urlscan.io logo urlscan.io
SecurityTrails logo

auth.gcfglobal.org Open in urlscan Pro
20.40.202.32  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://account.gcfglobal.org/signup
Effective URL: https://auth.gcfglobal.org/interaction/u9ja1c-m1VcgCARbZEVC_
Submission: On April 18 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 2 countries across 10 domains to perform 30 HTTP transactions. The main IP is 20.40.202.32, located in Des Moines, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is auth.gcfglobal.org. The Cisco Umbrella rank of the primary domain is 203542.
TLS certificate: Issued by GeoTrust Global TLS RSA4096 SHA256 20... on March 17th 2024. Valid for: 6 months.
This is the only time auth.gcfglobal.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 20.40.202.29 8075 (MICROSOFT...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 10 20.40.202.32 8075 (MICROSOFT...)
4 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a03:2880:f08... 32934 (FACEBOOK)
1 2a03:2880:f17... 32934 (FACEBOOK)
30 12
4    20.40.202.29 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
account.gcfglobal.org
2    2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
10    20.40.202.32 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
auth.gcfglobal.org
4    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2606:4700::6811:f7cb (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
1    2606:4700:20::681a:710 (United States)

ASN13335 (CLOUDFLARENET, US)
media.gcflearnfree.org
1    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
14 gcfglobal.org
account.gcfglobal.org
auth.gcfglobal.org — Cisco Umbrella Rank: 203542
2 MB
4 gstatic.com
fonts.gstatic.com
91 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180
91 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
3 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
160 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 97
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 231
5 KB
1 gcflearnfree.org
media.gcflearnfree.org — Cisco Umbrella Rank: 148348
18 KB
1 unpkg.com
unpkg.com — Cisco Umbrella Rank: 744
16 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2404
259 B
30 10
Domain Requested by
10 auth.gcfglobal.org 1 redirects account.gcfglobal.org
auth.gcfglobal.org
4 fonts.gstatic.com fonts.googleapis.com
4 account.gcfglobal.org account.gcfglobal.org
2 connect.facebook.net auth.gcfglobal.org
connect.facebook.net
2 fonts.googleapis.com account.gcfglobal.org
auth.gcfglobal.org
2 www.googletagmanager.com account.gcfglobal.org
www.googletagmanager.com
1 www.facebook.com connect.facebook.net
1 cdnjs.cloudflare.com auth.gcfglobal.org
1 media.gcflearnfree.org auth.gcfglobal.org
1 unpkg.com auth.gcfglobal.org
1 region1.google-analytics.com www.googletagmanager.com
30 11

This site contains links to these domains. Also see Links.

Domain
edu.gcfglobal.org
support.gcflearnfree.org
Subject Issuer Validity Valid
account.gcfglobal.org
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2024-03-17 -
2024-09-17		 6 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
auth.gcfglobal.org
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2024-03-17 -
2024-09-17		 6 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
unpkg.com
GTS CA 1P5		 2024-04-01 -
2024-06-30		 3 months crt.sh
gcflearnfree.org
E1		 2024-03-14 -
2024-06-12		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-01-26 -
2024-04-25		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://auth.gcfglobal.org/interaction/u9ja1c-m1VcgCARbZEVC_
Frame ID: CBBCA208D4CF7A686ECDDBF02BAB97A3
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sign up

Page URL History Show full URLs

  1. https://account.gcfglobal.org/signup Page URL
  2. https://auth.gcfglobal.org/auth?client_id=t25pNuD7fW7ab7DCji1_W&redirect_uri=https%3A%2F%2Faccount.gcfg... HTTP 303
    https://auth.gcfglobal.org/interaction/u9ja1c-m1VcgCARbZEVC_ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

30
Requests

93 %
HTTPS

82 %
IPv6

10
Domains

11
Subdomains

12
IPs

2
Countries

2929 kB
Transfer

3533 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://account.gcfglobal.org/signup Page URL
  2. https://auth.gcfglobal.org/auth?client_id=t25pNuD7fW7ab7DCji1_W&redirect_uri=https%3A%2F%2Faccount.gcfglobal.org%2Fauth%2Foidc-callback&response_type=code&scope=openid%20profile%20email%20offline_access&state=66c352b3a2b1474fa39db0216302c937&code_challenge=i-Lvpd_GAyGKbF_KsY9yque5xm0Dl0x6U2gFzvuQuKg&code_challenge_method=S256&response_mode=query&sign_up_process=true HTTP 303
    https://auth.gcfglobal.org/interaction/u9ja1c-m1VcgCARbZEVC_ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
signup
account.gcfglobal.org/ 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://account.gcfglobal.org/signup
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.40.202.29 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ Express
Resource Hash
8a8fc64418d0077fa788a13499ac1a27496487a4e57d4809605e61239ae3b541

