Submitted URL: http://lotemsensing.net/
Effective URL: https://nemalaplus.net/awl/Login.aspx?ReturnUrl=https%3a%2f%2fnemalaplus.net%2faw%2fdefault.aspx%3ftheme%3dLotemSensing
Submission: On April 05 via manual from IL

Summary

This website contacted 8 IPs in 2 countries across 4 domains to perform 15 HTTP transactions. The main IP is 94.188.197.4, located in Israel and belongs to INTERNET_BINAT, IL. The main domain is nemalaplus.net.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on April 7th 2020. Valid for: 2 years.
This is the only time nemalaplus.net was scanned on urlscan.io!

urlscan.io Verdict: No classification


Live information

Domain & IP information

IP Address AS Autonomous System
2 2 94.188.197.8 25003 (INTERNET_...)
2 3 94.188.197.4 25003 (INTERNET_...)
4 94.188.197.85 25003 (INTERNET_...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
15 8
Domain Requested by
4 www.gstatic.com www.google.com
www.gstatic.com
4 www.google.com nemalaplus.net
www.gstatic.com
www.google.com
4 cdn.nemalaplus.net nemalaplus.net
cdn.nemalaplus.net
3 nemalaplus.net 2 redirects
2 fonts.gstatic.com www.google.com
2 lotemsensing.net 2 redirects
15 6

This site contains links to these domains. Also see Links.

Domain
top-group.co.il
www.topsolutions.co.il
Subject Issuer Validity Valid
nemalaplus.net
Sectigo RSA Domain Validation Secure Server CA
2020-04-07 -
2022-04-07
2 years crt.sh
Main.Top-Group.co.il
Sectigo RSA Domain Validation Secure Server CA
2020-08-30 -
2021-08-30
a year crt.sh
www.google.com
GTS CA 1O1
2021-03-16 -
2021-06-08
3 months crt.sh
*.gstatic.com
GTS CA 1O1
2021-03-16 -
2021-06-08
3 months crt.sh
*.google.com
GTS CA 1O1
2021-03-16 -
2021-06-08
3 months crt.sh

This page contains 2 frames:

Primary Page: https://nemalaplus.net/awl/Login.aspx?ReturnUrl=https%3a%2f%2fnemalaplus.net%2faw%2fdefault.aspx%3ftheme%3dLotemSensing
Frame ID: 1EC64E3A0961822CB421DE73A525EE93
Requests: 9 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le0pKMUAAAAAEBz7qSnDZgbp__S7XLH-kIHKx8U&co=aHR0cHM6Ly9uZW1hbGFwbHVzLm5ldDo0NDM.&hl=iw&v=5mNs27FP3uLBP3KBPib88r1g&size=invisible&cb=5dbphjcpqbx3
Frame ID: 8426F418B8FF4582DAEA9F1940D40868
Requests: 8 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://lotemsensing.net/ HTTP 302
    https://lotemsensing.net/ HTTP 301
    https://nemalaplus.net/aw?theme=LotemSensing HTTP 301
    https://nemalaplus.net/aw/?theme=LotemSensing HTTP 302
    https://nemalaplus.net/awl/Login.aspx?ReturnUrl=https%3a%2f%2fnemalaplus.net%2faw%2fdefault.aspx%3f... Page URL

