urlscan.io logo urlscan.io
SecurityTrails logo

www.kandutamig.com Open in urlscan Pro
34.95.65.225  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://rebrand.ly/privatprofilkontaktoch-fotoalbum
Effective URL: https://www.kandutamig.com/landing59?pi=101884&pt1=252378501&pe=
Submission: On June 17 via manual from SE — Scanned from SE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 3 countries across 14 domains to perform 38 HTTP transactions. The main IP is 34.95.65.225, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is www.kandutamig.com.
TLS certificate: Issued by GTS CA 1D4 on May 5th 2022. Valid for: 3 months.
This is the only time www.kandutamig.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 52.71.250.191 14618 (AMAZON-AES)
1 1 192.64.119.97 22612 (NAMECHEAP...)
1 1 146.59.135.10 16276 (OVH)
1 1 52.44.165.207 14618 (AMAZON-AES)
8 34.95.65.225 396982 (GOOGLE-CL...)
4 142.250.181.228 15169 (GOOGLE)
4 172.217.16.131 15169 (GOOGLE)
10 35.195.163.35 396982 (GOOGLE-CL...)
1 35.227.234.99 15169 (GOOGLE)
3 142.250.185.238 15169 (GOOGLE)
2 35.227.221.175 15169 (GOOGLE)
1 216.239.36.54 15169 (GOOGLE)
2 142.251.5.154 15169 (GOOGLE)
1 142.250.179.195 15169 (GOOGLE)
2 142.250.186.67 15169 (GOOGLE)
38 11
1    52.71.250.191 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-250-191.compute-1.amazonaws.com
rebrand.ly
1    192.64.119.97 (United States)

ASN22612 (NAMECHEAP-NET, US)
newse3.socialvsonline.bond
1    146.59.135.10 (France)

ASN16276 (OVH, FR)
PTR: ip10.ip-146-59-135.eu
offers.cristalswipe.com
1    52.44.165.207 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-165-207.compute-1.amazonaws.com
youcantrackthis.com
8    34.95.65.225 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 225.65.95.34.bc.googleusercontent.com
www.kandutamig.com
4    142.250.181.228 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f4.1e100.net
www.google.com
4    172.217.16.131 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f131.1e100.net
www.gstatic.com
10    35.195.163.35 (Brussels, Belgium)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 35.163.195.35.bc.googleusercontent.com
samlasamtycke.com
api.samlasamtycke.com
1    35.227.234.99 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 99.234.227.35.bc.googleusercontent.com
landers.cdnware.io
3    142.250.185.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f14.1e100.net
www.google-analytics.com
2    35.227.221.175 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 175.221.227.35.bc.googleusercontent.com
static.dating
1    216.239.36.54 (United States)

ASN15169 (GOOGLE, US)
europe-west2-harlem-next.cloudfunctions.net
2    142.251.5.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wg-in-f154.1e100.net
stats.g.doubleclick.net
1    142.250.179.195 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s42-in-f3.1e100.net
www.google.se
2    142.250.186.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f3.1e100.net
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
10 samlasamtycke.com
samlasamtycke.com — Cisco Umbrella Rank: 852088
api.samlasamtycke.com
24 KB
8 kandutamig.com
www.kandutamig.com
215 KB
6 gstatic.com
www.gstatic.com
fonts.gstatic.com
344 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 9
23 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 60
20 KB
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 125
513 B
2 static.dating
static.dating — Cisco Umbrella Rank: 249779
355 KB
1 google.se
www.google.se — Cisco Umbrella Rank: 19365
501 B
1 cloudfunctions.net
europe-west2-harlem-next.cloudfunctions.net
495 B
1 cdnware.io
landers.cdnware.io — Cisco Umbrella Rank: 264393
105 KB
1 youcantrackthis.com
youcantrackthis.com
760 B
1 cristalswipe.com
offers.cristalswipe.com
210 B
1 socialvsonline.bond
newse3.socialvsonline.bond
294 B
1 rebrand.ly
rebrand.ly — Cisco Umbrella Rank: 71134
294 B
38 14
Domain Requested by
8 api.samlasamtycke.com samlasamtycke.com
8 www.kandutamig.com www.kandutamig.com
4 www.gstatic.com www.google.com
www.gstatic.com
4 www.google.com www.kandutamig.com
www.gstatic.com
www.google.com
3 www.google-analytics.com www.kandutamig.com
www.google-analytics.com
2 fonts.gstatic.com www.google.com
2 stats.g.doubleclick.net www.google-analytics.com
2 static.dating www.kandutamig.com
2 samlasamtycke.com www.kandutamig.com
samlasamtycke.com
1 www.google.se www.kandutamig.com
1 europe-west2-harlem-next.cloudfunctions.net www.kandutamig.com
1 landers.cdnware.io www.kandutamig.com
1 youcantrackthis.com 1 redirects
1 offers.cristalswipe.com 1 redirects
1 newse3.socialvsonline.bond 1 redirects
1 rebrand.ly 1 redirects
38 16

This site contains no links.

