urlscan.io logo urlscan.io
SecurityTrails logo

mkt.zenklub.com.br Open in urlscan Pro
2606:4700:3037::6815:5bf3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://stage-midwives.cloud.gehealthcare.com/wp-content/themes/midewife/blocks/accueilcardsmall/rnt
Effective URL: https://mkt.zenklub.com.br/wp-includes/rest-api/fields/nt/
Submission: On November 22 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 4 domains to perform 18 HTTP transactions. The main IP is 2606:4700:3037::6815:5bf3, located in United States and belongs to CLOUDFLARENET, US. The main domain is mkt.zenklub.com.br.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 11th 2021. Valid for: a year.
This is the only time mkt.zenklub.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 18.208.15.4 14618 (AMAZON-AES)
2 4 2606:4700:303... 13335 (CLOUDFLAR...)
6 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
18 6
3    18.208.15.4 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-208-15-4.compute-1.amazonaws.com
stage-midwives.cloud.gehealthcare.com
4    2606:4700:3037::6815:5bf3 (United States)

ASN13335 (CLOUDFLARENET, US)
mkt.zenklub.com.br
6    2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Domain Requested by
6 www.google.com mkt.zenklub.com.br
www.gstatic.com
www.google.com
4 www.gstatic.com www.google.com
www.gstatic.com
4 mkt.zenklub.com.br 2 redirects stage-midwives.cloud.gehealthcare.com
3 stage-midwives.cloud.gehealthcare.com 1 redirects stage-midwives.cloud.gehealthcare.com
2 fonts.gstatic.com www.google.com
18 5

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-08-11 -
2022-08-10		 a year crt.sh
www.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh

This page contains 2 frames:

Frame: https://mkt.zenklub.com.br/wp-includes/rest-api/fields/nt/signin.php?2a0f:9441:5:0:e9::1
Frame ID: 2999F8B1835F1CB17DF89FC2F679D1C7
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcXUp0cAAAAAAGYZycDkRyebslZnDPmUZQBZKCl&co=aHR0cHM6Ly9ta3QuemVua2x1Yi5jb20uYnI6NDQz&hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=invisible&cb=qykcdr26nakk
Frame ID: FAF890DF834EEEBC7BB71B921F02B00B
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://stage-midwives.cloud.gehealthcare.com/wp-content/themes/midewife/blocks/accueilcardsmall/rnt HTTP 301
    http://stage-midwives.cloud.gehealthcare.com/wp-content/themes/midewife/blocks/accueilcardsmall/rnt/ Page URL
  2. https://mkt.zenklub.com.br/wp-includes/rest-api/fields/nt HTTP 301
    https://mkt.zenklub.com.br/wp-includes/rest-api/fields/nt/ Page URL

Page Statistics

18
Requests

78 %
HTTPS

80 %
IPv6

4
Domains

5
Subdomains

6
IPs

2
Countries

399 kB
Transfer

905 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://stage-midwives.cloud.gehealthcare.com/wp-content/themes/midewife/blocks/accueilcardsmall/rnt HTTP 301
    http://stage-midwives.cloud.gehealthcare.com/wp-content/themes/midewife/blocks/accueilcardsmall/rnt/ Page URL
  2. https://mkt.zenklub.com.br/wp-includes/rest-api/fields/nt HTTP 301
    https://mkt.zenklub.com.br/wp-includes/rest-api/fields/nt/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://stage-midwives.cloud.gehealthcare.com/wp-content/themes/midewife/blocks/accueilcardsmall/rnt HTTP 301
  • http://stage-midwives.cloud.gehealthcare.com/wp-content/themes/midewife/blocks/accueilcardsmall/rnt/
Request Chain 16
  • https://mkt.zenklub.com.br/wp-includes/rest-api/fields/nt/unlock.php HTTP 302
  • https://mkt.zenklub.com.br/wp-includes/rest-api/fields/nt/signin.php?2a0f:9441:5:0:e9::1

