urlscan.io logo urlscan.io
SecurityTrails logo

www.kandazemlak.com Open in urlscan Pro
198.20.110.107  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.kandazemlak.com/id.mobile.de/?3847gtb3w89vb34897gvb3498g348igbnw4987gbuuw4ug3s8gf4344h4
Submission: On August 31 via manual from CA — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 17 HTTP transactions. The main IP is 198.20.110.107, located in North Holland, Netherlands and belongs to SINGLEHOP-LLC, US. The main domain is www.kandazemlak.com.
TLS certificate: Issued by R3 on July 10th 2023. Valid for: 3 months.
This is the only time www.kandazemlak.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 198.20.110.107 32475 (SINGLEHOP...)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
4 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
17 6
1    198.20.110.107 (North Holland, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)
PTR: eu07.tmd.cloud
www.kandazemlak.com
1    2a02:26f0:3500:985::1703 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
id.mobile.de
4    2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
6    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
7 gstatic.com
www.gstatic.com
fonts.gstatic.com
611 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 2
34 KB
1 mobile.de
id.mobile.de — Cisco Umbrella Rank: 391983
9 KB
1 kandazemlak.com
www.kandazemlak.com
5 KB
0 classistatic.de Failed
static.classistatic.de Failed
17 5
Domain Requested by
6 www.gstatic.com www.google.com
www.gstatic.com
4 www.google.com www.kandazemlak.com
www.gstatic.com
www.google.com
1 fonts.gstatic.com www.google.com
1 id.mobile.de www.kandazemlak.com
1 www.kandazemlak.com
0 static.classistatic.de Failed id.mobile.de
17 6

This site contains links to these domains. Also see Links.

Domain
www.mobile.de
id.mobile.de
handel.mobile.de
Subject Issuer Validity Valid
*.kandazemlak.com
R3		 2023-07-10 -
2023-10-08		 3 months crt.sh
www.mobile.de
DigiCert SHA2 Extended Validation Server CA		 2023-07-26 -
2024-03-14		 8 months crt.sh
www.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://www.kandazemlak.com/id.mobile.de/?3847gtb3w89vb34897gvb3498g348igbnw4987gbuuw4ug3s8gf4344h4
Frame ID: 468BCEF75B41ADD32B22DAA350F3F15E
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeYQ-snAAAAAOfZSjXMCstMXeB9PbjWWjJELFjP&co=aHR0cHM6Ly93d3cua2FuZGF6ZW1sYWsuY29tOjQ0Mw..&hl=nl&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=normal&cb=ats915q2vt2
Frame ID: 0DAFF2DCC35B87E04D2D8B917B51346C
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=nl&v=0hCdE87LyjzAkFO5Ff-v7Hj1&k=6LeYQ-snAAAAAOfZSjXMCstMXeB9PbjWWjJELFjP
Frame ID: DFB78F1961C93E5545CFD9841FD5B885
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

mobile.de – Gebrauchtwagen und Neuwagen – Deutschlands größter Fahrzeugmarkt

Detected technologies

Overall confidence: 100%
Detected patterns
  • <div[^>]+class="g-recaptcha"
  • /recaptcha/api\.js

