koborakundos.site Open in urlscan Pro
2606:4700:3035::ac43:da49 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://smex-ctp.trendmicro.com/wis/clicktime/v1/query?url=https%3a%2f%2fconfirm.brandnamic.com%2f%3flang%3den%26redirect%3dhttp...
Effective URL:
https://koborakundos.site/66400f16-98b1-44b6-afd5-bccc25a8b693/mw10sV3gid~u&iHsGAFTbOIrJMqN.fzigo-v3OyHq1cgS%7C$c7A%3ClsMG...
Submission: On November 15 via api (November 15th 2023, 1:51:10 am UTC) from US — Scanned from DE

Summary HTTP 24 Redirects Behaviour Indicators

Summary

This website contacted 11 IPs in 2 countries across 10 domains to perform 24 HTTP transactions. The main IP is 2606:4700:3035::ac43:da49, located in United States and belongs to CLOUDFLARENET, US. The main domain is koborakundos.site.
TLS certificate: Issued by GTS CA 1P5 on November 4th 2023. Valid for: 3 months.

This is the only time koborakundos.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	35.155.252.61 35.155.252.61	16509 (AMAZON-02) (AMAZON-02)
2	80.237.183.20 80.237.183.20	61157 (PLUSSERVE...) (PLUSSERVER-ASN1)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
2	116.202.73.132 116.202.73.132	24940 (HETZNER-AS) (HETZNER-AS)
2	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	80.71.151.24 80.71.151.24	7393 (CYBERCON) (CYBERCON)
1 5	2606:4700:303... 2606:4700:3035::ac43:da49	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:303... 2606:4700:3032::6815:261d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
24	11

1 35.155.252.61 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-155-252-61.us-west-2.compute.amazonaws.com

smex-ctp.trendmicro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 80.237.183.20 (Germany)

ASN61157 (PLUSSERVER-ASN1, DE)
PTR: ma5021084.psmanaged.com

confirm.brandnamic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.bnamic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 116.202.73.132 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: server1.ehotelier.it

admin.ehotelier.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.71.151.24 (St Louis, United States)

ASN7393 (CYBERCON, US)
PTR: cp24.ezhostingserver.com

upscalenailsbar.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3035::ac43:da49 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

koborakundos.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::6815:261d (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

koborakundos.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	gstatic.com fonts.gstatic.com www.gstatic.com	646 KB
6	koborakundos.site 2 redirects koborakundos.site	141 KB
4	google.com www.google.com — Cisco Umbrella Rank: 2	37 KB
2	ehotelier.it admin.ehotelier.it — Cisco Umbrella Rank: 624474	2 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31 ajax.googleapis.com — Cisco Umbrella Rank: 364	31 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 223	11 KB
1	upscalenailsbar.net upscalenailsbar.net	353 B
1	bnamic.com cdn.bnamic.com	1 KB
1	brandnamic.com confirm.brandnamic.com	3 KB
1	trendmicro.com 1 redirects smex-ctp.trendmicro.com	201 B
24	10

	Domain	Requested by
6	www.gstatic.com	www.google.com www.gstatic.com
6	koborakundos.site	2 redirects koborakundos.site confirm.brandnamic.com
4	www.google.com	confirm.brandnamic.com www.gstatic.com www.google.com
2	fonts.gstatic.com	fonts.googleapis.com www.google.com
2	admin.ehotelier.it	confirm.brandnamic.com ajax.googleapis.com
1	cdnjs.cloudflare.com	confirm.brandnamic.com
1	upscalenailsbar.net	confirm.brandnamic.com
1	ajax.googleapis.com	confirm.brandnamic.com
1	cdn.bnamic.com	confirm.brandnamic.com
1	fonts.googleapis.com	confirm.brandnamic.com
1	confirm.brandnamic.com
1	smex-ctp.trendmicro.com	1 redirects
24	12

This site contains no links.