Subject Issuer Validity Valid
kandutamig.com
GTS CA 1D4		 2022-05-05 -
2022-08-03		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-05-30 -
2022-08-22		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
samlasamtycke.com
R3		 2022-05-08 -
2022-08-06		 3 months crt.sh
landers.cdnware.io
GTS CA 1D4		 2022-05-24 -
2022-08-22		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
static.dating
GTS CA 1D4		 2022-05-14 -
2022-08-12		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-05-30 -
2022-08-22		 3 months crt.sh
misc.google.com
GTS CA 1C3		 2022-05-30 -
2022-08-22		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-05-30 -
2022-08-22		 3 months crt.sh
*.google.se
GTS CA 1C3		 2022-05-30 -
2022-08-22		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.kandutamig.com/landing59?pi=101884&pt1=252378501&pe=
Frame ID: ED6D3880625B7145952B1E3685B84B52
Requests: 27 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s&co=aHR0cHM6Ly93d3cua2FuZHV0YW1pZy5jb206NDQz&hl=en&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=1hiv3ko8fscx
Frame ID: A155995CC9DEE7209631602754E373F5
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

kandutamig.com

Page URL History Show full URLs

  1. https://rebrand.ly/privatprofilkontaktoch-fotoalbum HTTP 301
    http://newse3.socialvsonline.bond/ HTTP 302
    https://offers.cristalswipe.com/?offer=4&uid=8b7c14a1-56d7-43f7-a603-3dfe45d83dfa&lp=12 HTTP 302
    https://youcantrackthis.com/?a=101884&c=121828&s2=CSP449109a4b87180d72dc6c05225590f6d HTTP 302
    https://www.kandutamig.com/landing59?pi=101884&pt1=252378501&pe= Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

38
Requests

100 %
HTTPS

0 %
IPv6

14
Domains

16
Subdomains

11
IPs

3
Countries

1086 kB
Transfer

1919 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://rebrand.ly/privatprofilkontaktoch-fotoalbum HTTP 301
    http://newse3.socialvsonline.bond/ HTTP 302
    https://offers.cristalswipe.com/?offer=4&uid=8b7c14a1-56d7-43f7-a603-3dfe45d83dfa&lp=12 HTTP 302
    https://youcantrackthis.com/?a=101884&c=121828&s2=CSP449109a4b87180d72dc6c05225590f6d HTTP 302
    https://www.kandutamig.com/landing59?pi=101884&pt1=252378501&pe= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

38 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request landing59
www.kandutamig.com/
Redirect Chain
  • https://rebrand.ly/privatprofilkontaktoch-fotoalbum
  • http://newse3.socialvsonline.bond/
  • https://offers.cristalswipe.com/?offer=4&uid=8b7c14a1-56d7-43f7-a603-3dfe45d83dfa&lp=12
  • https://youcantrackthis.com/?a=101884&c=121828&s2=CSP449109a4b87180d72dc6c05225590f6d
  • https://www.kandutamig.com/landing59?pi=101884&pt1=252378501&pe=
14 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.kandutamig.com/landing59?pi=101884&pt1=252378501&pe=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.65.225 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
225.65.95.34.bc.googleusercontent.com
Software
nginx/1.14.2 / PHP/7.2.34
Resource Hash
eedacd8849adc6bed3c547b61a2da3d9cee62ef3d7ded77a7fcb10c671208142

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
max-age=300
content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Fri, 17 Jun 2022 06:03:07 GMT
server
nginx/1.14.2
vary
Accept-Encoding
via
1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google
x-cache
MISS
x-cacheable
YES
x-host
kandutamig.com
x-powered-by
PHP/7.2.34
x-varnish
7405903
xkey
lander

Redirect headers

Cache-Control
private
Connection
close
Content-Length
189
Content-Type
text/html; charset=utf-8
Date
Fri, 17 Jun 2022 06:03:06 GMT
Location
https://www.kandutamig.com/landing59?pi=101884&pt1=252378501&pe=
P3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
landing059.css
www.kandutamig.com/landers/css/ 		19 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.kandutamig.com/landers/css/landing059.css
Requested by
Host: www.kandutamig.com
URL: https://www.kandutamig.com/landing59?pi=101884&pt1=252378501&pe=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.65.225 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
225.65.95.34.bc.googleusercontent.com
Software
nginx/1.14.2 / PHP/7.2.34
Resource Hash
dbcd8ad7f1b14b6287ff0deb5bae94d7ee802eae3e45c415b1a2ea9d172def86

