www.gncu.org Open in urlscan Pro
23.185.0.1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://greaternevadafinancial.com/
Effective URL:
https://www.gncu.org/Services/Solutions/Investments/
Submission: On April 11 via manual (April 11th 2024, 9:54:42 pm UTC) from US — Scanned from DE

Summary HTTP 61 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 29 IPs in 4 countries across 27 domains to perform 61 HTTP transactions. The main IP is 23.185.0.1, located in United States and belongs to FASTLY, US. The main domain is www.gncu.org. The Cisco Umbrella rank of the primary domain is 927482.
TLS certificate: Issued by R3 on March 26th 2024. Valid for: 3 months.

This is the only time www.gncu.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	3.33.152.147 3.33.152.147	16509 (AMAZON-02) (AMAZON-02)
1 17	23.185.0.1 23.185.0.1	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
1	192.0.54.4 192.0.54.4	62659 (Q2HOLDINGS) (Q2HOLDINGS)
3	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
1 4	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2001:4860:480... 2001:4860:4802:32::178	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2620:1ec:bdf::45 2620:1ec:bdf::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	50.112.7.94 50.112.7.94	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:e4:... 2606:4700:e4::ac40:a112	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:89d1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	52.3.0.87 52.3.0.87	14618 (AMAZON-AES) (AMAZON-AES)
1	52.210.174.128 52.210.174.128	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:4dba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:6dfe	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::ac40:991b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	18.185.54.69 18.185.54.69	16509 (AMAZON-02) (AMAZON-02)
2	104.45.184.134 104.45.184.134	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700::68... 2606:4700::6812:c07d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2602:816:5001... 2602:816:5001::39	54113 (FASTLY) (FASTLY)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700::68... 2606:4700::6810:7574	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	162.247.241.14 162.247.241.14	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
61	29

1 3.33.152.147 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a4ec4c6ea1c92e2e6.awsglobalaccelerator.com

greaternevadafinancial.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 23.185.0.1 (United States) 1 redirects

ASN54113 (FASTLY, US)

www.gncu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.54.4 (United States)

ASN62659 (Q2HOLDINGS, US)

cds-sdkcfg.onlineaccess1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::237 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 50.112.7.94 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-50-112-7-94.us-west-2.compute.amazonaws.com

app.leadsrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e4::ac40:a112 (United States)

ASN13335 (CLOUDFLARENET, US)

siteimproveanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:89d1 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.3.0.87 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-0-87.compute-1.amazonaws.com

autolink.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.210.174.128 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-174-128.eu-west-1.compute.amazonaws.com

accretivemedia.go2cloud.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4dba (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:6dfe (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:991b (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.185.54.69 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-54-69.eu-central-1.compute.amazonaws.com

88249.global.siteimproveanalytics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.45.184.134 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

a.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:c07d (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:816:5001::39 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7574 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.241.14 (Portland, United States)

ASN23467 (NEWRELIC-AS-1, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	gncu.org 1 redirects www.gncu.org — Cisco Umbrella Rank: 927482	202 KB
6	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 799 a.clarity.ms — Cisco Umbrella Rank: 6394 c.clarity.ms — Cisco Umbrella Rank: 1479	28 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 353 c.bing.com — Cisco Umbrella Rank: 236	14 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	21 KB
3	gstatic.com fonts.gstatic.com	79 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 44	279 KB
2	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 257	1 KB
2	hscollectedforms.net js.hscollectedforms.net — Cisco Umbrella Rank: 4999 forms.hscollectedforms.net — Cisco Umbrella Rank: 5104	26 KB
2	autolink.io autolink.io — Cisco Umbrella Rank: 164044	2 KB
2	leadsrx.com app.leadsrx.com — Cisco Umbrella Rank: 10795	17 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 184	73 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 39	3 KB
1	hubspot.com track.hubspot.com — Cisco Umbrella Rank: 2632	1 KB
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 682	34 KB
1	hsforms.com forms.hsforms.com — Cisco Umbrella Rank: 4668	884 B
1	siteimproveanalytics.io 88249.global.siteimproveanalytics.io	149 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	273 B
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2470	23 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2471	22 KB
1	google.de www.google.de — Cisco Umbrella Rank: 7531	63 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 94	252 B
1	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3038	252 B
1	go2cloud.org accretivemedia.go2cloud.org — Cisco Umbrella Rank: 49155	523 B
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2723	1 KB
1	siteimproveanalytics.com siteimproveanalytics.com — Cisco Umbrella Rank: 3909	10 KB
1	onlineaccess1.com cds-sdkcfg.onlineaccess1.com — Cisco Umbrella Rank: 17787	166 KB
1	greaternevadafinancial.com 1 redirects greaternevadafinancial.com	321 B
61	27

	Domain	Requested by
17	www.gncu.org	1 redirects www.gncu.org
3	www.google-analytics.com	www.gncu.org
3	bat.bing.com	www.gncu.org
3	fonts.gstatic.com	fonts.googleapis.com
3	www.googletagmanager.com	www.gncu.org
2	bam.nr-data.net	www.gncu.org
2	c.clarity.ms	1 redirects
2	a.clarity.ms	www.gncu.org
2	autolink.io	www.gncu.org
2	app.leadsrx.com	www.gncu.org
2	www.clarity.ms	www.gncu.org
2	connect.facebook.net	www.gncu.org
2	fonts.googleapis.com	www.gncu.org
1	track.hubspot.com
1	c.bing.com	1 redirects
1	js-agent.newrelic.com	www.gncu.org
1	forms.hsforms.com	www.gncu.org
1	forms.hscollectedforms.net	www.gncu.org
1	88249.global.siteimproveanalytics.io	www.gncu.org
1	www.facebook.com	www.gncu.org
1	js.hs-banner.com	www.gncu.org
1	js.hscollectedforms.net	www.gncu.org
1	js.hs-analytics.net	www.gncu.org
1	www.google.de	www.gncu.org
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	accretivemedia.go2cloud.org	www.gncu.org
1	js.hs-scripts.com	www.gncu.org
1	siteimproveanalytics.com	www.gncu.org
1	cds-sdkcfg.onlineaccess1.com	www.gncu.org
1	greaternevadafinancial.com	1 redirects
61	31

This site contains links to these domains. Also see Links.

Domain
www.billerpayments.com
forms.fivision.com
velocity.gncu.net
creditcardlearnmore.com
1b2423-2afe.icpage.net
greaternevadamortgage.com
www.greaterlending.com
www.instagram.com
www.facebook.com
www.linkedin.com
www.youtube.com
twitter.com
secure.gncu.org

Subject Issuer	Validity	Valid
gncu.org R3	`2024-03-26` - `2024-06-24`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
onlineaccess1.com GTS CA 1P5	`2024-03-10` - `2024-06-08`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 02	`2024-04-11` - `2024-06-27`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-01-20` - `2024-04-19`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
*.leadsrx.com GeoTrust TLS ECC CA G1	`2023-05-02` - `2024-06-01`	a year	crt.sh
siteimproveanalytics.com GTS CA 1P5	`2024-02-24` - `2024-05-24`	3 months	crt.sh
hs-scripts.com E1	`2024-04-01` - `2024-06-30`	3 months	crt.sh
autolink.io R3	`2024-03-22` - `2024-06-20`	3 months	crt.sh
*.go2cloud.org Amazon RSA 2048 M02	`2024-01-22` - `2025-02-19`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.google.de GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-14` - `2024-05-13`	a year	crt.sh
hscollectedforms.net E1	`2024-03-29` - `2024-06-27`	3 months	crt.sh
hs-banner.com E1	`2024-04-01` - `2024-06-30`	3 months	crt.sh
*.global.r1.siteimproveanalytics.io Amazon RSA 2048 M03	`2023-10-26` - `2024-11-23`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 01	`2024-01-14` - `2024-06-27`	5 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-03-21` - `2025-04-22`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2024-01-06` - `2024-12-31`	a year	crt.sh
*.nr-data.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-29` - `2024-10-01`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.gncu.org/Services/Solutions/Investments/
Frame ID: 101403BA6D0A037E98CFDC88B641281B
Requests: 62 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Page not found | GNCU

Page URL History Show full URLs

http://greaternevadafinancial.com/ HTTP 307
https://greaternevadafinancial.com/ HTTP 307
http://greaternevadafinancial.com/ HTTP 301
http://www.gncu.org/Services/Solutions/Investments HTTP 307
https://www.gncu.org/Services/Solutions/Investments HTTP 301
https://www.gncu.org/Services/Solutions/Investments/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Page Statistics

61
Requests

95 %
HTTPS

66 %
IPv6

27
Domains

31
Subdomains

29
IPs

4
Countries

1002 kB
Transfer

2763 kB
Size

29
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://www.billerpayments.com/app/cust/login.do?bsn=gncu
Title: Loan Payments

Search URL Search Domain Scan URL

URL: https://forms.fivision.com/gncu/oa/default.aspx
Title: Open Account Online

Search URL Search Domain Scan URL

URL: https://velocity.gncu.net/ConsumerNet/?enc=
Title: Apply Online

Search URL Search Domain Scan URL

URL: https://creditcardlearnmore.com/11t3/index?ecdma-lc=26953&ecid=OTHE_25940
Title: Open New Personal Credit Card

