urlscan.io logo urlscan.io
SecurityTrails logo

gf.fan Open in urlscan Pro
65.9.95.129  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://em.money2020.com/ODk3LU1CQy0yMDcAAAGLZoHBQ9Jm2s_9kFw2iJxO_jayClSr1D9kyukruYAqpnrj4Vza4iIoLaqEkMHXL5EYrxYNN5I=
Effective URL: https://gf.fan/MONEY2020/europesgotaccess?utm_term=noterm&utm_campaign=global2023-overlap&utm_medium=email&utm_...
Submission: On April 29 via api from CH — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 4 countries across 8 domains to perform 19 HTTP transactions. The main IP is 65.9.95.129, located in United States and belongs to AMAZON-02, US. The main domain is gf.fan.
TLS certificate: Issued by Amazon RSA 2048 M02 on February 22nd 2023. Valid for: 4 months.
This is the only time gf.fan was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    104.17.74.206 (None, )

ASN13335 (CLOUDFLARENET, US)
em.money2020.com
5    65.9.95.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-129.prg50.r.cloudfront.net
gf.fan
1    2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
4    2600:1f18:41d6:7400:90b3:1f53:d58c:c8b6 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
cognito-identity.us-east-1.amazonaws.com
2    52.216.59.66 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-east-1-r-w.amazonaws.com
gf-fan-engagement.s3.us-east-1.amazonaws.com
1    52.217.44.220 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
gf-fan-engagement.s3.amazonaws.com
Apex Domain
Subdomains		 Transfer
7 amazonaws.com
cognito-identity.us-east-1.amazonaws.com — Cisco Umbrella Rank: 1671
gf-fan-engagement.s3.us-east-1.amazonaws.com
gf-fan-engagement.s3.amazonaws.com
867 KB
5 gf.fan
gf.fan
743 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 91
21 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 3425
408 B
1 google.com
www.google.com — Cisco Umbrella Rank: 16
408 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 166
343 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
50 KB
1 money2020.com
em.money2020.com
1 KB
19 8
Domain Requested by
5 gf.fan em.money2020.com
gf.fan
4 cognito-identity.us-east-1.amazonaws.com gf.fan
2 gf-fan-engagement.s3.us-east-1.amazonaws.com gf.fan
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 gf-fan-engagement.s3.amazonaws.com
1 www.google.de gf.fan
1 www.google.com gf.fan
1 stats.g.doubleclick.net www.google-analytics.com
1 www.googletagmanager.com gf.fan
1 em.money2020.com
19 10

This site contains links to these domains. Also see Links.

Domain
greenfly.com
Subject Issuer Validity Valid
em.money2020.com
Cloudflare Inc ECC CA-3		 2022-09-04 -
2023-09-04		 a year crt.sh
gf.fan
Amazon RSA 2048 M02		 2023-02-22 -
2023-07-06		 4 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
cognito-identity.us-east-1.amazonaws.com
Amazon RSA 2048 M02		 2023-02-21 -
2023-07-06		 4 months crt.sh
s3.amazonaws.com
Amazon RSA 2048 M01		 2022-12-06 -
2023-12-05		 a year crt.sh
*.s3.amazonaws.com
Amazon		 2022-09-21 -
2023-08-26		 a year crt.sh

This page contains 1 frames:

Primary Page: https://gf.fan/MONEY2020/europesgotaccess?utm_term=noterm&utm_campaign=global2023-overlap&utm_medium=email&utm_source=mkt-email-delprom&utm_content=2023.04.27&mkt_tok=ODk3LU1CQy0yMDcAAAGLZoHBQ_kTCoJDgjJPulJ7PQj_985RPCeNtvzIZHBDIQapkJEbggMfBI1V6pJHb4RuIzVSDfoht-zvc9fs_uLOcyAuqwL7P_VVDLIZr9kvfFyTBw
Frame ID: 24080EC497154E1E151B0F4942A8CE94
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Greenfly Fan

Page URL History Show full URLs

  1. https://em.money2020.com/ODk3LU1CQy0yMDcAAAGLZoHBQ9Jm2s_9kFw2iJxO_jayClSr1D9kyukruYAqpnrj4Vza4iIoLaqE... Page URL
  2. https://gf.fan/MONEY2020/europesgotaccess?utm_term=noterm&utm_campaign=global2023-overlap&u... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js

Page Statistics

19
Requests

100 %
HTTPS

60 %
IPv6

8
Domains

10
Subdomains

11
IPs

4
Countries

1683 kB
Transfer

1791 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://em.money2020.com/ODk3LU1CQy0yMDcAAAGLZoHBQ9Jm2s_9kFw2iJxO_jayClSr1D9kyukruYAqpnrj4Vza4iIoLaqEkMHXL5EYrxYNN5I= Page URL
  2. https://gf.fan/MONEY2020/europesgotaccess?utm_term=noterm&utm_campaign=global2023-overlap&utm_medium=email&utm_source=mkt-email-delprom&utm_content=2023.04.27&mkt_tok=ODk3LU1CQy0yMDcAAAGLZoHBQ_kTCoJDgjJPulJ7PQj_985RPCeNtvzIZHBDIQapkJEbggMfBI1V6pJHb4RuIzVSDfoht-zvc9fs_uLOcyAuqwL7P_VVDLIZr9kvfFyTBw Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
ODk3LU1CQy0yMDcAAAGLZoHBQ9Jm2s_9kFw2iJxO_jayClSr1D9kyukruYAqpnrj4Vza4iIoLaqEkMHXL5EYrxYNN5I=
em.money2020.com/ 		650 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://em.money2020.com/ODk3LU1CQy0yMDcAAAGLZoHBQ9Jm2s_9kFw2iJxO_jayClSr1D9kyukruYAqpnrj4Vza4iIoLaqEkMHXL5EYrxYNN5I=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.74.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self';script-src 'self' 'sha256-ccW8L2DG6ykelWzNZXM8WBUbz6pKrMHf949lI7iXQvw=';object-src 'none';form-action:'none';frame-src:'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, no-cache, no-store, max-age=0
cf-cache-status
DYNAMIC
cf-ray
7bf397690ed6913d-FRA
content-security-policy
default-src 'self'; img-src 'self';script-src 'self' 'sha256-ccW8L2DG6ykelWzNZXM8WBUbz6pKrMHf949lI7iXQvw=';object-src 'none';form-action:'none';frame-src:'none'
content-type
text/html;charset=UTF-8
date
Sat, 29 Apr 2023 00:57:32 GMT
referrer-policy
strict-origin
server
cloudflare
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-request-id
b7f6061e49572545
Primary Request europesgotaccess
gf.fan/MONEY2020/ 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gf.fan/MONEY2020/europesgotaccess?utm_term=noterm&utm_campaign=global2023-overlap&utm_medium=email&utm_source=mkt-email-delprom&utm_content=2023.04.27&mkt_tok=ODk3LU1CQy0yMDcAAAGLZoHBQ_kTCoJDgjJPulJ7PQj_985RPCeNtvzIZHBDIQapkJEbggMfBI1V6pJHb4RuIzVSDfoht-zvc9fs_uLOcyAuqwL7P_VVDLIZr9kvfFyTBw
Requested by
Host: em.money2020.com
URL: https://em.money2020.com/ODk3LU1CQy0yMDcAAAGLZoHBQ9Jm2s_9kFw2iJxO_jayClSr1D9kyukruYAqpnrj4Vza4iIoLaqEkMHXL5EYrxYNN5I=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-129.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2ac8d5b837ff5dd6995d44aa78c8f294ad69df5915112b2c1d61c6f583863ec3

Request headers

Referer
https://em.money2020.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Length
2565
Content-Type
text/html
Date
Sat, 29 Apr 2023 00:57:34 GMT
ETag
"928165a033312c88a0c3b46de72c47ea"
Last-Modified
Fri, 30 Sep 2022 22:30:32 GMT
Server
AmazonS3
Via
1.1 97101640da3dcba7a2d4a3d67a31b114.cloudfront.net (CloudFront)
X-Amz-Cf-Id
Ag7_p9f0jrecWN6KeljZGCKzPC3389Yj5yqF2iOThvCalkQpnRaAcg==
X-Amz-Cf-Pop
PRG50-C1
X-Cache
Error from cloudfront
main.bf04da0d.chunk.css
gf.fan/static/css/ 		16 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gf.fan/static/css/main.bf04da0d.chunk.css
Requested by
Host: gf.fan
URL: https://gf.fan/MONEY2020/europesgotaccess?utm_term=noterm&utm_campaign=global2023-overlap&utm_medium=email&utm_source=mkt-email-delprom&utm_content=2023.04.27&mkt_tok=ODk3LU1CQy0yMDcAAAGLZoHBQ_kTCoJDgjJPulJ7PQj_985RPCeNtvzIZHBDIQapkJEbggMfBI1V6pJHb4RuIzVSDfoht-zvc9fs_uLOcyAuqwL7P_VVDLIZr9kvfFyTBw
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-129.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
11bd59cf46c1d0968cb8af835b6487c6c6db72491f84f26c9f067099b088fd70

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gf.fan/MONEY2020/europesgotaccess?utm_term=noterm&utm_campaign=global2023-overlap&utm_medium=email&utm_source=mkt-email-delprom&utm_content=2023.04.27&mkt_tok=ODk3LU1CQy0yMDcAAAGLZoHBQ_kTCoJDgjJPulJ7PQj_985RPCeNtvzIZHBDIQapkJEbggMfBI1V6pJHb4RuIzVSDfoht-zvc9fs_uLOcyAuqwL7P_VVDLIZr9kvfFyTBw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sat, 29 Apr 2023 00:57:35 GMT
Via
1.1 97101640da3dcba7a2d4a3d67a31b114.cloudfront.net (CloudFront)
Last-Modified
Fri, 30 Sep 2022 22:30:32 GMT
Server
AmazonS3
X-Amz-Cf-Pop
PRG50-C1
ETag
"62e178afd8cacc23022c39af06deeee6"
X-Cache
RefreshHit from cloudfront
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16000
X-Amz-Cf-Id
g4gGruOS6_SzzSBDNSJuCycKkXiEang5oRVPezH6suT2cyFt0DJN9A==
2.9c462d13.chunk.js
gf.fan/static/js/ 		695 KB
696 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gf.fan/static/js/2.9c462d13.chunk.js
Requested by
Host: gf.fan
URL: https://gf.fan/MONEY2020/europesgotaccess?utm_term=noterm&utm_campaign=global2023-overlap&utm_medium=email&utm_source=mkt-email-delprom&utm_content=2023.04.27&mkt_tok=ODk3LU1CQy0yMDcAAAGLZoHBQ_kTCoJDgjJPulJ7PQj_985RPCeNtvzIZHBDIQapkJEbggMfBI1V6pJHb4RuIzVSDfoht-zvc9fs_uLOcyAuqwL7P_VVDLIZr9kvfFyTBw
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-129.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
86fb74e5fef3808142b989d2a2e6e08bb24894bb1ae2079d31e2c92d0cdf9203

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gf.fan/MONEY2020/europesgotaccess?utm_term=noterm&utm_campaign=global2023-overlap&utm_medium=email&utm_source=mkt-email-delprom&utm_content=2023.04.27&mkt_tok=ODk3LU1CQy0yMDcAAAGLZoHBQ_kTCoJDgjJPulJ7PQj_985RPCeNtvzIZHBDIQapkJEbggMfBI1V6pJHb4RuIzVSDfoht-zvc9fs_uLOcyAuqwL7P_VVDLIZr9kvfFyTBw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sat, 29 Apr 2023 00:57:35 GMT
Via
1.1 32f35b6a71829a460d6fdae31f270164.cloudfront.net (CloudFront)
Last-Modified
Fri, 30 Sep 2022 22:30:32 GMT
Server
AmazonS3
X-Amz-Cf-Pop
PRG50-C1
ETag
"1027b2f80a2f8a3481c029827e47dcd2"
X-Cache
RefreshHit from cloudfront
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
711856
X-Amz-Cf-Id
rwqciDiArJv9IcnZXFdXTEHAqnYYnoH8DcXAMyZ2x61jGvNUNo8RYQ==
main.2b269b4d.chunk.js
gf.fan/static/js/ 		24 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gf.fan/static/js/main.2b269b4d.chunk.js
Requested by
Host: gf.fan
URL: https://gf.fan/MONEY2020/europesgotaccess?utm_term=noterm&utm_campaign=global2023-overlap&utm_medium=email&utm_source=mkt-email-delprom&utm_content=2023.04.27&mkt_tok=ODk3LU1CQy0yMDcAAAGLZoHBQ_kTCoJDgjJPulJ7PQj_985RPCeNtvzIZHBDIQapkJEbggMfBI1V6pJHb4RuIzVSDfoht-zvc9fs_uLOcyAuqwL7P_VVDLIZr9kvfFyTBw
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-129.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cd591d9b7a6c245217283173d39b5313298a34746fe67be5282561d6e3388087

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gf.fan/MONEY2020/europesgotaccess?utm_term=noterm&utm_campaign=global2023-overlap&utm_medium=email&utm_source=mkt-email-delprom&utm_content=2023.04.27&mkt_tok=ODk3LU1CQy0yMDcAAAGLZoHBQ_kTCoJDgjJPulJ7PQj_985RPCeNtvzIZHBDIQapkJEbggMfBI1V6pJHb4RuIzVSDfoht-zvc9fs_uLOcyAuqwL7P_VVDLIZr9kvfFyTBw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sat, 29 Apr 2023 00:57:35 GMT
Via
1.1 b031f43146c9801101822eabdc464390.cloudfront.net (CloudFront)
Last-Modified
Fri, 30 Sep 2022 22:30:32 GMT
Server
AmazonS3
X-Amz-Cf-Pop
PRG50-C1
ETag
"7c076af83cba6621545942cb5a91f884"
X-Cache
RefreshHit from cloudfront
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24963
X-Amz-Cf-Id
Kwo8fQjcIDxQ0jXPRxDDLYsMSg6FhOw5FMZ2tbkOrJSydghFlLgp9w==
gtm.js
www.googletagmanager.com/ 		130 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-W54SN38
Requested by
Host: gf.fan
URL: https://gf.fan/MONEY2020/europesgotaccess?utm_term=noterm&utm_campaign=global2023-overlap&utm_medium=email&utm_source=mkt-email-delprom&utm_content=2023.04.27&mkt_tok=ODk3LU1CQy0yMDcAAAGLZoHBQ_kTCoJDgjJPulJ7PQj_985RPCeNtvzIZHBDIQapkJEbggMfBI1V6pJHb4RuIzVSDfoht-zvc9fs_uLOcyAuqwL7P_VVDLIZr9kvfFyTBw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6dbbcba88afa1c79d4f0ef01f76648399d0bee70e78c6d1c5700daa05c6cbd92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gf.fan/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 00:57:33 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50696
x-xss-protection
0
last-modified
Sat, 29 Apr 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 29 Apr 2023 00:57:33 GMT
analytics.js
www.google-analytics.com/ 		51 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W54SN38
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gf.fan/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 28 Apr 2023 23:05:04 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
6750
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Sat, 29 Apr 2023 01:05:04 GMT
collect
www.google-analytics.com/j/ 		4 B
203 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j100&a=259816590&t=pageview&_s=1&dl=https%3A%2F%2Fgf.fan%2FMONEY2020%2Feuropesgotaccess%3Futm_term%3Dnoterm%26utm_campaign%3Dglobal2023-overlap%26utm_medium%3Demail%26utm_source%3Dmkt-email-delprom%26utm_content%3D2023.04.27%26mkt_tok%3DODk3LU1CQy0yMDcAAAGLZoHBQ_kTCoJDgjJPulJ7PQj_985RPCeNtvzIZHBDIQapkJEbggMfBI1V6pJHb4RuIzVSDfoht-zvc9fs_uLOcyAuqwL7P_VVDLIZr9kvfFyTBw&dr=https%3A%2F%2Fem.money2020.com%2F&ul=en-us&de=UTF-8&dt=Greenfly%20Fan&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=2115164986&gjid=470212827&cid=670382233.1682729854&tid=UA-174533423-1&_gid=1853762342.1682729854&_r=1&_slc=1&gtm=45He34q0n81W54SN38&z=1899121039
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://gf.fan/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 29 Apr 2023 00:57:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://gf.fan
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-174533423-1&cid=670382233.1682729854&jid=2115164986&gjid=470212827&_gid=1853762342.1682729854&_u=YEBAAEAAAAAAACAAI~&z=50682562
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://gf.fan/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sat, 29 Apr 2023 00:57:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://gf.fan
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-174533423-1&cid=670382233.1682729854&jid=2115164986&_u=YEBAAEAAAAAAACAAI~&z=938227537
Requested by
Host: gf.fan
URL: https://gf.fan/MONEY2020/europesgotaccess?utm_term=noterm&utm_campaign=global2023-overlap&utm_medium=email&utm_source=mkt-email-delprom&utm_content=2023.04.27&mkt_tok=ODk3LU1CQy0yMDcAAAGLZoHBQ_kTCoJDgjJPulJ7PQj_985RPCeNtvzIZHBDIQapkJEbggMfBI1V6pJHb4RuIzVSDfoht-zvc9fs_uLOcyAuqwL7P_VVDLIZr9kvfFyTBw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gf.fan/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Apr 2023 00:57:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-174533423-1&cid=670382233.1682729854&jid=2115164986&_u=YEBAAEAAAAAAACAAI~&z=938227537
Requested by
Host: gf.fan
URL: https://gf.fan/MONEY2020/europesgotaccess?utm_term=noterm&utm_campaign=global2023-overlap&utm_medium=email&utm_source=mkt-email-delprom&utm_content=2023.04.27&mkt_tok=ODk3LU1CQy0yMDcAAAGLZoHBQ_kTCoJDgjJPulJ7PQj_985RPCeNtvzIZHBDIQapkJEbggMfBI1V6pJHb4RuIzVSDfoht-zvc9fs_uLOcyAuqwL7P_VVDLIZr9kvfFyTBw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gf.fan/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Apr 2023 00:57:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
greenfly-fan-engagement-app.0537a994.ttf
gf.fan/static/media/ 		3 KB
3 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gf.fan/static/media/greenfly-fan-engagement-app.0537a994.ttf
Requested by
Host: gf.fan
URL: https://gf.fan/static/css/main.bf04da0d.chunk.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-129.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ec3b68b0e424d7e275e9abfce9e737ea95a1e7c681849b062d08acdb2b192c74

Request headers

Referer
https://gf.fan/static/css/main.bf04da0d.chunk.css
Origin
https://gf.fan
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sat, 29 Apr 2023 00:57:35 GMT
Via
1.1 32f35b6a71829a460d6fdae31f270164.cloudfront.net (CloudFront)
Last-Modified
Fri, 30 Sep 2022 22:30:32 GMT
Server
AmazonS3
X-Amz-Cf-Pop
PRG50-C1
ETag
"bb660c76c5c1171bb9a55a0c27476815"
X-Cache
RefreshHit from cloudfront
Content-Type
font/ttf
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2868
X-Amz-Cf-Id
ZOimmI25y2g_b7Jruz_Fvl4caDw1XTRuGXnOuIeRn8tEQbhHaCLXug==
/
cognito-identity.us-east-1.amazonaws.com/ 		63 B
317 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cognito-identity.us-east-1.amazonaws.com/
Requested by
Host: gf.fan
URL: https://gf.fan/static/js/2.9c462d13.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:41d6:7400:90b3:1f53:d58c:c8b6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
5d973bca1c84638b2cf549823d6cb18cbe83b2e0fbe9d57e509cbcd5b4bb52b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
application/x-amz-json-1.1
amz-sdk-invocation-id
d1291410-bf26-4aa4-b887-8b8ac9254c65
Referer
https://gf.fan/
amz-sdk-request
attempt=1; max=3
x-amz-target
AWSCognitoIdentityService.GetId
x-amz-user-agent
aws-sdk-js/3.6.1 os/Windows/NT_10.0 lang/js md/browser/Chrome_112.0.5615.121 api/cognito_identity/3.6.1 aws-amplify/4.3.2_js

Response headers

access-control-allow-origin
*
date
Sat, 29 Apr 2023 00:57:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains
access-control-expose-headers
x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
x-amzn-requestid
d04514a3-f9fb-4175-80aa-51ead77b4906
content-length
63
content-type
application/x-amz-json-1.1
/
cognito-identity.us-east-1.amazonaws.com/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cognito-identity.us-east-1.amazonaws.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:41d6:7400:90b3:1f53:d58c:c8b6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
amz-sdk-invocation-id,amz-sdk-request,content-type,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://gf.fan
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-headers
amz-sdk-invocation-id,amz-sdk-request,content-type,x-amz-target,x-amz-user-agent
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-expose-headers
x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
access-control-max-age
172800
content-length
0
date
Sat, 29 Apr 2023 00:57:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-amzn-requestid
2b41e2c4-ab60-4908-99a4-1ae07c7be404
/
cognito-identity.us-east-1.amazonaws.com/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cognito-identity.us-east-1.amazonaws.com/
Requested by
Host: gf.fan
URL: https://gf.fan/static/js/2.9c462d13.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:41d6:7400:90b3:1f53:d58c:c8b6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
61c08751fce14083f6e8bdb299d916df12c83029e397786c3ad1bafd3ab0f58f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
application/x-amz-json-1.1
amz-sdk-invocation-id
a36b5761-7c89-4730-a9a3-f123e6e0bbc3
Referer
https://gf.fan/
amz-sdk-request
attempt=1; max=3
x-amz-target
AWSCognitoIdentityService.GetCredentialsForIdentity
x-amz-user-agent
aws-sdk-js/3.6.1 os/Windows/NT_10.0 lang/js md/browser/Chrome_112.0.5615.121 api/cognito_identity/3.6.1 aws-amplify/4.3.2_js

Response headers

access-control-allow-origin
*
date
Sat, 29 Apr 2023 00:57:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains
access-control-expose-headers
x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
x-amzn-requestid
c3d9e352-e7e0-4b57-a46d-3847d6032741
content-length
1748
content-type
application/x-amz-json-1.1
/
cognito-identity.us-east-1.amazonaws.com/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cognito-identity.us-east-1.amazonaws.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:41d6:7400:90b3:1f53:d58c:c8b6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
amz-sdk-invocation-id,amz-sdk-request,content-type,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://gf.fan
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-headers
amz-sdk-invocation-id,amz-sdk-request,content-type,x-amz-target,x-amz-user-agent
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-expose-headers
x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
access-control-max-age
172800
content-length
0
date
Sat, 29 Apr 2023 00:57:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-amzn-requestid
05067a87-c92b-49ab-bc2b-659a82375d49
europesgotaccess.json
gf-fan-engagement.s3.us-east-1.amazonaws.com/public/MONEY2020/ 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://gf-fan-engagement.s3.us-east-1.amazonaws.com/public/MONEY2020/europesgotaccess.json?response-cache-control=no-cache&x-id=GetObject
Requested by
Host: gf.fan
URL: https://gf.fan/static/js/2.9c462d13.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.59.66 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-east-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
b7839fac7b29da23894baf5af490323df0788ad0d6286837fe6efe99ab9a50ea

Request headers

accept-language
de-DE,de;q=0.9
authorization
AWS4-HMAC-SHA256 Credential=ASIAYXSNJPQOQIAWYNNO/20230429/us-east-1/s3/aws4_request, SignedHeaders=amz-sdk-invocation-id;amz-sdk-request;host;x-amz-content-sha256;x-amz-date;x-amz-security-token;x-amz-user-agent, Signature=bb0b18d5ec28a89a977d15f9344106bd6214a16132f8a273d89e6628bf58264a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
x-amz-content-sha256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Accept
application/json, text/plain, */*
amz-sdk-invocation-id
b00e9f89-5c89-4bb3-9d07-53122e0c8402
x-amz-security-token
IQoJb3JpZ2luX2VjEGEaCXVzLWVhc3QtMSJHMEUCIDU/hRFmJNcbILwize/9edEGmy2arKx5V4FTKw37BAFXAiEAzKf+798CLNgnVDa9L4wiG7oYD1HJoQG5q4x77RYyDokqhwYIahAAGgw2MDAzODM3ODE5MTciDNZL/o9VWLXRpiG8eirkBSeNctEUuLDlPe+AYnTsB7JzQbabkbhfOKk6pm4KOUQdOckhvRU6mlxC8iiBEStn16zM7DMk2uAz3YQdVBLXVJVEDb8//J7V+A0n5nvTTF2xmwZ75sLUiOWf0wahAepPPafAkPdzYl6wvwxzio8ACML/GOvUvFsviZFfP/s7Iihp3LIiIstfUBiA/jFwvihynioC5Mv+mYzexAg0gOeawEMUWPXwO0HJ//pLqEPZYE7/3wSpXo1p+pO1h9K6PuQzIyXPB4qPlX73OObcnm+FARFS6m1yje46U6nr+bFbES/jgrIW/l2HB2QBMkR3K7ZS3HPWnxPZNa4ABAE07OR6RQ+SfriKLZpL2YqRSBIlnU2q0Pn8Zww5AIDxhimIRlEVz7jKfjKt9XRrhko//aS+/kg7yav+s6xoXqAeeYIBg1SO6gTQeBEG7BezgX4mF3HbUTWFwblFDTg9Q17T8CP78pWqxuW7EJttOUn4yavilKEC/s8fvnv6gSCcB7PbZJsBpG6LeHOFPNVMqxdeFleWBvW8+5KnD0EmGAAIu3+9+X5dtimVTCdvebvxE2I67VwJuINwkqdr+B5AtYplox8uksoGK3//jrLaGH1seMD0tG0I0JDySauYEBvzVQh+qi5kEZahYfEnCGCyM0uEh7NSxXqm7DJvhLmN6EwpZ38SAaAUVrm2WBpzG4dBZ1yip+CtCy/2oP6DTqgmmdYEaurRtd7pSMc0wa1c+mfa1/ywYMA0reub6kGqo+AMnooaGZHGZRvlRRw7gtwqQizdkAJ0QJPBwdxGzG9KBZ1FtweL5MigecWfo61rsJUR58nFdm7qqulph+DAqgPsNi32GqL8dyLn4e1oYHWkx0ipq/3XF77R3as2mB1dt9yjT9WvOS+S7+4+0/S1t0Sy352elPw70vmMoNKatBEWYo5Cx7kxPzGc5uA6hsNogAejl6Op15XMhU4OLqNZ7aDvl5INCwRIJgC/K546MP/WsaIGOocCsZsijF1q5VfoT/F1UeVMQpxRtCwevtZtMLPsFJrrBZ3I/zJRTZ2PYHb+3iNm3C/Lo6cxQyV87uKVyTwyn7xJ45nM2frFwuTxUxpL4Uq8hcknNMQgVVIcxxxLUZkfPadGISNFhJpqYrPA7lHOuOPJokCPpBuThR38DdeCmjFjRjQAdYvGQJi6zSbNAsdDFykWqGYdxcpgw8WF933wV4YlNFf8gSkSNJck6qVY+y9k1hrvEoKOj2pf5J01U3GmXD8xhx092AobeGuHHO0NjgaXwcCZ4yGHXqnjuCFkRBsqZUPp2kh6pySUMQdxeUGUx1KRBRtlFwoE9pdcxzqihC/8xWgmoVmUFzg=
amz-sdk-request
attempt=1; max=3
Referer
https://gf.fan/
x-amz-user-agent
aws-sdk-js/3.6.1 os/Windows/NT_10.0 lang/js md/browser/Chrome_112.0.5615.121 api/s3/3.6.1 aws-amplify/4.3.2_js
x-amz-date
20230429T005735Z

Response headers

Date
Sat, 29 Apr 2023 00:57:36 GMT
x-amz-request-id
S6NEBJ0G1G8HGQNR
x-amz-server-side-encryption
AES256
Content-Length
1909
x-amz-id-2
KyZi8L0ILU9xNjtloLYwMLnhh+f808pdmuZ6GDFs62YDcTamhAWYVHlETahOse/zsqg6UDPQKVg=
Last-Modified
Tue, 25 Apr 2023 15:19:54 GMT
Server
AmazonS3
ETag
"dbf81a848f30a10f0e76ca2d56b3875f"
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET, POST, PUT, HEAD
Content-Type
application/json
Access-Control-Allow-Origin
https://gf.fan
Access-Control-Expose-Headers
ETag
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
europesgotaccess.json
gf-fan-engagement.s3.us-east-1.amazonaws.com/public/MONEY2020/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gf-fan-engagement.s3.us-east-1.amazonaws.com/public/MONEY2020/europesgotaccess.json?response-cache-control=no-cache&x-id=GetObject
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.59.66 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-east-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
amz-sdk-invocation-id,amz-sdk-request,authorization,x-amz-content-sha256,x-amz-date,x-amz-security-token,x-amz-user-agent
Access-Control-Request-Method
GET
Origin
https://gf.fan
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
amz-sdk-invocation-id, amz-sdk-request, authorization, x-amz-content-sha256, x-amz-date, x-amz-security-token, x-amz-user-agent
Access-Control-Allow-Methods
GET, POST, PUT, HEAD
Access-Control-Allow-Origin
https://gf.fan
Access-Control-Expose-Headers
ETag
Content-Length
0
Date
Sat, 29 Apr 2023 00:57:36 GMT
Server
AmazonS3
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-id-2
gwe8E21R/pLRW7cWbGg7V8zvCFen8+DYXiUcb+evgrdb0XwB/m/9J3RKHqK1FA/Zo0up8YWaZTE=
x-amz-request-id
S6NAV64D1MX01R1F
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
586eeaccf396962a6b42e22e66a604c7a356c31182f6cd4ea7ce9942996a7338

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
d15bf5fe-a36f-40e1-a640-515805db5056032723_EU_MKTG_DEL_Greenfly_2.png
gf-fan-engagement.s3.amazonaws.com/public/_banners/d/1/5/b/ 		862 KB
862 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gf-fan-engagement.s3.amazonaws.com/public/_banners/d/1/5/b/d15bf5fe-a36f-40e1-a640-515805db5056032723_EU_MKTG_DEL_Greenfly_2.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.44.220 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
515df619f8a1782f1076ea44f79d668a218b7567797a4a202644e7382d77c6a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gf.fan/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sat, 29 Apr 2023 00:57:37 GMT
Last-Modified
Tue, 11 Apr 2023 16:57:23 GMT
Server
AmazonS3
x-amz-request-id
TZJP77H6508W00RJ
ETag
"03990aa2a24588adc72b4691ccc67642"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
882459
x-amz-id-2
KStd+koECyvn/PE2M7jCohzV2QZh/nDBz7Y5MBE/EeSOI51tpYTUisbnnb1v+KN//F2cVIvpL6U=

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData object| webpackJsonpfan-engagement object| regeneratorRuntime

4 Cookies

Domain/Path Name / Value
.em.money2020.com/ Name: __cf_bm
Value: 5Ia4titBNr8gv9rlOZXM.L5NS8V53p7FtP89qjgjkTY-1682729852-0-AQ7J5h7Z0zRDcSmgYcG/fYeEBbnXsQ1aDecTYKykC61Qk3eKcHx1niHEXmDfalL6F9dltvDtZlN2FIzxkOQI33I=
.gf.fan/ Name: _ga
Value: GA1.2.670382233.1682729854
.gf.fan/ Name: _gid
Value: GA1.2.1853762342.1682729854
.gf.fan/ Name: _gat_UA-174533423-1
Value: 1

2 Console Messages

Source Level URL
Text
security error URL: https://em.money2020.com/ODk3LU1CQy0yMDcAAAGLZoHBQ9Jm2s_9kFw2iJxO_jayClSr1D9kyukruYAqpnrj4Vza4iIoLaqEkMHXL5EYrxYNN5I=
Message:
The Content-Security-Policy directive name 'form-action:'none'' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security error URL: https://em.money2020.com/ODk3LU1CQy0yMDcAAAGLZoHBQ9Jm2s_9kFw2iJxO_jayClSr1D9kyukruYAqpnrj4Vza4iIoLaqEkMHXL5EYrxYNN5I=
Message:
The Content-Security-Policy directive name 'frame-src:'none'' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; img-src 'self';script-src 'self' 'sha256-ccW8L2DG6ykelWzNZXM8WBUbz6pKrMHf949lI7iXQvw=';object-src 'none';form-action:'none';frame-src:'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cognito-identity.us-east-1.amazonaws.com
em.money2020.com
gf-fan-engagement.s3.amazonaws.com
gf-fan-engagement.s3.us-east-1.amazonaws.com
gf.fan
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
104.17.74.206
2600:1f18:41d6:7400:90b3:1f53:d58c:c8b6
2a00:1450:4001:802::2008
2a00:1450:4001:806::2003
2a00:1450:4001:813::2004
2a00:1450:4001:82b::200e
2a00:1450:400c:c06::9d
52.216.59.66
52.217.44.220
65.9.95.129
11bd59cf46c1d0968cb8af835b6487c6c6db72491f84f26c9f067099b088fd70
2ac8d5b837ff5dd6995d44aa78c8f294ad69df5915112b2c1d61c6f583863ec3
515df619f8a1782f1076ea44f79d668a218b7567797a4a202644e7382d77c6a8
586eeaccf396962a6b42e22e66a604c7a356c31182f6cd4ea7ce9942996a7338
5d973bca1c84638b2cf549823d6cb18cbe83b2e0fbe9d57e509cbcd5b4bb52b8
61c08751fce14083f6e8bdb299d916df12c83029e397786c3ad1bafd3ab0f58f
6dbbcba88afa1c79d4f0ef01f76648399d0bee70e78c6d1c5700daa05c6cbd92
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86fb74e5fef3808142b989d2a2e6e08bb24894bb1ae2079d31e2c92d0cdf9203
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b7839fac7b29da23894baf5af490323df0788ad0d6286837fe6efe99ab9a50ea
cd591d9b7a6c245217283173d39b5313298a34746fe67be5282561d6e3388087
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
ec3b68b0e424d7e275e9abfce9e737ea95a1e7c681849b062d08acdb2b192c74
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629