env-5793959-clone598929.j.layershift.co.uk Open in urlscan Pro
109.109.134.155  Public Scan

URL: https://env-5793959-clone598929.j.layershift.co.uk/
Submission: On December 23 via api from US — Scanned from GB

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 14 HTTP transactions. The main IP is 109.109.134.155, located in United Kingdom and belongs to LAYERSHIFT Layershift Limited, GB. The main domain is env-5793959-clone598929.j.layershift.co.uk.
TLS certificate: Issued by R11 on December 23rd 2024. Valid for: 3 months.
This is the only time env-5793959-clone598929.j.layershift.co.uk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 109.109.134.155 205072 (LAYERSHIF...)
2 142.250.186.68 15169 (GOOGLE)
3 91.199.212.148 48447 (Sectigo S...)
1 2a00:1450:400... 15169 (GOOGLE)
14 5
Apex Domain
Subdomains
Transfer
7 layershift.co.uk
env-5793959-clone598929.j.layershift.co.uk
91 KB
3 trust-provider.com
secure.trust-provider.com — Cisco Umbrella Rank: 49944
20 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 3
968 B
1 gstatic.com
www.gstatic.com
216 KB
0 mynetworkportal.org Failed
dev.mynetworkportal.org Failed
14 5
Domain Requested by
7 env-5793959-clone598929.j.layershift.co.uk env-5793959-clone598929.j.layershift.co.uk
3 secure.trust-provider.com env-5793959-clone598929.j.layershift.co.uk
2 www.google.com env-5793959-clone598929.j.layershift.co.uk
www.gstatic.com
1 www.gstatic.com www.google.com
0 dev.mynetworkportal.org Failed env-5793959-clone598929.j.layershift.co.uk
14 5

This site contains links to these domains. Also see Links.

Domain
ssl.comodo.com
Subject Issuer Validity Valid
env-5793959-clone598929.j.layershift.co.uk
R11
2024-12-23 -
2025-03-23
3 months crt.sh
*.google.com
WR2
2024-12-02 -
2025-02-24
3 months crt.sh
secure.trust-provider.com
Sectigo RSA Organization Validation Secure Server CA
2024-10-04 -
2025-10-04
a year crt.sh
*.gstatic.com
WR2
2024-12-02 -
2025-02-24
3 months crt.sh

This page contains 2 frames:

Primary Page: https://env-5793959-clone598929.j.layershift.co.uk/
Frame ID: C45A75091FA0533D4A4F3C7CFA55A73D
Requests: 13 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdvHKMlAAAAABHT22AU_2-V0wDNuHYWH28RxCA4&co=aHR0cHM6Ly9lbnYtNTc5Mzk1OS1jbG9uZTU5ODkyOS5qLmxheWVyc2hpZnQuY28udWs6NDQz&hl=en&v=zIriijn3uj5Vpknvt_LnfNbF&size=invisible&sa=submit&cb=oyvusc980ok2
Frame ID: 32B7792BD0E607ACD3272794BC835CBD
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

*** new env National Free Wills Network

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <input[^>]+name="ci_csrf_token"

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

14
Requests

93 %
HTTPS

25 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

328 kB
Transfer

898 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
env-5793959-clone598929.j.layershift.co.uk/
4 KB
3 KB
Document
General
Full URL
https://env-5793959-clone598929.j.layershift.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
109.109.134.155 , United Kingdom, ASN205072 (LAYERSHIFT Layershift Limited, GB),
Reverse DNS
6d6d869b.reverse.layershift.co.uk
Software
Apache /
Resource Hash
9cde9ab19d3c48eadaa25c398c3dc36405dff86ad288d63d5a87761f6e686c95
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' secure.trust-provider.com www.trustlogo.com www.google.com www.gstatic.com; img-src 'self' data: chart.googleapis.com secure.trust-provider.com; form-action 'self'; base-uri 'self'; frame-src 'self' www.google.com secure.trust-provider.com; frame-ancestors 'none'; object-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.nationalfreewills.net/
Cache-Control
no-store, no-cache, must-revalidate
Connection
Upgrade, close
Content-Encoding
gzip
Content-Length
1657
Content-Security-Policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' secure.trust-provider.com www.trustlogo.com www.google.com www.gstatic.com; img-src 'self' data: chart.googleapis.com secure.trust-provider.com; form-action 'self'; base-uri 'self'; frame-src 'self' www.google.com secure.trust-provider.com; frame-ancestors 'none'; object-src 'self'; style-src 'self' 'unsafe-inline'
Content-Type
text/html; charset=UTF-8
Cross-Origin-Resource-Policy
cross-origin
Date
Mon, 23 Dec 2024 23:42:53 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Permissions-Policy
geolocation=(self), payment=(self)
Pragma
no-cache
Server
Apache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Upgrade
h2
Vary
Origin,Accept-Encoding
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
X-Permitted-Cross-Domain-Policies
'none';
X-XSS-Protection
1; mode=block
api.js
www.google.com/recaptcha/
1 KB
968 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: env-5793959-clone598929.j.layershift.co.uk
URL: https://env-5793959-clone598929.j.layershift.co.uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f4.1e100.net
Software
ESF /
Resource Hash
652e8677aec33767d2a5f229384f79b4f526104bf7e94d7d258070f94743c3cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://env-5793959-clone598929.j.layershift.co.uk/

