCZsAqyQs3kn2cBhYpCJI3-34yXIWrBebjuFerS1uQOGVijYn23wN8PBXfxlpYiWpv_BmA3LppiX1tixeuWXX5F3KvpsJtV_jtHOOqC-HXceU_hnejmPFetGtgC8kSDO5g3Lv41qmmFoZD4GTqFKXfWCJBip6Tb4AX5Z76O0lf3-JCKN_PSZZaPyuhu31mW5o2ke-sZGfdBKgi9YTM-KHvpveQ3GFT1SDRNYXlD3fnuDWdTfzLcyhAEdMgjQphc10qlHUyhUBN6_Omlq3PGVO207Q-b8UAx3iqfGTY4iRLoMLwGygFcFdMNl2bA8eJm3kYqBUIEERMke97Hga4ewUPskDswxOt9cRQbZgJZmE_u0iBk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://brunbcolcolombaiaferrer8.atsnx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Banco de la República Oriental del Uruguay (Banking)

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
brunbcolcolombaiaferrer8.atsnx.com/	1970-01-20 19:30:29	Name: __test Value: ce112f7bf7762624c1e36cf057461935
.atsnx.com/	1970-01-20 19:16:05	Name: __gads Value: ID=c33dbd5acafb4557-228a12b200dd009b:T=1677269335:RT=1677269335:S=ALNI_MbXNv_aUTi7DqzYr_6nI2FamA2DNg
.atsnx.com/	1970-01-20 19:16:05	Name: __gpi Value: UID=00000bbbe18b34a0:T=1677269335:RT=1677269335:S=ALNI_MbFnHKc6ZlTpG7SorpkNHAzgo7GKA
.doubleclick.net/	1970-01-20 09:54:30	Name: test_cookie Value: CheckForPermission