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://www.kandutamig.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 05:48:06 GMT
content-encoding
gzip
x-cacheable
YES
xkey
lander
age
0
x-powered-by
PHP/7.2.34
x-cache
HIT
x-host
kandutamig.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
server
nginx/1.14.2
vary
Accept-Encoding
x-varnish
7411130 6712809
via
1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google
cache-control
max-age=300
accept-ranges
bytes
content-type
text/css;charset=UTF-8
pornhub.css
www.kandutamig.com/landers/css/theme/ 		14 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.kandutamig.com/landers/css/theme/pornhub.css
Requested by
Host: www.kandutamig.com
URL: https://www.kandutamig.com/landing59?pi=101884&pt1=252378501&pe=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.65.225 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
225.65.95.34.bc.googleusercontent.com
Software
nginx/1.14.2 / PHP/7.2.34
Resource Hash
681991e0c2a506f5440cacd875e188b38759176e0f801e35121fb1219d8ec70b

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://www.kandutamig.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 03:42:12 GMT
content-encoding
gzip
x-cacheable
YES
xkey
lander
age
0
x-powered-by
PHP/7.2.34
x-cache
HIT
x-host
kandutamig.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
server
nginx/1.14.2
vary
Accept-Encoding
x-varnish
7284145 6927339
via
1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google
cache-control
max-age=300
accept-ranges
bytes
content-type
text/css;charset=UTF-8
fontawesome-all.min.css
www.kandutamig.com/landers/css/ 		50 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.kandutamig.com/landers/css/fontawesome-all.min.css
Requested by
Host: www.kandutamig.com
URL: https://www.kandutamig.com/landing59?pi=101884&pt1=252378501&pe=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.65.225 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
225.65.95.34.bc.googleusercontent.com
Software
nginx/1.14.2 /
Resource Hash
5986f251d278ae72106ef1d7302798a2e14f69a4d35b80087b9e61905a15e75e

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://www.kandutamig.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 03:23:44 GMT
content-encoding
gzip
x-cacheable
YES
xkey
lander
age
0
x-cache
HIT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified
Thu, 16 Jun 2022 09:02:05 GMT
server
nginx/1.14.2
etag
W/"62aaf18d-c970"
vary
Accept-Encoding
x-varnish
6990586 6632239
via
1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google
cache-control
max-age=300
accept-ranges
bytes
content-type
text/css
enterprise.js
www.google.com/recaptcha/ 		974 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/enterprise.js?render=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s
Requested by
Host: www.kandutamig.com
URL: https://www.kandutamig.com/landing59?pi=101884&pt1=252378501&pe=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f4.1e100.net
Software
GSE /
Resource Hash
aab0960b3005ebe4fb66e486c4fc31393c0a0469963999eee45d06b57841b403
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://www.kandutamig.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 06:03:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
614
x-xss-protection
1; mode=block
expires
Fri, 17 Jun 2022 06:03:07 GMT
loading.gif
www.kandutamig.com/landers/images/loader/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kandutamig.com/landers/images/loader/loading.gif
Requested by
Host: www.kandutamig.com
URL: https://www.kandutamig.com/landing59?pi=101884&pt1=252378501&pe=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.95.65.225 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
225.65.95.34.bc.googleusercontent.com
Software
nginx/1.14.2 /
Resource Hash
06f91f1bc360e7c486515b416a564445652e40585f94f2d089239b981d6421f6

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://www.kandutamig.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 03:44:39 GMT
via
1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google
last-modified
Thu, 16 Jun 2022 09:02:06 GMT
xkey
lander
age
0
etag
"62aaf18e-b4c"
x-cacheable
YES
x-cache
HIT
content-type
image/gif
cache-control
max-age=300
x-varnish
29364774 28619159
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2892
server
nginx/1.14.2
vendor.js
www.kandutamig.com/landers/js/ 		121 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.kandutamig.com/landers/js/vendor.js
Requested by
Host: www.kandutamig.com
URL: https://www.kandutamig.com/landing59?pi=101884&pt1=252378501&pe=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.95.65.225 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
225.65.95.34.bc.googleusercontent.com
Software
nginx/1.14.2 /
Resource Hash
e84a359489af183030fecab346d1174cf98518b310853a12d008c461f813cf63

