gau-fix-tests-login.gau-nonprod.gbgplc.com Open in urlscan Pro
13.225.80.57 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://gau-fix-tests-login.gau-nonprod.gbgplc.com/
Submission: On April 22 via automatic, source certstream-suspicious (April 22nd 2022, 12:59:47 am UTC) — Scanned from DE

Summary HTTP 10 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 3 domains to perform 10 HTTP transactions. The main IP is 13.225.80.57, located in United States and belongs to AMAZON-02, US. The main domain is gau-fix-tests-login.gau-nonprod.gbgplc.com.
TLS certificate: Issued by Amazon on April 21st 2022. Valid for: a year.

This is the only time gau-fix-tests-login.gau-nonprod.gbgplc.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	13.225.80.57 13.225.80.57	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
1	2600:9000:231... 2600:9000:2315:4400:1f:2239:16c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
10	5

7 13.225.80.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-80-57.fra2.r.cloudfront.net

gau-fix-tests-login.gau-nonprod.gbgplc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2315:4400:1f:2239:16c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

test-login.auth.gbgplc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	gbgplc.com gau-fix-tests-login.gau-nonprod.gbgplc.com test-login.auth.gbgplc.com	481 KB
1	gstatic.com fonts.gstatic.com	37 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 46	1 KB
10	3

	Domain	Requested by
7	gau-fix-tests-login.gau-nonprod.gbgplc.com	gau-fix-tests-login.gau-nonprod.gbgplc.com
1	fonts.gstatic.com	fonts.googleapis.com
1	test-login.auth.gbgplc.com	gau-fix-tests-login.gau-nonprod.gbgplc.com
1	fonts.googleapis.com	gau-fix-tests-login.gau-nonprod.gbgplc.com
10	4

This site contains no links.

Subject Issuer	Validity	Valid
gau-fix-tests-login.gau-nonprod.gbgplc.com Amazon	`2022-04-21` - `2023-05-20`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.auth.gbgplc.com GlobalSign GCC R3 DV TLS CA 2020	`2021-12-21` - `2023-01-22`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://gau-fix-tests-login.gau-nonprod.gbgplc.com/
Frame ID: 3D89D53E19E3132946945C4BC9E4FD26
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Log in to GBG

Page Statistics

10
Requests

100 %
HTTPS

75 %
IPv6

3
Domains

4
Subdomains

5
IPs

2
Countries

519 kB
Transfer

2077 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
gau-fix-tests-login.gau-nonprod.gbgplc.com/ 794 B
2 KB 140ms
61ms Document
text/html 13.225.80.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gau-fix-tests-login.gau-nonprod.gbgplc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.57 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-57.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

8101f72e4d560a430ca1a5c92211cd85b0cc1f9321570726fd7cdd696ef27c60

Security Headers

Name	Value
Content-Security-Policy	default-src 'none' ; script-src 'self' ; object-src 'none' ; img-src 'self' data: ; style-src 'self' 'sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=' 'sha256-PCIRBVLXb7L62+EomqoQYE4fCb7LpmGlAcPrbnbRAyw=' 'sha256-udLi8HM3vM4cuDDMGyRFzG8ek0UN0+uytPLWkbTpagg=' https://fonts.googleapis.com ; font-src 'self' https://fonts.gstatic.com ; manifest-src 'self' ; connect-src 'self' https://test-login.auth.gbgplc.com; base-uri 'self' ; form-action 'self' ; frame-ancestors 'none' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-length: 794
content-security-policy: default-src 'none' ; script-src 'self' ; object-src 'none' ; img-src 'self' data: ; style-src 'self' 'sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=' 'sha256-PCIRBVLXb7L62+EomqoQYE4fCb7LpmGlAcPrbnbRAyw=' 'sha256-udLi8HM3vM4cuDDMGyRFzG8ek0UN0+uytPLWkbTpagg=' https://fonts.googleapis.com ; font-src 'self' https://fonts.gstatic.com ; manifest-src 'self' ; connect-src 'self' https://test-login.auth.gbgplc.com; base-uri 'self' ; form-action 'self' ; frame-ancestors 'none' ;
content-type: text/html
date: Fri, 22 Apr 2022 00:59:41 GMT
etag: "5d67fd6bcad4424477b43334c2a7c100"
last-modified: Thu, 21 Apr 2022 12:20:18 GMT
referrer-policy: no-referrer
server: AmazonS3
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 2b2e2811e641703aebf776da39317b9c.cloudfront.net (CloudFront)
x-amz-cf-id: MB8xOuZ7cXFB6o3AmqYdX1qWEAT4Ce4nHpTFe4MQ5SHiycQhhW86Pw==
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H2 200 2.fbbdda2c.chunk.css
gau-fix-tests-login.gau-nonprod.gbgplc.com/static/css/ 348 KB
89 KB 135ms
132ms Stylesheet
text/css 13.225.80.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gau-fix-tests-login.gau-nonprod.gbgplc.com/static/css/2.fbbdda2c.chunk.css