Page Statistics

15
Requests

100 %
HTTPS

63 %
IPv6

4
Domains

6
Subdomains

8
IPs

2
Countries

2284 kB
Transfer

4953 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://lotemsensing.net/ HTTP 302
    https://lotemsensing.net/ HTTP 301
    https://nemalaplus.net/aw?theme=LotemSensing HTTP 301
    https://nemalaplus.net/aw/?theme=LotemSensing HTTP 302
    https://nemalaplus.net/awl/Login.aspx?ReturnUrl=https%3a%2f%2fnemalaplus.net%2faw%2fdefault.aspx%3ftheme%3dLotemSensing Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Cookie set Login.aspx
nemalaplus.net/awl/
Redirect Chain
  • http://lotemsensing.net/
  • https://lotemsensing.net/
  • https://nemalaplus.net/aw?theme=LotemSensing
  • https://nemalaplus.net/aw/?theme=LotemSensing
  • https://nemalaplus.net/awl/Login.aspx?ReturnUrl=https%3a%2f%2fnemalaplus.net%2faw%2fdefault.aspx%3ftheme%3dLotemSensing
2 MB
1 MB
Document
General
Full URL
https://nemalaplus.net/awl/Login.aspx?ReturnUrl=https%3a%2f%2fnemalaplus.net%2faw%2fdefault.aspx%3ftheme%3dLotemSensing
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.188.197.4 , Israel, ASN25003 (INTERNET_BINAT, IL),
Reverse DNS
nemalaplus.net
Software
/
Resource Hash
65e00245b55eaad519b1f30039309165fc7d22137b6d6e6eeb0f61454d5040a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Host
nemalaplus.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
LB=bd12e8e19d71c437eedd63ec4e146b60; cookiesession1=678A3E10DFGHIJKLMNOPRSTUVWXY4F4D; ASP.NET_SessionId=fy0rzulszs0byjbezcwp0sq4; AWAFGToken=eyJuIjoiQVdBRkdUb2tlbiIsInYiOiJhMjdjYjhlMiJ9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Cache-Control
no-store, no-cache
Pragma
no-cache
Transfer-Encoding
chunked
Content-Type
text/html; charset=utf-8
Content-Encoding
br
Expires
2021-04-04 16:44:44
Vary
Accept-Encoding
Set-Cookie
AWAFGToken=; expires=Thu, 01 Jan 1970 00:00:00 GMT; path=/; secure; httponly AWAFGToken=eyJuIjoiQVdBRkdUb2tlbiIsInAiOiIvIiwidiI6Ijg5MDU2NWEyIn0%3D; domain=nemalaplus.net; path=/; secure; samesite=lax; httponly LB=bd12e8e19d71c437eedd63ec4e146b60;max-age=300;Path=/;HttpOnly
Strict-Transport-Security
max-age=31536000
Date
Mon, 05 Apr 2021 13:44:43 GMT