Response headers

cache-control
private, max-age=300
content-encoding
gzip
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options
nosniff
expires
Mon, 23 Dec 2024 23:42:54 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date
Mon, 23 Dec 2024 23:42:54 GMT
x-xss-protection
0
content-type
text/javascript; charset=utf-8
server
ESF
x-frame-options
SAMEORIGIN
bootstrap.min.css
env-5793959-clone598929.j.layershift.co.uk/assets/base/
158 KB
24 KB
Stylesheet
General
Full URL
https://env-5793959-clone598929.j.layershift.co.uk/assets/base/bootstrap.min.css
Requested by
Host: env-5793959-clone598929.j.layershift.co.uk
URL: https://env-5793959-clone598929.j.layershift.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
109.109.134.155 , United Kingdom, ASN205072 (LAYERSHIFT Layershift Limited, GB),
Reverse DNS
6d6d869b.reverse.layershift.co.uk
Software
Apache /
Resource Hash
9cd6ae800c3f432f28a656449b3eedd4bf43c9a35725e7050627609f68de2b53
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://env-5793959-clone598929.j.layershift.co.uk/

Response headers

Upgrade
h2
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
ETag
"278b8-629f6a2d5a9eb-gzip"
Cross-Origin-Resource-Policy
cross-origin
Connection
Upgrade, close
Permissions-Policy
geolocation=(self), payment=(self)
Accept-Ranges
bytes
Access-Control-Allow-Origin
https://www.nationalfreewills.net/
Content-Length
24112
Date
Mon, 23 Dec 2024 23:42:54 GMT
Last-Modified
Mon, 23 Dec 2024 21:25:30 GMT
Vary
Origin,Accept-Encoding
Server
Apache
Content-Type
text/css
dashboard.css
env-5793959-clone598929.j.layershift.co.uk/assets/base/
6 KB
3 KB
Stylesheet
General
Full URL
https://env-5793959-clone598929.j.layershift.co.uk/assets/base/dashboard.css
Requested by
Host: env-5793959-clone598929.j.layershift.co.uk
URL: https://env-5793959-clone598929.j.layershift.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
109.109.134.155 , United Kingdom, ASN205072 (LAYERSHIFT Layershift Limited, GB),
Reverse DNS
6d6d869b.reverse.layershift.co.uk
Software
Apache /
Resource Hash
8ef4700a8ccda795f8f4a39a1b454d4c63b97bf05d275ff71285d990af44329f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://env-5793959-clone598929.j.layershift.co.uk/

Response headers

Upgrade
h2
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
ETag
"1929-629f6a2d8c6df-gzip"
Cross-Origin-Resource-Policy
cross-origin
Connection
Upgrade, close
Permissions-Policy
geolocation=(self), payment=(self)
Accept-Ranges
bytes
Access-Control-Allow-Origin
https://www.nationalfreewills.net/
Content-Length
2302
Date
Mon, 23 Dec 2024 23:42:54 GMT
Last-Modified
Mon, 23 Dec 2024 21:25:31 GMT
Vary
Origin,Accept-Encoding
Server
Apache
Content-Type
text/css
trustlogo.js
secure.trust-provider.com/trustlogo/javascript/
14 KB
14 KB
Script
General
Full URL
https://secure.trust-provider.com/trustlogo/javascript/trustlogo.js
Requested by
Host: env-5793959-clone598929.j.layershift.co.uk
URL: https://env-5793959-clone598929.j.layershift.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.199.212.148 , United Kingdom, ASN48447 (Sectigo Sectigo Limited, GB),
Reverse DNS
secure.trust-provider.com
Software
/
Resource Hash
1ba30b444f0489b7da1ca80092c7879835ba96404751aabbdb2647de4261fa05
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Referer
https://env-5793959-clone598929.j.layershift.co.uk/

