Submitted URL: https://shortest.link/3T-H
Effective URL: https://antiphishing.biz/Check_Shortest.Link/3T-H?l=nl
Submission: On August 18 via manual from UY — Scanned from NL

Summary

This website contacted 12 IPs in 5 countries across 11 domains to perform 29 HTTP transactions. The main IP is 185.197.160.33, located in Latvia and belongs to THREE-W-INFRA-AS -- TRANSIT --, NL. The main domain is antiphishing.biz.
TLS certificate: Issued by R3 on August 17th 2022. Valid for: 3 months.
This is the only time antiphishing.biz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
9 gstatic.com
www.gstatic.com
fonts.gstatic.com
695 KB
7 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 3880
73 KB
4 recaptcha.net
www.recaptcha.net — Cisco Umbrella Rank: 1926
24 KB
3 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 2210
77 KB
2 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 123
176 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 54
4 KB
1 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 52
5 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3094
347 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
71 KB
1 antiphishing.biz
antiphishing.biz
4 KB
1 shortest.link
shortest.link
184 B
29 11
Domain Requested by
7 mc.yandex.ru 1 redirects antiphishing.biz
mc.yandex.ru
6 www.gstatic.com www.recaptcha.net
www.gstatic.com
4 www.recaptcha.net antiphishing.biz
www.gstatic.com
www.recaptcha.net
3 fonts.gstatic.com www.recaptcha.net
fonts.googleapis.com
3 fundingchoicesmessages.google.com pagead2.googlesyndication.com
2 pagead2.googlesyndication.com antiphishing.biz
pagead2.googlesyndication.com
1 fonts.googleapis.com
1 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 region1.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com antiphishing.biz
1 antiphishing.biz
1 shortest.link 1 redirects
29 12

This site contains links to these domains. Also see Links.

Domain
shortest.link
www.google.com
Subject Issuer Validity Valid
antiphishing.biz
R3
2022-08-17 -
2022-11-15
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2022-08-01 -
2022-10-24
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-08-01 -
2022-10-24
3 months crt.sh
misc.google.com
GTS CA 1C3
2022-07-18 -
2022-10-10
3 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018
2022-05-21 -
2022-10-31
5 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-07-18 -
2022-10-10
3 months crt.sh
*.google.com
GTS CA 1C3
2022-08-01 -
2022-10-24
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2022-07-18 -
2022-10-10
3 months crt.sh

This page contains 4 frames:

Primary Page: https://antiphishing.biz/Check_Shortest.Link/3T-H?l=nl
Frame ID: B5E47C42F3E1FFC3FA7CCB91B4A83C90
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220816/r20190131/zrt_lookup.html
Frame ID: 68E9AF0285FECCF25FAA7D9A56CB43A1
Requests: 1 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LdLvCQaAAAAADB55cyqgWT4seI5sXoBgqz41IiV&co=aHR0cHM6Ly9hbnRpcGhpc2hpbmcuYml6OjQ0Mw..&hl=nl&v=mq0-U1BHZ5YTcoDC-CvsLPNc&size=normal&cb=x8je12anenug
Frame ID: A39384CADC6313C0050DE777A6361DE4
Requests: 8 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/api2/bframe?hl=nl&v=mq0-U1BHZ5YTcoDC-CvsLPNc&k=6LdLvCQaAAAAADB55cyqgWT4seI5sXoBgqz41IiV
Frame ID: 8B7A5D306231CA4703CC28CB757F53A2
Requests: 3 HTTP requests in this frame

Screenshot

Page Title

Test van link '' voor cyberbeveiligingsbedreigingen

Page URL History Show full URLs

  1. https://shortest.link/3T-H HTTP 301
    https://antiphishing.biz/Check_Shortest.Link/3T-H?l=nl Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