Requested by

Host: gau-fix-tests-login.gau-nonprod.gbgplc.com
URL: https://gau-fix-tests-login.gau-nonprod.gbgplc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.57 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-57.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

d77ac8244caac370e42cb04b1c3cbd012bf4ebc1f8c9dfe72a6df01bf72f0423

Security Headers

Name	Value
Content-Security-Policy	default-src 'none' ; script-src 'self' ; object-src 'none' ; img-src 'self' data: ; style-src 'self' 'sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=' 'sha256-PCIRBVLXb7L62+EomqoQYE4fCb7LpmGlAcPrbnbRAyw=' 'sha256-udLi8HM3vM4cuDDMGyRFzG8ek0UN0+uytPLWkbTpagg=' https://fonts.googleapis.com ; font-src 'self' https://fonts.gstatic.com ; manifest-src 'self' ; connect-src 'self' https://test-login.auth.gbgplc.com; base-uri 'self' ; form-action 'self' ; frame-ancestors 'none' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 00:59:42 GMT
content-encoding: br
x-content-type-options: nosniff
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Thu, 21 Apr 2022 12:20:17 GMT
server: AmazonS3
x-frame-options: DENY
etag: W/"4718c1b60eb88d7c92c322f9be50f60a"
vary: Accept-Encoding
content-type: text/css
via: 1.1 2b2e2811e641703aebf776da39317b9c.cloudfront.net (CloudFront)
content-security-policy: default-src 'none' ; script-src 'self' ; object-src 'none' ; img-src 'self' data: ; style-src 'self' 'sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=' 'sha256-PCIRBVLXb7L62+EomqoQYE4fCb7LpmGlAcPrbnbRAyw=' 'sha256-udLi8HM3vM4cuDDMGyRFzG8ek0UN0+uytPLWkbTpagg=' https://fonts.googleapis.com ; font-src 'self' https://fonts.gstatic.com ; manifest-src 'self' ; connect-src 'self' https://test-login.auth.gbgplc.com; base-uri 'self' ; form-action 'self' ; frame-ancestors 'none' ;
x-amz-cf-id: 5bQ3QoGksHK6DtaN2gaWS1XR8v6bIwIfXcg9GqfkMAorAzaIOIRR9A==

GET
H2 200 main.ac97ed93.chunk.css
gau-fix-tests-login.gau-nonprod.gbgplc.com/static/css/ 2 KB
2 KB 309ms
306ms Stylesheet
text/css 13.225.80.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gau-fix-tests-login.gau-nonprod.gbgplc.com/static/css/main.ac97ed93.chunk.css

Requested by

Host: gau-fix-tests-login.gau-nonprod.gbgplc.com
URL: https://gau-fix-tests-login.gau-nonprod.gbgplc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.57 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-57.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