Search URL Search Domain Scan URL

URL: https://1b2423-2afe.icpage.net/subscribe-to-our-enewsletter
Title: Newsletter Sign Up

Search URL Search Domain Scan URL

URL: https://greaternevadamortgage.com/?__hstc=216315337.50b4686039e24a5aea0004d4c31508ba.1712872478474.1712872478474.1712872478474.1&__hssc=216315337.1.1712872478474&__hsfp=726726051
Title: Greater Nevada Mortgage

Search URL Search Domain Scan URL

URL: https://www.greaterlending.com/
Title: Greater Commercial Lending

Search URL Search Domain Scan URL

URL: https://www.instagram.com/greaternevadacu

Search URL Search Domain Scan URL

URL: https://www.facebook.com/GreaterNevadaCU/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/greater-nevada-credit-union

Search URL Search Domain Scan URL

URL: https://www.youtube.com/@GreaterNevadaCU

Search URL Search Domain Scan URL

URL: https://twitter.com/greaternevadacu

Search URL Search Domain Scan URL

URL: https://secure.gncu.org/greaternevadacu/sdk/AccountRecovery
Title: Unlock/Forgot Username

Search URL Search Domain Scan URL

URL: https://secure.gncu.org/greaternevadacu/uux.aspx#/login/resetPasswordUsername
Title: Forgot Password

Search URL Search Domain Scan URL

URL: https://secure.gncu.org/greaternevadacu/sdk/AutoEnrollmentE2E
Title: Enroll as a Personal Member

Search URL Search Domain Scan URL

URL: https://secure.gncu.org/greaternevadacu/sdk/BusinessEnrollmentE2E
Title: Enroll as a Business Member

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://greaternevadafinancial.com/ HTTP 307
https://greaternevadafinancial.com/ HTTP 307
http://greaternevadafinancial.com/ HTTP 301
http://www.gncu.org/Services/Solutions/Investments HTTP 307
https://www.gncu.org/Services/Solutions/Investments HTTP 301
https://www.gncu.org/Services/Solutions/Investments/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 55

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=B18BA8168D0C42B58276E9AED3CD280A&RedC=c.clarity.ms&MXFR=186EF03194D76A493C49E46F90D764DD HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=B18BA8168D0C42B58276E9AED3CD280A&MUID=09F820CC7DFC6D5E323D34927C976C4E

61 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

404

Primary Request / Show response
www.gncu.org/Services/Solutions/Investments/
Redirect Chain

http://greaternevadafinancial.com/
https://greaternevadafinancial.com/
http://greaternevadafinancial.com/
http://www.gncu.org/Services/Solutions/Investments
https://www.gncu.org/Services/Solutions/Investments
https://www.gncu.org/Services/Solutions/Investments/

187 KB
44 KB

448ms
448ms

Document
text/html

23.185.0.1
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gncu.org/Services/Solutions/Investments/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.185.0.1 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

97b0a2d3ae74521ccc13f7292cc457b30c1ec5d52cb026b74ba18b4ec1ef8840

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 0
cache-control: public, max-age=600
content-encoding: gzip
content-length: 44715
content-type: text/html; charset=UTF-8
date: Thu, 11 Apr 2024 21:54:37 GMT
expires: Wed, 11 Jan 1984 05:00:00 GMT
link: <https://www.gncu.org/wp-json/>; rel="https://api.w.org/"
server: nginx
strict-transport-security: max-age=300
vary: Accept-Encoding, Cookie, Cookie
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-pantheon-styx-hostname: styx-fe1-b-6958c75dbc-4qs29
x-served-by: cache-chi-kigq8000178-CHI, cache-fra-eddf8230096-FRA
x-styx-req-id: 16da286b-f84e-11ee-b85e-ba26c9eba1c4
x-timer: S1712872477.899135,VS0,VE442

Redirect headers

accept-ranges: bytes
age: 0
cache-control: max-age=3600
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 11 Apr 2024 21:54:36 GMT
expires: Thu, 11 Apr 2024 22:54:36 GMT
location: https://www.gncu.org/Services/Solutions/Investments/
server: nginx
strict-transport-security: max-age=300
vary: Cookie, Cookie
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-pantheon-styx-hostname: styx-fe1-b-6958c75dbc-gbkwp
x-redirect-by: Permalink Manager
x-served-by: cache-chi-klot8100128-CHI, cache-fra-eddf8230096-FRA
x-styx-req-id: 16b28a1c-f84e-11ee-ab04-125dd692c6ff
x-timer: S1712872477.636026,VS0,VE255

GET
H2 200 css2
fonts.googleapis.com/ 34 KB
2 KB 50ms
24ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;600;700;900&family=Open+Sans:wght@400;500;600;700;900&display=swap

Requested by

Host: www.gncu.org
URL: https://www.gncu.org/Services/Solutions/Investments/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

28df269497edd01b4c1b9d5fcee2874f6959a493f890a489e64f3358b0a3e4db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.gncu.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 11 Apr 2024 21:54:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 11 Apr 2024 21:54:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 Apr 2024 21:54:37 GMT

GET
H2 200 css2
fonts.googleapis.com/ 799 B
805 B 40ms
15ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Kulim+Park&display=swap

Requested by

Host: www.gncu.org
URL: https://www.gncu.org/Services/Solutions/Investments/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b7b250b0e719d8e87db75aa48aab249ad451ee43e9791cb8257862d36dc52c40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.gncu.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 11 Apr 2024 21:54:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 11 Apr 2024 21:54:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 Apr 2024 21:54:37 GMT

GET
H2 200 style.min.css
www.gncu.org/wp-includes/css/dist/block-library/ 107 KB
19 KB 12ms
11ms Stylesheet
text/css 23.185.0.1
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gncu.org/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2

Requested by

Host: www.gncu.org
URL: https://www.gncu.org/Services/Solutions/Investments/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.185.0.1 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.gncu.org/Services/Solutions/Investments/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Thu, 10 Apr 2025 00:02:17 GMT
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Thu, 11 Apr 2024 21:54:37 GMT
age: 251540
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-a-7c986f855-7vskv
content-length: 18732
x-served-by: cache-chi-klot8100144-CHI, cache-fra-eddf8230096-FRA
last-modified: Tue, 09 Apr 2024 00:01:21 GMT
server: nginx
x-timer: S1712872477.354603,VS0,VE4
etag: W/"66148551-1add3"
vary: Accept-Encoding
content-type: text/css
x-styx-req-id: 6dbe0a1c-f604-11ee-b085-0a28f9509aa5
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 19, 0

GET
H2 200 main.css
www.gncu.org/wp-content/themes/gncu/dist/src/styles/ 70 KB
13 KB 10ms
10ms Stylesheet
text/css 23.185.0.1
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gncu.org/wp-content/themes/gncu/dist/src/styles/main.css?ver=1.43

Requested by

Host: www.gncu.org
URL: https://www.gncu.org/Services/Solutions/Investments/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.185.0.1 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

0848258d5dbd290c655c80c926b2bb779904c5e6bd834685ef806f2355f39c1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.gncu.org/Services/Solutions/Investments/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Thu, 10 Apr 2025 00:01:34 GMT
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Thu, 11 Apr 2024 21:54:37 GMT
age: 251540
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-a-7c986f855-bml98
content-length: 12841
x-served-by: cache-chi-kigq8000062-CHI, cache-fra-eddf8230096-FRA
last-modified: Tue, 09 Apr 2024 00:01:21 GMT
server: nginx
x-timer: S1712872477.354848,VS0,VE3
etag: W/"66148551-11743"
vary: Accept-Encoding
content-type: text/css
x-styx-req-id: 51b5feae-f604-11ee-86bd-56dd57317d1b
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 25, 0

GET
H2 200 common.js Show response
cds-sdkcfg.onlineaccess1.com/ 299 KB
166 KB 178ms
148ms Script
application/javascript 192.0.54.4
Q2HOLDINGS

General

Check archive.org

Show headers Download Go to

Full URL

https://cds-sdkcfg.onlineaccess1.com/common.js

Requested by

Host: www.gncu.org
URL: https://www.gncu.org/Services/Solutions/Investments/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.54.4 , United States, ASN62659 (Q2HOLDINGS, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5a2133cf28abe865f4b90d0090171533b1ac916ebcb9a517e3668defdcead26

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.gncu.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 11 Apr 2024 21:54:37 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
x-ion-hop: prod
cache-control: no-cache, no-store, must-revalidate
cf-ray: 872e3757a8fcbba7-FRA
alt-svc: h3=":443"; ma=86400
expires: 0

GET
H2 200 logo-75.svg
www.gncu.org/wp-content/themes/gncu/assets/ 17 KB
8 KB 9ms
9ms Image
image/svg+xml 23.185.0.1
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gncu.org/wp-content/themes/gncu/assets/logo-75.svg