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
accept-ranges
bytes
content-length
14089
date
Mon, 23 Dec 2024 23:42:55 GMT
etag
"67603d51-3709"
content-type
application/javascript
last-modified
Mon, 16 Dec 2024 14:46:41 GMT
logo.png
env-5793959-clone598929.j.layershift.co.uk/img/
13 KB
13 KB
Image
General
Full URL
https://env-5793959-clone598929.j.layershift.co.uk/img/logo.png
Requested by
Host: env-5793959-clone598929.j.layershift.co.uk
URL: https://env-5793959-clone598929.j.layershift.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
109.109.134.155 , United Kingdom, ASN205072 (LAYERSHIFT Layershift Limited, GB),
Reverse DNS
6d6d869b.reverse.layershift.co.uk
Software
Apache /
Resource Hash
ecd210115ba2f10665af3a1b612520ab6d8aacd994451b958e519a0532e558e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://env-5793959-clone598929.j.layershift.co.uk/

Response headers

Upgrade
h2
Strict-Transport-Security
max-age=31536000; includeSubDomains
ETag
"33a1-629f580520b43"
Cross-Origin-Resource-Policy
cross-origin
Connection
Upgrade, close
Permissions-Policy
geolocation=(self), payment=(self)
Accept-Ranges
bytes
Access-Control-Allow-Origin
https://www.nationalfreewills.net/
Content-Length
13217
Date
Mon, 23 Dec 2024 23:42:55 GMT
Last-Modified
Mon, 23 Dec 2024 20:04:16 GMT
Vary
Origin
Server
Apache
Content-Type
image/png
seal_bg.gif
secure.trust-provider.com/trustlogo/images/popup/
5 KB
5 KB
Image
General
Full URL
https://secure.trust-provider.com/trustlogo/images/popup/seal_bg.gif
Requested by
Host: env-5793959-clone598929.j.layershift.co.uk
URL: https://env-5793959-clone598929.j.layershift.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.199.212.148 , United Kingdom, ASN48447 (Sectigo Sectigo Limited, GB),
Reverse DNS
secure.trust-provider.com
Software
/
Resource Hash
6a8d73fd166e03d8e1c024ac60d01d9110c4ac56b45f5bb402739e4095d4a95b
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://env-5793959-clone598929.j.layershift.co.uk/

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
accept-ranges
bytes
content-length
4851
date
Mon, 23 Dec 2024 23:42:55 GMT
etag
"67603cfd-12f3"
content-type
image/gif
last-modified
Mon, 16 Dec 2024 14:45:17 GMT
warranty_level.gif
secure.trust-provider.com/trustlogo/images/popup/
713 B
892 B
Image
General
Full URL
https://secure.trust-provider.com/trustlogo/images/popup/warranty_level.gif
Requested by
Host: env-5793959-clone598929.j.layershift.co.uk
URL: https://env-5793959-clone598929.j.layershift.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.199.212.148 , United Kingdom, ASN48447 (Sectigo Sectigo Limited, GB),
Reverse DNS
secure.trust-provider.com
Software
/
Resource Hash
e45902c0c28d8a669a37a61914c1eb760b093f7cc2d41693d52f82327329218d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://env-5793959-clone598929.j.layershift.co.uk/