Page Statistics

17
Requests

76 %
HTTPS

80 %
IPv6

5
Domains

6
Subdomains

6
IPs

2
Countries

659 kB
Transfer

1627 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.kandazemlak.com/id.mobile.de/ 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.kandazemlak.com/id.mobile.de/?3847gtb3w89vb34897gvb3498g348igbnw4987gbuuw4ug3s8gf4344h4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.20.110.107 North Holland, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
eu07.tmd.cloud
Software
LiteSpeed / PHP/8.0.30
Resource Hash
fff5e00f19aaf3b182b3dad5cd0eb77c25222fa5d1b747498510228085c4fcf3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
br
content-length
4453
content-type
text/html; charset=UTF-8
date
Thu, 31 Aug 2023 15:18:45 GMT
server
LiteSpeed
x-powered-by
PHP/8.0.30
main.css
id.mobile.de/themes/bravo/dist/css/ 		49 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://id.mobile.de/themes/bravo/dist/css/main.css?v=2
Requested by
Host: www.kandazemlak.com
URL: https://www.kandazemlak.com/id.mobile.de/?3847gtb3w89vb34897gvb3498g348igbnw4987gbuuw4ug3s8gf4344h4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:985::1703 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
9a8a4e477a64223a41ad4f8e4ede3429cf6704fca708398e1ca7d53ebc8243e2
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; default-src 'self' umst.mobile.de h6.online-metrix.net; font-src 'self' https://static.classistatic.de/fonts/gibson-regular-v4.woff2 https://static.classistatic.de/fonts/gibson-regular-v4.woff https://static.classistatic.de/fonts/gibson-bold-v4.woff2 https://static.classistatic.de/fonts/gibson-bold-v4.woff https://static.classistatic.de/fonts/gibson-medium-v4.woff2 https://static.classistatic.de/fonts/gibson-medium-v4.woff https://static.classistatic.de/fonts/gibson-semibold-v4.woff2 https://static.classistatic.de/fonts/gibson-semibold-v4.woff; img-src 'self' https://usage.trackjs.com/usage.gif https://www.google-analytics.com/collect https://umst.mobile.de/fp/ https://h6.online-metrix.net/fp/; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://umst.mobile.de/fp/ https://www.mobile.de/api/consent/static/js/cmpApi.js https://www.mobile.de/api/consent/static/js/cmpApiStub.js https://www.google-analytics.com/analytics.js https://www.google-analytics.com/collect https://www.googletagmanager.com/gtag/js; style-src 'self' 'unsafe-inline' https://www.mobile.de/api/consent/static; connect-src 'self' https://*.mobile.de/ https://capture.trackjs.com/capture https://www.google-analytics.com/j/collect https://*.google-analytics.com/g/collect
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.kandazemlak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
frame-ancestors 'none'; default-src 'self' umst.mobile.de h6.online-metrix.net; font-src 'self' https://static.classistatic.de/fonts/gibson-regular-v4.woff2 https://static.classistatic.de/fonts/gibson-regular-v4.woff https://static.classistatic.de/fonts/gibson-bold-v4.woff2 https://static.classistatic.de/fonts/gibson-bold-v4.woff https://static.classistatic.de/fonts/gibson-medium-v4.woff2 https://static.classistatic.de/fonts/gibson-medium-v4.woff https://static.classistatic.de/fonts/gibson-semibold-v4.woff2 https://static.classistatic.de/fonts/gibson-semibold-v4.woff; img-src 'self' https://usage.trackjs.com/usage.gif https://www.google-analytics.com/collect https://umst.mobile.de/fp/ https://h6.online-metrix.net/fp/; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://umst.mobile.de/fp/ https://www.mobile.de/api/consent/static/js/cmpApi.js https://www.mobile.de/api/consent/static/js/cmpApiStub.js https://www.google-analytics.com/analytics.js https://www.google-analytics.com/collect https://www.googletagmanager.com/gtag/js; style-src 'self' 'unsafe-inline' https://www.mobile.de/api/consent/static; connect-src 'self' https://*.mobile.de/ https://capture.trackjs.com/capture https://www.google-analytics.com/j/collect https://*.google-analytics.com/g/collect
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 31 Aug 2023 15:18:46 GMT
last-modified
Fri, 18 Aug 2023 13:35:38 GMT
strict-transport-security
max-age=15768000
vary
Accept-Encoding
content-type
text/css
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
content-length
8223
x-xss-protection
1; mode=block
api.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: www.kandazemlak.com
URL: https://www.kandazemlak.com/id.mobile.de/?3847gtb3w89vb34897gvb3498g348igbnw4987gbuuw4ug3s8gf4344h4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
de58f98410efc12256242161cdb19cc07d079e1d2770ec3a834568a43fcd533a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.kandazemlak.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:18:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
835
x-xss-protection
1; mode=block
expires
Thu, 31 Aug 2023 15:18:46 GMT
recaptcha__nl.js
www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/ 		452 KB
182 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__nl.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c15b3a9ad444ae6f053a051fcb431df4c1f1213aec1553134f8c717b5ea0363
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kandazemlak.com/
Origin
https://www.kandazemlak.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 15:34:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
517458
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
185927
x-xss-protection
0
last-modified
Mon, 21 Aug 2023 02:02:34 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 24 Aug 2024 15:34:28 GMT
gibson-regular-v4.woff2
static.classistatic.de/fonts/ 		0
0
gibson-semibold-v4.woff2
static.classistatic.de/fonts/ 		0
0
gibson-regular-v4.woff
static.classistatic.de/fonts/ 		0
0
gibson-semibold-v4.woff
static.classistatic.de/fonts/ 		0
0
anchor
www.google.com/recaptcha/api2/ Frame 0DAF 		55 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeYQ-snAAAAAOfZSjXMCstMXeB9PbjWWjJELFjP&co=aHR0cHM6Ly93d3cua2FuZGF6ZW1sYWsuY29tOjQ0Mw..&hl=nl&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=normal&cb=ats915q2vt2