29
Requests

97 %
HTTPS

83 %
IPv6

11
Domains

12
Subdomains

12
IPs

5
Countries

1128 kB
Transfer

2847 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://shortest.link/3T-H HTTP 301
    https://antiphishing.biz/Check_Shortest.Link/3T-H?l=nl Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • https://mc.yandex.ru/watch/86240385?wmode=7&page-url=https%3A%2F%2Fantiphishing.biz%2FCheck_Shortest.Link%2F3T-H%3Fl%3Dnl&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Anlzej4hetqp71c81qpn94%3Afp%3A407%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A870%3Acn%3A1%3Adp%3A0%3Als%3A1069602607119%3Ahid%3A872644840%3Az%3A0%3Ai%3A20220818112527%3Aet%3A1660821927%3Ac%3A1%3Arn%3A787484647%3Arqn%3A1%3Au%3A166082192755513268%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1660821926332%3Ads%3A16%2C37%2C133%2C0%2C182%2C0%2C%2C28%2C0%2C%2C%2C%2C398%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1660821927%3At%3ATest%20van%20link%20%27%27%20voor%20cyberbeveiligingsbedreigingen&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)rqnl(1)ti(2) HTTP 302
  • https://mc.yandex.ru/watch/86240385/1?wmode=7&page-url=https%3A%2F%2Fantiphishing.biz%2FCheck_Shortest.Link%2F3T-H%3Fl%3Dnl&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Anlzej4hetqp71c81qpn94%3Afp%3A407%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A870%3Acn%3A1%3Adp%3A0%3Als%3A1069602607119%3Ahid%3A872644840%3Az%3A0%3Ai%3A20220818112527%3Aet%3A1660821927%3Ac%3A1%3Arn%3A787484647%3Arqn%3A1%3Au%3A166082192755513268%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1660821926332%3Ads%3A16%2C37%2C133%2C0%2C182%2C0%2C%2C28%2C0%2C%2C%2C%2C398%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1660821927%3At%3ATest%20van%20link%20%27%27%20voor%20cyberbeveiligingsbedreigingen&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29

29 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request 3T-H
antiphishing.biz/Check_Shortest.Link/
Redirect Chain
  • https://shortest.link/3T-H
  • https://antiphishing.biz/Check_Shortest.Link/3T-H?l=nl
11 KB
4 KB
Document
General
Full URL
https://antiphishing.biz/Check_Shortest.Link/3T-H?l=nl
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.197.160.33 , Latvia, ASN60144 (THREE-W-INFRA-AS -- TRANSIT --, NL),
Reverse DNS
node3nl.ua-hosting.company
Software
nginx / PHP/7.4.14
Resource Hash
470bae732738daeb503a7df8f7d38e09174e650368046716c8d385af116d2864

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 18 Aug 2022 11:25:26 GMT
pragma
no-cache
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/7.4.14
x-robots-tag
noindex