Subject Issuer	Validity	Valid
confirm.brandnamic.com R3	`2023-11-05` - `2024-02-03`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
cdn.bnamic.com R3	`2023-10-02` - `2023-12-31`	3 months	crt.sh
*.ehotelier.it Sectigo RSA Domain Validation Secure Server CA	`2023-07-24` - `2024-08-14`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
upscalenailsbar.net R3	`2023-11-02` - `2024-01-31`	3 months	crt.sh
koborakundos.site GTS CA 1P5	`2023-11-04` - `2024-02-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://koborakundos.site/66400f16-98b1-44b6-afd5-bccc25a8b693/mw10sV3gid~u&iHsGAFTbOIrJMqN.fzigo-v3OyHq1cgS%7C$c7A%3ClsMG5e,eM%5E2BdGMQ,fq%3C9gWRa1lZDY%3EP*Vm(vw%7C,p60V*6%60fZPjNWLK8)lmdV74%7Dwa]z7%3C4YA8n%5EH7J%7DBb%3E%5E%60%60oGqP6uCjeIfOlh%60k%3CW%5E)Jo20no&rbgT%3CbRBO~CPEmUd5Tn~J7$nI4FeM[olWJW.v%7BIVLkXLFc-.KvY)fHiLz%7DMP3pUemi4%3C13f.bce7%7D543U%5Ept7EGAhft/gUNkRyOTOnTErUDeoDOLI?mw10sV3gid~u&iHsGAFTbOIrJMqN.fzigo-v3OyHq1cgS|$c7A%3ClsMG5e,eM^2BdGMQ,fq%3C9gWRa1lZDY%3EP*Vm(vw|,p60V*6`fZPjNWLK8)lmdV74}wa]z7%3C4YA8n^H7J}Bb%3E^``oGqP6uCjeIfOlh`k%3CW^)Jo20no&rbgT%3CbRBO~CPEmUd5Tn~J7$nI4FeM[olWJW.v{IVLkXLFc-.KvY)fHiLz}MP3pUemi4%3C13f.bce7}543U^pt7EGAhft
Frame ID: AE035C3D2CA155D01734AE1E69853156
Requests: 15 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcf2-EhAAAAAAb4lCjGZLljSQMQ9lL7LxhkWGBN&co=aHR0cHM6Ly9rb2JvcmFrdW5kb3Muc2l0ZTo0NDM.&hl=de&v=fGZmEzpfeSeqDJiApS_XZ4Y2&size=normal&cb=gny2c18aqvca
Frame ID: BDEE9801944EB04D51226D5A00CE5208
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=fGZmEzpfeSeqDJiApS_XZ4Y2&k=6Lcf2-EhAAAAAAb4lCjGZLljSQMQ9lL7LxhkWGBN
Frame ID: 556FE4B16CF30501E23D7E7B35FFB2ED
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Verification

Page URL History Show full URLs

https://smex-ctp.trendmicro.com/wis/clicktime/v1/query?url=https%3a%2f%2fconfirm.brandnamic.com%2f%3flang%3d... HTTP 302
https://confirm.brandnamic.com/?lang=en&redirect=https://upscalenailsbar.net//dist/css/qwgcbw/ZW1pbHlrYW1Ad... Page URL
https://koborakundos.site/66400f16-98b1-44b6-afd5-bccc25a8b693 HTTP 301
http://koborakundos.site/66400f16-98b1-44b6-afd5-bccc25a8b693/ HTTP 301
https://koborakundos.site/66400f16-98b1-44b6-afd5-bccc25a8b693/ Page URL
https://koborakundos.site/66400f16-98b1-44b6-afd5-bccc25a8b693/mw10sV3gid~u&iHsGAFTbOIrJMqN.fzigo-v3Oy... Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

<div[^>]+class="g-recaptcha"
/recaptcha/api\.js

Page Statistics

24
Requests

100 %
HTTPS

67 %
IPv6

10
Domains

12
Subdomains

11
IPs

2
Countries

872 kB
Transfer

1947 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://smex-ctp.trendmicro.com/wis/clicktime/v1/query?url=https%3a%2f%2fconfirm.brandnamic.com%2f%3flang%3den%26redirect%3dhttps%3a%2f%2fupscalenailsbar.net%2f%2fdist%2fcss%2fqwgcbw%2fZW1pbHlrYW1Adm9ndWVsYXVuZHJ5LmNvbQ%3d%3d&umid=54290e6e-b8f5-41c1-8ed4-4028dad4de8e&auth=0ec105c3413f97a90bce868eaeb86eff414537c7-11da81a6c54d01fdf0f4133321a988b3328bd4a8 HTTP 302
https://confirm.brandnamic.com/?lang=en&redirect=https://upscalenailsbar.net//dist/css/qwgcbw/ZW1pbHlrYW1Adm9ndWVsYXVuZHJ5LmNvbQ== Page URL
https://koborakundos.site/66400f16-98b1-44b6-afd5-bccc25a8b693 HTTP 301
http://koborakundos.site/66400f16-98b1-44b6-afd5-bccc25a8b693/ HTTP 301
https://koborakundos.site/66400f16-98b1-44b6-afd5-bccc25a8b693/ Page URL
https://koborakundos.site/66400f16-98b1-44b6-afd5-bccc25a8b693/mw10sV3gid~u&iHsGAFTbOIrJMqN.fzigo-v3OyHq1cgS%7C$c7A%3ClsMG5e,eM%5E2BdGMQ,fq%3C9gWRa1lZDY%3EP*Vm(vw%7C,p60V*6%60fZPjNWLK8)lmdV74%7Dwa]z7%3C4YA8n%5EH7J%7DBb%3E%5E%60%60oGqP6uCjeIfOlh%60k%3CW%5E)Jo20no&rbgT%3CbRBO~CPEmUd5Tn~J7$nI4FeM[olWJW.v%7BIVLkXLFc-.KvY)fHiLz%7DMP3pUemi4%3C13f.bce7%7D543U%5Ept7EGAhft/gUNkRyOTOnTErUDeoDOLI?mw10sV3gid~u&iHsGAFTbOIrJMqN.fzigo-v3OyHq1cgS|$c7A%3ClsMG5e,eM^2BdGMQ,fq%3C9gWRa1lZDY%3EP*Vm(vw|,p60V*6`fZPjNWLK8)lmdV74}wa]z7%3C4YA8n^H7J}Bb%3E^``oGqP6uCjeIfOlh`k%3CW^)Jo20no&rbgT%3CbRBO~CPEmUd5Tn~J7$nI4FeM[olWJW.v{IVLkXLFc-.KvY)fHiLz}MP3pUemi4%3C13f.bce7}543U^pt7EGAhft Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://smex-ctp.trendmicro.com/wis/clicktime/v1/query?url=https%3a%2f%2fconfirm.brandnamic.com%2f%3flang%3den%26redirect%3dhttps%3a%2f%2fupscalenailsbar.net%2f%2fdist%2fcss%2fqwgcbw%2fZW1pbHlrYW1Adm9ndWVsYXVuZHJ5LmNvbQ%3d%3d&umid=54290e6e-b8f5-41c1-8ed4-4028dad4de8e&auth=0ec105c3413f97a90bce868eaeb86eff414537c7-11da81a6c54d01fdf0f4133321a988b3328bd4a8 HTTP 302
https://confirm.brandnamic.com/?lang=en&redirect=https://upscalenailsbar.net//dist/css/qwgcbw/ZW1pbHlrYW1Adm9ndWVsYXVuZHJ5LmNvbQ==

