urlscan.io logo urlscan.io
SecurityTrails logo

accounts.osf.io Open in urlscan Pro
35.190.73.172  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://osf.io/trnua/
Effective URL: https://accounts.osf.io/login?service=https://osf.io/trnua/
Submission Tags: falconsandbox
Submission: On January 17 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 15 HTTP transactions. The main IP is 35.190.73.172, located in Mountain View, United States and belongs to GOOGLE, US. The main domain is accounts.osf.io.
TLS certificate: Issued by R3 on January 8th 2021. Valid for: 3 months.
This is the only time accounts.osf.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    35.190.84.173 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 173.84.190.35.bc.googleusercontent.com
osf.io
7    35.190.73.172 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 172.73.190.35.bc.googleusercontent.com
accounts.osf.io
1    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:815::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a00:1450:4001:815::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
Domain Requested by
7 accounts.osf.io accounts.osf.io
2 ajax.googleapis.com cdnjs.cloudflare.com
2 www.google-analytics.com accounts.osf.io
www.google-analytics.com
2 cdnjs.cloudflare.com accounts.osf.io
cdnjs.cloudflare.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com accounts.osf.io
1 osf.io 1 redirects
15 7

This site contains links to these domains. Also see Links.

Domain
osf.io
orcid.org
cos.io
github.com
Subject Issuer Validity Valid
accounts.osf.io
R3		 2021-01-08 -
2021-04-08		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2020-12-15 -
2021-03-09		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-10-21 -
2021-10-20		 a year crt.sh
*.gstatic.com
GTS CA 1O1		 2020-12-15 -
2021-03-09		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-12-15 -
2021-03-09		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://accounts.osf.io/login?service=https://osf.io/trnua/
Frame ID: 4E3284960F0C48F1B241B2FA5CA71614
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://osf.io/trnua/ HTTP 302
    https://accounts.osf.io/login?service=https://osf.io/trnua/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
  • script /([\d.]+)\/jquery-ui(?:\.min)?\.js/i
  • script /jquery-ui.*\.js/i
Overall confidence: 100%
Detected patterns
  • script /([\d.]+)\/jquery-ui(?:\.min)?\.js/i
  • script /jquery-ui.*\.js/i

Page Statistics

15
Requests

100 %
HTTPS

71 %
IPv6

5
Domains

7
Subdomains

6
IPs

2
Countries

157 kB
Transfer

443 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://osf.io/trnua/ HTTP 302
    https://accounts.osf.io/login?service=https://osf.io/trnua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
accounts.osf.io/
Redirect Chain
  • https://osf.io/trnua/
  • https://accounts.osf.io/login?service=https://osf.io/trnua/
10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.osf.io/login?service=https://osf.io/trnua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.190.73.172 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
172.73.190.35.bc.googleusercontent.com
Software
/
Resource Hash
27c407fef86ac138451f62eee0fd204aa48da841c7c82b18a2ae6a0c20989b83
Security Headers
Name Value
Strict-Transport-Security max-age=15724800;
X-Frame-Options deny

Request headers

:method
GET
:authority
accounts.osf.io
:scheme
https
:path
/login?service=https://osf.io/trnua/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 17 Jan 2021 14:39:40 GMT
content-type
text/html;charset=utf-8
vary
Accept-Encoding
set-cookie
INGRESSCOOKIE=5fe0325f251d3cfd38593f1fdd42d49c; Path=/; HttpOnly JSESSIONID=1qi3thjp6n1or16qtp2ealtoot;Path=/;Secure;HttpOnly
cache-control
no-cache no-store
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
x-frame-options
deny
strict-transport-security
max-age=15724800;
content-encoding
gzip

Redirect headers

date
Sun, 17 Jan 2021 14:39:40 GMT
content-type
text/html; charset=utf-8
content-length
325
location
https://accounts.osf.io/login?service=https://osf.io/trnua/
x-frame-options
SAMEORIGIN
x-cache-status
MISS
cache-control
no-cache, no-store, max-age=0, must-revalidate
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
strict-transport-security
max-age=15724800;
cas.css
accounts.osf.io/css/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://accounts.osf.io/css/cas.css
Requested by
Host: accounts.osf.io
URL: https://accounts.osf.io/login?service=https://osf.io/trnua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.190.73.172 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
172.73.190.35.bc.googleusercontent.com
Software
/
Resource Hash
244dbec33e9d81c9974e79c9235834c4d5bbeca03d3e381c70de58f4541c3936
Security Headers
Name Value
Strict-Transport-Security max-age=15724800;
X-Frame-Options deny