Redirect headers

content-type
text/html; charset=UTF-8
date
Thu, 18 Aug 2022 11:25:26 GMT
location
https://antiphishing.biz/Check_Shortest.Link/3T-H?l=nl
server
nginx
strict-transport-security
max-age=31536000;
x-powered-by
PHP/7.4.14
x-robots-tag
noindex
js
www.googletagmanager.com/gtag/
197 KB
71 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-JS3B4RDXB6
Requested by
Host: antiphishing.biz
URL: https://antiphishing.biz/Check_Shortest.Link/3T-H?l=nl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fa8316818c85477b230b424d2869329379964a91626355e898a8f6d1a8eb6b80
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://antiphishing.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 11:25:26 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72191
x-xss-protection
0
expires
Thu, 18 Aug 2022 11:25:26 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
169 KB
57 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-0176369080285848
Requested by
Host: antiphishing.biz
URL: https://antiphishing.biz/Check_Shortest.Link/3T-H?l=nl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c7692c8745525fa99172ad33f7ce06d8f70f7d105214215389eaee6ba4eddb10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://antiphishing.biz/
Origin
https://antiphishing.biz
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 11:25:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57320
x-xss-protection
0
server
cafe
etag
10582946213163674815
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 18 Aug 2022 11:25:26 GMT
api.js
www.recaptcha.net/recaptcha/
853 B
969 B
Script
General
Full URL
https://www.recaptcha.net/recaptcha/api.js
Requested by
Host: antiphishing.biz
URL: https://antiphishing.biz/Check_Shortest.Link/3T-H?l=nl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ac450bc0324632a7c1f1542e7b0167d3e4f3d1648a0f8ba9812237aee4d0717a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://antiphishing.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 11:25:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
556
x-xss-protection
1; mode=block
expires
Thu, 18 Aug 2022 11:25:26 GMT
tag.js
mc.yandex.ru/metrika/
205 KB
71 KB
Script
General
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: antiphishing.biz
URL: https://antiphishing.biz/Check_Shortest.Link/3T-H?l=nl
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
79d2a0714828fb6ccc4b66512e397851bb8e7a8b868ec625b5a5d97b539ee212
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://antiphishing.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 11:25:26 GMT
content-encoding
br
last-modified
Mon, 15 Aug 2022 15:05:51 GMT
etag
"62fa369f-118f9"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
71929
expires
Thu, 18 Aug 2022 12:25:26 GMT
recaptcha__nl.js
www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/
384 KB
154 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/recaptcha__nl.js
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dad4f19fb42cf6c77f8fb4bd8406904aea75f8b7cb6449ef94b0d7243e2ec1b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://antiphishing.biz/
Origin
https://antiphishing.biz
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 03:07:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
202658
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
156840
x-xss-protection
0
last-modified
Mon, 08 Aug 2022 08:12:45 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 16 Aug 2023 03:07:48 GMT
collect
region1.google-analytics.com/g/
0
347 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-JS3B4RDXB6&gtm=2oe8h0&_p=1058648073&cid=1671265128.1660821927&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1660821926&sct=1&seg=0&dl=https%3A%2F%2Fantiphishing.biz%2FCheck_Shortest.Link%2F3T-H%3Fl%3Dnl&dt=Test%20van%20link%20%27%27%20voor%20cyberbeveiligingsbedreigingen&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JS3B4RDXB6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://antiphishing.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Aug 2022 11:25:26 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://antiphishing.biz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208110101/