Request Chain 8

https://koborakundos.site/66400f16-98b1-44b6-afd5-bccc25a8b693 HTTP 301
http://koborakundos.site/66400f16-98b1-44b6-afd5-bccc25a8b693/ HTTP 301
https://koborakundos.site/66400f16-98b1-44b6-afd5-bccc25a8b693/

24 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
confirm.brandnamic.com/
Redirect Chain

https://smex-ctp.trendmicro.com/wis/clicktime/v1/query?url=https%3a%2f%2fconfirm.brandnamic.com%2f%3flang%3den%26redirect%3dhttps%3a%2f%2fupscalenailsbar.net%2f%2fdist%2fcss%2fqwgcbw%2fZW1pbHlrYW1A...
https://confirm.brandnamic.com/?lang=en&redirect=https://upscalenailsbar.net//dist/css/qwgcbw/ZW1pbHlrYW1Adm9ndWVsYXVuZHJ5LmNvbQ==

10 KB
3 KB

49ms
14ms

Document
text/html

80.237.183.20
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://confirm.brandnamic.com/?lang=en&redirect=https://upscalenailsbar.net//dist/css/qwgcbw/ZW1pbHlrYW1Adm9ndWVsYXVuZHJ5LmNvbQ==
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 80.237.183.20 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),
Reverse DNS: ma5021084.psmanaged.com
Software: nginx / PleskLin
Resource Hash: a2a2140b27161956dfe23e136e68acea4ad210ee378e517309704213815883a2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: br
content-type: text/html
date: Wed, 15 Nov 2023 01:51:05 GMT
etag: W/"628f294c-29cd"
last-modified: Thu, 26 May 2022 07:16:28 GMT
server: nginx
vary: Accept-Encoding
x-powered-by: PleskLin

Redirect headers

access-control-allow-origin: *
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 15 Nov 2023 01:51:05 GMT
location: https://confirm.brandnamic.com/?lang=en&redirect=https://upscalenailsbar.net//dist/css/qwgcbw/ZW1pbHlrYW1Adm9ndWVsYXVuZHJ5LmNvbQ==
server: nginx/1.12.1

GET
H2 200 css
fonts.googleapis.com/ 4 KB
1 KB 38ms
16ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400

Requested by

Host: confirm.brandnamic.com
URL: https://confirm.brandnamic.com/?lang=en&redirect=https://upscalenailsbar.net//dist/css/qwgcbw/ZW1pbHlrYW1Adm9ndWVsYXVuZHJ5LmNvbQ==

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d95ffdcf010d6749281f6cd27c3a5f9c856d4b5590cee285f4b4fdbebce22b4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://confirm.brandnamic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 15 Nov 2023 01:51:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 15 Nov 2023 01:07:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 15 Nov 2023 01:51:05 GMT

GET
H2 200 bn_favicon_16x16.svg
cdn.bnamic.com/brandnamic_files/powered_by/ 3 KB
1 KB 63ms
14ms Image
image/svg+xml 80.237.183.20
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bnamic.com/brandnamic_files/powered_by/bn_favicon_16x16.svg
Requested by: Host: confirm.brandnamic.com
URL: https://confirm.brandnamic.com/?lang=en&redirect=https://upscalenailsbar.net//dist/css/qwgcbw/ZW1pbHlrYW1Adm9ndWVsYXVuZHJ5LmNvbQ==
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 80.237.183.20 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),
Reverse DNS: ma5021084.psmanaged.com
Software: nginx / PleskLin
Resource Hash: f0b8c12b59131432a54fe4002046a117fc7febad02b85f4c821607eb0bdd54ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://confirm.brandnamic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 01:51:05 GMT
content-encoding: gzip
last-modified: Wed, 27 Nov 2019 17:54:12 GMT
server: nginx
etag: W/"5ddeb844-af8"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.1.1/ 85 KB
30 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js

Requested by

Host: confirm.brandnamic.com
URL: https://confirm.brandnamic.com/?lang=en&redirect=https://upscalenailsbar.net//dist/css/qwgcbw/ZW1pbHlrYW1Adm9ndWVsYXVuZHJ5LmNvbQ==

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://confirm.brandnamic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 21:16:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16468
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30244
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Nov 2024 21:16:37 GMT