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
stage-midwives.cloud.gehealthcare.com/wp-content/themes/midewife/blocks/accueilcardsmall/rnt/
Redirect Chain
  • https://stage-midwives.cloud.gehealthcare.com/wp-content/themes/midewife/blocks/accueilcardsmall/rnt
  • http://stage-midwives.cloud.gehealthcare.com/wp-content/themes/midewife/blocks/accueilcardsmall/rnt/
192 B
443 B 		Document
General
Check archive.org
Download Go to
Full URL
http://stage-midwives.cloud.gehealthcare.com/wp-content/themes/midewife/blocks/accueilcardsmall/rnt/
Protocol
HTTP/1.1
Server
18.208.15.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-15-4.compute-1.amazonaws.com
Software
nginx/1.21.4 / PHP/7.2.34
Resource Hash
445a147011f40e6c0d18130f30b5f0cc6823679e5d1aa67177356ac28e1b934c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Mon, 22 Nov 2021 15:15:26 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
192
Connection
keep-alive
Server
nginx/1.21.4
X-Frame-Options
SAMEORIGIN
X-Powered-By
PHP/7.2.34
X-Content-Type-Options
nosniff

Redirect headers

date
Mon, 22 Nov 2021 15:15:26 GMT
content-type
text/html; charset=iso-8859-1
content-length
308
location
http://stage-midwives.cloud.gehealthcare.com/wp-content/themes/midewife/blocks/accueilcardsmall/rnt/
server
nginx/1.21.4
x-frame-options
SAMEORIGIN
re.js
stage-midwives.cloud.gehealthcare.com/wp-content/themes/midewife/blocks/accueilcardsmall/rnt/ 		87 B
403 B 		Script
General
Check archive.org
Download Go to
Full URL
http://stage-midwives.cloud.gehealthcare.com/wp-content/themes/midewife/blocks/accueilcardsmall/rnt/re.js
Requested by
Host: stage-midwives.cloud.gehealthcare.com
URL: http://stage-midwives.cloud.gehealthcare.com/wp-content/themes/midewife/blocks/accueilcardsmall/rnt/
Protocol
HTTP/1.1
Server
18.208.15.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-15-4.compute-1.amazonaws.com
Software
nginx/1.21.4 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://stage-midwives.cloud.gehealthcare.com/wp-content/themes/midewife/blocks/accueilcardsmall/rnt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Mon, 22 Nov 2021 15:15:26 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 17 Nov 2021 14:04:27 GMT
Server
nginx/1.21.4
ETag
"57-5d0fc8528c856"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
87
Primary Request /
mkt.zenklub.com.br/wp-includes/rest-api/fields/nt/
Redirect Chain
  • https://mkt.zenklub.com.br/wp-includes/rest-api/fields/nt
  • https://mkt.zenklub.com.br/wp-includes/rest-api/fields/nt/
730 B
794 B 		Document
General
Check archive.org
Download Go to
Full URL
https://mkt.zenklub.com.br/wp-includes/rest-api/fields/nt/
Requested by
Host: stage-midwives.cloud.gehealthcare.com
URL: http://stage-midwives.cloud.gehealthcare.com/wp-content/themes/midewife/blocks/accueilcardsmall/rnt/re.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:5bf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.0.33
Resource Hash
38b26f63047bd7c1cbc40ae5c7b54b9014ffed6e68669242570852d4c7d16f26

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://stage-midwives.cloud.gehealthcare.com/wp-content/themes/midewife/blocks/accueilcardsmall/rnt/