Redirect headers

Cache-Control
no-cache, no-store
Pragma
no-cache
Content-Type
text/html; charset=utf-8
Expires
-1
Location
https://nemalaplus.net/awl/Login.aspx?ReturnUrl=https%3a%2f%2fnemalaplus.net%2faw%2fdefault.aspx%3ftheme%3dLotemSensing
Set-Cookie
ASP.NET_SessionId=fy0rzulszs0byjbezcwp0sq4; path=/; secure; HttpOnly; SameSite=Lax AWAFGToken=eyJuIjoiQVdBRkdUb2tlbiIsInYiOiJhMjdjYjhlMiJ9; domain=nemalaplus.net; path=/; secure; HttpOnly; SameSite=Lax LB=bd12e8e19d71c437eedd63ec4e146b60;max-age=300;Path=/;HttpOnly
Strict-Transport-Security
max-age=31536000
Date
Mon, 05 Apr 2021 13:44:43 GMT
Content-Length
12659
unify.ashx
cdn.nemalaplus.net/awl/handlers/
300 KB
136 KB
Stylesheet
General
Full URL
https://cdn.nemalaplus.net/awl/handlers/unify.ashx?a=css&b=login.aspx&c=139&lang=he.css
Requested by
Host: nemalaplus.net
URL: https://nemalaplus.net/awl/Login.aspx?ReturnUrl=https%3a%2f%2fnemalaplus.net%2faw%2fdefault.aspx%3ftheme%3dLotemSensing
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.188.197.85 , Israel, ASN25003 (INTERNET_BINAT, IL),
Reverse DNS
cdn.nemalaplus.net
Software
/
Resource Hash
427a3b5a7fb51e33977baa746b310c4c4181abfd926bec5686bdb1e5a6204dc3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://nemalaplus.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
br
Last-Modified
Mon, 05 Apr 2021 13:45:17 GMT
Date
Mon, 05 Apr 2021 13:45:17 GMT
Vary
*,Accept-Encoding
Content-Type
text/css; charset=utf-8
Cache-Control
public, max-age=5184000
content-length
138266
unify.ashx
cdn.nemalaplus.net/awl/handlers/
267 KB
267 KB
Script
General
Full URL
https://cdn.nemalaplus.net/awl/handlers/unify.ashx?a=js&b=login.aspx&c=139&lang=he.js
Requested by
Host: nemalaplus.net
URL: https://nemalaplus.net/awl/Login.aspx?ReturnUrl=https%3a%2f%2fnemalaplus.net%2faw%2fdefault.aspx%3ftheme%3dLotemSensing
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.188.197.85 , Israel, ASN25003 (INTERNET_BINAT, IL),
Reverse DNS
cdn.nemalaplus.net
Software
/
Resource Hash
4224a0e4bc1bd470d3cbd5aadc08f0588206bc501dc0cfdd5f0775867f73f496
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://nemalaplus.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Cache-Control
public, max-age=5184000
Last-Modified
Mon, 05 Apr 2021 13:44:44 GMT
Date
Mon, 05 Apr 2021 13:44:44 GMT
content-length
273043
Vary
*
Content-Type
text/javascript; charset=UTF-8
api.js
www.google.com/recaptcha/
884 B
679 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js?render=6Le0pKMUAAAAAEBz7qSnDZgbp__S7XLH-kIHKx8U&hl=he
Requested by
Host: nemalaplus.net
URL: https://nemalaplus.net/awl/Login.aspx?ReturnUrl=https%3a%2f%2fnemalaplus.net%2faw%2fdefault.aspx%3ftheme%3dLotemSensing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
9baad722de4f7a8911298a26b071f3c0a0edb5591e527c3d9753c244a1d568bc
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nemalaplus.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 05 Apr 2021 13:44:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
587
x-xss-protection
1; mode=block
expires
Mon, 05 Apr 2021 13:44:47 GMT
recaptcha__iw.js
www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/
358 KB
133 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/recaptcha__iw.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Le0pKMUAAAAAEBz7qSnDZgbp__S7XLH-kIHKx8U&hl=he
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fd7c45535ddaaf451d595f60544dd4c50849a1e09a00c3abbc6093b9c9cf97d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://nemalaplus.net
Referer
https://nemalaplus.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 16:02:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
423719
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
135661
x-xss-protection
0
last-modified
Mon, 22 Mar 2021 04:06:11 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 31 Mar 2022 16:02:48 GMT
truncated
/
1 MB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
84aace48491cb8a67487bcf0567b9e9d7285111fed7435feb3c9d7db7d312521

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
12 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c095615cebe587cfcd8987dc6614f57cd8c06b62fefc9545a9364559fc2c71a2