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
accept-ranges
bytes
content-length
713
date
Mon, 23 Dec 2024 23:42:55 GMT
etag
"67603d52-2c9"
content-type
image/gif
last-modified
Mon, 16 Dec 2024 14:46:42 GMT
sectigo_trust_seal_lg_140x54.png
dev.mynetworkportal.org/images/
0
0

jquery.min.js
env-5793959-clone598929.j.layershift.co.uk/assets/base/
87 KB
31 KB
Script
General
Full URL
https://env-5793959-clone598929.j.layershift.co.uk/assets/base/jquery.min.js
Requested by
Host: env-5793959-clone598929.j.layershift.co.uk
URL: https://env-5793959-clone598929.j.layershift.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
109.109.134.155 , United Kingdom, ASN205072 (LAYERSHIFT Layershift Limited, GB),
Reverse DNS
6d6d869b.reverse.layershift.co.uk
Software
Apache /
Resource Hash
ce9d07500ad91ec2b524c270764ec4c9a33e78320d8d374ec400ede488f6251b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://env-5793959-clone598929.j.layershift.co.uk/

Response headers

Upgrade
h2
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
ETag
"15d9f-629f6a2e703c0-gzip"
Cross-Origin-Resource-Policy
cross-origin
Connection
Upgrade, close
Permissions-Policy
geolocation=(self), payment=(self)
Accept-Ranges
bytes
Access-Control-Allow-Origin
https://www.nationalfreewills.net/
Content-Length
30908
Date
Mon, 23 Dec 2024 23:42:55 GMT
Last-Modified
Mon, 23 Dec 2024 21:25:32 GMT
Vary
Origin,Accept-Encoding
Server
Apache
Content-Type
application/javascript
recaptcha__en.js
www.gstatic.com/recaptcha/releases/zIriijn3uj5Vpknvt_LnfNbF/
547 KB
216 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/zIriijn3uj5Vpknvt_LnfNbF/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b261530f05e272e18b5b5c86d860c4979c82b5b6c538e1643b3c94fc9ba76dd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://env-5793959-clone598929.j.layershift.co.uk
Referer
https://env-5793959-clone598929.j.layershift.co.uk/

Response headers

content-encoding
gzip
age
36954
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options
nosniff
expires
Tue, 23 Dec 2025 13:27:01 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 23 Dec 2024 13:27:01 GMT
last-modified
Tue, 10 Dec 2024 23:05:10 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges
bytes
access-control-allow-origin
*
content-length
220882
x-xss-protection
0
server
sffe
bootstrap.min.js
env-5793959-clone598929.j.layershift.co.uk/assets/base/
61 KB
15 KB
Script
General
Full URL
https://env-5793959-clone598929.j.layershift.co.uk/assets/base/bootstrap.min.js
Requested by
Host: env-5793959-clone598929.j.layershift.co.uk
URL: https://env-5793959-clone598929.j.layershift.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
109.109.134.155 , United Kingdom, ASN205072 (LAYERSHIFT Layershift Limited, GB),
Reverse DNS
6d6d869b.reverse.layershift.co.uk
Software
Apache /
Resource Hash
365dde2b52bd1d053d1ade290524cf0826affb73cffb634f902e7df8ee617a13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://env-5793959-clone598929.j.layershift.co.uk/

Response headers

Upgrade
h2
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
ETag
"f3c3-629f6a2d701b4-gzip"
Cross-Origin-Resource-Policy
cross-origin
Connection
Upgrade, close
Permissions-Policy
geolocation=(self), payment=(self)
Accept-Ranges
bytes
Access-Control-Allow-Origin
https://www.nationalfreewills.net/
Content-Length
15259
Date
Mon, 23 Dec 2024 23:42:55 GMT
Last-Modified
Mon, 23 Dec 2024 21:25:30 GMT
Vary
Origin,Accept-Encoding
Server
Apache
Content-Type
application/javascript
anchor
www.google.com/recaptcha/api2/ Frame 32B7
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdvHKMlAAAAABHT22AU_2-V0wDNuHYWH28RxCA4&co=aHR0cHM6Ly9lbnYtNTc5Mzk1OS1jbG9uZTU5ODkyOS5qLmxheWVyc2hpZnQuY28udWs6NDQz&hl=en&v=zIriijn3uj5Vpknvt_LnfNbF&size=invisible&sa=submit&cb=oyvusc980ok2
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/zIriijn3uj5Vpknvt_LnfNbF/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f4.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-fbw1EGA7jlk0z9J0nTTclA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://env-5793959-clone598929.j.layershift.co.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-fbw1EGA7jlk0z9J0nTTclA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Mon, 23 Dec 2024 23:42:55 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
favicon.ico
env-5793959-clone598929.j.layershift.co.uk/images/
894 B
1 KB
Other
General
Full URL
https://env-5793959-clone598929.j.layershift.co.uk/images/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
109.109.134.155 , United Kingdom, ASN205072 (LAYERSHIFT Layershift Limited, GB),
Reverse DNS
6d6d869b.reverse.layershift.co.uk
Software
Apache /
Resource Hash
d8cbfbffb6d38d59d0951b42642ad8913570b2b19bf1f71375a946a205aa143e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://env-5793959-clone598929.j.layershift.co.uk/