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__nl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
296037e2b92c19af4b4c40dbdb98a952f80aa52ba8f70aa54bddf1bfd0623cb8
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-PAV-khTxNB8Kzd6xQlsGWg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.kandazemlak.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
31705
content-security-policy
script-src 'report-sample' 'nonce-PAV-khTxNB8Kzd6xQlsGWg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 31 Aug 2023 15:18:46 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/ Frame 0DAF 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeYQ-snAAAAAOfZSjXMCstMXeB9PbjWWjJELFjP&co=aHR0cHM6Ly93d3cua2FuZGF6ZW1sYWsuY29tOjQ0Mw..&hl=nl&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=normal&cb=ats915q2vt2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 22:11:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
61646
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 21 Aug 2023 02:02:34 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 29 Aug 2024 22:11:20 GMT
recaptcha__nl.js
www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/ Frame 0DAF 		452 KB
182 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__nl.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeYQ-snAAAAAOfZSjXMCstMXeB9PbjWWjJELFjP&co=aHR0cHM6Ly93d3cua2FuZGF6ZW1sYWsuY29tOjQ0Mw..&hl=nl&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=normal&cb=ats915q2vt2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c15b3a9ad444ae6f053a051fcb431df4c1f1213aec1553134f8c717b5ea0363
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 15:34:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
517458
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
185927
x-xss-protection
0
last-modified
Mon, 21 Aug 2023 02:02:34 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 24 Aug 2024 15:34:28 GMT
truncated
/ Frame 0DAF 		14 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 0DAF 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/png
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 0DAF 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 01:27:29 GMT
x-content-type-options
nosniff
age
136277
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Wed, 06 Sep 2023 01:27:29 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 0DAF 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeYQ-snAAAAAOfZSjXMCstMXeB9PbjWWjJELFjP&co=aHR0cHM6Ly93d3cua2FuZGF6ZW1sYWsuY29tOjQ0Mw..&hl=nl&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=normal&cb=ats915q2vt2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 08:35:58 GMT
x-content-type-options
nosniff
age
456168
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 25 Aug 2024 08:35:58 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 0DAF 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=nl&v=0hCdE87LyjzAkFO5Ff-v7Hj1
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeYQ-snAAAAAOfZSjXMCstMXeB9PbjWWjJELFjP&co=aHR0cHM6Ly93d3cua2FuZGF6ZW1sYWsuY29tOjQ0Mw..&hl=nl&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=normal&cb=ats915q2vt2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
2e7c4e0f258b98a4766d065b490983c23dc884bdff436c7bc6adfa4298957d52
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeYQ-snAAAAAOfZSjXMCstMXeB9PbjWWjJELFjP&co=aHR0cHM6Ly93d3cua2FuZGF6ZW1sYWsuY29tOjQ0Mw..&hl=nl&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=normal&cb=ats915q2vt2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 15:18:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
112
x-xss-protection
1; mode=block
expires
Thu, 31 Aug 2023 15:18:46 GMT
bframe
www.google.com/recaptcha/api2/ Frame DFB7 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=nl&v=0hCdE87LyjzAkFO5Ff-v7Hj1&k=6LeYQ-snAAAAAOfZSjXMCstMXeB9PbjWWjJELFjP
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__nl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b21d024ad8d20a832627347533d4ddb5bfb4f5808c24479c69c0691ad3490359
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-dFjT4T07afHGh0PGAlhNlA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.kandazemlak.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
1159
content-security-policy
script-src 'report-sample' 'nonce-dFjT4T07afHGh0PGAlhNlA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 31 Aug 2023 15:18:46 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/ Frame DFB7 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=nl&v=0hCdE87LyjzAkFO5Ff-v7Hj1&k=6LeYQ-snAAAAAOfZSjXMCstMXeB9PbjWWjJELFjP
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 22:11:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
61646
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 21 Aug 2023 02:02:34 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 29 Aug 2024 22:11:20 GMT
recaptcha__nl.js
www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/ Frame DFB7 		452 KB
182 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__nl.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=nl&v=0hCdE87LyjzAkFO5Ff-v7Hj1&k=6LeYQ-snAAAAAOfZSjXMCstMXeB9PbjWWjJELFjP
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c15b3a9ad444ae6f053a051fcb431df4c1f1213aec1553134f8c717b5ea0363
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 15:34:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
517458
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
185927
x-xss-protection
0
last-modified
Mon, 21 Aug 2023 02:02:34 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 24 Aug 2024 15:34:28 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
static.classistatic.de
URL
https://static.classistatic.de/fonts/gibson-regular-v4.woff2
Domain
static.classistatic.de
URL
https://static.classistatic.de/fonts/gibson-semibold-v4.woff2
Domain
static.classistatic.de
URL
https://static.classistatic.de/fonts/gibson-regular-v4.woff
Domain
static.classistatic.de
URL
https://static.classistatic.de/fonts/gibson-semibold-v4.woff