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
opensanshebrew-bold-webfont.woff
cdn.nemalaplus.net/awl/font/ExplorerFix/
14 KB
14 KB
Font
General
Full URL
https://cdn.nemalaplus.net/awl/font/ExplorerFix/opensanshebrew-bold-webfont.woff
Requested by
Host: cdn.nemalaplus.net
URL: https://cdn.nemalaplus.net/awl/handlers/unify.ashx?a=css&b=login.aspx&c=139&lang=he.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.188.197.85 , Israel, ASN25003 (INTERNET_BINAT, IL),
Reverse DNS
cdn.nemalaplus.net
Software
/
Resource Hash
22a63798dfc04117296d0d0aaa9e426e55d6bd43aa7e2f79d898e76adc918e86
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Origin
https://nemalaplus.net
Referer
https://cdn.nemalaplus.net/awl/handlers/unify.ashx?a=css&b=login.aspx&c=139&lang=he.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Last-Modified
Sun, 04 Apr 2021 10:26:43 GMT
ETag
"1d7293d01c285a0"
Vary
Origin
Content-Type
application/font-woff
Access-Control-Allow-Origin
https://nemalaplus.net
Date
Mon, 05 Apr 2021 13:44:44 GMT
Accept-Ranges
bytes
Content-Length
13856
opensanshebrew-regular-webfont.woff
cdn.nemalaplus.net/awl/font/ExplorerFix/
13 KB
14 KB
Font
General
Full URL
https://cdn.nemalaplus.net/awl/font/ExplorerFix/opensanshebrew-regular-webfont.woff
Requested by
Host: cdn.nemalaplus.net
URL: https://cdn.nemalaplus.net/awl/handlers/unify.ashx?a=css&b=login.aspx&c=139&lang=he.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.188.197.85 , Israel, ASN25003 (INTERNET_BINAT, IL),
Reverse DNS
cdn.nemalaplus.net
Software
/
Resource Hash
636f52528d61a565f93b83ec8fa646435c1b64f67ba5f4db64314f1692214fa7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Origin
https://nemalaplus.net
Referer
https://cdn.nemalaplus.net/awl/handlers/unify.ashx?a=css&b=login.aspx&c=139&lang=he.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Last-Modified
Sun, 04 Apr 2021 10:26:43 GMT
ETag
"1d7293d01c28670"
Vary
Origin
Content-Type
application/font-woff
Access-Control-Allow-Origin
https://nemalaplus.net
Date
Mon, 05 Apr 2021 13:45:17 GMT
Accept-Ranges
bytes
Content-Length
13808
anchor
www.google.com/recaptcha/api2/ Frame 8426
19 KB
10 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le0pKMUAAAAAEBz7qSnDZgbp__S7XLH-kIHKx8U&co=aHR0cHM6Ly9uZW1hbGFwbHVzLm5ldDo0NDM.&hl=iw&v=5mNs27FP3uLBP3KBPib88r1g&size=invisible&cb=5dbphjcpqbx3
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/recaptcha__iw.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
09031e219620871d88d8679a6943d805fd5eb3df484b14b1ebdc41cdd5b80af0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-8GvorOumuzX1OFc/FH7EWQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6Le0pKMUAAAAAEBz7qSnDZgbp__S7XLH-kIHKx8U&co=aHR0cHM6Ly9uZW1hbGFwbHVzLm5ldDo0NDM.&hl=iw&v=5mNs27FP3uLBP3KBPib88r1g&size=invisible&cb=5dbphjcpqbx3
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://nemalaplus.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://nemalaplus.net/