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://www.kandutamig.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 12:27:36 GMT
content-encoding
gzip
x-cacheable
YES
xkey
lander
age
0
x-cache
HIT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified
Thu, 16 Jun 2022 09:02:15 GMT
server
nginx/1.14.2
etag
W/"62aaf197-1e2ae"
vary
Accept-Encoding
x-varnish
29237797 25656466
via
1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google
cache-control
max-age=300
accept-ranges
bytes
content-type
application/javascript
recaptcha__en.js
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ 		362 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?render=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f131.1e100.net
Software
sffe /
Resource Hash
7394cc0158bd83bdfd6c63cebb7fb96a873394f273c873f3cdbddf1f2a43e436
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kandutamig.com/
Origin
https://www.kandutamig.com
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 01:40:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15745
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
146545
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 04:02:51 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 17 Jun 2023 01:40:42 GMT
cc.js
samlasamtycke.com/ 		117 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://samlasamtycke.com/cc.js?wId=60C8gmIdQQILLgLy5nswO4&domain=kandutamig.com&languageCode=sv&languageTerritory=SE&sessionId=a52e564053494110a2b93dcf11b03985
Requested by
Host: www.kandutamig.com
URL: https://www.kandutamig.com/landing59?pi=101884&pt1=252378501&pe=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.195.163.35 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
35.163.195.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ba563ba1c7c155edec1f7b6209207f59f0db2d87935e897c478df4e5d0cf7815
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://www.kandutamig.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 06:03:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx/1.10.3 (Ubuntu)
strict-transport-security
max-age=63072000;
content-type
application/javascript
vary
Accept-Encoding
content-length
14064
landing059.js
www.kandutamig.com/landers/js/ 		60 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.kandutamig.com/landers/js/landing059.js
Requested by
Host: www.kandutamig.com
URL: https://www.kandutamig.com/landing59?pi=101884&pt1=252378501&pe=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.95.65.225 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
225.65.95.34.bc.googleusercontent.com
Software
nginx/1.14.2 /
Resource Hash
f161aff769830d431404f3a40bb9c2b7a532055cd85341a707383ea8f629152f

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://www.kandutamig.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 06:03:07 GMT
content-encoding
gzip
x-cacheable
YES
xkey
lander
age
0
x-cache
MISS
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified
Thu, 16 Jun 2022 09:02:15 GMT
server
nginx/1.14.2
etag
W/"62aaf197-f1b1"
vary
Accept-Encoding
x-varnish
7411133
via
1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google
cache-control
max-age=300
accept-ranges
bytes
content-type
application/javascript
media-registry.js
landers.cdnware.io/ 		104 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://landers.cdnware.io/media-registry.js
Requested by
Host: www.kandutamig.com
URL: https://www.kandutamig.com/landing59?pi=101884&pt1=252378501&pe=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.234.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
99.234.227.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
a588d4ff79ad5f0a877e6efe9a2265755ab4c7e3a7136bd7d5e081da98673b3c

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://www.kandutamig.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 05:11:33 GMT
age
3094
x-guploader-uploadid
ADPycduvy_CHBE_35PDlHGW59PLDxW_vi3Xq4XVoOwAfgpTqOrTG3SIkNMa_088mKlFFekZgclng4IzsNpaz__K0DzVXUluCbJn_
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106476
last-modified
Thu, 16 Jun 2022 09:03:32 GMT
server
UploadServer
etag
"bcf1bb3487a9ec8d5299bc759bb2b434"
x-goog-hash
crc32c=w577EA==, md5=vPG7NIep7I1Smbx1m7K0NA==
x-goog-generation
1655370212321796
cache-control
public, max-age=3600
x-goog-stored-content-length
106476
accept-ranges
bytes
content-type
application/javascript
expires
Fri, 17 Jun 2022 06:11:33 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.kandutamig.com
URL: https://www.kandutamig.com/landers/js/landing059.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://www.kandutamig.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
4440
date
Fri, 17 Jun 2022 04:49:07 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 17 Jun 2022 06:49:07 GMT
sv-se2.json
static.dating/lander/translations/ 		177 KB
178 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.dating/lander/translations/sv-se2.json
Requested by
Host: www.kandutamig.com
URL: https://www.kandutamig.com/landers/js/vendor.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.221.175 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
175.221.227.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
25ae41c2a7c1461359918b3c05176a2f40d0d579d524973499c51a2c1cc8e395

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.kandutamig.com/
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 05:04:23 GMT
age
3524
x-guploader-uploadid
ADPycdvDxGYegCUTSfwPPrwmqMhkOQqvxCn2eEUnBG-1Gw-AZdO31fC6CbsFj12laXJ4xDv6CV6uMGmIpWlhDaQJIEpFoqAykTmV
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
181270
last-modified
Wed, 15 Jun 2022 16:04:12 GMT
server
UploadServer
etag
"c4b4b078d7314480116e361ac585fe69"
x-goog-hash
crc32c=ByOErQ==, md5=xLSweNcxRIARbjYaxYX+aQ==
x-goog-generation
1655309052386971
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600
x-goog-stored-content-length
181270
accept-ranges
bytes
content-type
application/octet-stream
expires
Fri, 17 Jun 2022 06:04:23 GMT
anchor
www.google.com/recaptcha/enterprise/ Frame A155 		41 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s&co=aHR0cHM6Ly93d3cua2FuZHV0YW1pZy5jb206NDQz&hl=en&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=1hiv3ko8fscx
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f4.1e100.net
Software
GSE /
Resource Hash
3fbe44de1601e2c8c66a4631efb8914858dbf75ee5a128de04c92b94a03f3142
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-9deU3M2jJPcU74OrwAgxUw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.kandutamig.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
21819
content-security-policy
script-src 'report-sample' 'nonce-9deU3M2jJPcU74OrwAgxUw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 17 Jun 2022 06:03:07 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
geolocation
europe-west2-harlem-next.cloudfunctions.net/ 		115 B
495 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://europe-west2-harlem-next.cloudfunctions.net/geolocation
Requested by
Host: www.kandutamig.com
URL: https://www.kandutamig.com/landers/js/vendor.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.36.54 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash
bded1629c9ac0e8b4f544d414375444388b902758aefc1fd5e292810d217e58f