Request headers

Referer
https://accounts.osf.io/login?service=https://osf.io/trnua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Jan 2021 14:39:40 GMT
content-encoding
gzip
last-modified
Wed, 06 Jan 2021 19:25:02 GMT
x-frame-options
deny
vary
Accept-Encoding
content-type
text/css
cache-control
no-cache,no-store,max-age=0,must-revalidate
strict-transport-security
max-age=15724800;
expires
Mon, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ 		8 KB
837 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,600,300,700
Requested by
Host: accounts.osf.io
URL: https://accounts.osf.io/login?service=https://osf.io/trnua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c79f45aa72da8267dd5abcffe78bfd8fbc9add544bbccf6db01d5b6f54e1c7d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://accounts.osf.io/login?service=https://osf.io/trnua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 17 Jan 2021 14:39:40 GMT
server
ESF
date
Sun, 17 Jan 2021 14:39:40 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 17 Jan 2021 14:39:40 GMT
orcid-logo.png
accounts.osf.io/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.osf.io/images/orcid-logo.png
Requested by
Host: accounts.osf.io
URL: https://accounts.osf.io/login?service=https://osf.io/trnua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.190.73.172 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
172.73.190.35.bc.googleusercontent.com
Software
/
Resource Hash
046a83b864817a396d71196a6578274fce3d2135534c5c444f0b1a4f3a7f9ab6
Security Headers
Name Value
Strict-Transport-Security max-age=15724800;
X-Frame-Options deny

Request headers

Referer
https://accounts.osf.io/login?service=https://osf.io/trnua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Jan 2021 14:39:40 GMT
last-modified
Wed, 06 Jan 2021 19:25:02 GMT
x-frame-options
deny
content-type
image/png
cache-control
no-cache,no-store,max-age=0,must-revalidate
strict-transport-security
max-age=15724800;
accept-ranges
bytes
content-length
1101
expires
Mon, 01 Jan 1990 00:00:00 GMT
institution-logo.png
accounts.osf.io/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.osf.io/images/institution-logo.png
Requested by
Host: accounts.osf.io
URL: https://accounts.osf.io/login?service=https://osf.io/trnua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.190.73.172 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
172.73.190.35.bc.googleusercontent.com
Software
/
Resource Hash
7ed5e507f56b941d22e50f3edc0ba0272457fe315fd152ab87938aa32344ad37
Security Headers
Name Value
Strict-Transport-Security max-age=15724800;
X-Frame-Options deny

Request headers

Referer
https://accounts.osf.io/login?service=https://osf.io/trnua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Jan 2021 14:39:40 GMT
last-modified
Wed, 06 Jan 2021 19:25:02 GMT
x-frame-options
deny
content-type
image/png
cache-control
no-cache,no-store,max-age=0,must-revalidate
strict-transport-security
max-age=15724800;
accept-ranges
bytes
content-length
1749
expires
Mon, 01 Jan 1990 00:00:00 GMT
warning.png
accounts.osf.io/images/ 		602 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.osf.io/images/warning.png
Requested by
Host: accounts.osf.io
URL: https://accounts.osf.io/login?service=https://osf.io/trnua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.190.73.172 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
172.73.190.35.bc.googleusercontent.com
Software
/
Resource Hash
b674d1a684594ed6baacc296940e411a4d0a3ca75a354b8e49c6e1baf5931904
Security Headers
Name Value
Strict-Transport-Security max-age=15724800;
X-Frame-Options deny

Request headers

Referer
https://accounts.osf.io/login?service=https://osf.io/trnua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Jan 2021 14:39:40 GMT
last-modified
Fri, 19 Feb 2016 03:15:34 GMT
x-frame-options
deny
content-type
image/png
cache-control
no-cache,no-store,max-age=0,must-revalidate
strict-transport-security
max-age=15724800;
accept-ranges
bytes
content-length
602
expires
Mon, 01 Jan 1990 00:00:00 GMT
head.min.js
cdnjs.cloudflare.com/ajax/libs/headjs/1.0.3/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/headjs/1.0.3/head.min.js
Requested by
Host: accounts.osf.io
URL: https://accounts.osf.io/login?service=https://osf.io/trnua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db917fc3741ec881cde5f77f9d0514a27081219aea5b4cbc81a391345f5ae8ac
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://accounts.osf.io/login?service=https://osf.io/trnua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 17 Jan 2021 14:39:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1939311
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
content-length
3468
cf-request-id
07b262a5c200002c4aa3a49000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:30 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e76-25d0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KhRv0u4z1x0ysdY62LiycZCTdx%2BZ3UFOjCDqyJwxplQ8ch%2BZlOxcwepAxwDiQ1S786j52DKCCZMqfqeuvOaAdC%2BuiPw1A1FNEc4Gq6EWTRiItIMH08Tpo8ziMMn33631oQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6130d3b60dee2c4a-FRA
expires
Fri, 07 Jan 2022 14:39:40 GMT
cas.js
accounts.osf.io/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.osf.io/js/cas.js
Requested by
Host: accounts.osf.io
URL: https://accounts.osf.io/login?service=https://osf.io/trnua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.190.73.172 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
172.73.190.35.bc.googleusercontent.com
Software
/
Resource Hash
b2f0c9c800ab87439e98a96f26ae39f45c4ffba616175fb156046902105d9c19
Security Headers
Name Value
Strict-Transport-Security max-age=15724800;
X-Frame-Options deny