Requested by

Host: www.gncu.org
URL: https://www.gncu.org/Services/Solutions/Investments/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.185.0.1 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

ff3aed05db20e8d9898204cf73c31c1c35bc59ddfb3eaf9c2d9a5da5643360f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.gncu.org/Services/Solutions/Investments/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Thu, 10 Apr 2025 00:02:17 GMT
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Thu, 11 Apr 2024 21:54:37 GMT
age: 251539
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-a-7c986f855-ps9nq
content-length: 7476
x-served-by: cache-chi-klot8100068-CHI, cache-fra-eddf8230096-FRA
last-modified: Tue, 09 Apr 2024 00:01:22 GMT
server: nginx
x-timer: S1712872477.404419,VS0,VE3
etag: W/"66148552-4346"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-styx-req-id: 6ddb2e98-f604-11ee-bc90-aa3697a95549
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 19, 0

GET
H2 200 search-menu.svg
www.gncu.org/wp-content/themes/gncu/assets/svgs/ 519 B
494 B 27ms
27ms Image
image/svg+xml 23.185.0.1
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gncu.org/wp-content/themes/gncu/assets/svgs/search-menu.svg

Requested by

Host: www.gncu.org
URL: https://www.gncu.org/Services/Solutions/Investments/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.185.0.1 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

157d8ba1e5d43c16096d4146a82b43a4b5e2f76783f663010cd99a31d15c6ef9

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.gncu.org/Services/Solutions/Investments/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Thu, 10 Apr 2025 00:02:17 GMT
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Thu, 11 Apr 2024 21:54:37 GMT
age: 251539
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-a-7c986f855-ghqtx
content-length: 282
x-served-by: cache-chi-klot8100130-CHI, cache-fra-eddf8230096-FRA
last-modified: Tue, 09 Apr 2024 00:01:21 GMT
server: nginx
x-timer: S1712872477.414887,VS0,VE3
etag: W/"66148551-207"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-styx-req-id: 6ddae4c2-f604-11ee-9353-b272525df7d6
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 20, 0

GET
H2 200 instagram.svg
www.gncu.org/wp-content/themes/gncu/assets/svgs/ 3 KB
2 KB 11ms
11ms Image
image/svg+xml 23.185.0.1
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gncu.org/wp-content/themes/gncu/assets/svgs/instagram.svg

Requested by

Host: www.gncu.org
URL: https://www.gncu.org/Services/Solutions/Investments/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.185.0.1 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

8e2878b5890564d40f943b55491db8e0d9be7032bc8c2da02493485439e5db47

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.gncu.org/Services/Solutions/Investments/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Thu, 10 Apr 2025 00:02:17 GMT
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Thu, 11 Apr 2024 21:54:37 GMT
age: 251540
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-b-78d74f4d6-kms94
content-length: 1653
x-served-by: cache-chi-klot8100039-CHI, cache-fra-eddf8230096-FRA
last-modified: Tue, 09 Apr 2024 00:01:20 GMT
server: nginx
x-timer: S1712872477.442769,VS0,VE3
etag: W/"66148550-da2"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-styx-req-id: 6ddac995-f604-11ee-b730-1e215dd7134c
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 20, 0

GET
H2 200 facebook.svg
www.gncu.org/wp-content/themes/gncu/assets/svgs/ 393 B
467 B 9ms
9ms Image
image/svg+xml 23.185.0.1
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gncu.org/wp-content/themes/gncu/assets/svgs/facebook.svg

Requested by

Host: www.gncu.org
URL: https://www.gncu.org/Services/Solutions/Investments/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.185.0.1 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

1a03b31abe401e8d142b0af895e4b764ca7e622b12f48a3aa741d50bc130ea91

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.gncu.org/Services/Solutions/Investments/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Thu, 10 Apr 2025 00:02:17 GMT
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Thu, 11 Apr 2024 21:54:37 GMT
age: 251540
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-a-7c986f855-4w66n
content-length: 263
x-served-by: cache-chi-kigq8000117-CHI, cache-fra-eddf8230096-FRA
last-modified: Tue, 09 Apr 2024 00:01:21 GMT
server: nginx
x-timer: S1712872477.456647,VS0,VE3
etag: W/"66148551-189"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-styx-req-id: 6ddadc3a-f604-11ee-805e-5a97ed98eb2a
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 28, 0

GET
H2 200 linkedin.svg
www.gncu.org/wp-content/themes/gncu/assets/svgs/ 778 B
643 B 11ms
11ms Image
image/svg+xml 23.185.0.1
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gncu.org/wp-content/themes/gncu/assets/svgs/linkedin.svg

Requested by

Host: www.gncu.org
URL: https://www.gncu.org/Services/Solutions/Investments/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.185.0.1 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

66721803c6f90dc33c2a6c615d098ed811d07f051817550d61e40bf4718974b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.gncu.org/Services/Solutions/Investments/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Thu, 10 Apr 2025 00:02:17 GMT
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Thu, 11 Apr 2024 21:54:37 GMT
age: 251540
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-b-78d74f4d6-jx7jd
content-length: 426
x-served-by: cache-chi-klot8100056-CHI, cache-fra-eddf8230096-FRA
last-modified: Tue, 09 Apr 2024 00:01:20 GMT
server: nginx
x-timer: S1712872477.467569,VS0,VE3
etag: W/"66148550-30a"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-styx-req-id: 6ddaeb3e-f604-11ee-bc8c-82dacacdf78c
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 29, 0

GET
H2 200 youtube.svg
www.gncu.org/wp-content/themes/gncu/assets/svgs/ 638 B
598 B 14ms
14ms Image
image/svg+xml 23.185.0.1
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gncu.org/wp-content/themes/gncu/assets/svgs/youtube.svg

Requested by

Host: www.gncu.org
URL: https://www.gncu.org/Services/Solutions/Investments/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.185.0.1 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

b7803da6eec19045dcd5c538ae25d8c112aba5169e8847ff1e78346b4d8fe48c

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.gncu.org/Services/Solutions/Investments/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Thu, 10 Apr 2025 00:02:17 GMT
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Thu, 11 Apr 2024 21:54:37 GMT
age: 251539
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-b-78d74f4d6-jx7jd
content-length: 403
x-served-by: cache-chi-kigq8000113-CHI, cache-fra-eddf8230096-FRA
last-modified: Tue, 09 Apr 2024 00:01:22 GMT
server: nginx
x-timer: S1712872477.480392,VS0,VE4
etag: W/"66148552-27e"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-styx-req-id: 6ddac13b-f604-11ee-bc8c-82dacacdf78c
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 27, 0

GET
H2 200 twitter.svg
www.gncu.org/wp-content/themes/gncu/assets/svgs/ 1 KB
1018 B 9ms
9ms Image
image/svg+xml 23.185.0.1
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gncu.org/wp-content/themes/gncu/assets/svgs/twitter.svg

Requested by

Host: www.gncu.org
URL: https://www.gncu.org/Services/Solutions/Investments/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.185.0.1 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

044a426aac4d2e00b3b43d87f8795b4b4c982d6218fe86c2e888cea5ef96597a

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.gncu.org/Services/Solutions/Investments/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Thu, 10 Apr 2025 00:02:17 GMT
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Thu, 11 Apr 2024 21:54:37 GMT
age: 251539
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-a-7c986f855-cs2lf
content-length: 787
x-served-by: cache-chi-kigq8000047-CHI, cache-fra-eddf8230096-FRA
last-modified: Tue, 09 Apr 2024 00:01:22 GMT
server: nginx
x-timer: S1712872477.495332,VS0,VE3
etag: W/"66148552-57c"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-styx-req-id: 6ddaf3b7-f604-11ee-b53a-be8669ff5bf9
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 27, 0

GET
H2 200 main.js Show response
www.gncu.org/wp-content/themes/gncu/dist/src/scripts/ 245 KB
94 KB 9ms
9ms Script
application/x-javascript 23.185.0.1
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gncu.org/wp-content/themes/gncu/dist/src/scripts/main.js?ver=1.43

Requested by

Host: www.gncu.org
URL: https://www.gncu.org/Services/Solutions/Investments/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.185.0.1 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

6e7312245a8e2ccc79ca59eb5665dc1cf6ea18b50f856760670ab582f332992e

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.gncu.org/Services/Solutions/Investments/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Thu, 10 Apr 2025 00:02:17 GMT
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Thu, 11 Apr 2024 21:54:37 GMT
age: 251540
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-a-7c986f855-4w66n
content-length: 95724
x-served-by: cache-chi-klot8100053-CHI, cache-fra-eddf8230096-FRA
last-modified: Tue, 09 Apr 2024 00:01:22 GMT
server: nginx
x-timer: S1712872477.371701,VS0,VE3
etag: W/"66148552-3d50e"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: 6ddac571-f604-11ee-805e-5a97ed98eb2a
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 24, 0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 353 KB
100 KB 55ms
35ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PT47LP

Requested by

Host: www.gncu.org
URL: https://www.gncu.org/Services/Solutions/Investments/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7dce6b1123c5c7276344047e6e431fdf9d91028c886065b452e2121ac7f70b15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.gncu.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 21:54:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 101869
x-xss-protection: 0
last-modified: Thu, 11 Apr 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 11 Apr 2024 21:54:37 GMT

GET
BLOB 200
OK 50f06ac1-18e9-486b-aa90-93069c1c2483
https://www.gncu.org/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.gncu.org/50f06ac1-18e9-486b-aa90-93069c1c2483
Requested by: Host: www.gncu.org
URL: https://www.gncu.org/Services/Solutions/Investments/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 200 ellipse.eaec7ef5.png
www.gncu.org/wp-content/themes/gncu/dist/ 3 KB
3 KB 9ms
9ms Image
image/png 23.185.0.1
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gncu.org/wp-content/themes/gncu/dist/ellipse.eaec7ef5.png

Requested by

Host: www.gncu.org
URL: https://www.gncu.org/wp-content/themes/gncu/dist/src/styles/main.css?ver=1.43

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.185.0.1 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

5eeacc5ed7b71a9c635fce4bf11cecdade33e6799fff455557ddafd8293f5c3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.gncu.org/wp-content/themes/gncu/dist/src/styles/main.css?ver=1.43
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-pantheon-styx-hostname: styx-fe1-a-7c986f855-tfklb
strict-transport-security: max-age=300
date: Thu, 11 Apr 2024 21:54:37 GMT
via: 1.1 varnish, 1.1 varnish
expires: Thu, 10 Apr 2025 00:02:17 GMT
age: 251540
x-cache: HIT, HIT
content-length: 3229
x-served-by: cache-chi-kigq8000162-CHI, cache-fra-eddf8230096-FRA
last-modified: Tue, 09 Apr 2024 00:01:21 GMT
server: nginx
x-timer: S1712872478.635229,VS0,VE3
etag: "66148551-c9d"
content-type: image/png
x-styx-req-id: 6ddcccc3-f604-11ee-bada-c2b59daab275
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 3, 0

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
47 KB 30ms
8ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;600;700;900&family=Open+Sans:wght@400;500;600;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://www.gncu.org
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 22:45:56 GMT
x-content-type-options: nosniff
age: 515321
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 05 Apr 2025 22:45:56 GMT

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 36ms
15ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;600;700;900&family=Open+Sans:wght@400;500;600;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://www.gncu.org
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 08 Apr 2024 18:30:09 GMT
x-content-type-options: nosniff
age: 271468
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15752
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 08 Apr 2025 18:30:09 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 28ms
7ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;600;700;900&family=Open+Sans:wght@400;500;600;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://www.gncu.org
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 06 Apr 2024 00:45:23 GMT
x-content-type-options: nosniff
age: 508154
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 06 Apr 2025 00:45:23 GMT

GET
H2 200 CDFI.svg
www.gncu.org/wp-content/themes/gncu/assets/svgs/ 7 KB
6 KB 9ms
9ms Image
image/svg+xml 23.185.0.1
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gncu.org/wp-content/themes/gncu/assets/svgs/CDFI.svg

Requested by

Host: www.gncu.org
URL: https://www.gncu.org/Services/Solutions/Investments/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.185.0.1 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

9800e2b1ad92c97fdee061f823de75bda1a4ddcb1db00c1227767bf0a9719f87

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.gncu.org/Services/Solutions/Investments/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Thu, 10 Apr 2025 00:03:20 GMT
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Thu, 11 Apr 2024 21:54:37 GMT
age: 251477
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-b-78d74f4d6-dlntp
content-length: 5415
x-served-by: cache-chi-klot8100065-CHI, cache-fra-eddf8230096-FRA
last-modified: Tue, 09 Apr 2024 00:01:20 GMT
server: nginx
x-timer: S1712872478.645778,VS0,VE3
etag: W/"66148550-1c3d"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-styx-req-id: 9324e900-f604-11ee-839b-fa61e3edc88d
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 22, 0

GET
H2 200 gnf-logo.svg
www.gncu.org/wp-content/themes/gncu/assets/svgs/ 8 KB
3 KB 10ms
10ms Image
image/svg+xml 23.185.0.1
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gncu.org/wp-content/themes/gncu/assets/svgs/gnf-logo.svg

Requested by

Host: www.gncu.org
URL: https://www.gncu.org/Services/Solutions/Investments/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.185.0.1 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

244707dab25e03628d425cc739a587f5091cea07f283a27a217e2c750e2e9176

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.gncu.org/Services/Solutions/Investments/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Thu, 10 Apr 2025 00:03:20 GMT
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Thu, 11 Apr 2024 21:54:37 GMT
age: 251477
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-b-78d74f4d6-dlntp
content-length: 3142
x-served-by: cache-chi-klot8100037-CHI, cache-fra-eddf8230096-FRA
last-modified: Tue, 09 Apr 2024 00:01:20 GMT
server: nginx
x-timer: S1712872478.645731,VS0,VE3
etag: W/"66148550-1e74"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-styx-req-id: 9329508a-f604-11ee-839b-fa61e3edc88d
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 4, 0

GET
H2 200 wp-emoji-release.min.js Show response
www.gncu.org/wp-includes/js/ 18 KB
6 KB 12ms
11ms Script
application/x-javascript 23.185.0.1
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gncu.org/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2

Requested by

Host: www.gncu.org
URL: https://www.gncu.org/Services/Solutions/Investments/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.185.0.1 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.gncu.org/Services/Solutions/Investments/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Thu, 10 Apr 2025 00:02:18 GMT
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Thu, 11 Apr 2024 21:54:37 GMT
age: 251540
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-b-78d74f4d6-jx7jd
content-length: 5842
x-served-by: cache-chi-klot8100094-CHI, cache-fra-eddf8230096-FRA
last-modified: Tue, 09 Apr 2024 00:01:22 GMT
server: nginx
x-timer: S1712872478.658419,VS0,VE5
etag: W/"66148552-4904"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: 6dfabfe2-f604-11ee-bc8c-82dacacdf78c
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 3, 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 302 KB
100 KB 27ms
25ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-BGN7XL7YLK&l=dataLayer&cx=c

Requested by

Host: www.gncu.org
URL: https://www.gncu.org/Services/Solutions/Investments/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bbdbf000d49e5a92b4cc78262f256a14497f02a8f592b11de9579d522ee9e6a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.gncu.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 21:54:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 101916
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 11 Apr 2024 21:54:37 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 222 KB
79 KB 23ms
21ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-880803278&l=dataLayer&cx=c

Requested by

Host: www.gncu.org
URL: https://www.gncu.org/Services/Solutions/Investments/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e6f7ceac3a17866878f5b88ae07ab01eb83ef37146c4abb324125a314f413dfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.gncu.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 21:54:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81018
x-xss-protection: 0
last-modified: Thu, 11 Apr 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 11 Apr 2024 21:54:37 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 56ms
34ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.gncu.org
URL: https://www.gncu.org/Services/Solutions/Investments/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.gncu.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Thu, 11 Apr 2024 21:54:37 GMT
last-modified: Thu, 29 Feb 2024 19:58:06 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: BA177B85C81E4C3ABCA26BA55FE4B2FE Ref B: FRAEDGE1117 Ref C: 2024-04-11T21:54:37Z
etag: "01b4e9c496bda1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13261

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 27ms
6ms Script
text/javascript 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.gncu.org
URL: https://www.gncu.org/Services/Solutions/Investments/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.gncu.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 11 Apr 2024 21:48:08 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 389
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 11 Apr 2024 23:48:08 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 218 KB
59 KB 21ms
7ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.gncu.org
URL: https://www.gncu.org/Services/Solutions/Investments/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bda2cf571d7ea45f68afcdc87f968090dbf4bbdec2c7d6d19ce591b3980c296f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.gncu.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 11 Apr 2024 21:54:37 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57850
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=12, mss=1326, tbw=2762, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: e6teEpQhxr4OIWTGyJ9YGvZ/d6UmB4SC3lsWhuIIGV6sBaZYv99uSIHGbuxeZfujSwyQi6WrJX01TWMvFm48IQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 asbcmfb76g Show response
www.clarity.ms/tag/ 1 KB
1 KB 132ms
100ms Script
application/x-javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/asbcmfb76g?ref=gtm2
Requested by: Host: www.gncu.org
URL: https://www.gncu.org/Services/Solutions/Investments/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 88f919c8205867b42f81cf956ebdfe0e928c724c38aa70d45cdf42660fdb7b86

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.gncu.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: -1
date: Thu, 11 Apr 2024 21:54:37 GMT
x-azure-ref: 20240411T215437Z-164d799447db656gzyh4d9h88000000001w000000000wxe4
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 1033
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

GET
H2 200 visitor.js Show response
app.leadsrx.com/ 16 KB
16 KB 695ms
330ms Script
application/javascript 50.112.7.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.leadsrx.com/visitor.js
Requested by: Host: www.gncu.org
URL: https://www.gncu.org/Services/Solutions/Investments/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 50.112.7.94 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-50-112-7-94.us-west-2.compute.amazonaws.com
Software: nginx/1.20.1 /
Resource Hash: 7e8f70f86d34990e70e0b696310775bc5c4327110a78a08cebf21fc072cab1b2

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.gncu.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 21:54:38 GMT
last-modified: Wed, 03 Apr 2024 16:35:58 GMT
server: nginx/1.20.1
etag: "660d856e-40d1"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
content-length: 16593

GET
H3 200 siteanalyze_88249.js Show response
siteimproveanalytics.com/js/ 28 KB
10 KB 72ms
45ms Script
application/javascript 2606:4700:e4::ac40:a112
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://siteimproveanalytics.com/js/siteanalyze_88249.js
Requested by: Host: www.gncu.org
URL: https://www.gncu.org/Services/Solutions/Investments/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e4::ac40:a112 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bda7824abcd35432d1329c6514106a8dc27589df1b5b64a21774df15788924b4