Response headers

Upgrade
h2
Strict-Transport-Security
max-age=31536000; includeSubDomains
ETag
"37e-629f56e0eabad"
Cross-Origin-Resource-Policy
cross-origin
Connection
Upgrade, close
Permissions-Policy
geolocation=(self), payment=(self)
Accept-Ranges
bytes
Access-Control-Allow-Origin
https://www.nationalfreewills.net/
Content-Length
894
Date
Mon, 23 Dec 2024 23:42:56 GMT
Last-Modified
Mon, 23 Dec 2024 19:59:10 GMT
Vary
Origin
Server
Apache
Content-Type
image/vnd.microsoft.icon

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
dev.mynetworkportal.org
URL
https://dev.mynetworkportal.org/images/sectigo_trust_seal_lg_140x54.png

Verdicts & Comments Add Verdict or Comment

116 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 string| tlJsHost function| TrustLogo function| TrustLogo_MouseOver function| TrustLogo_MouseMove function| TrustLogo_MouseOut function| TrustLogo_Credentials function| tLL function| tLM function| tLN function| tLWC function| tLXC function| tLZC function| tLaC function| tLX function| tLY function| tLiB function| tLQC function| tLRC function| tL1C function| tL0C function| tL9C function| tL2C function| tL3C function| tLUC function| tLrC function| tLsC function| tLtC function| tLuC function| tLvC function| tLjC function| tLz function| tLHB function| tLIB function| tLd function| tLe function| tLf function| tLh function| tLi function| tLj function| tLl function| tLm function| tLn function| tLo function| tLp function| tLq function| tLr function| tLs function| tLt function| tLu function| tLx function| tLv function| tLw function| tLy function| tLJB function| tLHC function| tLIC function| tLKB function| tLLB function| tLMB function| tL_C function| tLXB function| tLeB function| tLnB function| tLqC function| tLTC function| tLpC function| tLoB function| tLpB function| tLlB function| tLmB function| createStyleRule string| current_code string| tLB string| tLC string| tLD string| tLE string| tLF string| tLG string| tLH string| tLI string| tLnC string| tLbC string| tLlC string| tLyC string| tLMC string| tLLC string| tLNC number| tLgC number| tLeC number| tLhC number| tLP number| tLQ number| tLfC number| tLiC number| tLU number| tLV number| tLR number| tLS number| tLT number| tLW object| tLO string| tLYC string| tLGB string| host object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| $ function| jQuery object| recaptcha object| bootstrap function| gSubmit object| closure_lm_302337

0 Cookies

4 Console Messages

Source Level URL
Text
security error URL: https://env-5793959-clone598929.j.layershift.co.uk/(Line 9)
Message:
Refused to set the document's base URI to 'https://dev.mynetworkportal.org/' because it violates the following Content Security Policy directive: "base-uri 'self'".
javascript warning URL: https://env-5793959-clone598929.j.layershift.co.uk/(Line 26)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://secure.trust-provider.com/trustlogo/javascript/trustlogo.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://env-5793959-clone598929.j.layershift.co.uk/(Line 26)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://secure.trust-provider.com/trustlogo/javascript/trustlogo.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security error URL: https://env-5793959-clone598929.j.layershift.co.uk/
Message:
Refused to load the image 'https://dev.mynetworkportal.org/images/sectigo_trust_seal_lg_140x54.png' because it violates the following Content Security Policy directive: "img-src 'self' data: chart.googleapis.com secure.trust-provider.com".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' secure.trust-provider.com www.trustlogo.com www.google.com www.gstatic.com; img-src 'self' data: chart.googleapis.com secure.trust-provider.com; form-action 'self'; base-uri 'self'; frame-src 'self' www.google.com secure.trust-provider.com; frame-ancestors 'none'; object-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block