Request headers

Referer
https://accounts.osf.io/login?service=https://osf.io/trnua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Jan 2021 14:39:40 GMT
content-encoding
gzip
last-modified
Wed, 06 Jan 2021 19:25:02 GMT
x-frame-options
deny
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache,no-store,max-age=0,must-revalidate
strict-transport-security
max-age=15724800;
expires
Mon, 01 Jan 1990 00:00:00 GMT
osf-logo.png
accounts.osf.io/images/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.osf.io/images/osf-logo.png
Requested by
Host: accounts.osf.io
URL: https://accounts.osf.io/css/cas.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.190.73.172 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
172.73.190.35.bc.googleusercontent.com
Software
/
Resource Hash
9ef8773b62ecc2989984ea3ea8ae6055df8398ea47c83c356817d5546e28a8b8
Security Headers
Name Value
Strict-Transport-Security max-age=15724800;
X-Frame-Options deny

Request headers

Referer
https://accounts.osf.io/css/cas.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Jan 2021 14:39:40 GMT
last-modified
Wed, 06 Jan 2021 19:25:02 GMT
x-frame-options
deny
content-type
image/png
cache-control
no-cache,no-store,max-age=0,must-revalidate
strict-transport-security
max-age=15724800;
accept-ranges
bytes
content-length
13824
expires
Mon, 01 Jan 1990 00:00:00 GMT
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,300,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://accounts.osf.io
Referer
https://fonts.googleapis.com/css?family=Open+Sans:400,600,300,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 13 Jan 2021 19:09:10 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:28 GMT
server
sffe
age
329430
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9132
x-xss-protection
0
expires
Thu, 13 Jan 2022 19:09:10 GMT
analytics.js
www.google-analytics.com/ 		46 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: accounts.osf.io
URL: https://accounts.osf.io/login?service=https://osf.io/trnua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://accounts.osf.io/login?service=https://osf.io/trnua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
4808
date
Sun, 17 Jan 2021 13:19:32 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Sun, 17 Jan 2021 15:19:32 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/headjs/1.0.3/head.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://accounts.osf.io/login?service=https://osf.io/trnua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 17 Jan 2021 13:12:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5233
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33507
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 17 Jan 2022 13:12:27 GMT
collect
www.google-analytics.com/j/ 		2 B
387 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=294850972&t=pageview&_s=1&dl=https%3A%2F%2Faccounts.osf.io%2Flogin%3Fservice%3Dhttps%3A%2F%2Fosf.io%2Ftrnua%2F&ul=en-us&de=UTF-8&dt=OSF%20%7C%20Sign%20In&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGBACEABBAAAAC~&jid=1118916307&gjid=860281280&cid=1803507783.1610894381&tid=%24%7BGOOGLE_ANALYTICS_ID%3A%7D&_gid=888007282.1610894381&_r=1&_slc=1&z=1913594778
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://accounts.osf.io/login?service=https://osf.io/trnua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 17 Jan 2021 14:39:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://accounts.osf.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
jquery-ui.min.js
ajax.googleapis.com/ajax/libs/jqueryui/1.11.4/ 		235 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jqueryui/1.11.4/jquery-ui.min.js
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/headjs/1.0.3/head.min.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c4d8dbe77feb63e5a61bee0bead4e5f66e8fa6a927599bd1b74aced52467273c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://accounts.osf.io/login?service=https://osf.io/trnua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 17 Jan 2021 13:12:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5231
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64481
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 17 Jan 2022 13:12:29 GMT
jquery.cookie.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/ 		1 KB
936 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/headjs/1.0.3/head.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://accounts.osf.io/login?service=https://osf.io/trnua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 17 Jan 2021 14:39:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
917168
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
content-length
591
cf-request-id
07b262a69f00002c4a188e9000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:45 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec1-514"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Ql9pDHHtwGq3LgMqXVv2lhVgw8%2FrXSyZOtBLQZAythFvW731NLBZmcDajAFvSR%2Fa7DZhNhsltqrqFLVfO6sHQduuNNf8VFVCPYtRpFolWVL5wCYs7O2HGok5eLngswEz2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6130d3b769ff2c4a-FRA
expires
Fri, 07 Jan 2022 14:39:40 GMT

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| resizeCasContent function| head function| loadjQueryUI function| loadjQueryCookies function| areCookiesEnabled function| resourceLoadedSuccessfully string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| $ function| jQuery

5 Cookies

Domain/Path Name / Value
.osf.io/ Name: _gat
Value: 1
.osf.io/ Name: _gid
Value: GA1.2.888007282.1610894381
.osf.io/ Name: _ga
Value: GA1.2.1803507783.1610894381
accounts.osf.io/ Name: JSESSIONID
Value: 1qi3thjp6n1or16qtp2ealtoot
accounts.osf.io/ Name: INGRESSCOOKIE
Value: 5fe0325f251d3cfd38593f1fdd42d49c

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15724800;
X-Frame-Options deny