Request headers

Accept
*/*
Referer
https://www.kandutamig.com/
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 06:03:07 GMT
content-encoding
gzip
server
Google Frontend
x-powered-by
Express
etag
W/"73-/3oN08SssLjw28p4rAs3xRp9sBM"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.kandutamig.com
x-cloud-trace-context
a25e26c42bed1f84e8163307e44f6932
cache-control
private
function-execution-id
eupy0htlo0pr
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
106
set09_01.jpg
www.kandutamig.com/landers/images/landing059/milf/default/ 		133 KB
134 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kandutamig.com/landers/images/landing059/milf/default/set09_01.jpg?geo=se
Requested by
Host: www.kandutamig.com
URL: https://www.kandutamig.com/landing59?pi=101884&pt1=252378501&pe=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.95.65.225 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
225.65.95.34.bc.googleusercontent.com
Software
nginx/1.14.2 /
Resource Hash
c0c750b9342b8668c177f1e593e2a3182086376ad6add8ad1710ed1712d3977f

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://www.kandutamig.com/landing59?pi=101884&pt1=252378501&pe=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 05:48:06 GMT
via
1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google
last-modified
Thu, 16 Jun 2022 09:02:06 GMT
xkey
lander
age
0
etag
"62aaf18e-215c6"
x-cacheable
YES
x-cache
HIT
content-type
image/jpeg
cache-control
max-age=300
x-varnish
7411139 7312828
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
136646
server
nginx/1.14.2
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=11493769&t=pageview&_s=1&dl=https%3A%2F%2Fwww.kandutamig.com%2Flanding59%3Fpi%3D101884%26pt1%3D252378501%26pe%3D&ul=en-us&de=UTF-8&dt=kandutamig.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=875338438&gjid=1868759479&cid=301496671.1655445788&tid=UA-132064855-2&_gid=1441884358.1655445788&_r=1&_slc=1&z=252757416
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.kandutamig.com/
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 17 Jun 2022 06:03:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.kandutamig.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=11493769&t=pageview&_s=1&dl=https%3A%2F%2Fwww.kandutamig.com%2Flanding59%3Fpi%3D101884%26pt1%3D252378501%26pe%3D&ul=en-us&de=UTF-8&dt=kandutamig.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEDAAEABAAAAAC~&jid=1115684314&gjid=449502309&cid=301496671.1655445788&tid=UA-132064855-5&_gid=1441884358.1655445788&_r=1&_slc=1&z=767932695
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.kandutamig.com/
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 17 Jun 2022 06:03:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.kandutamig.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
sv-se2.json
static.dating/lander/translations/ 		177 KB
177 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.dating/lander/translations/sv-se2.json
Requested by
Host: www.kandutamig.com
URL: https://www.kandutamig.com/landers/js/vendor.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.221.175 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
175.221.227.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
25ae41c2a7c1461359918b3c05176a2f40d0d579d524973499c51a2c1cc8e395

