urlscan.io logo urlscan.io
SecurityTrails logo

leathersurgeons.pt Open in urlscan Pro
144.76.94.163  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://trk.klclick3.com/ls/click?upn=u001.VNn6OnkO80GmXhELrYEWC1Lh9otNgAyHesX9Jta4pr7BQQTDQ6OM6AoxnCUKWlYST7jKiVHxNBxXnG...
Effective URL: https://leathersurgeons.pt/access/?_kx=gTtczRw63tDwZD_kryPBHw.WmLx7u
Submission: On July 16 via api from NL — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 4 domains to perform 5 HTTP transactions. The main IP is 144.76.94.163, located in Hamm, Germany and belongs to HETZNER-AS, DE. The main domain is leathersurgeons.pt.
TLS certificate: Issued by R10 on July 2nd 2024. Valid for: 3 months.
This is the only time leathersurgeons.pt was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2600:9000:272... 16509 (AMAZON-02)
1 2 144.76.94.163 24940 (HETZNER-AS)
3 142.250.185.100 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 3
Apex Domain
Subdomains		 Transfer
3 google.com
www.google.com — Cisco Umbrella Rank: 10
963 B
2 leathersurgeons.pt
leathersurgeons.pt
2 KB
1 gstatic.com
www.gstatic.com
213 KB
1 klclick3.com
trk.klclick3.com — Cisco Umbrella Rank: 68653
418 B
5 4
Domain Requested by
3 www.google.com leathersurgeons.pt
www.gstatic.com
2 leathersurgeons.pt 1 redirects
1 www.gstatic.com www.google.com
1 trk.klclick3.com 1 redirects
5 4

This site contains no links.

Subject Issuer Validity Valid
*.leathersurgeons.pt
R10		 2024-07-02 -
2024-09-30		 3 months crt.sh
*.google.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
*.gstatic.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://leathersurgeons.pt/access/?_kx=gTtczRw63tDwZD_kryPBHw.WmLx7u
Frame ID: 375DCD6EB448863835FAAEA1922B3875
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdRChEqAAAAACHZg3gtwehOYx_YV0BpRV8TdNLB&co=aHR0cHM6Ly9sZWF0aGVyc3VyZ2VvbnMucHQ6NDQz&hl=nl&v=rKbTvxTxwcw5VqzrtN-ICwWt&size=normal&cb=ncdzkbqs8pi
Frame ID: 219DB86D6DE22F466D6B3CD278F7C446
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=nl&v=rKbTvxTxwcw5VqzrtN-ICwWt&k=6LdRChEqAAAAACHZg3gtwehOYx_YV0BpRV8TdNLB
Frame ID: D4B8286D32CA81794FE4213B0A83303A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

reCAPTCHA: Click Allow to verify that you are not a robot

Page URL History Show full URLs

  1. http://trk.klclick3.com/ls/click?upn=u001.VNn6OnkO80GmXhELrYEWC1Lh9otNgAyHesX9Jta4pr7BQQTDQ6OM6AoxnC... HTTP 307
    https://trk.klclick3.com/ls/click?upn=u001.VNn6OnkO80GmXhELrYEWC1Lh9otNgAyHesX9Jta4pr7BQQTDQ6OM6AoxnC... HTTP 302
    https://leathersurgeons.pt/access?_kx=gTtczRw63tDwZD_kryPBHw.WmLx7u HTTP 301
    https://leathersurgeons.pt/access/?_kx=gTtczRw63tDwZD_kryPBHw.WmLx7u Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <div[^>]+class="g-recaptcha"
  • /recaptcha/api\.js

Page Statistics

5
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

3
IPs

2
Countries

216 kB
Transfer

538 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://trk.klclick3.com/ls/click?upn=u001.VNn6OnkO80GmXhELrYEWC1Lh9otNgAyHesX9Jta4pr7BQQTDQ6OM6AoxnCUKWlYST7jKiVHxNBxXnGUOluBbvvw4u-2Bvs39nKnCsIEOcGmEU-3DJ1Pb_AOwfbAVypAVxNFQV5W4Nb8oSOQee7ed0M9Lr4QgLUQmwSvEOqxn1KL-2FCw7KmNdPBwa-2Fxpg3qKvuWNP5tZDHxTtiMv3GowD0Tocnec8qQHbWC3GGqnlWi1nT88lDNqgxhgmdOe9-2B0HmfBouCQyIR5i3IMSHYwBUV-2FMIcmzNNyWL2RnINsDv3E1JiWmElweh-2Bd6kQ1q2bmMACVMnJr414MtZXJvRWu6hLSGgziZfvfjWqRNTBIH-2FLm3vOTazyrfnhf8P2Oc9GeUsu32UIsMVxQG7Z8uh7LAeLU1GfBfSStlui2j-2FAujSDG3gmNAgTMv-2F8gG64TkWggOzkAA47Mq9nFKw-3D-3D HTTP 307
    https://trk.klclick3.com/ls/click?upn=u001.VNn6OnkO80GmXhELrYEWC1Lh9otNgAyHesX9Jta4pr7BQQTDQ6OM6AoxnCUKWlYST7jKiVHxNBxXnGUOluBbvvw4u-2Bvs39nKnCsIEOcGmEU-3DJ1Pb_AOwfbAVypAVxNFQV5W4Nb8oSOQee7ed0M9Lr4QgLUQmwSvEOqxn1KL-2FCw7KmNdPBwa-2Fxpg3qKvuWNP5tZDHxTtiMv3GowD0Tocnec8qQHbWC3GGqnlWi1nT88lDNqgxhgmdOe9-2B0HmfBouCQyIR5i3IMSHYwBUV-2FMIcmzNNyWL2RnINsDv3E1JiWmElweh-2Bd6kQ1q2bmMACVMnJr414MtZXJvRWu6hLSGgziZfvfjWqRNTBIH-2FLm3vOTazyrfnhf8P2Oc9GeUsu32UIsMVxQG7Z8uh7LAeLU1GfBfSStlui2j-2FAujSDG3gmNAgTMv-2F8gG64TkWggOzkAA47Mq9nFKw-3D-3D HTTP 302
    https://leathersurgeons.pt/access?_kx=gTtczRw63tDwZD_kryPBHw.WmLx7u HTTP 301
    https://leathersurgeons.pt/access/?_kx=gTtczRw63tDwZD_kryPBHw.WmLx7u Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
leathersurgeons.pt/access/
Redirect Chain
  • http://trk.klclick3.com/ls/click?upn=u001.VNn6OnkO80GmXhELrYEWC1Lh9otNgAyHesX9Jta4pr7BQQTDQ6OM6AoxnCUKWlYST7jKiVHxNBxXnGUOluBbvvw4u-2Bvs39nKnCsIEOcGmEU-3DJ1Pb_AOwfbAVypAVxNFQV5W4Nb8oSOQee7ed0M9Lr4Q...
  • https://trk.klclick3.com/ls/click?upn=u001.VNn6OnkO80GmXhELrYEWC1Lh9otNgAyHesX9Jta4pr7BQQTDQ6OM6AoxnCUKWlYST7jKiVHxNBxXnGUOluBbvvw4u-2Bvs39nKnCsIEOcGmEU-3DJ1Pb_AOwfbAVypAVxNFQV5W4Nb8oSOQee7ed0M9Lr4...
  • https://leathersurgeons.pt/access?_kx=gTtczRw63tDwZD_kryPBHw.WmLx7u
  • https://leathersurgeons.pt/access/?_kx=gTtczRw63tDwZD_kryPBHw.WmLx7u
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://leathersurgeons.pt/access/?_kx=gTtczRw63tDwZD_kryPBHw.WmLx7u
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
144.76.94.163 Hamm, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
cpanel1.guisoft.net
Software
Apache /
Resource Hash
6f199b6a5c12fb293673cb5d51040e70863f9d105293ddc1248f1d0d4369f88c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Connection
Keep-Alive
Content-Length
1767
Content-Type
text/html
Date
Tue, 16 Jul 2024 20:37:58 GMT
Keep-Alive
timeout=5, max=99
Last-Modified
Tue, 16 Jul 2024 07:58:45 GMT
Server
Apache

Redirect headers

Connection
Keep-Alive
Content-Length
276
Content-Type
text/html; charset=iso-8859-1
Date
Tue, 16 Jul 2024 20:37:58 GMT
Keep-Alive
timeout=5, max=100
Location
https://leathersurgeons.pt/access/?_kx=gTtczRw63tDwZD_kryPBHw.WmLx7u
Server
Apache
api.js
www.google.com/recaptcha/ 		1 KB
963 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: leathersurgeons.pt
URL: https://leathersurgeons.pt/access/?_kx=gTtczRw63tDwZD_kryPBHw.WmLx7u
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f4.1e100.net
Software
GSE /
Resource Hash
70cf569b4dbdae1e3256d5dcf1a2dff34fab51852528f090275361dcd557b9eb
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://leathersurgeons.pt/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 20:37:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Tue, 16 Jul 2024 20:37:58 GMT
recaptcha__nl.js
www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/ 		535 KB
213 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/recaptcha__nl.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae64db23eb03fc57c24c335a38e3ffb0ce8c74aa08c433bba1f13cb440d3f1cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://leathersurgeons.pt/
Origin
https://leathersurgeons.pt
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 11:55:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
31348
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
217125
x-xss-protection
0
last-modified
Sun, 23 Jun 2024 08:01:07 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 16 Jul 2025 11:55:30 GMT
anchor
www.google.com/recaptcha/api2/ Frame 219D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdRChEqAAAAACHZg3gtwehOYx_YV0BpRV8TdNLB&co=aHR0cHM6Ly9sZWF0aGVyc3VyZ2VvbnMucHQ6NDQz&hl=nl&v=rKbTvxTxwcw5VqzrtN-ICwWt&size=normal&cb=ncdzkbqs8pi
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/recaptcha__nl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f4.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-jOqN_DBB2xJk9NGNj_k6mg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://leathersurgeons.pt/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-jOqN_DBB2xJk9NGNj_k6mg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 16 Jul 2024 20:37:59 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
bframe
www.google.com/recaptcha/api2/ Frame D4B8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=nl&v=rKbTvxTxwcw5VqzrtN-ICwWt&k=6LdRChEqAAAAACHZg3gtwehOYx_YV0BpRV8TdNLB
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/recaptcha__nl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f4.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-8LXsd8DP38KaAX2vsv_HQQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://leathersurgeons.pt/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-8LXsd8DP38KaAX2vsv_HQQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 16 Jul 2024 20:37:59 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 function| recaptcha_callback object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| closure_lm_55136

0 Cookies