Response headers

content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Mon, 05 Apr 2021 13:44:47 GMT
content-security-policy
script-src 'report-sample' 'nonce-8GvorOumuzX1OFc/FH7EWQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
10123
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
styles__rtl.css
www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/ Frame 8426
50 KB
25 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/styles__rtl.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le0pKMUAAAAAEBz7qSnDZgbp__S7XLH-kIHKx8U&co=aHR0cHM6Ly9uZW1hbGFwbHVzLm5ldDo0NDM.&hl=iw&v=5mNs27FP3uLBP3KBPib88r1g&size=invisible&cb=5dbphjcpqbx3
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9de38c91d2f0591737d49a8e3078f61780d280d062d00ac7ec393faeee7b3f0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 29 Mar 2021 17:59:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 22 Mar 2021 04:06:11 GMT
server
sffe
age
589506
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25475
x-xss-protection
0
expires
Tue, 29 Mar 2022 17:59:41 GMT
recaptcha__iw.js
www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/ Frame 8426
358 KB
133 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/recaptcha__iw.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le0pKMUAAAAAEBz7qSnDZgbp__S7XLH-kIHKx8U&co=aHR0cHM6Ly9uZW1hbGFwbHVzLm5ldDo0NDM.&hl=iw&v=5mNs27FP3uLBP3KBPib88r1g&size=invisible&cb=5dbphjcpqbx3
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fd7c45535ddaaf451d595f60544dd4c50849a1e09a00c3abbc6093b9c9cf97d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 05:13:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
376272
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
135661
x-xss-protection
0
last-modified
Mon, 22 Mar 2021 04:06:11 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 01 Apr 2022 05:13:35 GMT
zcxQtLYtZ5G2GyVY9VDwmkIUYDda59fqP0Xt7tDIOBI.js
www.google.com/js/bg/ Frame 8426
14 KB
6 KB
Script
General
Full URL
https://www.google.com/js/bg/zcxQtLYtZ5G2GyVY9VDwmkIUYDda59fqP0Xt7tDIOBI.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/recaptcha__iw.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cdcc50b4b62d6791b61b2558f550f09a421460375ae7d7ea3f45edeed0c83812
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le0pKMUAAAAAEBz7qSnDZgbp__S7XLH-kIHKx8U&co=aHR0cHM6Ly9uZW1hbGFwbHVzLm5ldDo0NDM.&hl=iw&v=5mNs27FP3uLBP3KBPib88r1g&size=invisible&cb=5dbphjcpqbx3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 11:00:54 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 15 Mar 2021 13:00:00 GMT
server
sffe
age
441833
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5719
x-xss-protection
0
expires
Thu, 31 Mar 2022 11:00:54 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 8426
2 KB
2 KB
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/styles__rtl.css
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/styles__rtl.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 30 Mar 2021 16:01:47 GMT
x-content-type-options
nosniff
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
age
510180
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
expires
Tue, 06 Apr 2021 16:01:47 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 8426
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le0pKMUAAAAAEBz7qSnDZgbp__S7XLH-kIHKx8U&co=aHR0cHM6Ly9uZW1hbGFwbHVzLm5ldDo0NDM.&hl=iw&v=5mNs27FP3uLBP3KBPib88r1g&size=invisible&cb=5dbphjcpqbx3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.google.com
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 30 Mar 2021 22:43:04 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
age
486103
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
expires
Wed, 30 Mar 2022 22:43:04 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 8426
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le0pKMUAAAAAEBz7qSnDZgbp__S7XLH-kIHKx8U&co=aHR0cHM6Ly9uZW1hbGFwbHVzLm5ldDo0NDM.&hl=iw&v=5mNs27FP3uLBP3KBPib88r1g&size=invisible&cb=5dbphjcpqbx3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.google.com
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Apr 2021 10:03:37 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
age
272470
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
expires
Sat, 02 Apr 2022 10:03:37 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 8426
102 B
240 B
Other
General
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=iw&v=5mNs27FP3uLBP3KBPib88r1g
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le0pKMUAAAAAEBz7qSnDZgbp__S7XLH-kIHKx8U&co=aHR0cHM6Ly9uZW1hbGFwbHVzLm5ldDo0NDM.&hl=iw&v=5mNs27FP3uLBP3KBPib88r1g&size=invisible&cb=5dbphjcpqbx3
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
93dfa1548b91e9af6df6344e1ad4929f149890ec5bc2b4eefa1143c76054b4cc
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le0pKMUAAAAAEBz7qSnDZgbp__S7XLH-kIHKx8U&co=aHR0cHM6Ly9uZW1hbGFwbHVzLm5ldDo0NDM.&hl=iw&v=5mNs27FP3uLBP3KBPib88r1g&size=invisible&cb=5dbphjcpqbx3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 05 Apr 2021 13:44:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Mon, 05 Apr 2021 13:44:47 GMT

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| aj function| guid function| utils function| LoginForm function| $ function| jQuery object| jQuery111205393266702323045 object| JSON3 object| resource boolean| error string| currentLang object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| curPageIndicator object| recaptcha object| closure_lm_516838

4 Cookies

Domain/Path Name / Value
.nemalaplus.net/ Name: AWAFGToken
Value: eyJuIjoiQVdBRkdUb2tlbiIsInAiOiIvIiwidiI6Ijg5MDU2NWEyIn0%3D
nemalaplus.net/ Name: ASP.NET_SessionId
Value: fy0rzulszs0byjbezcwp0sq4
nemalaplus.net/ Name: cookiesession1
Value: 678A3E10DFGHIJKLMNOPRSTUVWXY4F4D
nemalaplus.net/ Name: LB
Value: bd12e8e19d71c437eedd63ec4e146b60

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000