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.kandutamig.com/
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 05:59:08 GMT
age
239
x-guploader-uploadid
ADPycds7prYSd9S8Aqr59lnfz8XZ3na-9-SDI6U2SlaGR5tpORnKGraCqlbj7-U7yGkvzw2Wq1BUmfucnWnzozIRvFrO6A
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
181270
last-modified
Wed, 15 Jun 2022 16:04:12 GMT
server
UploadServer
etag
"c4b4b078d7314480116e361ac585fe69"
x-goog-hash
crc32c=ByOErQ==, md5=xLSweNcxRIARbjYaxYX+aQ==
x-goog-generation
1655309052386971
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600
x-goog-stored-content-length
181270
accept-ranges
bytes
content-type
application/octet-stream
expires
Fri, 17 Jun 2022 06:59:08 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame A155 		51 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s&co=aHR0cHM6Ly93d3cua2FuZHV0YW1pZy5jb206NDQz&hl=en&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=1hiv3ko8fscx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f131.1e100.net
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Mon, 13 Jun 2022 16:07:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
309335
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 04:02:51 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 13 Jun 2023 16:07:33 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame A155 		362 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s&co=aHR0cHM6Ly93d3cua2FuZHV0YW1pZy5jb206NDQz&hl=en&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=1hiv3ko8fscx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f131.1e100.net
Software
sffe /
Resource Hash
7394cc0158bd83bdfd6c63cebb7fb96a873394f273c873f3cdbddf1f2a43e436
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 01:40:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15746
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
146545
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 04:02:51 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 17 Jun 2023 01:40:42 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
441 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-132064855-2&cid=301496671.1655445788&jid=875338438&gjid=1868759479&_gid=1441884358.1655445788&_u=IEBAAEAAAAAAAC~&z=1158177852
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.5.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wg-in-f154.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.kandutamig.com/
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 17 Jun 2022 06:03:08 GMT
content-type
text/plain
access-control-allow-origin
https://www.kandutamig.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
72 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-132064855-5&cid=301496671.1655445788&jid=1115684314&gjid=449502309&_gid=1441884358.1655445788&_u=IEDAAEABAAAAAC~&z=1835521387
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.5.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wg-in-f154.1e100.net
Software
Golfe2 /
Resource Hash
08f3d7de7aea50ee4f77098ffd4ecce4d803a35b21285f45e6b72e3a497d7122
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.kandutamig.com/
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 17 Jun 2022 06:03:08 GMT
content-type
text/plain
access-control-allow-origin
https://www.kandutamig.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-132064855-5&cid=301496671.1655445788&jid=1115684314&_u=IEDAAEABAAAAAC~&z=1835995189
Requested by
Host: www.kandutamig.com
URL: https://www.kandutamig.com/landing59?pi=101884&pt1=252378501&pe=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://www.kandutamig.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Jun 2022 06:03:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.se/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.se/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-132064855-5&cid=301496671.1655445788&jid=1115684314&_u=IEDAAEABAAAAAC~&z=1835995189
Requested by
Host: www.kandutamig.com
URL: https://www.kandutamig.com/landing59?pi=101884&pt1=252378501&pe=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.179.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s42-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://www.kandutamig.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Jun 2022 06:03:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame A155 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f131.1e100.net
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 19:40:09 GMT
x-content-type-options
nosniff
age
37379
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Thu, 23 Jun 2022 19:40:09 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A155 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s&co=aHR0cHM6Ly93d3cua2FuZHV0YW1pZy5jb206NDQz&hl=en&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=1hiv3ko8fscx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 17:06:41 GMT
x-content-type-options
nosniff
age
219387
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 14 Jun 2023 17:06:41 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A155 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s&co=aHR0cHM6Ly93d3cua2FuZHV0YW1pZy5jb206NDQz&hl=en&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=1hiv3ko8fscx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 08:48:37 GMT
x-content-type-options
nosniff
age
249271
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 Jun 2023 08:48:37 GMT
webworker.js
www.google.com/recaptcha/enterprise/ Frame A155 		102 B
132 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/enterprise/webworker.js?hl=en&v=4rwLQsl5N_ccppoTAwwwMrEN
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s&co=aHR0cHM6Ly93d3cua2FuZHV0YW1pZy5jb206NDQz&hl=en&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=1hiv3ko8fscx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f4.1e100.net
Software
GSE /
Resource Hash
345a8c055a29d5418818ddef9e55c9f8017a3c0a7578849e889658e0f015abc4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s&co=aHR0cHM6Ly93d3cua2FuZHV0YW1pZy5jb206NDQz&hl=en&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=1hiv3ko8fscx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 06:03:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
110
x-xss-protection
1; mode=block
expires
Fri, 17 Jun 2022 06:03:08 GMT
cc.css
samlasamtycke.com/ 		24 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://samlasamtycke.com/cc.css
Requested by
Host: samlasamtycke.com
URL: https://samlasamtycke.com/cc.js?wId=60C8gmIdQQILLgLy5nswO4&domain=kandutamig.com&languageCode=sv&languageTerritory=SE&sessionId=a52e564053494110a2b93dcf11b03985
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.195.163.35 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
35.163.195.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
9ec88cf72960048a40791a943e5dee85f910c00e9a3732339888b075de11bc34
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;
X-Content-Type-Options nosniff

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://www.kandutamig.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 06:03:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 15 Oct 2020 08:07:25 GMT
server
nginx/1.10.3 (Ubuntu)
etag
"6073-5b1b123761e40-gzip"
vary
Accept-Encoding
content-type
text/css
strict-transport-security
max-age=63072000;
accept-ranges
bytes
content-length
3892
collector
api.samlasamtycke.com/consent/ 		4 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.samlasamtycke.com/consent/collector
Requested by
Host: samlasamtycke.com
URL: https://samlasamtycke.com/cc.js?wId=60C8gmIdQQILLgLy5nswO4&domain=kandutamig.com&languageCode=sv&languageTerritory=SE&sessionId=a52e564053494110a2b93dcf11b03985
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.195.163.35 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
35.163.195.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
bc058cb66cea15f610cb39e8d642d3e340e4e3cc78b6fe6d597176494ddea69e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;
X-Content-Type-Options nosniff