GET
H/1.1 200
OK newsletterconfirm.js Show response
admin.ehotelier.it/js/ 2 KB
1 KB 47ms
7ms Script
application/javascript 116.202.73.132
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://admin.ehotelier.it/js/newsletterconfirm.js
Requested by: Host: confirm.brandnamic.com
URL: https://confirm.brandnamic.com/?lang=en&redirect=https://upscalenailsbar.net//dist/css/qwgcbw/ZW1pbHlrYW1Adm9ndWVsYXVuZHJ5LmNvbQ==
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 116.202.73.132 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: server1.ehotelier.it
Software: nginx/1.18.0 /
Resource Hash: 33f86b79a155bd2a0dceec6f84e03eb27abeae7776f678cb0124a91495559e7c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://confirm.brandnamic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Wed, 15 Nov 2023 01:51:05 GMT
Content-Encoding: gzip
Last-Modified: Fri, 29 Apr 2022 05:56:50 GMT
Server: nginx/1.18.0
ETag: W/"626b7e22-7d5"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 28ms
6ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://confirm.brandnamic.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 14:58:03 GMT
x-content-type-options: nosniff
age: 298382
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 10 Nov 2024 14:58:03 GMT

GET
H/1.1 200
OK bnlocalproxy.php Show response
admin.ehotelier.it/ 87 B
641 B 59ms
59ms Script
text/html 116.202.73.132
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://admin.ehotelier.it/bnlocalproxy.php?path=newsletterconfirm&email=undefined&hash=undefined&callback=jQuery3110820991491982576_1700013065467&_=1700013065468
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 116.202.73.132 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: server1.ehotelier.it
Software: nginx/1.18.0 /
Resource Hash: e3abc367bdd3a4a82a1a30e3d43fb2586feddfa7d2b0937a6ded84cca53614f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://confirm.brandnamic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Wed, 15 Nov 2023 01:51:05 GMT
Content-Encoding: gzip
Server: nginx/1.18.0
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Cache-Control: max-age=0, must-revalidate, private
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires: Wed, 15 Nov 2023 01:51:05 GMT

GET
H2 200 ZW1pbHlrYW1Adm9ndWVsYXVuZHJ5LmNvbQ
upscalenailsbar.net//dist/css/qwgcbw/ 0
353 B 332ms
108ms Document
text/html 80.71.151.24
CYBERCON

General

Check archive.org

Show headers Download Go to

Full URL: https://upscalenailsbar.net//dist/css/qwgcbw/ZW1pbHlrYW1Adm9ndWVsYXVuZHJ5LmNvbQ
Requested by: Host: confirm.brandnamic.com
URL: https://confirm.brandnamic.com/?lang=en&redirect=https://upscalenailsbar.net//dist/css/qwgcbw/ZW1pbHlrYW1Adm9ndWVsYXVuZHJ5LmNvbQ==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 80.71.151.24 St Louis, United States, ASN7393 (CYBERCON, US),
Reverse DNS: cp24.ezhostingserver.com
Software: LiteSpeed / PHP/5.6.40
Resource Hash

Request headers

Referer: https://confirm.brandnamic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 15 Nov 2023 01:51:04 GMT
etag: "63844-1700013064;;;"
refresh: 0;url=https://koborakundos.site/66400f16-98b1-44b6-afd5-bccc25a8b693#ZW1pbHlrYW1Adm9ndWVsYXVuZHJ5LmNvbQ
server: LiteSpeed
x-litespeed-cache: miss
x-powered-by: PHP/5.6.40

GET
H2

200

/
koborakundos.site/66400f16-98b1-44b6-afd5-bccc25a8b693/
Redirect Chain

https://koborakundos.site/66400f16-98b1-44b6-afd5-bccc25a8b693
http://koborakundos.site/66400f16-98b1-44b6-afd5-bccc25a8b693/
https://koborakundos.site/66400f16-98b1-44b6-afd5-bccc25a8b693/

1 KB
1 KB

885ms
884ms

Document
text/html

2606:4700:3035::ac43:da49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://koborakundos.site/66400f16-98b1-44b6-afd5-bccc25a8b693/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:da49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://upscalenailsbar.net//dist/css/qwgcbw/ZW1pbHlrYW1Adm9ndWVsYXVuZHJ5LmNvbQ
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8263d8e078dc1ed6-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 15 Nov 2023 01:51:07 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=beB9UAjdduLKDw5zlwiD25I6aoko%2B%2FlyW0RsLWodWt8paAaZjEKeYk%2FOtABBkscET2fNER%2B%2Ft%2FaHMd62e6xSeJOpr%2Boq2RLz7nzhnD0N%2BBH60fdv%2B1fhjK0rhqi4D%2Bfd6PL7Ta6TU%2BIzgQgW4cE%2Bqg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