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Accept-Ranges
bytes
Cache-Control
public, max-age=0
Content-Length
1308
Content-Type
text/html; charset=utf-8
Date
Thu, 18 Apr 2024 16:45:34 GMT
ETag
W/"51c-18c69cefcb0"
Last-Modified
Thu, 14 Dec 2023 19:30:22 GMT
Vary
Origin
X-Powered-By
Express
index.90111bb5.js
account.gcfglobal.org/assets/ 		1 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://account.gcfglobal.org/assets/index.90111bb5.js
Requested by
Host: account.gcfglobal.org
URL: https://account.gcfglobal.org/signup
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.40.202.29 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ Express
Resource Hash
29a77763668879455f3e8936016321fecb679ec0d49e4612a9748e5572b6eaec

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://account.gcfglobal.org/signup
Origin
https://account.gcfglobal.org
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 18 Apr 2024 16:45:34 GMT
Last-Modified
Thu, 14 Dec 2023 19:30:22 GMT
ETag
W/"160507-18c69cefcb0"
X-Powered-By
Express
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=0
Accept-Ranges
bytes
Content-Length
1443079
index.a6db196a.css
account.gcfglobal.org/assets/ 		649 KB
650 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://account.gcfglobal.org/assets/index.a6db196a.css
Requested by
Host: account.gcfglobal.org
URL: https://account.gcfglobal.org/signup
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.40.202.29 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ Express
Resource Hash
b71b2bf40458c6d06d30d02e5feb31f0a4461f95795c96745b0ec38f54668208

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://account.gcfglobal.org/signup
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 18 Apr 2024 16:45:35 GMT
Last-Modified
Thu, 14 Dec 2023 19:30:22 GMT
ETag
W/"a259d-18c69cefcb0"
X-Powered-By
Express
Content-Type
text/css; charset=UTF-8
Cache-Control
public, max-age=0
Accept-Ranges
bytes
Content-Length
664989
gtm.js
www.googletagmanager.com/ 		180 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-T66WFX5
Requested by
Host: account.gcfglobal.org
URL: https://account.gcfglobal.org/signup
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
87137bd980ac9fb310d4915b240a4dbba5df1beb9f6e490582801eb3616471aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://account.gcfglobal.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 16:45:34 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66207
x-xss-protection
0
last-modified
Thu, 18 Apr 2024 16:12:13 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 18 Apr 2024 16:45:34 GMT
js
www.googletagmanager.com/gtag/ 		279 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-YXEKYNE8NH&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T66WFX5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4ada901daac7d7805819638b0bf5db482c5685a494da793e18d3c786859927eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://account.gcfglobal.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 16:45:34 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
96751
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 18 Apr 2024 16:45:34 GMT
collect
region1.google-analytics.com/g/ 		0
259 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-YXEKYNE8NH&gtm=45je44f0v897463317z8897460149za200&_p=1713458734749&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=911897351.1713458735&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1713458734&sct=1&seg=0&dl=https%3A%2F%2Faccount.gcfglobal.org%2Fsignup&dt=GCF%20Global%20User%20Account&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1382
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YXEKYNE8NH&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://account.gcfglobal.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 18 Apr 2024 16:45:35 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://account.gcfglobal.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css2
fonts.googleapis.com/ 		28 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500;600;700&display=swap
Requested by
Host: account.gcfglobal.org
URL: https://account.gcfglobal.org/assets/index.a6db196a.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
90787ca0e77942034765d1f69eff786ed8fbb616ed49ba6fbc8e9f56207c579e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://account.gcfglobal.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Thu, 18 Apr 2024 16:45:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 18 Apr 2024 16:42:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 18 Apr 2024 16:45:35 GMT
openid-configuration
auth.gcfglobal.org/.well-known/ 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://auth.gcfglobal.org/.well-known/openid-configuration
Requested by
Host: account.gcfglobal.org
URL: https://account.gcfglobal.org/assets/index.90111bb5.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.40.202.32 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'self' connect.facebook.net cdnjs.cloudflare.com cdn.jsdelivr.net 'unsafe-inline'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://account.gcfglobal.org/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 18 Apr 2024 16:45:36 GMT
Strict-Transport-Security
max-age=15552000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
script-src 'self' connect.facebook.net cdnjs.cloudflare.com cdn.jsdelivr.net 'unsafe-inline'
X-Permitted-Cross-Domain-Policies
none
Referrer-Policy
no-referrer
Expect-CT
max-age=0
Vary
Origin
X-DNS-Prefetch-Control
off
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://account.gcfglobal.org
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Length
2299
X-XSS-Protection
0
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://account.gcfglobal.org
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 00:50:53 GMT
x-content-type-options
nosniff
age
230083
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Apr 2025 00:50:53 GMT
favicon.ico
account.gcfglobal.org/ 		15 KB
15 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://account.gcfglobal.org/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.40.202.29 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ Express
Resource Hash
87e8becc2dc900e8d3a948ab407de551724cd3009b24e54e2e078ae5bcc70439

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://account.gcfglobal.org/signup
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 18 Apr 2024 16:45:36 GMT
Last-Modified
Thu, 14 Dec 2023 19:30:19 GMT
ETag
W/"3c2e-18c69cef0f8"
X-Powered-By
Express
Content-Type
image/x-icon
Cache-Control
public, max-age=0
Accept-Ranges
bytes
Content-Length
15406
Primary Request u9ja1c-m1VcgCARbZEVC_
auth.gcfglobal.org/interaction/
Redirect Chain
  • https://auth.gcfglobal.org/auth?client_id=t25pNuD7fW7ab7DCji1_W&redirect_uri=https%3A%2F%2Faccount.gcfglobal.org%2Fauth%2Foidc-callback&response_type=code&scope=openid%20profile%20email%20offline_a...
  • https://auth.gcfglobal.org/interaction/u9ja1c-m1VcgCARbZEVC_
8 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://auth.gcfglobal.org/interaction/u9ja1c-m1VcgCARbZEVC_
Requested by
Host: account.gcfglobal.org
URL: https://account.gcfglobal.org/assets/index.90111bb5.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.40.202.32 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a2cda2216c5984d0e34c76241d244428786faf222c0cb98a085fbdcad3992a88
Security Headers
Name Value
Content-Security-Policy script-src 'self' connect.facebook.net cdnjs.cloudflare.com cdn.jsdelivr.net 'unsafe-inline'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
no-cache, no-store
Content-Length
8135
Content-Security-Policy
script-src 'self' connect.facebook.net cdnjs.cloudflare.com cdn.jsdelivr.net 'unsafe-inline'
Content-Type
text/html; charset=utf-8
Date
Thu, 18 Apr 2024 16:45:37 GMT
ETag
W/"1fc7-QlMOGBdLR8hVoPl+NloJ8x6ER2A"
Expect-CT
max-age=0
Pragma
no-cache
Referrer-Policy
no-referrer
Strict-Transport-Security
max-age=15552000; includeSubDomains
X-Content-Type-Options
nosniff
X-DNS-Prefetch-Control
off
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
X-Permitted-Cross-Domain-Policies
none
X-XSS-Protection
0

Redirect headers

Cache-Control
no-cache, no-store
Content-Length
99
Content-Security-Policy
script-src 'self' connect.facebook.net cdnjs.cloudflare.com cdn.jsdelivr.net 'unsafe-inline'
Content-Type
text/html; charset=utf-8
Date
Thu, 18 Apr 2024 16:45:37 GMT
Expect-CT
max-age=0
Location
/interaction/u9ja1c-m1VcgCARbZEVC_
Pragma
no-cache
Referrer-Policy
no-referrer
Strict-Transport-Security
max-age=15552000; includeSubDomains
X-Content-Type-Options
nosniff
X-DNS-Prefetch-Control
off
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
X-Permitted-Cross-Domain-Policies
none
X-XSS-Protection
0
collect
region1.google-analytics.com/g/ 		0
0
collect
region1.google-analytics.com/g/ 		0
0
css
fonts.googleapis.com/ 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,500,600,700,900,900i
Requested by
Host: auth.gcfglobal.org
URL: https://auth.gcfglobal.org/interaction/u9ja1c-m1VcgCARbZEVC_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
be9f237d1a50a3f4903eec5edb4bfc5bc58888abb109f559210ed9b433f1810e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Thu, 18 Apr 2024 16:45:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 18 Apr 2024 16:45:37 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 18 Apr 2024 16:45:37 GMT
boxicons.min.css
unpkg.com/boxicons@2.1.1/css/ 		64 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/boxicons@2.1.1/css/boxicons.min.css
Requested by
Host: auth.gcfglobal.org
URL: https://auth.gcfglobal.org/interaction/u9ja1c-m1VcgCARbZEVC_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:f7cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2f56e3007ba636a17a6ea0606c8889289b033e62f050e7e9e9b6a5237cf5cdc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 16:45:37 GMT
content-encoding
br
via
1.1 fly.io
cf-cache-status
HIT
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
2031570
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01HSWG48YQ2DJA04P2JQCNA7W3-fra
server
cloudflare
etag
"100de-Mn9KNwx+Bha2gD4oS36aXAm4QDs"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
876620552a275c8c-FRA
main.css
auth.gcfglobal.org/css/ 		329 KB
330 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://auth.gcfglobal.org/css/main.css
Requested by
Host: auth.gcfglobal.org
URL: https://auth.gcfglobal.org/interaction/u9ja1c-m1VcgCARbZEVC_
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.40.202.32 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ecbcf6301e4058dac4553409e6ab95f75dad1100954d2ac098d7bbe58a921220
Security Headers
Name Value
Content-Security-Policy script-src 'self' connect.facebook.net cdnjs.cloudflare.com cdn.jsdelivr.net 'unsafe-inline'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 18 Apr 2024 16:45:37 GMT
Strict-Transport-Security
max-age=15552000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
script-src 'self' connect.facebook.net cdnjs.cloudflare.com cdn.jsdelivr.net 'unsafe-inline'
X-Permitted-Cross-Domain-Policies
none
X-DNS-Prefetch-Control
off
Content-Length
337177
X-XSS-Protection
0
Referrer-Policy
no-referrer
Last-Modified
Tue, 12 Dec 2023 15:49:10 GMT
ETag
W/"52519-18c5eb7c0f0"
Expect-CT
max-age=0
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=UTF-8
X-Download-Options
noopen
Cache-Control
public, max-age=0
Accept-Ranges
bytes
gcfglobal-color.png
media.gcflearnfree.org/global/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.gcflearnfree.org/global/gcfglobal-color.png
Requested by
Host: auth.gcfglobal.org
URL: https://auth.gcfglobal.org/interaction/u9ja1c-m1VcgCARbZEVC_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:710 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be998c2e66d297f322faa0e3522ecbff065aea199da8d23579f38ec963d3b21a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 18 Apr 2024 16:45:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5
1krUFA2mUHHJ9Syh/Lydeg==
age
6940
cf-polished
origSize=20805
x-ms-meta-cbmodifiedtime
Tue, 24 Jul 2018 12:43:35 GMT
content-length
17211
x-ms-lease-status
unlocked
cf-bgj
imgq:100,h2pri
last-modified
Tue, 24 Jul 2018 12:45:09 GMT
server
cloudflare
etag
0x8D5F1634A6BEC86
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9ZnXcEf9pk6RVKAdXyzj1E%2Bfko3H%2FahVptTBQptaHpyaTk%2FBIeEhRzOH%2F%2Fhl5vGoC7s1OwcazJTyA7xvGEMicR1uyvxr5a%2FGgmfnwcpYrjdpMLgpyRmjgsC%2BqiCnSQ8XkoL0fotbbujhuKf9SJDNP5B7bwQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
x-ms-request-id
54d76b75-e01e-0026-36d9-7e0a15000000
cache-control
max-age=691200
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
876620555cd32bc6-FRA
aes.js
cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.2/rollups/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.2/rollups/aes.js
Requested by
Host: auth.gcfglobal.org
URL: https://auth.gcfglobal.org/interaction/u9ja1c-m1VcgCARbZEVC_
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc7e184beeda61bf6427938a84560f52348976bb55e807b224eb53930e97ef6a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 16:45:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
69313
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4256
last-modified
Mon, 04 May 2020 16:09:17 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e2d-3430"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GEPGA0ASjExQhSHVAnzdOddETiI7udpBR6kH3ZiOK8gzrW6ITRZp0MwZF2zMGqreDx%2F7sh3p%2BKLvZyf8dLLr%2BVKHgBQszgm7Cf86slpVsq1i82eV4ORnF2iZwDBx1%2F%2FRvYVHqR6qWqvlj2qry%2BDEvQHE"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
876620551a7f363b-FRA
expires
Tue, 08 Apr 2025 16:45:37 GMT
main.js
auth.gcfglobal.org/js/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.gcfglobal.org/js/main.js
Requested by
Host: auth.gcfglobal.org
URL: https://auth.gcfglobal.org/interaction/u9ja1c-m1VcgCARbZEVC_
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.40.202.32 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0386851acf9cb75478a58fe076de5c4c8677fe33e718d7ec2950d834a24090b4
Security Headers
Name Value
Content-Security-Policy script-src 'self' connect.facebook.net cdnjs.cloudflare.com cdn.jsdelivr.net 'unsafe-inline'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 18 Apr 2024 16:45:37 GMT
Strict-Transport-Security
max-age=15552000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
script-src 'self' connect.facebook.net cdnjs.cloudflare.com cdn.jsdelivr.net 'unsafe-inline'
X-Permitted-Cross-Domain-Policies
none
X-DNS-Prefetch-Control
off
Content-Length
2517
X-XSS-Protection
0
Referrer-Policy
no-referrer
Last-Modified
Tue, 12 Dec 2023 15:49:10 GMT
ETag
W/"9d5-18c5eb7c0f0"
Expect-CT
max-age=0
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=UTF-8
X-Download-Options
noopen
Cache-Control
public, max-age=0
Accept-Ranges
bytes
signup.js
auth.gcfglobal.org/js/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.gcfglobal.org/js/signup.js
Requested by
Host: auth.gcfglobal.org
URL: https://auth.gcfglobal.org/interaction/u9ja1c-m1VcgCARbZEVC_
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.40.202.32 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
cfd93d555fbe2281743c8402e68a507e8b2709eecbd219a1d2f64a4349cf65d3
Security Headers
Name Value
Content-Security-Policy script-src 'self' connect.facebook.net cdnjs.cloudflare.com cdn.jsdelivr.net 'unsafe-inline'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 18 Apr 2024 16:45:37 GMT
Strict-Transport-Security
max-age=15552000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
script-src 'self' connect.facebook.net cdnjs.cloudflare.com cdn.jsdelivr.net 'unsafe-inline'
X-Permitted-Cross-Domain-Policies
none
X-DNS-Prefetch-Control
off
Content-Length
4853
X-XSS-Protection
0
Referrer-Policy
no-referrer
Last-Modified
Tue, 12 Dec 2023 15:49:10 GMT
ETag
W/"12f5-18c5eb7c0f0"
Expect-CT
max-age=0
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=UTF-8
X-Download-Options
noopen
Cache-Control
public, max-age=0
Accept-Ranges
bytes
facebookSignup.js
auth.gcfglobal.org/js/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.gcfglobal.org/js/facebookSignup.js
Requested by
Host: auth.gcfglobal.org
URL: https://auth.gcfglobal.org/interaction/u9ja1c-m1VcgCARbZEVC_
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.40.202.32 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9d3ea391321332870a821bc06c7a46450adcfa2da35753f2bf7a364f41a29c7d
Security Headers
Name Value
Content-Security-Policy script-src 'self' connect.facebook.net cdnjs.cloudflare.com cdn.jsdelivr.net 'unsafe-inline'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 18 Apr 2024 16:45:37 GMT
Strict-Transport-Security
max-age=15552000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
script-src 'self' connect.facebook.net cdnjs.cloudflare.com cdn.jsdelivr.net 'unsafe-inline'
X-Permitted-Cross-Domain-Policies
none
X-DNS-Prefetch-Control
off
Content-Length
3920
X-XSS-Protection
0
Referrer-Policy
no-referrer
Last-Modified
Tue, 12 Dec 2023 15:49:10 GMT
ETag
W/"f50-18c5eb7c0f0"
Expect-CT
max-age=0
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=UTF-8
X-Download-Options
noopen
Cache-Control
public, max-age=0
Accept-Ranges
bytes
googleSignup.js
auth.gcfglobal.org/js/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.gcfglobal.org/js/googleSignup.js
Requested by
Host: auth.gcfglobal.org
URL: https://auth.gcfglobal.org/interaction/u9ja1c-m1VcgCARbZEVC_
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.40.202.32 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9a0e5449bf29dfc897d16aa39c3d61a953d4019a2202616f15752cdcbc4ea0f1
Security Headers
Name Value
Content-Security-Policy script-src 'self' connect.facebook.net cdnjs.cloudflare.com cdn.jsdelivr.net 'unsafe-inline'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 18 Apr 2024 16:45:37 GMT
Strict-Transport-Security
max-age=15552000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
script-src 'self' connect.facebook.net cdnjs.cloudflare.com cdn.jsdelivr.net 'unsafe-inline'
X-Permitted-Cross-Domain-Policies
none
X-DNS-Prefetch-Control
off
Content-Length
1335
X-XSS-Protection
0
Referrer-Policy
no-referrer
Last-Modified
Tue, 12 Dec 2023 15:49:10 GMT
ETag
W/"537-18c5eb7c0f0"
Expect-CT
max-age=0
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript; charset=UTF-8
X-Download-Options
noopen
Cache-Control
public, max-age=0
Accept-Ranges
bytes
sdk.js
connect.facebook.net/en_US/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: auth.gcfglobal.org
URL: https://auth.gcfglobal.org/interaction/u9ja1c-m1VcgCARbZEVC_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
33ba60b570cba1e6977aa5b659f904642a1d7b7ea2b2371317bf647528604fb1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin
https://auth.gcfglobal.org
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 18 Apr 2024 16:45:37 GMT
content-md5
apgbVnZHW6wtde7jQR2uZA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1688
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=12, mss=1326, tbw=2762, tp=-1, tpl=-1, uplat=3, ullat=-1
x-fb-debug
6oOmvdncs0CcpHDG/3zaIvwVgwqHk58fUPNA/oZFRzDdHvNeEosN6VdkjTNF8AxvgYspVsB7BvjvOftWYkbu8g==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
e632dbfe2e8d6047feea109ba829a9ff
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"6c3d15b78b66c3ffcb640ac262f0d1a8"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
expires
Thu, 18 Apr 2024 16:57:43 GMT
sdk.js
connect.facebook.net/en_US/ 		304 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=32396d58173c4999bb2fff5ab2d32d36
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ba64ebb0f079fa2e6b67c75247b0fa187616d4e6b2dd526212120f2332bb6307
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin
https://auth.gcfglobal.org
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 18 Apr 2024 16:45:38 GMT
content-md5
rtHoFlw6SJjYIiYOcsucag==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
89021
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=20, mss=1326, tbw=6426, tp=-1, tpl=-1, uplat=0, ullat=-1
x-fb-debug
suRfPRq60XTjj7jTj7ndywDJOFfHMFWNvbvNbCbXTSPSML++YW2sptzzVoBFgA494HBSGUNi8/RenaecwIu6sw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
0b8fbfc9bdb8ad643c97105e13951385
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"d0f5dcd10ebf9b4f3c035d821763a740"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
expires
Fri, 18 Apr 2025 15:21:19 GMT
boxicons.woff2
auth.gcfglobal.org/fonts/ 		112 KB
113 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://auth.gcfglobal.org/fonts/boxicons.woff2
Requested by
Host: auth.gcfglobal.org
URL: https://auth.gcfglobal.org/css/main.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.40.202.32 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
dec58953a5ccd230fee770d8abb7d21efddeb723b08929a259551c4b17eaf05c
Security Headers
Name Value
Content-Security-Policy script-src 'self' connect.facebook.net cdnjs.cloudflare.com cdn.jsdelivr.net 'unsafe-inline'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin
https://auth.gcfglobal.org
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 18 Apr 2024 16:45:38 GMT
Strict-Transport-Security
max-age=15552000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
script-src 'self' connect.facebook.net cdnjs.cloudflare.com cdn.jsdelivr.net 'unsafe-inline'
X-Permitted-Cross-Domain-Policies
none
X-DNS-Prefetch-Control
off
Content-Length
114992
X-XSS-Protection
0
Referrer-Policy
no-referrer
Last-Modified
Tue, 12 Dec 2023 15:49:10 GMT
ETag
W/"1c130-18c5eb7c0f0"
Expect-CT
max-age=0
X-Frame-Options
SAMEORIGIN
Content-Type
font/woff2
X-Download-Options
noopen
Cache-Control
public, max-age=0
Accept-Ranges
bytes
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,500,600,700,900,900i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://auth.gcfglobal.org
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 23:39:20 GMT
x-content-type-options
nosniff
age
147978
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14892
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 Apr 2025 23:39:20 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,500,600,700,900,900i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://auth.gcfglobal.org
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 23:13:23 GMT
x-content-type-options
nosniff
age
495135
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14712
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 12 Apr 2025 23:13:23 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,500,600,700,900,900i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://auth.gcfglobal.org
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 06:46:02 GMT
x-content-type-options
nosniff
age
467976
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14824
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 13 Apr 2025 06:46:02 GMT
status
www.facebook.com/x/oauth/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/x/oauth/status?client_id=481035776997889&input_token&origin=1&redirect_uri=https%3A%2F%2Fauth.gcfglobal.org%2Finteraction%2Fu9ja1c-m1VcgCARbZEVC_&sdk=joey&wants_cookie_data=true
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=32396d58173c4999bb2fff5ab2d32d36
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=15552000; preload
date
Thu, 18 Apr 2024 16:45:38 GMT
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
reporting-endpoints
coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1326, tbw=2754, tp=-1, tpl=-1, uplat=99, ullat=0
pragma
no-cache
x-fb-debug
0f6I3D3E4mB0MymNiXd7T0rj8AZZMRqu2HcXZ8g8yLfxLIAvV8GAct++Zz0fXmEh6C/zsAEiaKXQyOO1sIQtrA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
fb-s
unknown
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://auth.gcfglobal.org
origin-agent-cluster
?0
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
favicon.ico
auth.gcfglobal.org/ 		112 B
659 B 		Other
General
Check archive.org
Download Go to
Full URL
https://auth.gcfglobal.org/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.40.202.32 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f4dca1bde2b311411452dd022f12ed9315bea420f020caab089dd673b3f1be00
Security Headers
Name Value
Content-Security-Policy script-src 'self' connect.facebook.net cdnjs.cloudflare.com cdn.jsdelivr.net 'unsafe-inline'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 18 Apr 2024 16:45:38 GMT
Strict-Transport-Security
max-age=15552000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
script-src 'self' connect.facebook.net cdnjs.cloudflare.com cdn.jsdelivr.net 'unsafe-inline'
X-Permitted-Cross-Domain-Policies
none
Referrer-Policy
no-referrer
Expect-CT
max-age=0
X-DNS-Prefetch-Control
off
X-Frame-Options
SAMEORIGIN
Content-Type
application/json; charset=utf-8
X-Download-Options
noopen
Content-Length
112
X-XSS-Protection
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
region1.google-analytics.com
URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-YXEKYNE8NH&gtm=45je44f0v897463317za200&_p=1713458734749&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=911897351.1713458735&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=AEA&_s=2&sid=1713458734&sct=1&seg=0&dl=https%3A%2F%2Faccount.gcfglobal.org%2Fsignup&dt=GCF%20Global%20User%20Account&en=scroll&epn.percent_scrolled=90&_et=7&tfd=3864
Domain
region1.google-analytics.com
URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-YXEKYNE8NH&gtm=45je44f0v897463317za200&_p=1713458734749&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=911897351.1713458735&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=3&sid=1713458734&sct=1&seg=0&dl=https%3A%2F%2Faccount.gcfglobal.org%2Fsignup&dt=GCF%20Global%20User%20Account&en=user_engagement&_et=2471&tfd=3866

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| CryptoJS function| GCFPasswordInputs function| initGCFSign function| initLangSelection function| getCookie function| setFieldError function| clearFieldError function| hasPatternError function| passwordValidator function| hasEmailError function| emailValidator string| app_id string| app_version string| scopes function| statusChangeCallback function| checkLoginState function| testAPI function| getFacebookData function| facebookLogin function| parseQuery function| accountAlreadyExist function| federatedRequest function| fbAsyncInit function| googleSignup object| FB object| __buffer

6 Cookies

Domain/Path Name / Value
auth.gcfglobal.org/interaction/u9ja1c-m1VcgCARbZEVC_ Name: _interaction
Value: u9ja1c-m1VcgCARbZEVC_
auth.gcfglobal.org/interaction/u9ja1c-m1VcgCARbZEVC_ Name: _interaction.sig
Value: 5NyHp1Z3dJ3wOpEveZdSympkg2E
auth.gcfglobal.org/auth/u9ja1c-m1VcgCARbZEVC_ Name: _interaction_resume
Value: u9ja1c-m1VcgCARbZEVC_
auth.gcfglobal.org/auth/u9ja1c-m1VcgCARbZEVC_ Name: _interaction_resume.sig
Value: XVXtDzsqwCH3MpMux_4MTN6drM0
.gcfglobal.org/ Name: _ga
Value: GA1.1.911897351.1713458735
.gcfglobal.org/ Name: _ga_YXEKYNE8NH
Value: GS1.1.1713458734.1.0.1713458737.0.0.0

2 Console Messages

Source Level URL
Text
recommendation verbose URL: https://auth.gcfglobal.org/interaction/u9ja1c-m1VcgCARbZEVC_
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
network error URL: https://auth.gcfglobal.org/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

account.gcfglobal.org
auth.gcfglobal.org
cdnjs.cloudflare.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
media.gcflearnfree.org
region1.google-analytics.com
unpkg.com
www.facebook.com
www.googletagmanager.com
region1.google-analytics.com
20.40.202.29
20.40.202.32
2001:4860:4802:34::36
2606:4700:20::681a:710
2606:4700::6811:180e
2606:4700::6811:f7cb
2a00:1450:4001:80b::200a
2a00:1450:4001:831::2003
2a00:1450:4001:831::2008
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
0386851acf9cb75478a58fe076de5c4c8677fe33e718d7ec2950d834a24090b4
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
29a77763668879455f3e8936016321fecb679ec0d49e4612a9748e5572b6eaec
33ba60b570cba1e6977aa5b659f904642a1d7b7ea2b2371317bf647528604fb1
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
4ada901daac7d7805819638b0bf5db482c5685a494da793e18d3c786859927eb
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
87137bd980ac9fb310d4915b240a4dbba5df1beb9f6e490582801eb3616471aa
87e8becc2dc900e8d3a948ab407de551724cd3009b24e54e2e078ae5bcc70439
8a8fc64418d0077fa788a13499ac1a27496487a4e57d4809605e61239ae3b541
90787ca0e77942034765d1f69eff786ed8fbb616ed49ba6fbc8e9f56207c579e
9a0e5449bf29dfc897d16aa39c3d61a953d4019a2202616f15752cdcbc4ea0f1
9d3ea391321332870a821bc06c7a46450adcfa2da35753f2bf7a364f41a29c7d
a2cda2216c5984d0e34c76241d244428786faf222c0cb98a085fbdcad3992a88
b2f56e3007ba636a17a6ea0606c8889289b033e62f050e7e9e9b6a5237cf5cdc
b71b2bf40458c6d06d30d02e5feb31f0a4461f95795c96745b0ec38f54668208
ba64ebb0f079fa2e6b67c75247b0fa187616d4e6b2dd526212120f2332bb6307
be998c2e66d297f322faa0e3522ecbff065aea199da8d23579f38ec963d3b21a
be9f237d1a50a3f4903eec5edb4bfc5bc58888abb109f559210ed9b433f1810e
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
cfd93d555fbe2281743c8402e68a507e8b2709eecbd219a1d2f64a4349cf65d3
dec58953a5ccd230fee770d8abb7d21efddeb723b08929a259551c4b17eaf05c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecbcf6301e4058dac4553409e6ab95f75dad1100954d2ac098d7bbe58a921220
f4dca1bde2b311411452dd022f12ed9315bea420f020caab089dd673b3f1be00
fc7e184beeda61bf6427938a84560f52348976bb55e807b224eb53930e97ef6a