e328b3e400437e1dd2c64108913f854ba6daa7fd6838086f37b2a415e715fb15

Security Headers

Name	Value
Content-Security-Policy	default-src 'none' ; script-src 'self' ; object-src 'none' ; img-src 'self' data: ; style-src 'self' 'sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=' 'sha256-PCIRBVLXb7L62+EomqoQYE4fCb7LpmGlAcPrbnbRAyw=' 'sha256-udLi8HM3vM4cuDDMGyRFzG8ek0UN0+uytPLWkbTpagg=' https://fonts.googleapis.com ; font-src 'self' https://fonts.gstatic.com ; manifest-src 'self' ; connect-src 'self' https://test-login.auth.gbgplc.com; base-uri 'self' ; form-action 'self' ; frame-ancestors 'none' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 00:59:42 GMT
content-encoding: br
x-content-type-options: nosniff
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Thu, 21 Apr 2022 12:20:19 GMT
server: AmazonS3
x-frame-options: DENY
etag: W/"e55a1cb7b9f779b6960824bfc33f6368"
vary: Accept-Encoding
content-type: text/css
via: 1.1 2b2e2811e641703aebf776da39317b9c.cloudfront.net (CloudFront)
content-security-policy: default-src 'none' ; script-src 'self' ; object-src 'none' ; img-src 'self' data: ; style-src 'self' 'sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=' 'sha256-PCIRBVLXb7L62+EomqoQYE4fCb7LpmGlAcPrbnbRAyw=' 'sha256-udLi8HM3vM4cuDDMGyRFzG8ek0UN0+uytPLWkbTpagg=' https://fonts.googleapis.com ; font-src 'self' https://fonts.gstatic.com ; manifest-src 'self' ; connect-src 'self' https://test-login.auth.gbgplc.com; base-uri 'self' ; form-action 'self' ; frame-ancestors 'none' ;
x-amz-cf-id: q3DfImWJtjE84olgFDcPx1yvf82bwiqM2jR9QZ_j1HmYYRjeNlPf2w==

GET
H2 200 runtime-main.84605964.js Show response
gau-fix-tests-login.gau-nonprod.gbgplc.com/static/js/ 2 KB
2 KB 88ms
86ms Script
application/javascript 13.225.80.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gau-fix-tests-login.gau-nonprod.gbgplc.com/static/js/runtime-main.84605964.js

Requested by

Host: gau-fix-tests-login.gau-nonprod.gbgplc.com
URL: https://gau-fix-tests-login.gau-nonprod.gbgplc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.57 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-57.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

00140566e94960bb772f276d394240da9ef98f096f2d9c24b4690165b5f7ca01

Security Headers

Name	Value
Content-Security-Policy	default-src 'none' ; script-src 'self' ; object-src 'none' ; img-src 'self' data: ; style-src 'self' 'sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=' 'sha256-PCIRBVLXb7L62+EomqoQYE4fCb7LpmGlAcPrbnbRAyw=' 'sha256-udLi8HM3vM4cuDDMGyRFzG8ek0UN0+uytPLWkbTpagg=' https://fonts.googleapis.com ; font-src 'self' https://fonts.gstatic.com ; manifest-src 'self' ; connect-src 'self' https://test-login.auth.gbgplc.com; base-uri 'self' ; form-action 'self' ; frame-ancestors 'none' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 00:59:42 GMT
content-encoding: br
x-content-type-options: nosniff
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Thu, 21 Apr 2022 12:20:20 GMT
server: AmazonS3
x-frame-options: DENY
etag: W/"c3e44ff440c74f748d62a36dead9849a"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 2b2e2811e641703aebf776da39317b9c.cloudfront.net (CloudFront)
content-security-policy: default-src 'none' ; script-src 'self' ; object-src 'none' ; img-src 'self' data: ; style-src 'self' 'sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=' 'sha256-PCIRBVLXb7L62+EomqoQYE4fCb7LpmGlAcPrbnbRAyw=' 'sha256-udLi8HM3vM4cuDDMGyRFzG8ek0UN0+uytPLWkbTpagg=' https://fonts.googleapis.com ; font-src 'self' https://fonts.gstatic.com ; manifest-src 'self' ; connect-src 'self' https://test-login.auth.gbgplc.com; base-uri 'self' ; form-action 'self' ; frame-ancestors 'none' ;
x-amz-cf-id: fuKbs8pCqNXw-2xyXY2e8Y2sTX_bGdK7rmMrq9pMuHOSIJhUEkF9rQ==

GET
H2 200 2.10532f1e.chunk.js Show response
gau-fix-tests-login.gau-nonprod.gbgplc.com/static/js/ 2 MB
376 KB 130ms
128ms Script
application/javascript 13.225.80.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gau-fix-tests-login.gau-nonprod.gbgplc.com/static/js/2.10532f1e.chunk.js

Requested by

Host: gau-fix-tests-login.gau-nonprod.gbgplc.com
URL: https://gau-fix-tests-login.gau-nonprod.gbgplc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.57 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-57.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

612b8e275398b822fdb3b33dba411864703e99e276ee55a000de0dc176a801ae

Security Headers

Name	Value
Content-Security-Policy	default-src 'none' ; script-src 'self' ; object-src 'none' ; img-src 'self' data: ; style-src 'self' 'sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=' 'sha256-PCIRBVLXb7L62+EomqoQYE4fCb7LpmGlAcPrbnbRAyw=' 'sha256-udLi8HM3vM4cuDDMGyRFzG8ek0UN0+uytPLWkbTpagg=' https://fonts.googleapis.com ; font-src 'self' https://fonts.gstatic.com ; manifest-src 'self' ; connect-src 'self' https://test-login.auth.gbgplc.com; base-uri 'self' ; form-action 'self' ; frame-ancestors 'none' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 00:59:42 GMT
content-encoding: br
x-content-type-options: nosniff
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Thu, 21 Apr 2022 12:20:20 GMT
server: AmazonS3
x-frame-options: DENY
etag: W/"1647d2c1fed7aeda61b5a8446cfd273e"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 2b2e2811e641703aebf776da39317b9c.cloudfront.net (CloudFront)
content-security-policy: default-src 'none' ; script-src 'self' ; object-src 'none' ; img-src 'self' data: ; style-src 'self' 'sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=' 'sha256-PCIRBVLXb7L62+EomqoQYE4fCb7LpmGlAcPrbnbRAyw=' 'sha256-udLi8HM3vM4cuDDMGyRFzG8ek0UN0+uytPLWkbTpagg=' https://fonts.googleapis.com ; font-src 'self' https://fonts.gstatic.com ; manifest-src 'self' ; connect-src 'self' https://test-login.auth.gbgplc.com; base-uri 'self' ; form-action 'self' ; frame-ancestors 'none' ;
x-amz-cf-id: X1iB__LvTrrqs2todSpfagFFkJa913jptCsbUEgjH9-f1BVfG8L40A==

GET
H2 200 main.a42d6308.chunk.js Show response
gau-fix-tests-login.gau-nonprod.gbgplc.com/static/js/ 38 KB
9 KB 110ms
109ms Script
application/javascript 13.225.80.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gau-fix-tests-login.gau-nonprod.gbgplc.com/static/js/main.a42d6308.chunk.js

Requested by

Host: gau-fix-tests-login.gau-nonprod.gbgplc.com
URL: https://gau-fix-tests-login.gau-nonprod.gbgplc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.57 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-57.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

a3d47dc9738c12ace60de082323c9c6938b7e60376ebe0fdb378c22fdfb838aa

Security Headers

Name	Value
Content-Security-Policy	default-src 'none' ; script-src 'self' ; object-src 'none' ; img-src 'self' data: ; style-src 'self' 'sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=' 'sha256-PCIRBVLXb7L62+EomqoQYE4fCb7LpmGlAcPrbnbRAyw=' 'sha256-udLi8HM3vM4cuDDMGyRFzG8ek0UN0+uytPLWkbTpagg=' https://fonts.googleapis.com ; font-src 'self' https://fonts.gstatic.com ; manifest-src 'self' ; connect-src 'self' https://test-login.auth.gbgplc.com; base-uri 'self' ; form-action 'self' ; frame-ancestors 'none' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 00:59:42 GMT
content-encoding: br
x-content-type-options: nosniff
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Thu, 21 Apr 2022 12:20:23 GMT
server: AmazonS3
x-frame-options: DENY
etag: W/"bb28bfcb80243e369d1fcfd4b12ffaa6"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 2b2e2811e641703aebf776da39317b9c.cloudfront.net (CloudFront)
content-security-policy: default-src 'none' ; script-src 'self' ; object-src 'none' ; img-src 'self' data: ; style-src 'self' 'sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=' 'sha256-PCIRBVLXb7L62+EomqoQYE4fCb7LpmGlAcPrbnbRAyw=' 'sha256-udLi8HM3vM4cuDDMGyRFzG8ek0UN0+uytPLWkbTpagg=' https://fonts.googleapis.com ; font-src 'self' https://fonts.gstatic.com ; manifest-src 'self' ; connect-src 'self' https://test-login.auth.gbgplc.com; base-uri 'self' ; form-action 'self' ; frame-ancestors 'none' ;
x-amz-cf-id: _9HW9faoHYl6uDr11wmEQU6q47ZkK1Pj5Uma9DORK8prya8ew8jRhw==

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
1 KB 41ms
16ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600&display=swap

Requested by

Host: gau-fix-tests-login.gau-nonprod.gbgplc.com
URL: https://gau-fix-tests-login.gau-nonprod.gbgplc.com/static/css/2.fbbdda2c.chunk.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

772df722675e3490ce1e415639cc13c3c10c56c0d3cf978ac8f68b5a374043f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 23:56:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 22 Apr 2022 00:59:41 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 22 Apr 2022 00:59:41 GMT

GET
H2 200 stage.json Show response
gau-fix-tests-login.gau-nonprod.gbgplc.com/ 107 B
990 B 82ms
82ms XHR
application/json 13.225.80.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gau-fix-tests-login.gau-nonprod.gbgplc.com/stage.json

Requested by

Host: gau-fix-tests-login.gau-nonprod.gbgplc.com
URL: https://gau-fix-tests-login.gau-nonprod.gbgplc.com/static/js/2.10532f1e.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.57 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-57.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

92ea4a11753b7862bec564577be9f40f084ff38911eeeddf3100c69dff9b2b68

Security Headers

Name	Value
Content-Security-Policy	default-src 'none' ; script-src 'self' ; object-src 'none' ; img-src 'self' data: ; style-src 'self' 'sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=' 'sha256-PCIRBVLXb7L62+EomqoQYE4fCb7LpmGlAcPrbnbRAyw=' 'sha256-udLi8HM3vM4cuDDMGyRFzG8ek0UN0+uytPLWkbTpagg=' https://fonts.googleapis.com ; font-src 'self' https://fonts.gstatic.com ; manifest-src 'self' ; connect-src 'self' https://test-login.auth.gbgplc.com; base-uri 'self' ; form-action 'self' ; frame-ancestors 'none' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 00:59:42 GMT
via: 1.1 2b2e2811e641703aebf776da39317b9c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 107
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Thu, 21 Apr 2022 12:20:30 GMT
server: AmazonS3
x-frame-options: DENY
etag: "0efc25d44e9ea76ca8afec3036c40573"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
content-security-policy: default-src 'none' ; script-src 'self' ; object-src 'none' ; img-src 'self' data: ; style-src 'self' 'sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=' 'sha256-PCIRBVLXb7L62+EomqoQYE4fCb7LpmGlAcPrbnbRAyw=' 'sha256-udLi8HM3vM4cuDDMGyRFzG8ek0UN0+uytPLWkbTpagg=' https://fonts.googleapis.com ; font-src 'self' https://fonts.gstatic.com ; manifest-src 'self' ; connect-src 'self' https://test-login.auth.gbgplc.com; base-uri 'self' ; form-action 'self' ; frame-ancestors 'none' ;
accept-ranges: bytes
x-amz-cf-id: WkHDVYaDsyk6VMYSTc3IFqwcL5_9jKL_zmAsi2WIiKfMBxGSKqEEtg==

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 40dfc567d72f58be9de1f5959f81e737882b52868f73ed63bb21ebaf0d71f8fe

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 400 undefined Show response
test-login.auth.gbgplc.com/flows/ 185 B
1010 B 208ms
109ms XHR
application/json 2600:9000:2315:4400:1f:2239:16c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://test-login.auth.gbgplc.com/flows/undefined

Requested by

Host: gau-fix-tests-login.gau-nonprod.gbgplc.com
URL: https://gau-fix-tests-login.gau-nonprod.gbgplc.com/static/js/2.10532f1e.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:4400:1f:2239:16c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

995bed190eb3baae72dbc5a96ac8fe6724514ea054f78f3799d175c7b0e84a24

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 00:59:41 GMT
via: 1.1 09211df9a08903bbbc04e39ab4e6f300.cloudfront.net (CloudFront), 1.1 b0067143f1e1520182fe27b53cced2a6.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1, DUS51-P2
x-amzn-requestid: d0d27a76-eed9-444b-ae59-a963a186a70d
x-cache: Error from cloudfront
x-amz-apigw-id: Q9SfrFW9FiAFUkQ=
content-length: 185
pragma: no-cache
correlation-id: d0d27a76-eed9-444b-ae59-a963a186a70d
x-amzn-trace-id: Root=1-6261fdfd-08a15d911d551c3a19b731e1;Sampled=0
strict-transport-security: max-age=86400; includeSubDomains
access-control-allow-methods: OPTIONS,GET,POST
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://gau-fix-tests-login.gau-nonprod.gbgplc.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Origin,Content-Type,Content-Length,Content-Disposition,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,Cookie,Correlation-Id,Accept
x-amz-cf-id: woQoIFwQSVUFxWNJ-g7IfRUqyZVfajdnmRqP6w6B98Ax-kiQRB-27A==
expires: 0

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v8/ 37 KB
37 KB 29ms
7ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v8/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b97c99a69a6275c8f90703cd4c0864089a74fd08383a1cc75a8a4d0c2cb60cce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gau-fix-tests-login.gau-nonprod.gbgplc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 18:06:53 GMT
x-content-type-options: nosniff
age: 111168
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37716
x-xss-protection: 0
last-modified: Wed, 23 Feb 2022 17:42:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Apr 2023 18:06:53 GMT

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://test-login.auth.gbgplc.com/flows/undefined Message: Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'none' ; script-src 'self' ; object-src 'none' ; img-src 'self' data: ; style-src 'self' 'sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=' 'sha256-PCIRBVLXb7L62+EomqoQYE4fCb7LpmGlAcPrbnbRAyw=' 'sha256-udLi8HM3vM4cuDDMGyRFzG8ek0UN0+uytPLWkbTpagg=' https://fonts.googleapis.com ; font-src 'self' https://fonts.gstatic.com ; manifest-src 'self' ; connect-src 'self' https://test-login.auth.gbgplc.com; base-uri 'self' ; form-action 'self' ; frame-ancestors 'none' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
gau-fix-tests-login.gau-nonprod.gbgplc.com
test-login.auth.gbgplc.com
13.225.80.57
2600:9000:2315:4400:1f:2239:16c0:93a1
2a00:1450:4001:810::200a
2a00:1450:4001:812::2003
00140566e94960bb772f276d394240da9ef98f096f2d9c24b4690165b5f7ca01
40dfc567d72f58be9de1f5959f81e737882b52868f73ed63bb21ebaf0d71f8fe
612b8e275398b822fdb3b33dba411864703e99e276ee55a000de0dc176a801ae
772df722675e3490ce1e415639cc13c3c10c56c0d3cf978ac8f68b5a374043f0
8101f72e4d560a430ca1a5c92211cd85b0cc1f9321570726fd7cdd696ef27c60
92ea4a11753b7862bec564577be9f40f084ff38911eeeddf3100c69dff9b2b68
995bed190eb3baae72dbc5a96ac8fe6724514ea054f78f3799d175c7b0e84a24
a3d47dc9738c12ace60de082323c9c6938b7e60376ebe0fdb378c22fdfb838aa
b97c99a69a6275c8f90703cd4c0864089a74fd08383a1cc75a8a4d0c2cb60cce
d77ac8244caac370e42cb04b1c3cbd012bf4ebc1f8c9dfe72a6df01bf72f0423
e328b3e400437e1dd2c64108913f854ba6daa7fd6838086f37b2a415e715fb15

gau-fix-tests-login.gau-nonprod.gbgplc.com Open in urlscan Pro 13.225.80.57 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

10 Requests

100 %HTTPS

75 %IPv6

3 Domains

4 Subdomains

5 IPs

2 Countries

519 kBTransfer

2077 kBSize

0 Cookies

0 Outgoing links

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

0 Cookies

1 Console Messages

Security Headers

Indicators

gau-fix-tests-login.gau-nonprod.gbgplc.com Open in urlscan Pro
13.225.80.57 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

100 %
HTTPS

75 %
IPv6

3
Domains

4
Subdomains

5
IPs

2
Countries

519 kB
Transfer

2077 kB
Size

0
Cookies

10 HTTP transactions
1 data transactions