340 KB
120 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-0176369080285848&plah=antiphishing.biz
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-0176369080285848
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1ef1ed39d35abb129a0418624ab45a70194161665de72c6cb99d5fd50ef0ba62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://antiphishing.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 11:25:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122762
x-xss-protection
0
server
cafe
etag
11856737231471527385
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 18 Aug 2022 11:25:26 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220816/r20190131/ Frame 68E9
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220816/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-0176369080285848
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://antiphishing.biz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
62257
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4412
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 17 Aug 2022 18:07:49 GMT
etag
8616628553774171045
expires
Wed, 31 Aug 2022 18:07:49 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
anchor
www.recaptcha.net/recaptcha/api2/ Frame A393
42 KB
22 KB
Document
General
Full URL
https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LdLvCQaAAAAADB55cyqgWT4seI5sXoBgqz41IiV&co=aHR0cHM6Ly9hbnRpcGhpc2hpbmcuYml6OjQ0Mw..&hl=nl&v=mq0-U1BHZ5YTcoDC-CvsLPNc&size=normal&cb=x8je12anenug
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/recaptcha__nl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
05f6360d1ce867b9570589b7ae06027203ffa3bec611de5eb21ff303042d241a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-gI3frqEQKMka_E0JHkEGdA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://antiphishing.biz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
22690
content-security-policy
script-src 'report-sample' 'nonce-gI3frqEQKMka_E0JHkEGdA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 18 Aug 2022 11:25:27 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
1
mc.yandex.ru/watch/86240385/
Redirect Chain
  • https://mc.yandex.ru/watch/86240385?wmode=7&page-url=https%3A%2F%2Fantiphishing.biz%2FCheck_Shortest.Link%2F3T-H%3Fl%3Dnl&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Anlzej4hetqp71c81qpn94%...
  • https://mc.yandex.ru/watch/86240385/1?wmode=7&page-url=https%3A%2F%2Fantiphishing.biz%2FCheck_Shortest.Link%2F3T-H%3Fl%3Dnl&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Anlzej4hetqp71c81qpn9...
338 B
420 B
XHR
General
Full URL
https://mc.yandex.ru/watch/86240385/1?wmode=7&page-url=https%3A%2F%2Fantiphishing.biz%2FCheck_Shortest.Link%2F3T-H%3Fl%3Dnl&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Anlzej4hetqp71c81qpn94%3Afp%3A407%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A870%3Acn%3A1%3Adp%3A0%3Als%3A1069602607119%3Ahid%3A872644840%3Az%3A0%3Ai%3A20220818112527%3Aet%3A1660821927%3Ac%3A1%3Arn%3A787484647%3Arqn%3A1%3Au%3A166082192755513268%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1660821926332%3Ads%3A16%2C37%2C133%2C0%2C182%2C0%2C%2C28%2C0%2C%2C%2C%2C398%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1660821927%3At%3ATest%20van%20link%20%27%27%20voor%20cyberbeveiligingsbedreigingen&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29
Requested by
Host: antiphishing.biz
URL: https://antiphishing.biz/Check_Shortest.Link/3T-H?l=nl
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
5f22d69084c82b572eb2f55f6ffd9587f8b63fb1250b646cab88336fd1869376
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://antiphishing.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Aug 2022 11:25:27 GMT
x-content-type-options
nosniff
last-modified
Thu, 18-Aug-2022 11:25:27 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://antiphishing.biz
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
338
x-xss-protection
1; mode=block
expires
Thu, 18-Aug-2022 11:25:27 GMT

Redirect headers

pragma
no-cache
date
Thu, 18 Aug 2022 11:25:27 GMT
last-modified
Thu, 18-Aug-2022 11:25:27 GMT
location
/watch/86240385/1?wmode=7&page-url=https%3A%2F%2Fantiphishing.biz%2FCheck_Shortest.Link%2F3T-H%3Fl%3Dnl&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Anlzej4hetqp71c81qpn94%3Afp%3A407%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A870%3Acn%3A1%3Adp%3A0%3Als%3A1069602607119%3Ahid%3A872644840%3Az%3A0%3Ai%3A20220818112527%3Aet%3A1660821927%3Ac%3A1%3Arn%3A787484647%3Arqn%3A1%3Au%3A166082192755513268%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1660821926332%3Ads%3A16%2C37%2C133%2C0%2C182%2C0%2C%2C28%2C0%2C%2C%2C%2C398%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1660821927%3At%3ATest%20van%20link%20%27%27%20voor%20cyberbeveiligingsbedreigingen&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29
strict-transport-security
max-age=31536000
access-control-allow-origin
https://antiphishing.biz
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Thu, 18-Aug-2022 11:25:27 GMT
advert.gif
mc.yandex.ru/metrika/
43 B
136 B
Image
General
Full URL
https://mc.yandex.ru/metrika/advert.gif
Requested by
Host: antiphishing.biz
URL: https://antiphishing.biz/Check_Shortest.Link/3T-H?l=nl
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://antiphishing.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 11:25:27 GMT
last-modified
Mon, 15 Aug 2022 15:05:51 GMT
etag
"62fa369f-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Thu, 18 Aug 2022 12:25:27 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/ Frame A393
52 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/styles__ltr.css
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LdLvCQaAAAAADB55cyqgWT4seI5sXoBgqz41IiV&co=aHR0cHM6Ly9hbnRpcGhpc2hpbmcuYml6OjQ0Mw..&hl=nl&v=mq0-U1BHZ5YTcoDC-CvsLPNc&size=normal&cb=x8je12anenug
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
caf2650aa985d277b2dd131a6261888bc64e6c9bc15e5564bfb9b380bcf82a10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.recaptcha.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 11:07:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1074
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24251
x-xss-protection
0
last-modified
Mon, 08 Aug 2022 08:12:45 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 18 Aug 2023 11:07:33 GMT
recaptcha__nl.js
www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/ Frame A393
384 KB
153 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/recaptcha__nl.js
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LdLvCQaAAAAADB55cyqgWT4seI5sXoBgqz41IiV&co=aHR0cHM6Ly9hbnRpcGhpc2hpbmcuYml6OjQ0Mw..&hl=nl&v=mq0-U1BHZ5YTcoDC-CvsLPNc&size=normal&cb=x8je12anenug
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dad4f19fb42cf6c77f8fb4bd8406904aea75f8b7cb6449ef94b0d7243e2ec1b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.recaptcha.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 03:07:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
202659
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
156840
x-xss-protection
0
last-modified
Mon, 08 Aug 2022 08:12:45 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 16 Aug 2023 03:07:48 GMT
ca-pub-0176369080285848
fundingchoicesmessages.google.com/i/
104 KB
36 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-0176369080285848?ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-0176369080285848&plah=antiphishing.biz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0340b9a5d652286320c371292bf1328b963c4bbdd79f2abae6b3fab1156a647e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-31edahjU-kJaORJxGC0PWg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-31edahjU-kJaORJxGC0PWg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://antiphishing.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 11:25:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
application/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
script-src 'report-sample' 'nonce-31edahjU-kJaORJxGC0PWg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-31edahjU-kJaORJxGC0PWg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame A393
14 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame A393
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/png
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame A393
2 KB
2 KB
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 18:59:48 GMT
x-content-type-options
nosniff
age
145539
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Tue, 23 Aug 2022 18:59:48 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A393
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LdLvCQaAAAAADB55cyqgWT4seI5sXoBgqz41IiV&co=aHR0cHM6Ly9hbnRpcGhpc2hpbmcuYml6OjQ0Mw..&hl=nl&v=mq0-U1BHZ5YTcoDC-CvsLPNc&size=normal&cb=x8je12anenug
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.recaptcha.net/
Origin
https://www.recaptcha.net
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 17:06:41 GMT
x-content-type-options
nosniff
age
152326
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 16 Aug 2023 17:06:41 GMT
webworker.js
www.recaptcha.net/recaptcha/api2/ Frame A393
102 B
134 B
Other
General
Full URL
https://www.recaptcha.net/recaptcha/api2/webworker.js?hl=nl&v=mq0-U1BHZ5YTcoDC-CvsLPNc
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LdLvCQaAAAAADB55cyqgWT4seI5sXoBgqz41IiV&co=aHR0cHM6Ly9hbnRpcGhpc2hpbmcuYml6OjQ0Mw..&hl=nl&v=mq0-U1BHZ5YTcoDC-CvsLPNc&size=normal&cb=x8je12anenug
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
373495da8b9ffc6b5dc0b3341548616ed2cb2254c3b9b5e649c7371956b73b2a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LdLvCQaAAAAADB55cyqgWT4seI5sXoBgqz41IiV&co=aHR0cHM6Ly9hbnRpcGhpc2hpbmcuYml6OjQ0Mw..&hl=nl&v=mq0-U1BHZ5YTcoDC-CvsLPNc&size=normal&cb=x8je12anenug
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 11:25:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Thu, 18 Aug 2022 11:25:27 GMT
bframe
www.recaptcha.net/recaptcha/api2/ Frame 8B7A
7 KB
1 KB
Document
General
Full URL
https://www.recaptcha.net/recaptcha/api2/bframe?hl=nl&v=mq0-U1BHZ5YTcoDC-CvsLPNc&k=6LdLvCQaAAAAADB55cyqgWT4seI5sXoBgqz41IiV
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/recaptcha__nl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
6256b93485a0d951f0564f6ba0585e6dfe71a1d7d52eeaa8f736c1686cf3630f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Ee-7mH03NAUf9CtF5XgNAA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://antiphishing.biz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
1111
content-security-policy
script-src 'report-sample' 'nonce-Ee-7mH03NAUf9CtF5XgNAA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 18 Aug 2022 11:25:27 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
AGSKWxW2T1e2ho5lLV_jy-9uo6hK8jJ0reHV0rrxA8zQyev0EI7rIfKMXFT6sA1bQB5wWZpjTXkPiSR5mYRqox984Lc=
fundingchoicesmessages.google.com/f/
244 KB
40 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxW2T1e2ho5lLV_jy-9uo6hK8jJ0reHV0rrxA8zQyev0EI7rIfKMXFT6sA1bQB5wWZpjTXkPiSR5mYRqox984Lc=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjYwODIxOTI3LDQzODAwMDAwMF0sIjQ2NUZBOERELTdDMEEtNDVFNi1CMjk0LUJFMDYzM0NGN0Q3OCIsbnVsbCxudWxsLFtudWxsLFs3XV0sImh0dHBzOi8vYW50aXBoaXNoaW5nLmJpei9DaGVja19TaG9ydGVzdC5MaW5rLzNULUgiLG51bGwsW11d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.nl.NEIKztCyy-k.es5.O/d=1/rs=AJlcJMzz4a9uveRyi_ZYbEDwjlJ23mP3tQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
981f435cbf261d9dcac2d51ce02e0af886e4f77d26e171bfb4118deb90b1274d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-CSeqIty0wZlcwSkjyYAjsw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-CSeqIty0wZlcwSkjyYAjsw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://antiphishing.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy
script-src 'report-sample' 'nonce-CSeqIty0wZlcwSkjyYAjsw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-CSeqIty0wZlcwSkjyYAjsw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options
SAMEORIGIN
date
Thu, 18 Aug 2022 11:25:27 GMT
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to
{"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type
application/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/ Frame 8B7A
52 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/styles__ltr.css
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/bframe?hl=nl&v=mq0-U1BHZ5YTcoDC-CvsLPNc&k=6LdLvCQaAAAAADB55cyqgWT4seI5sXoBgqz41IiV
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
caf2650aa985d277b2dd131a6261888bc64e6c9bc15e5564bfb9b380bcf82a10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.recaptcha.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 11:07:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1074
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24251
x-xss-protection
0
last-modified
Mon, 08 Aug 2022 08:12:45 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 18 Aug 2023 11:07:33 GMT
recaptcha__nl.js
www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/ Frame 8B7A
384 KB
153 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/recaptcha__nl.js
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/bframe?hl=nl&v=mq0-U1BHZ5YTcoDC-CvsLPNc&k=6LdLvCQaAAAAADB55cyqgWT4seI5sXoBgqz41IiV
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dad4f19fb42cf6c77f8fb4bd8406904aea75f8b7cb6449ef94b0d7243e2ec1b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.recaptcha.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 03:07:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
202659
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
156840
x-xss-protection
0
last-modified
Mon, 08 Aug 2022 08:12:45 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 16 Aug 2023 03:07:48 GMT
css
fonts.googleapis.com/
60 KB
4 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans:regular,medium|Material+Icons|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.nl.NEIKztCyy-k.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMzz4a9uveRyi_ZYbEDwjlJ23mP3tQ/m=web_iab_tcf_v2_wall_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
071b2629614039f0f7ceaee23806f462fd911edc990c27a39b385dd46a6bf815
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://antiphishing.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 18 Aug 2022 11:25:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 18 Aug 2022 11:25:27 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 18 Aug 2022 11:25:27 GMT
AGSKWxWtPtN-ixgQXfvVTgNUyzQl6FEf7m2uG1Se-YULVSz_5-WVsEH7XdhgwhgsKK0wv_hzrOkKw8RQLr1m1CXNovgZ7JCfIKKGjGRhwZ0NYPWJwVUfIiATYLu03sEnN1SEy8ZfN9OIfw==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWtPtN-ixgQXfvVTgNUyzQl6FEf7m2uG1Se-YULVSz_5-WVsEH7XdhgwhgsKK0wv_hzrOkKw8RQLr1m1CXNovgZ7JCfIKKGjGRhwZ0NYPWJwVUfIiATYLu03sEnN1SEy8ZfN9OIfw==?dmid=81f2621b50bfc9ae
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.nl.NEIKztCyy-k.es5.O/d=1/rs=AJlcJMzz4a9uveRyi_ZYbEDwjlJ23mP3tQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-xnhss9EPD6FvU643jdBX9Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-xnhss9EPD6FvU643jdBX9Q' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://antiphishing.biz/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 18 Aug 2022 11:25:27 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://antiphishing.biz
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
script-src 'report-sample' 'nonce-xnhss9EPD6FvU643jdBX9Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-xnhss9EPD6FvU643jdBX9Q' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v138/
126 KB
126 KB
Font
General
Full URL
https://fonts.gstatic.com/s/materialicons/v138/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans:regular,medium|Material+Icons|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
273f4bca58132eb580c0e132ca8f44093978a2a98eae6affe5df61c345fa3b19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://antiphishing.biz
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 04:12:58 GMT
x-content-type-options
nosniff
age
25949
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128552
x-xss-protection
0
last-modified
Thu, 11 Aug 2022 01:42:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 18 Aug 2023 04:12:58 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/
44 KB
44 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans:regular,medium|Material+Icons|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://antiphishing.biz
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 18:50:24 GMT
x-content-type-options
nosniff
age
232503
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 15 Aug 2023 18:50:24 GMT
86240385
mc.yandex.ru/webvisor/
43 B
145 B
XHR
General
Full URL
https://mc.yandex.ru/webvisor/86240385?wmode=0&wv-part=1&wv-hit=872644840&page-url=https%3A%2F%2Fantiphishing.biz%2FCheck_Shortest.Link%2F3T-H%3Fl%3Dnl&rn=275332860&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1660821928%3Aw%3A1600x1200%3Av%3A870%3Az%3A0%3Ai%3A20220818112528%3Au%3A166082192755513268%3Avf%3Anlzej4hetqp71c81qpn94%3Awe%3A1%3Ast%3A1660821928&t=gdpr(14)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://antiphishing.biz/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 18 Aug 2022 11:25:28 GMT
last-modified
Thu, 18-Aug-2022 11:25:28 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://antiphishing.biz
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Thu, 18-Aug-2022 11:25:28 GMT
86240385
mc.yandex.ru/webvisor/
43 B
73 B
XHR
General
Full URL
https://mc.yandex.ru/webvisor/86240385?wmode=0&wv-part=2&wv-hit=872644840&page-url=https%3A%2F%2Fantiphishing.biz%2FCheck_Shortest.Link%2F3T-H%3Fl%3Dnl&rn=330803804&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1660821931%3Aw%3A1600x1200%3Av%3A870%3Az%3A0%3Ai%3A20220818112530%3Au%3A166082192755513268%3Avf%3Anlzej4hetqp71c81qpn94%3Awe%3A1%3Ast%3A1660821931&t=gdpr(14)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://antiphishing.biz/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 18 Aug 2022 11:25:31 GMT
last-modified
Thu, 18-Aug-2022 11:25:31 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://antiphishing.biz
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Thu, 18-Aug-2022 11:25:31 GMT
86240385
mc.yandex.ru/webvisor/
43 B
145 B
XHR
General
Full URL
https://mc.yandex.ru/webvisor/86240385?wmode=0&wv-part=1&wv-hit=872644840&page-url=https%3A%2F%2Fantiphishing.biz%2FCheck_Shortest.Link%2F3T-H%3Fl%3Dnl&rn=165245588&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1660821931%3Aw%3A1600x1200%3Av%3A870%3Az%3A0%3Ai%3A20220818112531%3Au%3A166082192755513268%3Avf%3Anlzej4hetqp71c81qpn94%3Awe%3A1%3Ast%3A1660821931&t=gdpr(14)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://antiphishing.biz/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 18 Aug 2022 11:25:31 GMT
last-modified
Thu, 18-Aug-2022 11:25:31 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://antiphishing.biz
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Thu, 18-Aug-2022 11:25:31 GMT

Verdicts & Comments Add Verdict or Comment

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| gtag object| dataLayer function| ym object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| google_tag_manager function| onYouTubeIframeAPIReady object| google_tag_data object| gaGlobal object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| recaptcha object| closure_lm_316280 object| Ya object| yaCounter86240385 function| google_sa_impl object| googlefc boolean| adsbygoogle_ama_fc_has_run object| googleToken object| googleIMState object| default_ContributorServingResponseClientJs object| __googlefc string| __fcInvoked string| __fcexpdef string| MTkyYjBlNWNjMTM4ODVjOGxvYWRlcl9qcw== string| MTkyYjBlNWNjMTM4ODVjOGNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady function| __uspapi object| __uspapiManager

11 Cookies

Domain/Path Name / Value
.antiphishing.biz/ Name: _ga_JS3B4RDXB6
Value: GS1.1.1660821926.1.0.1660821926.0.0.0
.antiphishing.biz/ Name: _ga
Value: GA1.1.1671265128.1660821927
.antiphishing.biz/ Name: _ym_uid
Value: 166082192755513268
.antiphishing.biz/ Name: _ym_d
Value: 1660821927
.yandex.ru/ Name: yandexuid
Value: 9085435101660821927
.yandex.ru/ Name: yuidss
Value: 9085435101660821927
mc.yandex.ru/ Name: yabs-sid
Value: 2278439871660821927
.yandex.ru/ Name: i
Value: 7xI00p9KwIuW8OE3VmmLX8zvYfEzy/BHS7VisCfE5hSvh8DTT0W+S68V4X0mKVkQm8N8NKmpfpO725QDXx6x9F/Ooio=
.yandex.ru/ Name: ymex
Value: 1692357927.yrts.1660821927#1692357927.yrtsi.1660821927
.antiphishing.biz/ Name: _ym_isad
Value: 2
.antiphishing.biz/ Name: _ym_visorc
Value: w

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

antiphishing.biz
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
mc.yandex.ru
pagead2.googlesyndication.com
region1.google-analytics.com
shortest.link
www.googletagmanager.com
www.gstatic.com
www.recaptcha.net
185.197.160.33
193.42.111.139
2001:4860:4802:32::36
2a00:1450:4001:800::2002
2a00:1450:4001:800::2008
2a00:1450:4001:801::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:810::200e
2a00:1450:4001:812::200a
2a00:1450:4001:828::2003
2a00:1450:4001:82a::2003
2a02:6b8::1:119
0340b9a5d652286320c371292bf1328b963c4bbdd79f2abae6b3fab1156a647e
05f6360d1ce867b9570589b7ae06027203ffa3bec611de5eb21ff303042d241a
071b2629614039f0f7ceaee23806f462fd911edc990c27a39b385dd46a6bf815
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1ef1ed39d35abb129a0418624ab45a70194161665de72c6cb99d5fd50ef0ba62
273f4bca58132eb580c0e132ca8f44093978a2a98eae6affe5df61c345fa3b19
373495da8b9ffc6b5dc0b3341548616ed2cb2254c3b9b5e649c7371956b73b2a
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
470bae732738daeb503a7df8f7d38e09174e650368046716c8d385af116d2864
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5f22d69084c82b572eb2f55f6ffd9587f8b63fb1250b646cab88336fd1869376
6256b93485a0d951f0564f6ba0585e6dfe71a1d7d52eeaa8f736c1686cf3630f
79d2a0714828fb6ccc4b66512e397851bb8e7a8b868ec625b5a5d97b539ee212
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
981f435cbf261d9dcac2d51ce02e0af886e4f77d26e171bfb4118deb90b1274d
ac450bc0324632a7c1f1542e7b0167d3e4f3d1648a0f8ba9812237aee4d0717a
c7692c8745525fa99172ad33f7ce06d8f70f7d105214215389eaee6ba4eddb10
caf2650aa985d277b2dd131a6261888bc64e6c9bc15e5564bfb9b380bcf82a10
dad4f19fb42cf6c77f8fb4bd8406904aea75f8b7cb6449ef94b0d7243e2ec1b7
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fa8316818c85477b230b424d2869329379964a91626355e898a8f6d1a8eb6b80