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.gncu.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 21:54:37 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 3WRZBGRPCX0KW83P
alt-svc: h3=":443"; ma=86400
content-length: 9383
x-amz-id-2: 94U1LTt+kQqgNu/dQoUTre5x0Mp76Slf5w2gtyWr8ulawxiStjgOU1FijarjLkIhh1v6Vx0QkEs=
last-modified: Wed, 14 Feb 2024 18:19:41 GMT
server: cloudflare
etag: "3fdf6cfed657979d55e03ceb85157db4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jec%2FNblo7wU4xLko6GWAzOg1OCt0v70ClWM6kB%2Bok48eylRW1AUfGr9e%2BZxClFuxlcNK9Ye68mUGSXYv93MdQAGxFeL6EYmM%2FOV0DDiOhV%2FrRtm0C6I59vE0n0Hwgzq%2BvERHARDpwSg1b37UKJIRz8Wm40i9tCQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=86400, no-transform
accept-ranges: bytes
cf-ray: 872e3759afe81c28-FRA

GET
H2 200 39545883.js Show response
js.hs-scripts.com/ 1 KB
1 KB 144ms
121ms Script
application/javascript 2606:4700::6810:89d1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hs-scripts.com/39545883.js

Requested by

Host: www.gncu.org
URL: https://www.gncu.org/Services/Solutions/Investments/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:89d1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf98c81a9adf28625ffe8404049527b7c38b4c48a6cf946eb4a2107551b521f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.gncu.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 21:54:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: b5983929-65cf-4507-a58e-a74368ee597a
x-envoy-upstream-service-time: 6
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: b5983929-65cf-4507-a58e-a74368ee597a
last-modified: Thu, 11 Apr 2024 21:35:35 GMT
server: cloudflare
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.gncu.org
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-697677dfc-tdrrh
access-control-allow-credentials: true
cache-control: public, max-age=90
cf-ray: 872e37599a0436df-FRA
expires: Thu, 11 Apr 2024 21:56:07 GMT

GET
H/1.1 200
OK widget.js Show response
autolink.io/gncu/ 1 KB
1 KB 617ms
214ms Script
application/javascript 52.3.0.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://autolink.io/gncu/widget.js

Requested by

Host: www.gncu.org
URL: https://www.gncu.org/Services/Solutions/Investments/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.3.0.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-3-0-87.compute-1.amazonaws.com

Software

nginx /

Resource Hash

55f759e2b97aaa2e00a3981287f89e537a767a091bcab49456d7d6608fcd6af2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http: https:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.gncu.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 11 Apr 2024 21:54:38 GMT
Content-Security-Policy: frame-ancestors http: https:
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: nginx
X-Permitted-Cross-Domain-Policies: master-only
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Origin
Content-Type: application/javascript; charset=UTF-8
P3P: CP="We do not have a P3P policy. For more information about the credit union's privacy policy, please contact the credit union."
Cache-Control: no-store
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK aff_i
accretivemedia.go2cloud.org/ 43 B
523 B 102ms
33ms Image
image/gif 52.210.174.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accretivemedia.go2cloud.org/aff_i?offer_id=274&aff_id=1&source=lp
Requested by: Host: www.gncu.org
URL: https://www.gncu.org/Services/Solutions/Investments/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.210.174.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-174-128.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: ac05f643d51698438fc2504bc237b5a39ce1248b037dbf446aaca4ce65c3182c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.gncu.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Thu, 11 Apr 2024 21:54:37 GMT
Content-Encoding: gzip
Server: nginx
Tracking_id: 102f8eda2dfbfa127504a28187a285
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Tune-SDK-Version
X-Request-Id: 8b34b679e5af651a351fd181cf5fe460
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 226151227891086 Show response
connect.facebook.net/signals/config/ 64 KB
14 KB 76ms
75ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/226151227891086?v=2.9.153&r=stable&domain=www.gncu.org&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105

Requested by

Host: www.gncu.org
URL: https://www.gncu.org/Services/Solutions/Investments/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fd50d0bd7a331d7732fb828df91e0570d343a817cd588ce15ffbfa3fba070733

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.gncu.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 11 Apr 2024 21:54:37 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=11, rtx=0, c=63, mss=1326, tbw=63135, tp=-1, tpl=-1, uplat=68, ullat=1
pragma: public
x-fb-debug: nkw6yzbspaIrH+nQT3DtyfNLCRhluTv9/7NHCMI3iUPMZSzCh8T52rRjDdEtjjtbZyls592LBo18ANOxhvli4A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
206 B 14ms
13ms XHR
text/plain 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=756347377&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gncu.org%2FServices%2FSolutions%2FInvestments%2F&ul=de-de&de=UTF-8&dt=Page%20not%20found%20%7C%20GNCU&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEDAAEABAAAAACAAI~&jid=382811773&gjid=900205340&cid=1348238707.1712872478&tid=UA-146587736-6&_gid=93091401.1712872478&_r=1&_slc=1&z=429590790

Requested by

Host: www.gncu.org
URL: https://www.gncu.org/Services/Solutions/Investments/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.gncu.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 11 Apr 2024 21:54:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gncu.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
68 B 13ms
13ms XHR
text/plain 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=756347377&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gncu.org%2FServices%2FSolutions%2FInvestments%2F&ul=de-de&de=UTF-8&dt=Page%20not%20found%20%7C%20GNCU&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEDAAEABAAAAACAAI~&jid=179431817&gjid=775530035&cid=1348238707.1712872478&tid=UA-146171377-2&_gid=93091401.1712872478&_r=1&_slc=1&z=1666128836

Requested by

Host: www.gncu.org
URL: https://www.gncu.org/Services/Solutions/Investments/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.gncu.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 11 Apr 2024 21:54:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gncu.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
252 B 39ms
18ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-BGN7XL7YLK&gtm=45je44a0v898716273z871804969za200&_p=1712872477404&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1348238707.1712872478&ul=de-de&sr=1600x1200&ir=1&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=EA&_s=1&sid=1712872477&sct=1&seg=0&dl=https%3A%2F%2Fwww.gncu.org%2FServices%2FSolutions%2FInvestments%2F&dt=Page%20not%20found%20%7C%20GNCU&en=page_view&_fv=1&_ss=1&tfd=4979
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BGN7XL7YLK&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.gncu.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 11 Apr 2024 21:54:37 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gncu.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
252 B 63ms
22ms Ping
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-BGN7XL7YLK&cid=1348238707.1712872478&gtm=45je44a0v898716273z871804969za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BGN7XL7YLK&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.gncu.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 11 Apr 2024 21:54:37 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gncu.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 33ms
18ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-BGN7XL7YLK&cid=1348238707.1712872478&gtm=45je44a0v898716273z871804969za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=1375193844

Requested by

Host: www.gncu.org
URL: https://www.gncu.org/Services/Solutions/Investments/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.gncu.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 11 Apr 2024 21:54:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 142001163.js Show response
bat.bing.com/p/action/ 0
116 B 33ms
33ms Script
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/142001163.js

Requested by

Host: www.gncu.org
URL: https://www.gncu.org/Services/Solutions/Investments/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.gncu.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Thu, 11 Apr 2024 21:54:37 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: AE3A540021274B0B8EC9DA0785F1593B Ref B: FRAEDGE1117 Ref C: 2024-04-11T21:54:37Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
287 B 82ms
82ms Image
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=142001163&tm=gtm002&Ver=2&mid=dc4c29a0-98e5-4059-962e-b56bf89f8a70&sid=17624680f84e11eea19fb972a0719168&vid=17624ab0f84e11eeb032c56db9c56b6c&vids=1&msclkid=N&gtm_tag_source=1&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=Page%20not%20found%20%7C%20GNCU&p=https%3A%2F%2Fwww.gncu.org%2FServices%2FSolutions%2FInvestments%2F&r=&lt=4810&evt=pageLoad&sv=1&rn=538418

Requested by

Host: www.gncu.org
URL: https://www.gncu.org/Services/Solutions/Investments/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.gncu.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 11 Apr 2024 21:54:37 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: BED80CB9B6A64619A27693D947C3DF7F Ref B: FRAEDGE1117 Ref C: 2024-04-11T21:54:37Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.27/ 60 KB
25 KB 15ms
14ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.27/clarity.js
Requested by: Host: www.gncu.org
URL: https://www.gncu.org/Services/Solutions/Investments/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 482d1dd6e19c705493e390d6a3427887cfd2c47ec7ee7c85282370687a5ed2ee

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.gncu.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 21:54:37 GMT
content-encoding: br
last-modified: Tue, 02 Apr 2024 23:38:07 GMT
etag: W/"0x8DC536DF2EAB768"
vary: Accept-Encoding
x-azure-ref: 20240411T215437Z-164d799447db656gzyh4d9h88000000001w000000000wxec
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: cef0cf6e-e01e-003c-5256-8b071c000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28
x-fd-int-roxy-purgeid: 51562430