Request headers

Referer
https://www.kandutamig.com/
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 17 Jun 2022 06:03:08 GMT
x-content-type-options
nosniff
server
nginx/1.10.3 (Ubuntu)
strict-transport-security
max-age=63072000;
content-type
application/vnd.api+json
access-control-allow-origin
https://www.kandutamig.com
access-control-allow-credentials
true
content-length
4414
collector
api.samlasamtycke.com/consent/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.samlasamtycke.com/consent/collector
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.195.163.35 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
35.163.195.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.kandutamig.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.kandutamig.com
content-length
0
content-type
application/vnd.api+json
date
Fri, 17 Jun 2022 06:03:08 GMT
server
nginx/1.10.3 (Ubuntu)
strict-transport-security
max-age=63072000;
x-content-type-options
nosniff
loadSegment
api.samlasamtycke.com/consent/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.samlasamtycke.com/consent/loadSegment
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.195.163.35 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
35.163.195.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.kandutamig.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.kandutamig.com
content-length
0
content-type
application/vnd.api+json
date
Fri, 17 Jun 2022 06:03:08 GMT
server
nginx/1.10.3 (Ubuntu)
strict-transport-security
max-age=63072000;
x-content-type-options
nosniff
loadSegment
api.samlasamtycke.com/consent/ 		352 B
565 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.samlasamtycke.com/consent/loadSegment
Requested by
Host: samlasamtycke.com
URL: https://samlasamtycke.com/cc.js?wId=60C8gmIdQQILLgLy5nswO4&domain=kandutamig.com&languageCode=sv&languageTerritory=SE&sessionId=a52e564053494110a2b93dcf11b03985
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.195.163.35 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
35.163.195.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
041eb7a2e3f9a579e52443d9ba7e01fa26c7b6f54e7684823438bd51c38362a7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;
X-Content-Type-Options nosniff

Request headers

Referer
https://www.kandutamig.com/
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 17 Jun 2022 06:03:08 GMT
x-content-type-options
nosniff
server
nginx/1.10.3 (Ubuntu)
strict-transport-security
max-age=63072000;
content-type
application/vnd.api+json
access-control-allow-origin
https://www.kandutamig.com
access-control-allow-credentials
true
content-length
352
confirmExplicit
api.samlasamtycke.com/consent/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.samlasamtycke.com/consent/confirmExplicit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.195.163.35 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
35.163.195.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.kandutamig.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.kandutamig.com
content-length
0
content-type
application/vnd.api+json
date
Fri, 17 Jun 2022 06:03:08 GMT
server
nginx/1.10.3 (Ubuntu)
strict-transport-security
max-age=63072000;
x-content-type-options
nosniff
confirmExplicit
api.samlasamtycke.com/consent/ 		0
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.samlasamtycke.com/consent/confirmExplicit
Requested by
Host: samlasamtycke.com
URL: https://samlasamtycke.com/cc.js?wId=60C8gmIdQQILLgLy5nswO4&domain=kandutamig.com&languageCode=sv&languageTerritory=SE&sessionId=a52e564053494110a2b93dcf11b03985
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.195.163.35 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
35.163.195.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;
X-Content-Type-Options nosniff

Request headers

Referer
https://www.kandutamig.com/
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 17 Jun 2022 06:03:09 GMT
x-content-type-options
nosniff
server
nginx/1.10.3 (Ubuntu)
strict-transport-security
max-age=63072000;
content-type
application/vnd.api+json
access-control-allow-origin
https://www.kandutamig.com
access-control-allow-credentials
true
content-length
0
loadSegment
api.samlasamtycke.com/consent/ 		290 B
503 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.samlasamtycke.com/consent/loadSegment
Requested by
Host: samlasamtycke.com
URL: https://samlasamtycke.com/cc.js?wId=60C8gmIdQQILLgLy5nswO4&domain=kandutamig.com&languageCode=sv&languageTerritory=SE&sessionId=a52e564053494110a2b93dcf11b03985
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.195.163.35 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
35.163.195.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
6c642e14be80dd8d1632e6d9110f2346a9aea6790c0662f667f408a3b69ae19d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;
X-Content-Type-Options nosniff

Request headers

Referer
https://www.kandutamig.com/
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 17 Jun 2022 06:03:09 GMT
x-content-type-options
nosniff
server
nginx/1.10.3 (Ubuntu)
strict-transport-security
max-age=63072000;
content-type
application/vnd.api+json
access-control-allow-origin
https://www.kandutamig.com
access-control-allow-credentials
true
content-length
290
loadSegment
api.samlasamtycke.com/consent/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.samlasamtycke.com/consent/loadSegment
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.195.163.35 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
35.163.195.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.kandutamig.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.kandutamig.com
content-length
0
content-type
application/vnd.api+json
date
Fri, 17 Jun 2022 06:03:08 GMT
server
nginx/1.10.3 (Ubuntu)
strict-transport-security
max-age=63072000;
x-content-type-options
nosniff