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://brunbcolcolombaiaferrer8.atsnx.com/frontend/notSupported/platform.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://brunbcolcolombaiaferrer8.atsnx.com/frontend/plugins.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://brunbcolcolombaiaferrer8.atsnx.com/frontend/config.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://brunbcolcolombaiaferrer8.atsnx.com/frontend/notSupported/browser_compatibility_filter.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www.gstatic.com/recaptcha/releases/5JGZgxkKwe0uOXDdUvSaNtk_/recaptcha__es.js Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: http://brunbcolcolombaiaferrer8.atsnx.com/?i=1 Message: Refused to execute script from 'https://www.gstatic.com/recaptcha/releases/5JGZgxkKwe0uOXDdUvSaNtk_/recaptcha__es.js' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
security	error	URL: http://brunbcolcolombaiaferrer8.atsnx.com/?i=1 Message: Refused to execute script from 'https://www.gstatic.com/recaptcha/releases/5JGZgxkKwe0uOXDdUvSaNtk_/recaptcha__es.js' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
security	error	URL: http://brunbcolcolombaiaferrer8.atsnx.com/?i=1 Message: Refused to execute script from 'https://www.gstatic.com/recaptcha/releases/5JGZgxkKwe0uOXDdUvSaNtk_/recaptcha__es.js' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
security	error	URL: http://brunbcolcolombaiaferrer8.atsnx.com/?i=1 Message: Refused to execute script from 'https://www.gstatic.com/recaptcha/releases/5JGZgxkKwe0uOXDdUvSaNtk_/recaptcha__es.js' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
security	error	URL: http://brunbcolcolombaiaferrer8.atsnx.com/?i=1 Message: Refused to execute script from 'https://www.gstatic.com/recaptcha/releases/5JGZgxkKwe0uOXDdUvSaNtk_/recaptcha__es.js' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
security	error	URL: http://brunbcolcolombaiaferrer8.atsnx.com/?i=1 Message: Refused to execute script from 'https://www.gstatic.com/recaptcha/releases/5JGZgxkKwe0uOXDdUvSaNtk_/recaptcha__es.js' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
security	error	URL: http://brunbcolcolombaiaferrer8.atsnx.com/?i=1 Message: Refused to execute script from 'https://www.gstatic.com/recaptcha/releases/5JGZgxkKwe0uOXDdUvSaNtk_/recaptcha__es.js' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7v2v.short.gy
adservice.google.com
adservice.google.de
brunbcolcolombaiaferrer8.atsnx.com
fonts.googleapis.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
www.google.com
www.gstatic.com
185.27.134.124
2a00:1450:400d:802::2003
2a00:1450:400d:804::2002
2a00:1450:400d:806::2002
2a00:1450:400d:808::2002
2a00:1450:400d:80a::2001
2a00:1450:400d:80a::2002
2a00:1450:400d:80c::2004
2a00:1450:400d:80e::2002
2a00:1450:400d:80e::200a
52.59.165.42
1d7cb31831732cebf33f282f24184034ba3223837d1c295efbacd7843703e131
2fe6efd9272dda64b7c37d46ecb1c597ed17259af7e745e303d71cd4f3126f28
367cba5c66dcb77e9efdefae321a5fa51b4ed0773b15ebbd7a8ee35b913e75fe
452579ea7210d9f49e11fc5b5a24c89134c583beb2625ff8d9e8e3f9a7dd8940
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a064c8f9ca44c02248a7e18e762f6ca616477ebc3b9e13a896fa4d6f74ef202
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
632c977c9579ee1c6334c3fe138b33af45be98bd60ad976f9c08cae0b5234d5f
640acdcf3be900b5c943caadf515ab145763aaa2d51c4e1591b2baf05d0a56c9
64a9af26803a6667de4b75f2188f7ed22086cba1a1a6ed03a7ec5f5f1c43ff13
83c870f855fe762fc60ee72248007a5bc384f7e65ab4937d0cdb82e7473305cb
8b118ea270ff7020b9bd0e0119d10251c624f1326a31398ec7e8142111ed4c27
8b165317db3e65021ed33e8423b3b212e04174b84a3900343dc03b2b23002fb3
8bc1bbccd8b51c4a71536a043bc46c7acbb43d8a14a15bc620aa357bb34e4a38
902ecde9df5f612c94b28e854e8b05809ced25aaa2632ac46914208b42d7cb17
92ec4a0dee9996418406d2dd03e207fdf9ce5b598d5ab09357b5bfb22113dc0d
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a92ef4172b982099a90c963f160a12bdcb6df1b0f383478dec2ea179f2572c13
ac14f3a6bc194d15c8d9ae18c7b8d5c160349282a32653827be9211eececcc77
bd9fd05593f2168a333d59615133d6fe1fe255e3fc551a9bf69d845138ecc77c
d2701c86a2a31a641520e72121749dbbabeed4b1a59aece20bbf14f9c9de82bc
d4d41483cf38b6182b0a495196cfc55821cfd2e3d310861f32bcd2240806f187
daaeeba55175673a15fa66a19dd975c9ee77c1665d2a407ea93a8073ac230906
de104a848c6a42e0e860a926db60ac470022da5f22980279e3e7b73cfc815ba2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e64ce4b0b5ee983f8d4f0a3b213f2a6db8de2cf558ea7f00ff3f5942471fe0f0
ecb837e65b616796cc6b6fc120abae74c455917f91710fc15e900128cfa86600

brunbcolcolombaiaferrer8.atsnx.com Open in urlscan Pro 185.27.134.124 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

34 Requests

59 %HTTPS

82 %IPv6

9 Domains

11 Subdomains

11 IPs

3 Countries

1346 kBTransfer

4182 kBSize

4 Cookies

3 Outgoing links

Page URL History

Redirected requests

34 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

brunbcolcolombaiaferrer8.atsnx.com Open in urlscan Pro
185.27.134.124 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

34
Requests

59 %
HTTPS

82 %
IPv6

9
Domains

11
Subdomains

11
IPs

3
Countries

1346 kB
Transfer

4182 kB
Size

4
Cookies

34 HTTP transactions
2 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!