GET
H2 200 39545883.js Show response
js.hs-analytics.net/analytics/1712872200000/ 68 KB
22 KB 153ms
128ms Script
text/javascript 2606:4700::6810:4dba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1712872200000/39545883.js
Requested by: Host: www.gncu.org
URL: https://www.gncu.org/Services/Solutions/Investments/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:4dba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58c13982dda57b01736d7ec2876afa284c644712c9ca414391ad08cd0b34426f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.gncu.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 21:54:38 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: GBCF2DD4NQKG77ST
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: a653ee67-904f-4315-87a6-aa5313c85456
x-envoy-upstream-service-time: 18
x-amz-id-2: UMKVBfm6vqluI9bW4YacuSwsdPYSQDL1BVyfikebXgy9WL3b/XZFNVM/hx/HC1kKEixh5XA7wZIvw7+KYAxJgnocSyVBhcYm
x-evy-trace-listener: listener_https
x-request-id: a653ee67-904f-4315-87a6-aa5313c85456
x-evy-trace-route-configuration: listener_https/all
last-modified: Fri, 05 Apr 2024 19:37:42 GMT
server: cloudflare
etag: W/"071d4110c1dcf9fbef42fa0820d9ed54"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-6685c9958f-snf7h
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 872e375add4e9156-FRA
expires: Thu, 11 Apr 2024 21:59:37 GMT

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ 69 KB
25 KB 180ms
153ms Script
application/javascript 2606:4700::6810:6dfe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hscollectedforms.net/collectedforms.js

Requested by

Host: www.gncu.org
URL: https://www.gncu.org/Services/Solutions/Investments/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:6dfe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c76dd89a767afd512ce6c6370424f39a632ebb736c16ac37952fbfd97575448

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.gncu.org/
Origin: https://www.gncu.org
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 21:54:38 GMT
x-amz-version-id: _rd02ux3UWoVQsATQDf.p_LxkLPJ6umh
via: 1.1 06c1d28e93bdae8f6401a12c10b2f570.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-amz-cf-pop: IAD12-P3
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 9e8a5e2b-4d87-40c2-9fe9-18f0dd87f6b8
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.491/bundles/project.js&cfRay=872e375ade5e2c29-FRA
x-cache: Hit from cloudfront
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
content-encoding: br
x-envoy-upstream-service-time: 6
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 9e8a5e2b-4d87-40c2-9fe9-18f0dd87f6b8
last-modified: Wed, 10 Apr 2024 18:06:23 UTC
server: cloudflare
etag: W/"020909a609cf986b4a8a88cfb577a8db"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
x-hs-cache-status: HIT
cache-control: s-maxage=600, max-age=300
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-68b7f7fbff-5ssq8
cf-ray: 872e375ade5e2c29-FRA
x-amz-cf-id: hx6qfommgJTJpi0mNkj2juxQEyrLwZdGqRKSUmLXkfhvW8hSpQe7bw==
x-hs-target-asset: collected-forms-embed-js/static-1.491/bundles/project.js

GET
H2 200 banner.js Show response
js.hs-banner.com/v2/39545883/ 71 KB
23 KB 355ms
327ms Script
text/javascript 2606:4700:4400::ac40:991b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/39545883/banner.js
Requested by: Host: www.gncu.org
URL: https://www.gncu.org/Services/Solutions/Investments/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:991b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b84632fc4757dbd9bc73113e09f749335d8cd1fd360f8c024b68826f08833fa2

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.gncu.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 21:54:38 GMT
x-amz-version-id: wZluy6qVTKLuxInyThX_wSPQZZiAP.mI
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: M7R7V7CTH9840378
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 05ffc338-1bfb-4c96-a5aa-77c01a348f20
x-envoy-upstream-service-time: 74
x-amz-id-2: 1xjWt9G30z7v5ZmxN0WP+D7eLPWsDu/Ug6WhjH8W9JjOu68DBwyxSDOR3gn7HKUXbVlLZmN+L2lPrgqAzPtUxOn7LRGbIuztFg/IXYZgvuE=
x-evy-trace-listener: listener_https
x-request-id: 05ffc338-1bfb-4c96-a5aa-77c01a348f20
x-evy-trace-route-configuration: listener_https/all
last-modified: Tue, 09 Apr 2024 21:08:33 GMT
server: cloudflare
etag: W/"0889d9625e8ee74833a295ea233f3ec1"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.gncu.org
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300,public
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-6685c9958f-snf7h
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 872e375adc8d9732-FRA
expires: Thu, 11 Apr 2024 21:59:38 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
273 B 23ms
8ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=226151227891086&ev=PageView&dl=https%3A%2F%2Fwww.gncu.org&rl=&if=false&ts=1712872477913&sw=1600&sh=1200&v=2.9.153&r=stable&ec=0&o=4124&fbp=fb.1.1712872477912.775311053&cs_est=true&pm=1&hrl=612e63&ler=empty&cdl=API_unavailable&it=1712872477781&coo=false&cs_cc=1&cas=6990325187738549%2C5680004185424822%2C3907604069332139&rqm=GET

Requested by

Host: www.gncu.org
URL: https://www.gncu.org/Services/Solutions/Investments/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.gncu.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1326, tbw=2754, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 11 Apr 2024 21:54:37 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 image.aspx
88249.global.siteimproveanalytics.io/ 34 B
149 B 116ms
6ms Image
image/gif 18.185.54.69
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://88249.global.siteimproveanalytics.io/image.aspx?url=https%3A%2F%2Fwww.gncu.org%2FServices%2FSolutions%2FInvestments%2F&title=Page%20not%20found%20%7C%20GNCU&res=1600x1200&accountid=88249&rt=5075&prev=f705b997-cbfb-0ac2-0d42-243c879d5de5&luid=eb95e099-9c93-ecbd-e927-630aa8950d3e&rnd=10269
Requested by: Host: www.gncu.org
URL: https://www.gncu.org/Services/Solutions/Investments/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.54.69 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-54-69.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.gncu.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-type: image/gif
date: Thu, 11 Apr 2024 21:54:38 GMT
cache-control: max-age=0
content-length: 34
expires: Thu, 11 Apr 2024 21:54:38 UTC

GET
BLOB 200
OK e1a6d909-5346-4e17-9dfa-add3786b989a
https://www.gncu.org/ 2 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.gncu.org/e1a6d909-5346-4e17-9dfa-add3786b989a
Requested by: Host: www.gncu.org
URL: https://www.gncu.org/Services/Solutions/Investments/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1eec5d0bc72fba33ce753f6009a277e07041fb92d221ae5839bbc5e8fff1d0bb

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length: 2479
Content-Type: text/javascript

GET
DATA 200
OK truncated
/ 89 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 50e6072d26098d48004a30addeecabd5b22b91e5ccdf9dd86f96459783e3ac23

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

POST
H/1.1 204
No Content collect Show response
a.clarity.ms/ 0
292 B 388ms
193ms XHR
text/plain 104.45.184.134
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.clarity.ms/collect
Requested by: Host: www.gncu.org
URL: https://www.gncu.org/Services/Solutions/Investments/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.45.184.134 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/x-clarity-gzip
Referer: https://www.gncu.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: https://www.gncu.org
Date: Thu, 11 Apr 2024 21:54:38 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81

GET
H2 200 json Show response
forms.hscollectedforms.net/collected-forms/v1/config/ 116 B
431 B 121ms
112ms XHR
application/json 2606:4700::6810:6dfe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hscollectedforms.net/collected-forms/v1/config/json?portalId=39545883&utk=

Requested by

Host: www.gncu.org
URL: https://www.gncu.org/Services/Solutions/Investments/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:6dfe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1688b216e1280a76f8d896a93acf2bc3a7cff86e22e49f3b3dcc26866c71ccf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/json, text/plain, */*
Referer: https://www.gncu.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 21:54:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: ec0e8355-99d4-4721-8c07-842541645b9b
x-envoy-upstream-service-time: 2
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: ec0e8355-99d4-4721-8c07-842541645b9b
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.gncu.org
x-evy-trace-virtual-host: all
cache-control: max-age=0
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-68b7f7fbff-72bsp
access-control-max-age: 180
x-robots-tag: none
access-control-allow-headers: *
cf-ray: 872e375ca8232c29-FRA

GET
H/1.1 200
OK widget-stage2.js Show response
autolink.io/gncu/13fb4f39f92b20886ebbe3da9e262fe3/ 25 B
838 B 677ms
252ms XHR
application/javascript 52.3.0.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://autolink.io/gncu/13fb4f39f92b20886ebbe3da9e262fe3/widget-stage2.js?q=eyJyZWZlcnJlciI6Imh0dHBzOi8vd3d3LmduY3Uub3JnL1NlcnZpY2VzL1NvbHV0aW9ucy9JbnZlc3RtZW50cy8iLCJzZXNzaW9uIjoiOTg2OGY3MjQtMGVkMC00NTEwLWJjYTgtMzViMTgxZmFlYzBhIn0%3D

Requested by

Host: www.gncu.org
URL: https://www.gncu.org/Services/Solutions/Investments/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.3.0.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-3-0-87.compute-1.amazonaws.com

Software

nginx /

Resource Hash

275ff46c1074b2c1da9af72c003a47c029496cf6ea1d3d09794a3e388bcf72c7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http: https:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.gncu.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 11 Apr 2024 21:54:38 GMT
Content-Security-Policy: frame-ancestors http: https:
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
X-Permitted-Cross-Domain-Policies: master-only
Transfer-Encoding: chunked
P3P: CP="We do not have a P3P policy. For more information about the credit union's privacy policy, please contact the credit union."
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
Vary: Origin
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: https://www.gncu.org
Cache-Control: private, max-age=1814400, immutable
Access-Control-Allow-Credentials: true

GET
H3 200 counters.gif
forms.hsforms.com/embed/v3/ 35 B
884 B 169ms
149ms Image
image/gif 2606:4700::6812:c07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=2

Requested by

Host: www.gncu.org
URL: https://www.gncu.org/Services/Solutions/Investments/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:c07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.gncu.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 21:54:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 6d55501f-9aed-458b-8ee1-1132d05d0f9c
x-envoy-upstream-service-time: 12
alt-svc: h3=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 6d55501f-9aed-458b-8ee1-1132d05d0f9c
server: cloudflare
vary: origin
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-9fd6b4b-8b4sh
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 872e375d890b2c4d-FRA

GET
H2 200 visitor.php Show response
app.leadsrx.com/ 73 B
294 B 179ms
178ms XHR
text/html 50.112.7.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.leadsrx.com/visitor.php?acctTag=ozutbd43646&tz=-120&ref=&u=https%3A%2F%2Fwww.gncu.org%2FServices%2FSolutions%2FInvestments%2F&t=Page%20not%20found%20%7C%20GNCU&lc=null&anon=0&vin=null

Requested by

Host: www.gncu.org
URL: https://www.gncu.org/Services/Solutions/Investments/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

50.112.7.94 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-50-112-7-94.us-west-2.compute.amazonaws.com

Software

nginx/1.20.1 / PHP/5.6.40

Resource Hash

507789a33d562101a6f64baf193bbc240997ed1153e9381805e9af127fcced6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.gncu.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Thu, 11 Apr 2024 21:54:38 GMT
x-content-type-options: nosniff
server: nginx/1.20.1
x-powered-by: PHP/5.6.40
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.gncu.org
access-control-allow-credentials: true

GET
H2 200 nr-spa-1.255.0.min.js Show response
js-agent.newrelic.com/ 105 KB
34 KB 27ms
6ms Script
application/javascript 2602:816:5001::39
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/nr-spa-1.255.0.min.js

Requested by

Host: www.gncu.org
URL: https://www.gncu.org/Services/Solutions/Investments/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2602:816:5001::39 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3371d44cedfc56d6657c61e4c1755e67ed86180e2bdf6520ce46d4982f861bed

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.gncu.org/
Origin: https://www.gncu.org
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: yqkk7PJEGHCp4rAXUgm.T_nc9B7P7cGt
content-encoding: br
via: 1.1 varnish
date: Thu, 11 Apr 2024 21:54:38 GMT
strict-transport-security: max-age=300
x-amz-request-id: X8JR9FDAGTWEA3QD
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 34032
x-amz-id-2: xM8/vm4NNAT4Ol1M8tIPPkaVkpDVmbW2QPxu51DB6htRCXnzUiWPP+edzusHy/06xXBXoMGsY2df5yuhT8dzRMyi+nlSD5+5
x-served-by: cache-fra-eddf8230044-FRA
last-modified: Thu, 04 Apr 2024 14:39:28 GMT
server: AmazonS3
etag: "977499a276e5253842c0081629dc665d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 179605

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=B18BA8168D0C42B58276E9AED3CD280A&RedC=c.clarity.ms&MXFR=186EF03194D76A493C49E46F90D764DD
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=B18BA8168D0C42B58276E9AED3CD280A&MUID=09F820CC7DFC6D5E323D34927C976C4E

42 B
443 B

29ms
28ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=B18BA8168D0C42B58276E9AED3CD280A&MUID=09F820CC7DFC6D5E323D34927C976C4E
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.gncu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Apr 2024 21:54:38 GMT
last-modified: Fri, 01 Mar 2024 22:54:48 GMT
server: Microsoft-IIS/10.0
etag: "3e26b762b6cda1:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Thu, 11 Apr 2024 21:54:38 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C858BA34A3614EDD8538D089C5563C08 Ref B: FRAEDGE1117 Ref C: 2024-04-11T21:54:38Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=B18BA8168D0C42B58276E9AED3CD280A&MUID=09F820CC7DFC6D5E323D34927C976C4E
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
1 KB 166ms
139ms Image
image/gif 2606:4700::6810:7574
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=de-de&bfp=726726051&v=1.1&a=39545883&pu=https%3A%2F%2Fwww.gncu.org%2FServices%2FSolutions%2FInvestments%2F&t=Page+not+found+%7C+GNCU&cts=1712872478476&vi=50b4686039e24a5aea0004d4c31508ba&nc=true&u=216315337.50b4686039e24a5aea0004d4c31508ba.1712872478474.1712872478474.1712872478474.1&b=216315337.1.1712872478474&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.gncu.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 21:54:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 3f365b55-a778-4250-a7a8-d2b23a083d61
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 12
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 3f365b55-a778-4250-a7a8-d2b23a083d61
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9zp3BoCUgGpySZkvA8T2xGVq%2FEYun93J4hTfE7YwjlaCOZOZbYvENLS8%2B6wNGUexavI0%2BGO63PMzYSkgwFldfF%2Br0QFF7cVb5Tj2VDGkHcS99F%2FDTDAhXZFjD3vUstpBjqgnUnVKTOTncJU%2B97fY"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-76d96f8b5d-qswgr
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 872e375eaa0b9f21-FRA
x-robots-tag: none

GET
H2 200 gncu-logo-icon-150x150.webp
www.gncu.org/wp-content/uploads/2023/01/ 2 KB
2 KB 12ms
12ms Other
image/webp 23.185.0.1
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gncu.org/wp-content/uploads/2023/01/gncu-logo-icon-150x150.webp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.185.0.1 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

be97f840c8399bad48a1a8895558727ef064acf164863b17474bafa4770fcc56

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.gncu.org/Services/Solutions/Investments/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-pantheon-styx-hostname: styx-fe1-b-86568b7775-g49tn
strict-transport-security: max-age=300
date: Thu, 11 Apr 2024 21:54:38 GMT
via: 1.1 varnish, 1.1 varnish
expires: Fri, 28 Feb 2025 21:25:10 GMT
age: 251511
x-cache: HIT, HIT
backend-name: 167.82.237.51,443
content-length: 1612
x-served-by: cache-chi-kigq8000051-CHI, cache-fra-eddf8230096-FRA
backend-ip-port: fastlyshield--shield_ssl_cache_chi_kigq8000051_CHI
last-modified: Tue, 31 Jan 2023 19:05:51 GMT
server: nginx
x-timer: S1712872478.483887,VS0,VE5
etag: "63d9668f-64c"
content-type: image/webp
x-styx-req-id: da111de9-d67f-11ee-9341-f610adc4e48d
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 11, 0

POST
H/1.1 200
OK NRJS-807ef8e60574bb7d839 Show response
bam.nr-data.net/1/ 150 B
698 B 332ms
262ms XHR
text/plain 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/NRJS-807ef8e60574bb7d839?a=536393887&v=1.255.0&to=blwDMUFZWRFTVEMIXVcWIAZHUVgMHQMHVQ%3D%3D&rst=5670&ck=0&s=f141d8b4694db1a3&ref=https://www.gncu.org/Services/Solutions/Investments/&hr=0&af=err,xhr,stn,ins,spa&ap=253&be=4497&fe=1135&dc=313&at=QhsARwlDSh8%3D&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1712872472846,%22n%22:0,%22f%22:4049,%22dn%22:4049,%22dne%22:4049,%22c%22:4049,%22s%22:4049,%22ce%22:4049,%22rq%22:4050,%22rp%22:4498,%22rpe%22:4505,%22di%22:4809,%22ds%22:4809,%22de%22:4810,%22dc%22:5626,%22l%22:5626,%22le%22:5632%7D,%22navigation%22:%7B%7D%7D&fp=4805&fcp=4805
Requested by: Host: www.gncu.org
URL: https://www.gncu.org/Services/Solutions/Investments/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 Portland, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a44c5da26bab61b64e5327da6b84a7e64ae4a7af13b52e5fb64f2f1a2f982767

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.gncu.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: text/plain

Response headers

Date: Thu, 11 Apr 2024 21:54:38 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Transfer-Encoding: chunked
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.gncu.org
access-control-expose-headers: Date
Vary: Accept-Encoding
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: keep-alive
CF-Ray: 872e375f39ef8fe6-FRA
timing-allow-origin: https://www.gncu.org

POST
H/1.1 200
OK NRJS-807ef8e60574bb7d839 Show response
bam.nr-data.net/events/1/ 24 B
400 B 250ms
250ms XHR
image/gif 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/NRJS-807ef8e60574bb7d839?a=536393887&v=1.255.0&to=blwDMUFZWRFTVEMIXVcWIAZHUVgMHQMHVQ%3D%3D&rst=6014&ck=0&s=f141d8b4694db1a3&ref=https://www.gncu.org/Services/Solutions/Investments/&hr=0
Requested by: Host: www.gncu.org
URL: https://www.gncu.org/Services/Solutions/Investments/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 Portland, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.gncu.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: text/plain