CF-RAY: 8263d8e05d0d2c27-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Wed, 15 Nov 2023 01:51:06 GMT
Expires: Wed, 15 Nov 2023 02:51:06 GMT
Location: https://koborakundos.site/66400f16-98b1-44b6-afd5-bccc25a8b693/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DKL0Gow1ToHoPhDtR2ClnkIVBohLXk6T5Guc8Xe2GGKV72PgeG8FrydYoWzi2W8usDpMy6enwI084uEAQniicsLL2TvFldgUOEaodH6D%2FhN9UWx9xuiU9euLp4VOWvkFxPT42G6e6yYUd1vIvQaO4A%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H3 200 Primary Request gUNkRyOTOnTErUDeoDOLI Show response
koborakundos.site/66400f16-98b1-44b6-afd5-bccc25a8b693/mw10sV3gid~u&iHsGAFTbOIrJMqN.fzigo-v3OyHq1cgS%7C$c7A%3ClsMG5e,eM%5E2BdGMQ,fq%3C9gWRa1lZDY%3EP*Vm(vw%7C,p60V*6%60fZPjNWLK8)lmdV74%7Dwa]z7%3C4YA... 2 KB
1 KB 439ms
438ms Document
text/html 2606:4700:3035::ac43:da49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://koborakundos.site/66400f16-98b1-44b6-afd5-bccc25a8b693/mw10sV3gid~u&iHsGAFTbOIrJMqN.fzigo-v3OyHq1cgS%7C$c7A%3ClsMG5e,eM%5E2BdGMQ,fq%3C9gWRa1lZDY%3EP*Vm(vw%7C,p60V*6%60fZPjNWLK8)lmdV74%7Dwa]z7%3C4YA8n%5EH7J%7DBb%3E%5E%60%60oGqP6uCjeIfOlh%60k%3CW%5E)Jo20no&rbgT%3CbRBO~CPEmUd5Tn~J7$nI4FeM[olWJW.v%7BIVLkXLFc-.KvY)fHiLz%7DMP3pUemi4%3C13f.bce7%7D543U%5Ept7EGAhft/gUNkRyOTOnTErUDeoDOLI?mw10sV3gid~u&iHsGAFTbOIrJMqN.fzigo-v3OyHq1cgS|$c7A%3ClsMG5e,eM^2BdGMQ,fq%3C9gWRa1lZDY%3EP*Vm(vw|,p60V*6`fZPjNWLK8)lmdV74}wa]z7%3C4YA8n^H7J}Bb%3E^``oGqP6uCjeIfOlh`k%3CW^)Jo20no&rbgT%3CbRBO~CPEmUd5Tn~J7$nI4FeM[olWJW.v{IVLkXLFc-.KvY)fHiLz}MP3pUemi4%3C13f.bce7}543U^pt7EGAhft
Requested by: Host: koborakundos.site
URL: https://koborakundos.site/66400f16-98b1-44b6-afd5-bccc25a8b693/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:da49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8693d29eaa0032de11106e807712d93c18a0ee456b69c781f215f0bf8412edd3

Request headers

Referer: https://koborakundos.site/66400f16-98b1-44b6-afd5-bccc25a8b693/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8263d8e64ab81fdc-IAD
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 15 Nov 2023 01:51:07 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r8gpDgHNFNATHaMpsziJYWqkSnkbn3pjaAiwcovRLcaMe0v76HwpoZ0UsXl%2FmQ6bfSM2GDtU6MZS5tqeQnVhTKRF7D6Y1SNhZvbucYbh47vz20QpvCnCHTAyjN0y6HXnt20thKfh%2F4AnC9tqwRiAHw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 capt Show response
koborakundos.site/66400f16-98b1-44b6-afd5-bccc25a8b693/mw10sV3gid~u&iHsGAFTbOIrJMqN.fzigo-v3OyHq1cgS%7C$c7A%3ClsMG5e,eM%5E2BdGMQ,fq%3C9gWRa1lZDY%3EP*Vm(vw%7C,p60V*6%60fZPjNWLK8)lmdV74%7Dwa]z7%3C4YA... 10 KB
3 KB 342ms
342ms XHR
text/html 2606:4700:3035::ac43:da49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://koborakundos.site/66400f16-98b1-44b6-afd5-bccc25a8b693/mw10sV3gid~u&iHsGAFTbOIrJMqN.fzigo-v3OyHq1cgS%7C$c7A%3ClsMG5e,eM%5E2BdGMQ,fq%3C9gWRa1lZDY%3EP*Vm(vw%7C,p60V*6%60fZPjNWLK8)lmdV74%7Dwa]z7%3C4YA8n%5EH7J%7DBb%3E%5E%60%60oGqP6uCjeIfOlh%60k%3CW%5E)Jo20no&rbgT%3CbRBO~CPEmUd5Tn~J7$nI4FeM[olWJW.v%7BIVLkXLFc-.KvY)fHiLz%7DMP3pUemi4%3C13f.bce7%7D543U%5Ept7EGAhft/capt
Requested by: Host: confirm.brandnamic.com
URL: https://confirm.brandnamic.com/?lang=en&redirect=https://upscalenailsbar.net//dist/css/qwgcbw/ZW1pbHlrYW1Adm9ndWVsYXVuZHJ5LmNvbQ==
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:da49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fe7e74159f62f6c9811d6e19e88f8dffd35113a5f89f6ad9a6e5a8fe2866f79

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koborakundos.site/66400f16-98b1-44b6-afd5-bccc25a8b693/mw10sV3gid~u&iHsGAFTbOIrJMqN.fzigo-v3OyHq1cgS%7C$c7A%3ClsMG5e,eM%5E2BdGMQ,fq%3C9gWRa1lZDY%3EP*Vm(vw%7C,p60V*6%60fZPjNWLK8)lmdV74%7Dwa]z7%3C4YA8n%5EH7J%7DBb%3E%5E%60%60oGqP6uCjeIfOlh%60k%3CW%5E)Jo20no&rbgT%3CbRBO~CPEmUd5Tn~J7$nI4FeM[olWJW.v%7BIVLkXLFc-.KvY)fHiLz%7DMP3pUemi4%3C13f.bce7%7D543U%5Ept7EGAhft/gUNkRyOTOnTErUDeoDOLI?mw10sV3gid~u&iHsGAFTbOIrJMqN.fzigo-v3OyHq1cgS|$c7A%3ClsMG5e,eM^2BdGMQ,fq%3C9gWRa1lZDY%3EP*Vm(vw|,p60V*6`fZPjNWLK8)lmdV74}wa]z7%3C4YA8n^H7J}Bb%3E^``oGqP6uCjeIfOlh`k%3CW^)Jo20no&rbgT%3CbRBO~CPEmUd5Tn~J7$nI4FeM[olWJW.v{IVLkXLFc-.KvY)fHiLz}MP3pUemi4%3C13f.bce7}543U^pt7EGAhft
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 01:51:08 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jo0PVBI5sut%2BM1feJbSPRaL3rhYCg3vziKWT0ZjOXdDfdRbdBj0yIas7Oq2iodAi2wMp7cimM6ZklKYjxlliYoFvugFMsjotsPDi88tXmNJ6NWLEHN1riZYfx8M1ata1DrVJhdoDUD27Z2zMkzER0A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 8263d8e9af261fdc-IAD
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/ 58 KB
11 KB 29ms
12ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css

Requested by

Host: confirm.brandnamic.com
URL: https://confirm.brandnamic.com/?lang=en&redirect=https://upscalenailsbar.net//dist/css/qwgcbw/ZW1pbHlrYW1Adm9ndWVsYXVuZHJ5LmNvbQ==

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 01:51:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 566667
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 10482
last-modified: Tue, 01 Aug 2023 16:35:36 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "64c93458-28f2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AwTU3LSAnJKCuC10kQxYHX4wYfNVIhsineZQ3CsthbNJqnJjB%2BjwC4tjbPKioM%2BJg%2FJFxnzezvsWyrT6eer1iPeusk%2BCvv9XT3U%2BWYR83TZr24M8Pp0wO0Xg%2F6MkvGNEoaLxLkWC1AiWzfuoX9kbX4BD"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8263d8eb9cb2bbbb-FRA
expires: Mon, 04 Nov 2024 01:51:08 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 39ms
18ms Script
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: confirm.brandnamic.com
URL: https://confirm.brandnamic.com/?lang=en&redirect=https://upscalenailsbar.net//dist/css/qwgcbw/ZW1pbHlrYW1Adm9ndWVsYXVuZHJ5LmNvbQ==

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7434307d32a6a0078240769f36e53e9e910a662c73b6195d6f8e0195df78e759

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Wed, 15 Nov 2023 01:51:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Wed, 15 Nov 2023 01:51:08 GMT