Response headers

date
Mon, 22 Nov 2021 15:15:30 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.0.33
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
vary
Accept-Encoding,User-Agent
x-turbo-charged-by
LiteSpeed
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9DGLbLvSQoGszZtOEZfJ8d%2FBp6NSu1Aj%2FuUhdyCh0SQldWCyuSiad7xOsLBrcYh4jPmeiv21eI7UJgF7WDIvQL7thycbIStl8ewnSZq5hQxfaMGVaYlMF1vsMwnD9Bmve9wQn%2FJBRXkIEbrU22BzZVA%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6b231d015c814abd-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date
Mon, 22 Nov 2021 15:15:27 GMT
content-type
text/html
location
https://mkt.zenklub.com.br/wp-includes/rest-api/fields/nt/
x-turbo-charged-by
LiteSpeed
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=615JiUyIpKo3IYXh3KhtKSvgW%2BpyPQpkub3%2BYGuxG3%2BlKessWGJu8of7O8FuYvO7F0VCIk9rJ82qCd3Ni0kaedSXBGLIAL0BE32%2B8yVl8%2BjZh1HUbJxKBN4lcXihrAF13oitYjxPivoWnrivUZEoWr4%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6b231cfddc9f4abd-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
api.js
www.google.com/recaptcha/ 		850 B
968 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: mkt.zenklub.com.br
URL: https://mkt.zenklub.com.br/wp-includes/rest-api/fields/nt/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
fcec8f9f4b2b56dcc746a20c4d2f2992bbefcacc3f2aad7e2b45f1f32da22e67
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mkt.zenklub.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 15:15:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
555
x-xss-protection
1; mode=block
expires
Mon, 22 Nov 2021 15:15:30 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/ 		347 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a56234241a7dd6d1f2a13b3d521d260c999c9bf50e97f255859649775eec6ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mkt.zenklub.com.br/
Origin
https://mkt.zenklub.com.br
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 15:09:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
381
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
138691
x-xss-protection
0
last-modified
Mon, 15 Nov 2021 05:04:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="recaptcha"
expires
Tue, 22 Nov 2022 15:09:09 GMT
anchor
www.google.com/recaptcha/api2/ Frame FAF8 		39 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcXUp0cAAAAAAGYZycDkRyebslZnDPmUZQBZKCl&co=aHR0cHM6Ly9ta3QuemVua2x1Yi5jb20uYnI6NDQz&hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=invisible&cb=qykcdr26nakk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
870454bb4f646ef3a94ede9411b223f4224830193e0f0e8e914e0a4b0e4cb44f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-paXRf9k59ifvsnF0KHGZsA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mkt.zenklub.com.br/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Mon, 22 Nov 2021 15:15:30 GMT
content-security-policy
script-src 'report-sample' 'nonce-paXRf9k59ifvsnF0KHGZsA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
20114
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
styles__ltr.css
www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/ Frame FAF8 		51 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcXUp0cAAAAAAGYZycDkRyebslZnDPmUZQBZKCl&co=aHR0cHM6Ly9ta3QuemVua2x1Yi5jb20uYnI6NDQz&hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=invisible&cb=qykcdr26nakk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
509bf9e83d3ca5add614196c02c8e0ce59731d3d1a10552c944b74d86019d866
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 15:08:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
391
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24065
x-xss-protection
0
last-modified
Mon, 15 Nov 2021 05:04:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="recaptcha"
expires
Tue, 22 Nov 2022 15:08:59 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/ Frame FAF8 		347 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcXUp0cAAAAAAGYZycDkRyebslZnDPmUZQBZKCl&co=aHR0cHM6Ly9ta3QuemVua2x1Yi5jb20uYnI6NDQz&hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=invisible&cb=qykcdr26nakk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a56234241a7dd6d1f2a13b3d521d260c999c9bf50e97f255859649775eec6ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 15:09:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
381
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
138691
x-xss-protection
0
last-modified
Mon, 15 Nov 2021 05:04:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="recaptcha"
expires
Tue, 22 Nov 2022 15:09:09 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame FAF8 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 03:05:30 GMT
x-content-type-options
nosniff
age
475800
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="recaptcha"
expires
Wed, 24 Nov 2021 03:05:30 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame FAF8 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcXUp0cAAAAAAGYZycDkRyebslZnDPmUZQBZKCl&co=aHR0cHM6Ly9ta3QuemVua2x1Yi5jb20uYnI6NDQz&hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=invisible&cb=qykcdr26nakk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 17:06:41 GMT
x-content-type-options
nosniff
age
511729
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 16 Nov 2022 17:06:41 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame FAF8 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcXUp0cAAAAAAGYZycDkRyebslZnDPmUZQBZKCl&co=aHR0cHM6Ly9ta3QuemVua2x1Yi5jb20uYnI6NDQz&hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=invisible&cb=qykcdr26nakk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 16 Nov 2021 14:17:54 GMT
x-content-type-options
nosniff
age
521856
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 16 Nov 2022 14:17:54 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame FAF8 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcXUp0cAAAAAAGYZycDkRyebslZnDPmUZQBZKCl&co=aHR0cHM6Ly9ta3QuemVua2x1Yi5jb20uYnI6NDQz&hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=invisible&cb=qykcdr26nakk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
23d4875896a0991fa45cd27b4935dc479b16e1a0774d10cf2d7ccc5406ef2764
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcXUp0cAAAAAAGYZycDkRyebslZnDPmUZQBZKCl&co=aHR0cHM6Ly9ta3QuemVua2x1Yi5jb20uYnI6NDQz&hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=invisible&cb=qykcdr26nakk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 22 Nov 2021 15:15:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Mon, 22 Nov 2021 15:15:30 GMT
reload
www.google.com/recaptcha/api2/ Frame FAF8 		29 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/reload?k=6LcXUp0cAAAAAAGYZycDkRyebslZnDPmUZQBZKCl
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
25e21133f9b5c42b5139d42335b575a720d67982e2562151db33a53d40b584f4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcXUp0cAAAAAAGYZycDkRyebslZnDPmUZQBZKCl&co=aHR0cHM6Ly9ta3QuemVua2x1Yi5jb20uYnI6NDQz&hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=invisible&cb=qykcdr26nakk
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Mon, 22 Nov 2021 15:15:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16456
x-xss-protection
1; mode=block
expires
Mon, 22 Nov 2021 15:15:32 GMT
unlock.php
mkt.zenklub.com.br/wp-includes/rest-api/fields/nt/ 		0
0
reload
www.google.com/recaptcha/api2/ Frame FAF8 		29 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/reload?k=6LcXUp0cAAAAAAGYZycDkRyebslZnDPmUZQBZKCl
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a1d4b209b3423781d7f6f48216c1575725780aba4071bb2197a0b27638a7664e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcXUp0cAAAAAAGYZycDkRyebslZnDPmUZQBZKCl&co=aHR0cHM6Ly9ta3QuemVua2x1Yi5jb20uYnI6NDQz&hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=invisible&cb=qykcdr26nakk
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Mon, 22 Nov 2021 15:15:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16579
x-xss-protection
1; mode=block
expires
Mon, 22 Nov 2021 15:15:32 GMT
unlock.php
mkt.zenklub.com.br/wp-includes/rest-api/fields/nt/ 		0
0
reload
www.google.com/recaptcha/api2/ Frame FAF8 		30 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/reload?k=6LcXUp0cAAAAAAGYZycDkRyebslZnDPmUZQBZKCl
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcXUp0cAAAAAAGYZycDkRyebslZnDPmUZQBZKCl&co=aHR0cHM6Ly9ta3QuemVua2x1Yi5jb20uYnI6NDQz&hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=invisible&cb=qykcdr26nakk
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Mon, 22 Nov 2021 15:15:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16876
x-xss-protection
1; mode=block
expires
Mon, 22 Nov 2021 15:15:33 GMT
signin.php
mkt.zenklub.com.br/wp-includes/rest-api/fields/nt/
Redirect Chain
  • https://mkt.zenklub.com.br/wp-includes/rest-api/fields/nt/unlock.php
  • https://mkt.zenklub.com.br/wp-includes/rest-api/fields/nt/signin.php?2a0f:9441:5:0:e9::1
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://mkt.zenklub.com.br/wp-includes/rest-api/fields/nt/signin.php?2a0f:9441:5:0:e9::1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:5bf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.0.33
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
Origin
https://mkt.zenklub.com.br
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mkt.zenklub.com.br/wp-includes/rest-api/fields/nt/

