nuevobancogeneral.atsnx.com
185.27.134.59 Malicious Activity!

Go To Rescan
Add Verdict Report

Submitted URL:
http://nuevobancogeneral.atsnx.com/
Effective URL:
http://nuevobancogeneral.atsnx.com/?i=1
Submission: On March 15 via manual (March 15th 2023, 2:14:37 pm UTC) from PA — Scanned from GB

Summary HTTP 32 Redirects Behaviour Indicators

Summary

This website contacted 13 IPs in 3 countries across 10 domains to perform 32 HTTP transactions. The main IP is 185.27.134.59, located in United Kingdom and belongs to WILDCARD-AS Wildcard UK Limited, GB. The main domain is nuevobancogeneral.atsnx.com.

This is the only time nuevobancogeneral.atsnx.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Banco General (Banking)

Domain & IP information

	IP Address	AS Autonomous System
7	185.27.134.59 185.27.134.59	34119 (WILDCARD-...) (WILDCARD-AS Wildcard UK Limited)
2	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	64.185.227.155 64.185.227.155	18450 (WEBNX) (WEBNX)
1	34.117.59.81 34.117.59.81	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
32	13

7 185.27.134.59 (United Kingdom)

ASN34119 (WILDCARD-AS Wildcard UK Limited, GB)

nuevobancogeneral.atsnx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.185.227.155 (United States)

ASN18450 (WEBNX, US)
PTR: 64-185-227-155.static.webnx.com

api.ipify.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.59.81 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 81.59.117.34.bc.googleusercontent.com

ipinfo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 tpc.googlesyndication.com — Cisco Umbrella Rank: 134	205 KB
7	atsnx.com nuevobancogeneral.atsnx.com	131 KB
3	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 32	5 KB
3	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 305 fonts.googleapis.com — Cisco Umbrella Rank: 34	62 KB
2	google.com adservice.google.com — Cisco Umbrella Rank: 68 www.google.com — Cisco Umbrella Rank: 2	2 KB
2	gstatic.com fonts.gstatic.com	62 KB
1	google.ca adservice.google.ca — Cisco Umbrella Rank: 13100	531 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 860	601 B
1	ipinfo.io ipinfo.io — Cisco Umbrella Rank: 6345	516 B
1	ipify.org api.ipify.org — Cisco Umbrella Rank: 2634	118 B
32	10

	Domain	Requested by
8	pagead2.googlesyndication.com	nuevobancogeneral.atsnx.com pagead2.googlesyndication.com tpc.googlesyndication.com
7	nuevobancogeneral.atsnx.com	nuevobancogeneral.atsnx.com
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	fonts.gstatic.com	fonts.googleapis.com
2	ajax.googleapis.com	nuevobancogeneral.atsnx.com
1	www.google.com	tpc.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.ca	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	fonts.googleapis.com	nuevobancogeneral.atsnx.com
1	ipinfo.io	ajax.googleapis.com
1	api.ipify.org	ajax.googleapis.com
32	13

This site contains no links.

Subject Issuer	Validity	Valid
upload.video.google.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.ipify.org Sectigo RSA Domain Validation Secure Server CA	`2023-02-07` - `2024-02-18`	a year	crt.sh
ipinfo.io R3	`2023-01-18` - `2023-04-18`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh

This page contains 6 frames:

Primary Page: http://nuevobancogeneral.atsnx.com/?i=1
Frame ID: C730B9BFBA0C4F2C047F665D80094DFC
Requests: 27 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230313/r20190131/zrt_lookup.html
Frame ID: 35E53EA8F83531CF5120B607B7C1FBF7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6325096445581587&output=html&adk=2300614822&adf=1347611726&lmt=1676818406&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=http%3A%2F%2Fnuevobancogeneral.atsnx.com%2F%3Fi%3D1&ea=0&pra=5&wgl=1&dt=1678889679120&bpp=2&bdt=564&idt=357&shv=r20230313&mjsv=m202303070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1124150279836&frm=20&pv=2&ga_vid=73113304.1678889679&ga_sid=1678889679&ga_hid=400632094&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44773809%2C44759842%2C44777877%2C31071756%2C31072915%2C31072951&oid=2&pvsid=1929455714171757&tmod=722959280&uas=0&nvt=1&ref=http%3A%2F%2Fnuevobancogeneral.atsnx.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=381
Frame ID: 6A39912381425C07A34375B004C99B7A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6325096445581587&output=html&h=280&slotname=9540245809&adk=1425620878&adf=764415998&pi=t.ma~as.9540245809&w=1200&fwrn=4&fwrnh=100&lmt=1676818406&rafmt=1&format=1200x280&url=http%3A%2F%2Fnuevobancogeneral.atsnx.com%2F%3Fi%3D1&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1678889679122&bpp=1&bdt=565&idt=386&shv=r20230313&mjsv=m202303070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1124150279836&frm=20&pv=1&ga_vid=73113304.1678889679&ga_sid=1678889679&ga_hid=400632094&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1208&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44773809%2C44759842%2C44777877%2C31071756%2C31072915%2C31072951&oid=2&pvsid=1929455714171757&tmod=722959280&uas=0&nvt=1&ref=http%3A%2F%2Fnuevobancogeneral.atsnx.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=Ip7idSkUDt&p=http%3A//nuevobancogeneral.atsnx.com&dtd=390
Frame ID: 2C256A0F9389DBE5029C4456F9413D30
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4E2A42D005ACB8EA42E561F707213A5A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 89AD5909E07BCE2BFD498D6BEA2FBD99
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://nuevobancogeneral.atsnx.com/ Page URL
http://nuevobancogeneral.atsnx.com/?i=1 Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

32
Requests

78 %
HTTPS

75 %
IPv6

10
Domains

13
Subdomains

13
IPs

3
Countries

469 kB
Transfer

1499 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://nuevobancogeneral.atsnx.com/ Page URL
http://nuevobancogeneral.atsnx.com/?i=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
nuevobancogeneral.atsnx.com/ 838 B
833 B 221ms
64ms Document
text/html 185.27.134.59
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: http://nuevobancogeneral.atsnx.com/
Protocol: HTTP/1.1
Server: 185.27.134.59 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: 90e80a12a6911489f1dd6a8bf2f3aa63b847bf1e6b7cc973b81ed962a79a92c8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Cache-Control: no-cache
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Wed, 15 Mar 2023 14:14:37 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H/1.1 200
OK aes.js Show response
nuevobancogeneral.atsnx.com/ 30 KB
31 KB 64ms
64ms Script
application/javascript 185.27.134.59
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: http://nuevobancogeneral.atsnx.com/aes.js
Requested by: Host: nuevobancogeneral.atsnx.com
URL: http://nuevobancogeneral.atsnx.com/
Protocol: HTTP/1.1
Server: 185.27.134.59 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: d2701c86a2a31a641520e72121749dbbabeed4b1a59aece20bbf14f9c9de82bc

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://nuevobancogeneral.atsnx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Wed, 15 Mar 2023 14:14:37 GMT
Last-Modified: Sat, 08 Aug 2015 08:10:59 GMT
Server: nginx
ETag: "55c5b993-79e6"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 31206

GET
H/1.1 200
OK Primary Request / Show response
nuevobancogeneral.atsnx.com/ 43 KB
20 KB 106ms
106ms Document
text/html 185.27.134.59
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: http://nuevobancogeneral.atsnx.com/?i=1
Requested by: Host: nuevobancogeneral.atsnx.com
URL: http://nuevobancogeneral.atsnx.com/
Protocol: HTTP/1.1
Server: 185.27.134.59 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: afcdd1904f2e11d1eb6d3f8febbac0310e8a2eb20753dd287cec2eaedf5a18ed

Request headers

Referer: http://nuevobancogeneral.atsnx.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Cache-Control: max-age=2592000, public, proxy-revalidate, public, proxy-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Wed, 15 Mar 2023 14:14:37 GMT
Expires: Fri, 14 Apr 2023 14:14:37 GMT
Last-Modified: Sun, 19 Feb 2023 14:53:26 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 87 KB
30 KB 235ms
119ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: nuevobancogeneral.atsnx.com
URL: http://nuevobancogeneral.atsnx.com/?i=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://nuevobancogeneral.atsnx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 08:20:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 107675
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31021
x-xss-protection: 0
last-modified: Fri, 08 May 2020 07:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Mar 2024 08:20:03 GMT

GET
H/1.1 200
OK style.css
nuevobancogeneral.atsnx.com/ 563 KB
79 KB 73ms
72ms Stylesheet
text/css 185.27.134.59
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: http://nuevobancogeneral.atsnx.com/style.css
Requested by: Host: nuevobancogeneral.atsnx.com
URL: http://nuevobancogeneral.atsnx.com/?i=1
Protocol: HTTP/1.1
Server: 185.27.134.59 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: b4bee41db2466dcb5295743cd76ab6cdb499e86346fb7a27f4577d7552e4a582

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://nuevobancogeneral.atsnx.com/?i=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Wed, 15 Mar 2023 14:14:37 GMT
Content-Encoding: gzip
Last-Modified: Sun, 19 Feb 2023 14:53:30 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000, public, proxy-revalidate, public, proxy-revalidate, must-revalidate
Connection: keep-alive
Expires: Fri, 14 Apr 2023 14:14:37 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ 84 KB
30 KB 170ms
54ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js

Requested by

Host: nuevobancogeneral.atsnx.com
URL: http://nuevobancogeneral.atsnx.com/?i=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://nuevobancogeneral.atsnx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 08:35:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20336
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30028
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Mar 2024 08:35:42 GMT

GET
H/1.1 200
OK sax.js Show response
nuevobancogeneral.atsnx.com/js/ 1 KB
1 KB 130ms
66ms Script
application/javascript 185.27.134.59
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: http://nuevobancogeneral.atsnx.com/js/sax.js
Requested by: Host: nuevobancogeneral.atsnx.com
URL: http://nuevobancogeneral.atsnx.com/?i=1
Protocol: HTTP/1.1
Server: 185.27.134.59 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: 50a89cb17ca8397d1a42a03cd89e392f973971c4f7ddf658f4091a8da62dcf7e

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://nuevobancogeneral.atsnx.com/?i=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Wed, 15 Mar 2023 14:14:37 GMT
Content-Encoding: gzip
Last-Modified: Sun, 19 Feb 2023 14:53:36 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000, public, proxy-revalidate, public, proxy-revalidate, must-revalidate
Connection: keep-alive
Expires: Fri, 14 Apr 2023 14:14:37 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 142 KB
48 KB 230ms
107ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6325096445581587

Requested by

Host: nuevobancogeneral.atsnx.com
URL: http://nuevobancogeneral.atsnx.com/?i=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d344ac4df021fa01683566164dfaca4b6e3b1d2cd5bd2c1e498df5f5346f4d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://nuevobancogeneral.atsnx.com/
Origin: http://nuevobancogeneral.atsnx.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 14:14:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48583
x-xss-protection: 0
server: cafe
etag: 7468855422204941623
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 15 Mar 2023 14:14:38 GMT

GET
H2 200 / Show response
api.ipify.org/ 22 B
118 B 491ms
119ms XHR
application/json 64.185.227.155
WEBNX

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipify.org/?format=json
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.185.227.155 , United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-227-155.static.webnx.com
Software: /
Resource Hash: d10d2713604ec185d8b863d899aa39507c11a30786e5895d55622dfeb6ba2670

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: http://nuevobancogeneral.atsnx.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin: http://nuevobancogeneral.atsnx.com
date: Wed, 15 Mar 2023 14:14:39 GMT
content-length: 22
vary: Origin
content-type: application/json

GET
H2 200 / Show response
ipinfo.io/ 253 B
516 B 286ms
169ms XHR
application/json 34.117.59.81
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://ipinfo.io/

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.59.81 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

81.59.117.34.bc.googleusercontent.com

Software

Resource Hash

a2bdde4db07f8e51434818cd7df3534c772c874658fed1a7c201ad54fddff91d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: http://nuevobancogeneral.atsnx.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 14:14:39 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-encoding: gzip
via: 1.1 google
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-envoy-upstream-service-time: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 17 KB
1 KB 183ms
66ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,600,700,800&display=swap

Requested by

Host: nuevobancogeneral.atsnx.com
URL: http://nuevobancogeneral.atsnx.com/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

de61506a191fcbca0e9cca9087eb86a99a8587618b52f90c02a0b09a3a8ec7e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://nuevobancogeneral.atsnx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 15 Mar 2023 14:14:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 15 Mar 2023 14:14:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 15 Mar 2023 14:14:38 GMT

GET
DATA 200
OK truncated
/ 8 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 50d4f2ea4b1e40df7806056d1e53197fb6a72395602bdc0e9c6a5bcb18ed80d9

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://nuevobancogeneral.atsnx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 20493cf97764255a1ea14cebd30515893eacb5dba4fd3e3cfefb9e6b64e60085

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://nuevobancogeneral.atsnx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e4fff41e351265a02dfd7ae981d014af9d34e087eb63783d27512129feb4ec6c

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://nuevobancogeneral.atsnx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 172ms
55ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,600,700,800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://nuevobancogeneral.atsnx.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 05:05:33 GMT
x-content-type-options: nosniff
age: 551346
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Mar 2024 05:05:33 GMT

GET
H/1.1 404
Not Found bgp-icons.woff
nuevobancogeneral.atsnx.com/fonts/bgpIcons/ 0
0 67ms
67ms Font
text/html 185.27.134.59
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: http://nuevobancogeneral.atsnx.com/fonts/bgpIcons/bgp-icons.woff?1599496158914
Requested by: Host: nuevobancogeneral.atsnx.com
URL: http://nuevobancogeneral.atsnx.com/style.css
Protocol: HTTP/1.1
Server: 185.27.134.59 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: http://nuevobancogeneral.atsnx.com/style.css
Origin: http://nuevobancogeneral.atsnx.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Wed, 15 Mar 2023 14:14:37 GMT
Content-Encoding: gzip
Last-Modified: Mon, 21 Nov 2022 11:34:28 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html
Cache-Control: max-age=5, public, proxy-revalidate, public, proxy-revalidate
Connection: keep-alive

GET
H2 200 memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk5hkWVAewA.woff2
fonts.gstatic.com/s/opensans/v34/ 17 KB
18 KB 235ms
131ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk5hkWVAewA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,600,700,800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

58b668040ea1899d0c45dd1d0dd640358914869b28f47e33b0a7f076ddee8263

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://nuevobancogeneral.atsnx.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:19:34 GMT
x-content-type-options: nosniff
age: 460505
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17872
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:14:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Mar 2024 06:19:34 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303070101/ 365 KB
121 KB 224ms
115ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303070101/show_ads_impl_fy2021.js?bust=31072915

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6325096445581587

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9310b1308aa8694d7af0237c90de23ed41162a9cf8e2242a321d3599c55db42f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://nuevobancogeneral.atsnx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 14:14:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 123454
x-xss-protection: 0
server: cafe
etag: 6451557731735239673
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Mar 2023 14:14:39 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230313/r20190131/ Frame 35E5 10 KB
5 KB 171ms
54ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230313/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6325096445581587

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://nuevobancogeneral.atsnx.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 84798
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 14 Mar 2023 14:41:21 GMT
etag: 2378337311435320485
expires: Tue, 28 Mar 2023 14:41:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 404
Not Found bgp-icons.ttf
nuevobancogeneral.atsnx.com/fonts/bgpIcons/ 0
0 67ms
66ms Font
text/html 185.27.134.59
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: http://nuevobancogeneral.atsnx.com/fonts/bgpIcons/bgp-icons.ttf?1599496158914
Requested by: Host: nuevobancogeneral.atsnx.com
URL: http://nuevobancogeneral.atsnx.com/style.css
Protocol: HTTP/1.1
Server: 185.27.134.59 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: http://nuevobancogeneral.atsnx.com/style.css
Origin: http://nuevobancogeneral.atsnx.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Wed, 15 Mar 2023 14:14:38 GMT
Content-Encoding: gzip
Last-Modified: Mon, 21 Nov 2022 11:34:28 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html
Cache-Control: max-age=5, public, proxy-revalidate, public, proxy-revalidate
Connection: keep-alive

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 385 B
601 B 208ms
62ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=nuevobancogeneral.atsnx.com&callback=_gfp_s_&client=ca-pub-6325096445581587

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303070101/show_ads_impl_fy2021.js?bust=31072915

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

349a27e6ed7d555545740791efa025710f7f8a5d097dac042388694bff67f0cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://nuevobancogeneral.atsnx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 14:14:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 250
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.ca/adsid/ 107 B
531 B 209ms
66ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ca/adsid/integrator.js?domain=nuevobancogeneral.atsnx.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303070101/show_ads_impl_fy2021.js?bust=31072915

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://nuevobancogeneral.atsnx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 14:14:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 194ms
69ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=nuevobancogeneral.atsnx.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303070101/show_ads_impl_fy2021.js?bust=31072915

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://nuevobancogeneral.atsnx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 14:14:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 158ms
157ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=loader-wrapper&ign=false&pw=1600&ph=1200&x=0&y=1060.8

Requested by

Host: nuevobancogeneral.atsnx.com
URL: http://nuevobancogeneral.atsnx.com/?i=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://nuevobancogeneral.atsnx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Mar 2023 14:14:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 157ms
156ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=loader-wrapper&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: nuevobancogeneral.atsnx.com
URL: http://nuevobancogeneral.atsnx.com/?i=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://nuevobancogeneral.atsnx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Mar 2023 14:14:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6A39 603 B
245 B 76ms
75ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6325096445581587&output=html&adk=2300614822&adf=1347611726&lmt=1676818406&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=http%3A%2F%2Fnuevobancogeneral.atsnx.com%2F%3Fi%3D1&ea=0&pra=5&wgl=1&dt=1678889679120&bpp=2&bdt=564&idt=357&shv=r20230313&mjsv=m202303070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1124150279836&frm=20&pv=2&ga_vid=73113304.1678889679&ga_sid=1678889679&ga_hid=400632094&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44773809%2C44759842%2C44777877%2C31071756%2C31072915%2C31072951&oid=2&pvsid=1929455714171757&tmod=722959280&uas=0&nvt=1&ref=http%3A%2F%2Fnuevobancogeneral.atsnx.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=381

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303070101/show_ads_impl_fy2021.js?bust=31072915

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://nuevobancogeneral.atsnx.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 15 Mar 2023 14:14:39 GMT
expires: Wed, 15 Mar 2023 14:14:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 400 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2C25 603 B
211 B 75ms
75ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6325096445581587&output=html&h=280&slotname=9540245809&adk=1425620878&adf=764415998&pi=t.ma~as.9540245809&w=1200&fwrn=4&fwrnh=100&lmt=1676818406&rafmt=1&format=1200x280&url=http%3A%2F%2Fnuevobancogeneral.atsnx.com%2F%3Fi%3D1&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1678889679122&bpp=1&bdt=565&idt=386&shv=r20230313&mjsv=m202303070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1124150279836&frm=20&pv=1&ga_vid=73113304.1678889679&ga_sid=1678889679&ga_hid=400632094&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1208&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44773809%2C44759842%2C44777877%2C31071756%2C31072915%2C31072951&oid=2&pvsid=1929455714171757&tmod=722959280&uas=0&nvt=1&ref=http%3A%2F%2Fnuevobancogeneral.atsnx.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=Ip7idSkUDt&p=http%3A//nuevobancogeneral.atsnx.com&dtd=390

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303070101/show_ads_impl_fy2021.js?bust=31072915

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://nuevobancogeneral.atsnx.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 15 Mar 2023 14:14:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 106ms
105ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230313&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303070101/show_ads_impl_fy2021.js?bust=31072915

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aa89ea4778d1ba29cc33cce3a3c5fedcb6c00ca6438b5903b874622b11732628

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://nuevobancogeneral.atsnx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 14:14:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11221
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 248ms
90ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303070101/show_ads_impl_fy2021.js?bust=31072915

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://nuevobancogeneral.atsnx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 14:14:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 15 Mar 2023 14:14:40 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4E2A 13 KB
5 KB 60ms
57ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://nuevobancogeneral.atsnx.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 4251
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 15 Mar 2023 13:03:49 GMT
expires: Thu, 14 Mar 2024 13:03:49 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 89AD 783 B
1 KB 183ms
63ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

eb8a7c1da7ecddf594bad55f9b885ccfc921fbbe392bec5d3d9b81db5db280ce

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-z6F-g70rzWwE0knyw3zd7A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://nuevobancogeneral.atsnx.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-z6F-g70rzWwE0knyw3zd7A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 15 Mar 2023 14:14:40 GMT
expires: Wed, 15 Mar 2023 14:14:40 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 9DoG2UqGQ_hj5gfOHn4oyjEZInin2z3VqHqE5UOquhE.js Show response
pagead2.googlesyndication.com/bg/ Frame 4E2A 36 KB
14 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/9DoG2UqGQ_hj5gfOHn4oyjEZInin2z3VqHqE5UOquhE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f43a06d94a8643f863e607ce1e7e28ca31192278a7db3dd5a87a84e543aaba11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 13:23:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3041
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14304
x-xss-protection: 0
last-modified: Mon, 06 Mar 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Mar 2024 13:23:59 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 4E2A 0
10 B 61ms
60ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?eTGXMA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 14:14:40 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 89AD 0
0 155ms
155ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230313&jk=1929455714171757&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 162ms
161ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230313&jk=1929455714171757&bg=!LC-lL3vNAAZKh9k7aoc7ADkAdvg8WpleWYfraF5zeIUxyRD6Xm7tQawb_kdaTok1UXbQU1nI-pKI1R_GHWVotLtTf8JyW04fa3cCAAAAb1IAAAADaAEHCgAEOmSTWpkCrOqxaH83JT7gC_W7c1CJMFcP10djzQ0fDrY3bwa20dv4O4h90HAr-ajyf-DRa9zqcJhl00FJwM8O8eha_cIIOSm1xSVK5ikwduiYf8Rfq5QDxga17TOpOvU_LAkorytdyqZZU5zjAo-F1HoGOZB8H2ep9mmvg447cqN6KdHRQkSvyMf7V-eklOnGCn8WpTu7sXy3NdNgWpJeuuUJVhWHY9aIpzV7LS4fM48l6S3KNuzxlL8B5ZZCyGHPKuy9rhRFZ2sn6k0HoDO4rIbRAaMLrkOXeHGTgUvEDoKZDxaaQ1Js-pvYuS1kweloRsgaCz5doOT72_CI-e7OWzu6t556CuQ6Vlrwsv-mEH_9ETNNBLnO2vqZK2XgR0NHaWAFoIUDHHeJ4ZW8NAE1oWR_bklJBrcC8mM5G1NpXZsLYNJ_xxbfdHdqD27W_Ecjz3jzzQ-Keg1yHuVT2b8KDJcx0Fo5EkKdbOnrlrgEUQhRJeIa3CjZIF7T7QeCQMagWKkWqGHCiR8onHzH8GcZSTjKfc3hqY1YLYHXsWimSq8OF_Ee8Tirp1vGHZKpJXYUe9nI8mozjcDAJn8A6Xo_-jAEkcJpi-_z-rDeVgzV3yk825DU5DfFfv5c30GJOEQKvlLH_eyVL7YJrkizb9otv-iWOIJOM3ASLfhiiIemaq99dG6dq-kX8xu3IfsKWxz8WzIPjEQs05DtGA9ThlICp-WdbLOOLimfsZV-yVpr9cSS0pdT11zDP2kFubs_UzeglRZ2aAzsNkNCxJjNfIyXxJh4tXtEEf2ky6CrkocIhrNBVu41BhSLRWWoU-OC0iDRMUK7LgmhZ0peYPlV2DCerk5_lModatuk-frkyJVDi472-cp_5sJNPpiFdNpFtJH9jhn4bx0rxNRUUO8h_2IdlJmUvQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://nuevobancogeneral.atsnx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Banco General (Banking)

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
nuevobancogeneral.atsnx.com/	1970-01-20 19:57:29	Name: __test Value: cdff621bd3be9f617ebe7f3305cbdf58
.doubleclick.net/	1970-01-20 10:21:30	Name: test_cookie Value: CheckForPermission
.atsnx.com/	1970-01-20 19:43:05	Name: __gads Value: ID=946a2d89435e35a8-2266d22950dd0024:T=1678889679:RT=1678889679:S=ALNI_MYJ8m-B6m7-ZGxXG5zkGY4ezWWsPQ
.atsnx.com/	1970-01-20 19:43:05	Name: __gpi Value: UID=00000bc6731a41cd:T=1678889679:RT=1678889679:S=ALNI_Mb5TZ-oE4zm-C-ndkZkRjsjGcjSJg