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation object| bootstrap object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| Lander function| $ function| jQuery function| url object| setRegister object| isMobile object| getUrl string| GoogleAnalyticsObject function| ga object| setInit object| setFmMapper object| setPhoenixMapper object| setMapper object| setApi object| geoDataService object| setImage object| setEmailPassing object| setAgeSearch object| setBirthDate object| setCity object| setConditions object| setEmail object| setGender object| setLength object| setPassword object| setRegion object| setUsername function| startLander object| mediaRegistry object| recaptcha object| closure_lm_262038 object| CollectConsent object| dataLayer object| google_tag_data object| gaplugins object| gaGlobal object| gaData

8 Cookies

Domain/Path Name / Value
offers.cristalswipe.com/ Name: CSP-offer4
Value: 1
.youcantrackthis.com/ Name: sid
Value: CR1qP11Ln4IZhmSTwl2kppjjWIeJX/8QkjbtdGXV8JZ0RirAw07qjA==
.youcantrackthis.com/ Name: trk
Value: v5JGtxt/FDwMQLpmS2qDupjjWIeJX/8QkjbtdGXV8JZ0RirAw07qjA==
.youcantrackthis.com/ Name: c112670
Value: CR1qP11Ln4KlCG0bf/b3Hwwapj8Zl6x4lE12j1Z0kM0bS/i/8GwtWg==
.kandutamig.com/ Name: _ga
Value: GA1.2.301496671.1655445788
.kandutamig.com/ Name: _gid
Value: GA1.2.1441884358.1655445788
.kandutamig.com/ Name: _gat_a
Value: 1
.kandutamig.com/ Name: _gat_b
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.samlasamtycke.com
europe-west2-harlem-next.cloudfunctions.net
fonts.gstatic.com
landers.cdnware.io
newse3.socialvsonline.bond
offers.cristalswipe.com
rebrand.ly
samlasamtycke.com
static.dating
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.se
www.gstatic.com
www.kandutamig.com
youcantrackthis.com
142.250.179.195
142.250.181.228
142.250.185.238
142.250.186.67
142.251.5.154
146.59.135.10
172.217.16.131
192.64.119.97
216.239.36.54
34.95.65.225
35.195.163.35
35.227.221.175
35.227.234.99
52.44.165.207
52.71.250.191
041eb7a2e3f9a579e52443d9ba7e01fa26c7b6f54e7684823438bd51c38362a7
06f91f1bc360e7c486515b416a564445652e40585f94f2d089239b981d6421f6
08f3d7de7aea50ee4f77098ffd4ecce4d803a35b21285f45e6b72e3a497d7122
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
25ae41c2a7c1461359918b3c05176a2f40d0d579d524973499c51a2c1cc8e395
345a8c055a29d5418818ddef9e55c9f8017a3c0a7578849e889658e0f015abc4
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3fbe44de1601e2c8c66a4631efb8914858dbf75ee5a128de04c92b94a03f3142
5986f251d278ae72106ef1d7302798a2e14f69a4d35b80087b9e61905a15e75e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
681991e0c2a506f5440cacd875e188b38759176e0f801e35121fb1219d8ec70b
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c642e14be80dd8d1632e6d9110f2346a9aea6790c0662f667f408a3b69ae19d
7394cc0158bd83bdfd6c63cebb7fb96a873394f273c873f3cdbddf1f2a43e436
9ec88cf72960048a40791a943e5dee85f910c00e9a3732339888b075de11bc34
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a588d4ff79ad5f0a877e6efe9a2265755ab4c7e3a7136bd7d5e081da98673b3c
aab0960b3005ebe4fb66e486c4fc31393c0a0469963999eee45d06b57841b403
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
ba563ba1c7c155edec1f7b6209207f59f0db2d87935e897c478df4e5d0cf7815
bc058cb66cea15f610cb39e8d642d3e340e4e3cc78b6fe6d597176494ddea69e
bded1629c9ac0e8b4f544d414375444388b902758aefc1fd5e292810d217e58f
c0c750b9342b8668c177f1e593e2a3182086376ad6add8ad1710ed1712d3977f
dbcd8ad7f1b14b6287ff0deb5bae94d7ee802eae3e45c415b1a2ea9d172def86
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e84a359489af183030fecab346d1174cf98518b310853a12d008c461f813cf63
eedacd8849adc6bed3c547b61a2da3d9cee62ef3d7ded77a7fcb10c671208142
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f161aff769830d431404f3a40bb9c2b7a532055cd85341a707383ea8f629152f
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48