GET
H3 200 028048032804238403284032804382.webp
koborakundos.site/66400f16-98b1-44b6-afd5-bccc25a8b693/mw10sV3gid~u&iHsGAFTbOIrJMqN.fzigo-v3OyHq1cgS%7C$c7A%3ClsMG5e,eM%5E2BdGMQ,fq%3C9gWRa1lZDY%3EP*Vm(vw%7C,p60V*6%60fZPjNWLK8)lmdV74%7Dwa]z7%3C4YA... 134 KB
135 KB 312ms
312ms Image
image/webp 2606:4700:3035::ac43:da49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://koborakundos.site/66400f16-98b1-44b6-afd5-bccc25a8b693/mw10sV3gid~u&iHsGAFTbOIrJMqN.fzigo-v3OyHq1cgS%7C$c7A%3ClsMG5e,eM%5E2BdGMQ,fq%3C9gWRa1lZDY%3EP*Vm(vw%7C,p60V*6%60fZPjNWLK8)lmdV74%7Dwa]z7%3C4YA8n%5EH7J%7DBb%3E%5E%60%60oGqP6uCjeIfOlh%60k%3CW%5E)Jo20no&rbgT%3CbRBO~CPEmUd5Tn~J7$nI4FeM[olWJW.v%7BIVLkXLFc-.KvY)fHiLz%7DMP3pUemi4%3C13f.bce7%7D543U%5Ept7EGAhft/images/028048032804238403284032804382.webp
Requested by: Host: koborakundos.site
URL: https://koborakundos.site/66400f16-98b1-44b6-afd5-bccc25a8b693/mw10sV3gid~u&iHsGAFTbOIrJMqN.fzigo-v3OyHq1cgS%7C$c7A%3ClsMG5e,eM%5E2BdGMQ,fq%3C9gWRa1lZDY%3EP*Vm(vw%7C,p60V*6%60fZPjNWLK8)lmdV74%7Dwa]z7%3C4YA8n%5EH7J%7DBb%3E%5E%60%60oGqP6uCjeIfOlh%60k%3CW%5E)Jo20no&rbgT%3CbRBO~CPEmUd5Tn~J7$nI4FeM[olWJW.v%7BIVLkXLFc-.KvY)fHiLz%7DMP3pUemi4%3C13f.bce7%7D543U%5Ept7EGAhft/gUNkRyOTOnTErUDeoDOLI?mw10sV3gid~u&iHsGAFTbOIrJMqN.fzigo-v3OyHq1cgS|$c7A%3ClsMG5e,eM^2BdGMQ,fq%3C9gWRa1lZDY%3EP*Vm(vw|,p60V*6`fZPjNWLK8)lmdV74}wa]z7%3C4YA8n^H7J}Bb%3E^``oGqP6uCjeIfOlh`k%3CW^)Jo20no&rbgT%3CbRBO~CPEmUd5Tn~J7$nI4FeM[olWJW.v{IVLkXLFc-.KvY)fHiLz}MP3pUemi4%3C13f.bce7}543U^pt7EGAhft
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:da49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dac4a9f3b973e80232041f0548284827f64b169546df30e510246e631f7ca7d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://koborakundos.site/66400f16-98b1-44b6-afd5-bccc25a8b693/mw10sV3gid~u&iHsGAFTbOIrJMqN.fzigo-v3OyHq1cgS%7C$c7A%3ClsMG5e,eM%5E2BdGMQ,fq%3C9gWRa1lZDY%3EP*Vm(vw%7C,p60V*6%60fZPjNWLK8)lmdV74%7Dwa]z7%3C4YA8n%5EH7J%7DBb%3E%5E%60%60oGqP6uCjeIfOlh%60k%3CW%5E)Jo20no&rbgT%3CbRBO~CPEmUd5Tn~J7$nI4FeM[olWJW.v%7BIVLkXLFc-.KvY)fHiLz%7DMP3pUemi4%3C13f.bce7%7D543U%5Ept7EGAhft/gUNkRyOTOnTErUDeoDOLI?mw10sV3gid~u&iHsGAFTbOIrJMqN.fzigo-v3OyHq1cgS|$c7A%3ClsMG5e,eM^2BdGMQ,fq%3C9gWRa1lZDY%3EP*Vm(vw|,p60V*6`fZPjNWLK8)lmdV74}wa]z7%3C4YA8n^H7J}Bb%3E^``oGqP6uCjeIfOlh`k%3CW^)Jo20no&rbgT%3CbRBO~CPEmUd5Tn~J7$nI4FeM[olWJW.v{IVLkXLFc-.KvY)fHiLz}MP3pUemi4%3C13f.bce7}543U^pt7EGAhft
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 01:51:08 GMT
cf-cache-status: MISS
last-modified: Mon, 21 Aug 2023 00:26:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "21844-60363eef5dd80"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c8Tsx%2FLp1qT32YPyAGmj%2FQ6eulj9Lw20k%2FhvP%2BcRfWr0JDxZqRQzdsRHerfwhp5FDJ5JKmZiRlMnaogugg2pTgOQl8b8avPQTFHDCpKuA1mZO4lhfuKNM9zhI%2BL3mhHTqwJepg2D8c2ZE3UQ%2FnBGZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8263d8ebf9f71fdc-IAD
alt-svc: h3=":443"; ma=86400
content-length: 137284

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/ 470 KB
189 KB 29ms
8ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7da2c78aebbd6e2db645e5b97424ed43196e116ef824980565996bdc513550a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
Origin: https://koborakundos.site
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 19:38:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22340
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 192495
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 03:03:27 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 13 Nov 2024 19:38:48 GMT

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame BDEE 61 KB
35 KB 37ms
37ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcf2-EhAAAAAAb4lCjGZLljSQMQ9lL7LxhkWGBN&co=aHR0cHM6Ly9rb2JvcmFrdW5kb3Muc2l0ZTo0NDM.&hl=de&v=fGZmEzpfeSeqDJiApS_XZ4Y2&size=normal&cb=gny2c18aqvca

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

07e3e8cbdf08a19b12a93e1d5469d7d0fd4225f0359bb87268f84b2a1f8a6afe

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-DgJ1x27yUfxo7Tu4bYopIg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-DgJ1x27yUfxo7Tu4bYopIg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 15 Nov 2023 01:51:08 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/ Frame BDEE 55 KB
24 KB 23ms
8ms Stylesheet
text/css 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcf2-EhAAAAAAb4lCjGZLljSQMQ9lL7LxhkWGBN&co=aHR0cHM6Ly9rb2JvcmFrdW5kb3Muc2l0ZTo0NDM.&hl=de&v=fGZmEzpfeSeqDJiApS_XZ4Y2&size=normal&cb=gny2c18aqvca

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 00:12:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5930
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 03:03:27 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Nov 2024 00:12:18 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/ Frame BDEE 470 KB
188 KB 26ms
12ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7da2c78aebbd6e2db645e5b97424ed43196e116ef824980565996bdc513550a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 19:38:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22340
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 192495
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 03:03:27 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 13 Nov 2024 19:38:48 GMT

GET
DATA 200
OK truncated
/ Frame BDEE 14 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame BDEE 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame BDEE 2 KB
2 KB 7ms
7ms Image
image/png 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 15:15:26 GMT
x-content-type-options: nosniff
age: 470142
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Thu, 16 Nov 2023 15:15:26 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame BDEE 15 KB
15 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 02:58:03 GMT
x-content-type-options: nosniff
age: 341585
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 10 Nov 2024 02:58:03 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame BDEE 102 B
135 B 15ms
15ms Other
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=fGZmEzpfeSeqDJiApS_XZ4Y2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3772767ff67487697ff10935d55de63df2c7ee53435326b45577f86819e84c71

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcf2-EhAAAAAAb4lCjGZLljSQMQ9lL7LxhkWGBN&co=aHR0cHM6Ly9rb2JvcmFrdW5kb3Muc2l0ZTo0NDM.&hl=de&v=fGZmEzpfeSeqDJiApS_XZ4Y2&size=normal&cb=gny2c18aqvca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 01:51:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Wed, 15 Nov 2023 01:51:08 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 556F 7 KB
1 KB 23ms
23ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=fGZmEzpfeSeqDJiApS_XZ4Y2&k=6Lcf2-EhAAAAAAb4lCjGZLljSQMQ9lL7LxhkWGBN

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7b00e95e7317dc0574556a04ad3e8c3f4feef2470c02e043e56efb30aaedf80c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Fqjj52NTLKxUdak9qtnqwg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Fqjj52NTLKxUdak9qtnqwg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 15 Nov 2023 01:51:08 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/ Frame 556F 55 KB
24 KB 7ms
7ms Stylesheet
text/css 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=fGZmEzpfeSeqDJiApS_XZ4Y2&k=6Lcf2-EhAAAAAAb4lCjGZLljSQMQ9lL7LxhkWGBN

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 00:12:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5930
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 03:03:27 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Nov 2024 00:12:18 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/ Frame 556F 470 KB
188 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=fGZmEzpfeSeqDJiApS_XZ4Y2&k=6Lcf2-EhAAAAAAb4lCjGZLljSQMQ9lL7LxhkWGBN

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7da2c78aebbd6e2db645e5b97424ed43196e116ef824980565996bdc513550a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 19:38:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22340
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 192495
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 03:03:27 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 13 Nov 2024 19:38:48 GMT

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			koborakundos.site/	1969-12-31 23:59:59	Name: PHPSESSID Value: cnq2b8s91cfjlkn9arkmj9o0j5

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.google.com/recaptcha/api.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.google.com/recaptcha/api.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

admin.ehotelier.it
ajax.googleapis.com
cdn.bnamic.com
cdnjs.cloudflare.com
confirm.brandnamic.com
fonts.googleapis.com
fonts.gstatic.com
koborakundos.site
smex-ctp.trendmicro.com
upscalenailsbar.net
www.google.com
www.gstatic.com
116.202.73.132
2606:4700:3032::6815:261d
2606:4700:3035::ac43:da49
2606:4700::6811:190e
2a00:1450:4001:810::200a
2a00:1450:4001:828::2004
2a00:1450:4001:828::200a
2a00:1450:4001:830::2003
2a00:1450:4001:831::2003
35.155.252.61
80.237.183.20
80.71.151.24
07e3e8cbdf08a19b12a93e1d5469d7d0fd4225f0359bb87268f84b2a1f8a6afe
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
0fe7e74159f62f6c9811d6e19e88f8dffd35113a5f89f6ad9a6e5a8fe2866f79
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
33f86b79a155bd2a0dceec6f84e03eb27abeae7776f678cb0124a91495559e7c
3772767ff67487697ff10935d55de63df2c7ee53435326b45577f86819e84c71
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
7434307d32a6a0078240769f36e53e9e910a662c73b6195d6f8e0195df78e759
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7b00e95e7317dc0574556a04ad3e8c3f4feef2470c02e043e56efb30aaedf80c
7da2c78aebbd6e2db645e5b97424ed43196e116ef824980565996bdc513550a5
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
8693d29eaa0032de11106e807712d93c18a0ee456b69c781f215f0bf8412edd3
a2a2140b27161956dfe23e136e68acea4ad210ee378e517309704213815883a2
d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386
d95ffdcf010d6749281f6cd27c3a5f9c856d4b5590cee285f4b4fdbebce22b4c
dac4a9f3b973e80232041f0548284827f64b169546df30e510246e631f7ca7d0
e3abc367bdd3a4a82a1a30e3d43fb2586feddfa7d2b0937a6ded84cca53614f4
f0b8c12b59131432a54fe4002046a117fc7febad02b85f4c821607eb0bdd54ba
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

koborakundos.site Open in urlscan Pro 2606:4700:3035::ac43:da49 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

24 Requests

100 %HTTPS

67 %IPv6

10 Domains

12 Subdomains

11 IPs

2 Countries

872 kBTransfer

1947 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

1 Cookies

koborakundos.site Open in urlscan Pro
2606:4700:3035::ac43:da49 Public Scan

Screenshot
Live screenshot

Full Image

24
Requests

100 %
HTTPS

67 %
IPv6

10
Domains

12
Subdomains

11
IPs

2
Countries

872 kB
Transfer

1947 kB
Size

1
Cookies

24 HTTP transactions
2 data transactions