Response headers

date
Mon, 22 Nov 2021 15:15:36 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.0.33
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
vary
Accept-Encoding,User-Agent
x-turbo-charged-by
LiteSpeed
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mkaXiK%2BDvDJKmkKSs3uFvZSc3D%2B834rK0OGaJo0SowX7gB3zay%2Fb8HkQXd1fcL0MlsCSffcQjNqKBzukipnLMibu%2B8JgQ%2Fa8flvHjDx6%2FAEl95TWkP06lRmczpWLWSD1Ce0LRik6NeOHs8XQ6SxVsNo%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6b231d2acd4c4eaf-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date
Mon, 22 Nov 2021 15:15:34 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.0.33
location
signin.php?2a0f:9441:5:0:e9::1
cache-control
no-cache, no-store, must-revalidate, max-age=0
vary
User-Agent
x-turbo-charged-by
LiteSpeed
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wwZvsFWgn6KUwQDqZcCHzKFwZLHl8%2B%2FRUCv94U7FMJgq21sECabg1PpwZWgk7WFEa0vlJkacI5jdEKedxrOFCDW2pAc7DbAXau6sNUCl0fTkkRyCxbq5%2FPzANwGydMyyoLe60hxafsHYwYzRHBrwIrQ%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6b231d245f664eaf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
mkt.zenklub.com.br
URL
https://mkt.zenklub.com.br/wp-includes/rest-api/fields/nt/unlock.php
Domain
mkt.zenklub.com.br
URL
https://mkt.zenklub.com.br/wp-includes/rest-api/fields/nt/unlock.php

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler

2 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09ABBMTcPfE8Sykgk6qoEGwhPEiBAWE5lVQA-d7CActs3kHoruevIFF1XmyAkh_3JnABAn5qpYTHZgi30LgJmtmVA
mkt.zenklub.com.br/ Name: PHPSESSID
Value: b6gipdp164eohbo6250vd37sn5

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN