urlscan.io logo urlscan.io
SecurityTrails logo

labsfield.com Open in urlscan Pro
172.67.161.99  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://t.pijnacker.digital/index.php/campaigns/kx002yg5hffe1/track-url/tt6449o18d79f/aac3575fe38df6fd006f9ee2fdeafbecceb60cea
Effective URL: https://labsfield.com/index.php/campaigns/kx002yg5hffe1/web-version/tt6449o18d79f
Submission: On July 09 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 6 domains to perform 12 HTTP transactions. The main IP is 172.67.161.99, located in United States and belongs to CLOUDFLARENET, US. The main domain is labsfield.com.
TLS certificate: Issued by WE1 on June 30th 2024. Valid for: 3 months.
This is the only time labsfield.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 4 172.67.161.99 13335 (CLOUDFLAR...)
4 104.26.8.198 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
12 5
4    172.67.161.99 (United States)

ASN13335 (CLOUDFLARENET, US)
t.pijnacker.digital
labsfield.com
4    104.26.8.198 (None, )

ASN13335 (CLOUDFLARENET, US)
static.lottohelden.de
1    2606:4700::6810:507e (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.bannerflow.com
1    2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
4 lottohelden.de
static.lottohelden.de
26 KB
3 gstatic.com
fonts.gstatic.com
44 KB
3 labsfield.com
labsfield.com
5 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 108
1 KB
1 bannerflow.com
cdn.bannerflow.com — Cisco Umbrella Rank: 78092
61 KB
1 pijnacker.digital
t.pijnacker.digital
655 B
12 6
Domain Requested by
4 static.lottohelden.de labsfield.com
3 fonts.gstatic.com fonts.googleapis.com
3 labsfield.com labsfield.com
1 fonts.googleapis.com labsfield.com
1 cdn.bannerflow.com labsfield.com
1 t.pijnacker.digital 1 redirects
12 6

This site contains no links.

Subject Issuer Validity Valid
labsfield.com
WE1		 2024-06-30 -
2024-09-28		 3 months crt.sh
lottohelden.de
E6		 2024-07-05 -
2024-10-03		 3 months crt.sh
cdn.bannerflow.com
E1		 2024-06-04 -
2024-09-02		 3 months crt.sh
upload.video.google.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
*.gstatic.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://labsfield.com/index.php/campaigns/kx002yg5hffe1/web-version/tt6449o18d79f
Frame ID: 4E2E247D63144370B7944E171E20C3BB
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://t.pijnacker.digital/index.php/campaigns/kx002yg5hffe1/track-url/tt6449o18d79f/aac3575fe38df6fd00... HTTP 307
    https://t.pijnacker.digital/index.php/campaigns/kx002yg5hffe1/track-url/tt6449o18d79f/aac3575fe38df6fd00... HTTP 301
    https://labsfield.com/index.php/campaigns/kx002yg5hffe1/web-version/tt6449o18d79f Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

12
Requests

100 %
HTTPS

60 %
IPv6

6
Domains

6
Subdomains

5
IPs

3
Countries

137 kB
Transfer

148 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://t.pijnacker.digital/index.php/campaigns/kx002yg5hffe1/track-url/tt6449o18d79f/aac3575fe38df6fd006f9ee2fdeafbecceb60cea HTTP 307
    https://t.pijnacker.digital/index.php/campaigns/kx002yg5hffe1/track-url/tt6449o18d79f/aac3575fe38df6fd006f9ee2fdeafbecceb60cea HTTP 301
    https://labsfield.com/index.php/campaigns/kx002yg5hffe1/web-version/tt6449o18d79f Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request tt6449o18d79f
labsfield.com/index.php/campaigns/kx002yg5hffe1/web-version/
Redirect Chain
  • http://t.pijnacker.digital/index.php/campaigns/kx002yg5hffe1/track-url/tt6449o18d79f/aac3575fe38df6fd006f9ee2fdeafbecceb60cea
  • https://t.pijnacker.digital/index.php/campaigns/kx002yg5hffe1/track-url/tt6449o18d79f/aac3575fe38df6fd006f9ee2fdeafbecceb60cea
  • https://labsfield.com/index.php/campaigns/kx002yg5hffe1/web-version/tt6449o18d79f
11 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://labsfield.com/index.php/campaigns/kx002yg5hffe1/web-version/tt6449o18d79f
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.161.99 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.1.14
Resource Hash
e4b515df9aa20e6bc136a3e792c0637efe8ef42c26cc97a658ff6662c6b8cf9d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8a0b93c54a0865cf-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 09 Jul 2024 21:58:45 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BzSvcyRuVddiUjRDx%2BH%2F5PqMz2xaYKJRxtHCtX55%2FJWNOaYp6HpwdhXtYkK9PRj6d72DAjsh8OCz1mzD1WVfRSd5AWkC2OYmZ4Mvs9jKAUpczR%2FWEKpsBTn5AvtDmJ0N"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
x-powered-by
PHP/8.1.14
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate post-check=0, pre-check=0
cf-cache-status
DYNAMIC
cf-ray
8a0b93c31abd9136-FRA
content-type
text/html; charset=UTF-8
date
Tue, 09 Jul 2024 21:58:45 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
last-modified
Tue, 09 Jul 2024 21:58:45 GMT
location
https://labsfield.com/index.php/campaigns/kx002yg5hffe1/web-version/tt6449o18d79f
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GP%2F%2BvJCB4y8%2B%2F%2Fe%2FdvxQfewON4qLQ7LvnVWQgt2FoCn7q2zMdvqJIfsljNqFpKVxf%2Bj7Ku8RHjiP7%2FYq3BM1jYabCFn33PSRSx5t8rC6L4O6fAGRGHi6gHIDx%2FnPHtUeE4HCXio1"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN
x-powered-by
PHP/8.1.14
x-xss-protection
1; mode=block
lh_logo.png
static.lottohelden.de/newsletter/ex/pics/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.lottohelden.de/newsletter/ex/pics/lh_logo.png
Requested by
Host: labsfield.com
URL: https://labsfield.com/index.php/campaigns/kx002yg5hffe1/web-version/tt6449o18d79f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.8.198 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85f19302086f936e857be4646db5afeeed0620368f82e3697951162e6dfa139f

Request headers

Referer
https://labsfield.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 21:58:45 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
22147
x-delivered-by
fe-production1
last-modified
Tue, 02 Nov 2021 08:30:25 GMT
server
cloudflare
etag
"6180f721-5683"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0evvLmyjOSfnmlL1EhMkI0pj53LvVGT7zpqZwhBL1k8Zo6AgazhnzBV%2Byag3P9bDuhdTcNRYn3oJsQerbUOkW6w5PsY9rh3Pbhjr9kQaEvOf2y4fuhCsFp6n8hxlwdo0UstnKZFwEg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=5
accept-ranges
bytes
cf-ray
8a0b93c7f84c9a17-FRA
65c2278e4000bcc2bd55f51d.aT1PrLqGSyPC.jpg
cdn.bannerflow.com/bf-images/ 		60 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.bannerflow.com/bf-images/65c2278e4000bcc2bd55f51d.aT1PrLqGSyPC.jpg
Requested by
Host: labsfield.com
URL: https://labsfield.com/index.php/campaigns/kx002yg5hffe1/web-version/tt6449o18d79f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:507e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd9a867e8efb9aff34d4f68784a24cd132e38ae6fe743f76ffdfc84e4906ba47

Request headers

Referer
https://labsfield.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 09 Jul 2024 21:58:45 GMT
cf-cache-status
HIT
content-md5
gsbkuHXjSNA8J0+2wJTqEg==
age
219
cf-polished
origSize=66706
content-length
61588
x-ms-lease-state
available
x-ms-lease-status
unlocked
cf-bgj
imgq:100,h2pri
last-modified
Mon, 08 Jul 2024 07:05:56 GMT
server
cloudflare
etag
"0x8DC9F1C69F76DFC"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
9faf5c32-301e-001a-0a05-d173dd000000
cache-control
public, max-age=900
x-ms-version
2014-02-14
accept-ranges
bytes
cf-ray
8a0b93c7f8731c44-FRA
service.png
static.lottohelden.de/newsletter/ex/pics/ 		752 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.lottohelden.de/newsletter/ex/pics/service.png
Requested by
Host: labsfield.com
URL: https://labsfield.com/index.php/campaigns/kx002yg5hffe1/web-version/tt6449o18d79f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.8.198 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
211398888463b33b98dcbec9c89d942b0b48212de67769c4fefa3848d28100f4

Request headers

Referer
https://labsfield.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 21:58:45 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
752
x-delivered-by
fe-production3
last-modified
Tue, 02 Nov 2021 08:30:25 GMT
server
cloudflare
etag
"6180f721-2f0"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RXAWZsUIaZMTV8M%2BlTQQ8lgJlUJzPe%2Bw0nNKorXIQEzTHmuki7OjrZnXotqP7QM7sDXxzHqCzOrrbuwKZBl7Ql18M46sXswUmYgOVi5JF9xR69UrcCKyIJY%2F0RDkfpAryTYi%2FG%2BibA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=5
accept-ranges
bytes
cf-ray
8a0b93c7f84e9a17-FRA
icon_trusted.png
static.lottohelden.de/newsletter/ex/pics/ 		868 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.lottohelden.de/newsletter/ex/pics/icon_trusted.png
Requested by
Host: labsfield.com
URL: https://labsfield.com/index.php/campaigns/kx002yg5hffe1/web-version/tt6449o18d79f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.8.198 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3380e0cabf88ae6a4fcb602dd52c754f105e29d478b181649a3a18b09c3399c

Request headers

Referer
https://labsfield.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 21:58:45 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
868
x-delivered-by
fe-production1
last-modified
Tue, 02 Nov 2021 08:30:25 GMT
server
cloudflare
etag
"6180f721-364"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JvWc6aqztq4VXiZlzI%2FaZYPkNEnKjQCV8JkUHMciH%2B8xHFeqtU9CRNvCywhPyYczGpKflO2EMRVjduz9hgQtozvUuir4fRIdtMDYAx2VK2r3lJol8lahwhjMzwJXzKcY9WRR8rb01g%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=5
accept-ranges
bytes
cf-ray
8a0b93c7f84f9a17-FRA
Staat.png
static.lottohelden.de/newsletter/ex/pics/ 		616 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.lottohelden.de/newsletter/ex/pics/Staat.png
Requested by
Host: labsfield.com
URL: https://labsfield.com/index.php/campaigns/kx002yg5hffe1/web-version/tt6449o18d79f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.8.198 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf05f17902629c6088a81263d213b1a90c813d31c62ddd271f83495eba99dc81

Request headers

Referer
https://labsfield.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 21:58:45 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
616
x-delivered-by
fe-production2
last-modified
Tue, 23 Mar 2021 09:40:43 GMT
server
cloudflare
etag
"6059b79b-268"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=znY61gbOtaTVdU98DZYgFzhRxAnLqFBEK0ZQF4TSOAoOlaA%2BV57UtS3x7GF6c1b3ZEK62pFsv%2FaL2ImOqUbm7RCpkDgzI2B1NAzr7rDkHgB7RvKzk4UNCXmy17ldtAXl8bDOmUUPzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=5
accept-ranges
bytes
cf-ray
8a0b93c7f84d9a17-FRA
tt6449o18d79f
labsfield.com/index.php/campaigns/kx002yg5hffe1/track-opening/ 		0
568 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://labsfield.com/index.php/campaigns/kx002yg5hffe1/track-opening/tt6449o18d79f
Requested by
Host: labsfield.com
URL: https://labsfield.com/index.php/campaigns/kx002yg5hffe1/web-version/tt6449o18d79f
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.161.99 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.1.14
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://labsfield.com/index.php/campaigns/kx002yg5hffe1/web-version/tt6449o18d79f
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 21:58:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/8.1.14
p3p
CP="OTI DSP COR CUR IVD CONi OTPi OUR IND UNI STA PRE"
alt-svc
h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Tue, 09 Jul 2024 21:58:45 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RHAy%2B0NbbE10wQ2dq4aYdTmi717sD5yopWmKZh7LJclITtcRaUjyIabBa59hCstVCXw3z4uxsiwEDK3cCCevIVhn%2FAS3mCv06YBN5HBGpDuQGs%2F5jC%2BTifxm861Gt2tX"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
8a0b93c7bd3265cf-FRA
expires
Mon, 26 Jul 1997 05:00:00 GMT
css
fonts.googleapis.com/ 		10 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600,700,900&display=swap
Requested by
Host: labsfield.com
URL: https://labsfield.com/index.php/campaigns/kx002yg5hffe1/web-version/tt6449o18d79f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9215ab17d5bb95365fda0ddf670b851bdf468f5cd802812639f7ec416f702513
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://labsfield.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 09 Jul 2024 21:58:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 09 Jul 2024 21:49:57 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 09 Jul 2024 21:58:45 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600,700,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://labsfield.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 09:31:18 GMT
x-content-type-options
nosniff
age
44848
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14892
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 09 Jul 2025 09:31:18 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600,700,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://labsfield.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 09:37:53 GMT
x-content-type-options
nosniff
age
44453
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14712
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 09 Jul 2025 09:37:53 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3iu4nwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3iu4nwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600,700,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aee584e3d58344a41b190bb7b6e550f98ad3bb8e28fbc7ea6ddca22f0ef97183
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://labsfield.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 09:41:26 GMT
x-content-type-options
nosniff
age
44240
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14188
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:53:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 09 Jul 2025 09:41:26 GMT
favicon.ico
labsfield.com/ 		198 B
581 B 		Other
General
Check archive.org
Download Go to
Full URL
https://labsfield.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.161.99 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de88c1f678413736e858b27974cd5d2181b3df891b8999dd93835384b0ca2d8f

Request headers

Referer
https://labsfield.com/index.php/campaigns/kx002yg5hffe1/web-version/tt6449o18d79f
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 21:58:46 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 10 Jan 2023 09:03:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
7488148
etag
W/"63bd29fa-c6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oVvbyb4LGGZ7%2FbqsLNgKUuDjTiP3szyhBfRHO810fqWJi9GSwS0M0ikZ%2F%2Fe6Gn8KKEknxYD3wbKM27phytVvsdAhyfQbiklrO2pP%2BsJTNZsqILOwnAtLpfskrVnocqZR"}],"group":"cf-nel","max_age":604800}
content-type
image/x-icon
cache-control
max-age=315360000
cf-ray
8a0b93ca384765cf-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Domain/Path Name / Value
labsfield.com/ Name: mwsid
Value: 840gq9i2qc6068go3fr6q45k1u
static.lottohelden.de/ Name: AWSALBCORS
Value: MXUQsOHX97MT27vwC6r1TQOjb42xTYgjCpYPx/bTQvgrztsYk6XBflhiBedjc97xzyNskUvBSBXB1dMBTMgQCBBq+dzMofGesbl+DwfHRC4MMt7lUqw3d5lJVAen

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block