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| documentPictureInPicture object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| closure_lm_460498

0 Cookies

8 Console Messages

Source Level URL
Text
javascript error URL: https://www.kandazemlak.com/id.mobile.de/?3847gtb3w89vb34897gvb3498g348igbnw4987gbuuw4ug3s8gf4344h4
Message:
Access to font at 'https://static.classistatic.de/fonts/gibson-regular-v4.woff2' from origin 'https://www.kandazemlak.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://static.classistatic.de/fonts/gibson-regular-v4.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.kandazemlak.com/id.mobile.de/?3847gtb3w89vb34897gvb3498g348igbnw4987gbuuw4ug3s8gf4344h4
Message:
Access to font at 'https://static.classistatic.de/fonts/gibson-semibold-v4.woff2' from origin 'https://www.kandazemlak.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://static.classistatic.de/fonts/gibson-semibold-v4.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.kandazemlak.com/id.mobile.de/?3847gtb3w89vb34897gvb3498g348igbnw4987gbuuw4ug3s8gf4344h4
Message:
Access to font at 'https://static.classistatic.de/fonts/gibson-regular-v4.woff' from origin 'https://www.kandazemlak.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://static.classistatic.de/fonts/gibson-regular-v4.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.kandazemlak.com/id.mobile.de/?3847gtb3w89vb34897gvb3498g348igbnw4987gbuuw4ug3s8gf4344h4
Message:
Access to font at 'https://static.classistatic.de/fonts/gibson-semibold-v4.woff' from origin 'https://www.kandazemlak.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://static.classistatic.de/fonts/gibson-semibold-v4.woff
Message:
Failed to load resource: net::ERR_FAILED