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://nuevobancogeneral.atsnx.com/fonts/bgpIcons/bgp-icons.woff?1599496158914 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://nuevobancogeneral.atsnx.com/fonts/bgpIcons/bgp-icons.ttf?1599496158914 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6325096445581587&output=html&h=280&slotname=9540245809&adk=1425620878&adf=764415998&pi=t.ma~as.9540245809&w=1200&fwrn=4&fwrnh=100&lmt=1676818406&rafmt=1&format=1200x280&url=http%3A%2F%2Fnuevobancogeneral.atsnx.com%2F%3Fi%3D1&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1678889679122&bpp=1&bdt=565&idt=386&shv=r20230313&mjsv=m202303070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1124150279836&frm=20&pv=1&ga_vid=73113304.1678889679&ga_sid=1678889679&ga_hid=400632094&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1208&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44773809%2C44759842%2C44777877%2C31071756%2C31072915%2C31072951&oid=2&pvsid=1929455714171757&tmod=722959280&uas=0&nvt=1&ref=http%3A%2F%2Fnuevobancogeneral.atsnx.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=Ip7idSkUDt&p=http%3A//nuevobancogeneral.atsnx.com&dtd=390 Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.ca
adservice.google.com
ajax.googleapis.com
api.ipify.org
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ipinfo.io
nuevobancogeneral.atsnx.com
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
www.google.com
185.27.134.59
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2004
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:829::2002
2a00:1450:4001:829::200a
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2001
34.117.59.81
64.185.227.155
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
1d344ac4df021fa01683566164dfaca4b6e3b1d2cd5bd2c1e498df5f5346f4d1
20493cf97764255a1ea14cebd30515893eacb5dba4fd3e3cfefb9e6b64e60085
349a27e6ed7d555545740791efa025710f7f8a5d097dac042388694bff67f0cc
50a89cb17ca8397d1a42a03cd89e392f973971c4f7ddf658f4091a8da62dcf7e
50d4f2ea4b1e40df7806056d1e53197fb6a72395602bdc0e9c6a5bcb18ed80d9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58b668040ea1899d0c45dd1d0dd640358914869b28f47e33b0a7f076ddee8263
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
90e80a12a6911489f1dd6a8bf2f3aa63b847bf1e6b7cc973b81ed962a79a92c8
9310b1308aa8694d7af0237c90de23ed41162a9cf8e2242a321d3599c55db42f
a2bdde4db07f8e51434818cd7df3534c772c874658fed1a7c201ad54fddff91d
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
aa89ea4778d1ba29cc33cce3a3c5fedcb6c00ca6438b5903b874622b11732628
afcdd1904f2e11d1eb6d3f8febbac0310e8a2eb20753dd287cec2eaedf5a18ed
b4bee41db2466dcb5295743cd76ab6cdb499e86346fb7a27f4577d7552e4a582
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
d10d2713604ec185d8b863d899aa39507c11a30786e5895d55622dfeb6ba2670
d2701c86a2a31a641520e72121749dbbabeed4b1a59aece20bbf14f9c9de82bc
de61506a191fcbca0e9cca9087eb86a99a8587618b52f90c02a0b09a3a8ec7e6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4fff41e351265a02dfd7ae981d014af9d34e087eb63783d27512129feb4ec6c
eb8a7c1da7ecddf594bad55f9b885ccfc921fbbe392bec5d3d9b81db5db280ce
f43a06d94a8643f863e607ce1e7e28ca31192278a7db3dd5a87a84e543aaba11
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

nuevobancogeneral.atsnx.com Open in urlscan Pro 185.27.134.59 Malicious Activity!

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

32 Requests

78 %HTTPS

75 %IPv6

10 Domains

13 Subdomains

13 IPs

3 Countries

469 kBTransfer

1499 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

32 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

nuevobancogeneral.atsnx.com
185.27.134.59 Malicious Activity!

Screenshot
Live screenshot

Full Image

32
Requests

78 %
HTTPS

75 %
IPv6

10
Domains

13
Subdomains

13
IPs

3
Countries

469 kB
Transfer

1499 kB
Size

4
Cookies

32 HTTP transactions
3 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!