Response headers

Date: Thu, 11 Apr 2024 21:54:39 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.gncu.org
access-control-allow-credentials: true
Connection: keep-alive
CF-Ray: 872e3760eadd8fe6-FRA
Content-Length: 24

POST
H/1.1 204
No Content collect Show response
a.clarity.ms/ 0
292 B 94ms
94ms XHR
text/plain 104.45.184.134
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.clarity.ms/collect
Requested by: Host: www.gncu.org
URL: https://www.gncu.org/Services/Solutions/Investments/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.45.184.134 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/x-clarity-gzip
Referer: https://www.gncu.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: https://www.gncu.org
Date: Thu, 11 Apr 2024 21:54:39 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81

Verdicts & Comments Add Verdict or Comment

80 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

29 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.onlineaccess1.com/	1969-12-31 23:59:59	Name: __cfruid Value: 95030c9f3741e2774293cee27dbf524ff4156a95-1712872477
.gncu.org/	1970-01-20 21:57:28	Name: _gcl_au Value: 1.1.2136934232.1712872478
.gncu.org/	1970-01-20 19:49:18	Name: _gid Value: GA1.2.93091401.1712872478
.gncu.org/	1970-01-20 19:47:52	Name: _gat_individualRollup Value: 1
.gncu.org/	1970-01-20 19:47:52	Name: _gat_allRollup Value: 1
www.clarity.ms/	1970-01-21 04:33:28	Name: CLID Value: 8aee9d6180ee4bd18b6a0cf1074ca3a7.20240411.20250411
.gncu.org/	1970-01-21 05:23:52	Name: _ga_BGN7XL7YLK Value: GS1.1.1712872477.1.0.1712872477.60.0.0
.gncu.org/	1970-01-21 05:23:52	Name: _ga Value: GA1.1.1348238707.1712872478
.gncu.org/	1970-01-20 19:49:18	Name: _uetsid Value: 17624680f84e11eea19fb972a0719168
.gncu.org/	1970-01-21 05:09:28	Name: _uetvid Value: 17624ab0f84e11eeb032c56db9c56b6c
.gncu.org/	1970-01-20 21:57:28	Name: _fbp Value: fb.1.1712872477912.775311053
.gncu.org/	1970-01-21 05:23:52	Name: nmstat Value: f705b997-cbfb-0ac2-0d42-243c879d5de5
.gncu.org/	1970-01-21 04:33:28	Name: _clck Value: anb1sn%7C2%7Cfku%7C0%7C1562
.bing.com/	1970-01-21 05:09:28	Name: MUID Value: 09F820CC7DFC6D5E323D34927C976C4E
.hsforms.com/	1970-01-20 19:47:54	Name: __cf_bm Value: 7iV8kGQ6H1RhoJV9ZkkVCStDfcDpvwI6v_LpHI1BIag-1712872478-1.0.1.1-RhOXWlGCEGcCD9ci79on2A7lidQGgiNXfRhywrzcdMfpEjCIaOfNG4v5BZKL2YF.CfFP0TCrF52b5Sg47traSQ
.hsforms.com/	1969-12-31 23:59:59	Name: _cfuvid Value: ACQAJaS_5Xc8Jj1IRBUCC2drqBv8jAsA_BpzEJLb9jY-1712872478466-0.0.1.1-604800000
.gncu.org/	1970-01-21 00:07:04	Name: __hstc Value: 216315337.50b4686039e24a5aea0004d4c31508ba.1712872478474.1712872478474.1712872478474.1
.gncu.org/	1970-01-21 00:07:04	Name: hubspotutk Value: 50b4686039e24a5aea0004d4c31508ba
.gncu.org/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.gncu.org/	1970-01-20 19:47:54	Name: __hssc Value: 216315337.1.1712872478474
.gncu.org/	1970-01-20 19:49:18	Name: _clsk Value: tmc49v%7C1712872478517%7C1%7C1%7Ca.clarity.ms%2Fcollect
.c.bing.com/	1970-01-20 19:57:57	Name: MR Value: 0
.c.bing.com/	1970-01-21 05:09:28	Name: SRM_B Value: 09F820CC7DFC6D5E323D34927C976C4E
.hubspot.com/	1970-01-20 19:47:54	Name: __cf_bm Value: c3llSCGt7vJ7C5F4InbIRkfZKwuQIsYWTmliaKZwkQE-1712872478-1.0.1.1-cUK7K4_YsHwQLkiLauskSFlrXqptABFYlDWg4Wld_16KkOLgeYxcn1yEg9BCnZZz8fKOmTq5ZgbhVnEbgjtnjg
.hubspot.com/	1969-12-31 23:59:59	Name: _cfuvid Value: TS4DKWHzWXvXc_2NPSDmV9LSfleqsVnMUrRcvR91Kso-1712872478639-0.0.1.1-604800000
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 05:09:28	Name: MUID Value: 09F820CC7DFC6D5E323D34927C976C4E
.c.clarity.ms/	1970-01-20 19:57:57	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 19:47:53	Name: ANONCHK Value: 0

27 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.gncu.org/Services/Solutions/Investments/ Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://www.gncu.org/Services/Solutions/Investments/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
recommendation	verbose	URL: https://www.gncu.org/Services/Solutions/Investments/ Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
rendering	warning	URL: https://cds-sdkcfg.onlineaccess1.com/common.js Message: Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
other	warning	URL: https://www.gncu.org/Services/Solutions/Investments/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://connect.facebook.net/signals/config/226151227891086?v=2.9.153&r=stable&domain=www.gncu.org&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105(Line 94) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.gncu.org/Services/Solutions/Investments/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.gncu.org/Services/Solutions/Investments/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
rendering	warning	URL: https://cds-sdkcfg.onlineaccess1.com/common.js Message: Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
rendering	warning	URL: https://cds-sdkcfg.onlineaccess1.com/common.js Message: Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
other	warning	URL: https://www.gncu.org/Services/Solutions/Investments/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.gncu.org/Services/Solutions/Investments/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.gncu.org/Services/Solutions/Investments/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.gncu.org/Services/Solutions/Investments/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.gncu.org/Services/Solutions/Investments/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.gncu.org/Services/Solutions/Investments/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.gncu.org/Services/Solutions/Investments/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.gncu.org/Services/Solutions/Investments/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.gncu.org/Services/Solutions/Investments/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.gncu.org/Services/Solutions/Investments/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.gncu.org/Services/Solutions/Investments/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.gncu.org/Services/Solutions/Investments/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.gncu.org/Services/Solutions/Investments/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.gncu.org/Services/Solutions/Investments/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.gncu.org/Services/Solutions/Investments/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.gncu.org/Services/Solutions/Investments/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.gncu.org/Services/Solutions/Investments/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=300

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

88249.global.siteimproveanalytics.io
a.clarity.ms
accretivemedia.go2cloud.org
app.leadsrx.com
autolink.io
bam.nr-data.net
bat.bing.com
c.bing.com
c.clarity.ms
cds-sdkcfg.onlineaccess1.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
forms.hscollectedforms.net
forms.hsforms.com
greaternevadafinancial.com
js-agent.newrelic.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hscollectedforms.net
region1.analytics.google.com
siteimproveanalytics.com
stats.g.doubleclick.net
track.hubspot.com
www.clarity.ms
www.facebook.com
www.gncu.org
www.google-analytics.com
www.google.de
www.googletagmanager.com
104.45.184.134
162.247.241.14
18.185.54.69
192.0.54.4
2001:4860:4802:32::178
2001:4860:4802:32::36
23.185.0.1
2602:816:5001::39
2606:4700:4400::ac40:991b
2606:4700::6810:4dba
2606:4700::6810:6dfe
2606:4700::6810:7574
2606:4700::6810:89d1
2606:4700::6812:c07d
2606:4700:e4::ac40:a112
2620:1ec:bdf::45
2620:1ec:c11::237
2a00:1450:4001:806::2008
2a00:1450:4001:809::2003
2a00:1450:4001:810::200a
2a00:1450:4001:827::2003
2a00:1450:400c:c00::9a
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
3.33.152.147
50.112.7.94
52.210.174.128
52.3.0.87
68.219.88.97
044a426aac4d2e00b3b43d87f8795b4b4c982d6218fe86c2e888cea5ef96597a
0848258d5dbd290c655c80c926b2bb779904c5e6bd834685ef806f2355f39c1e
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
157d8ba1e5d43c16096d4146a82b43a4b5e2f76783f663010cd99a31d15c6ef9
1688b216e1280a76f8d896a93acf2bc3a7cff86e22e49f3b3dcc26866c71ccf6
1a03b31abe401e8d142b0af895e4b764ca7e622b12f48a3aa741d50bc130ea91
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
1eec5d0bc72fba33ce753f6009a277e07041fb92d221ae5839bbc5e8fff1d0bb
244707dab25e03628d425cc739a587f5091cea07f283a27a217e2c750e2e9176
275ff46c1074b2c1da9af72c003a47c029496cf6ea1d3d09794a3e388bcf72c7
28df269497edd01b4c1b9d5fcee2874f6959a493f890a489e64f3358b0a3e4db
3371d44cedfc56d6657c61e4c1755e67ed86180e2bdf6520ce46d4982f861bed
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
482d1dd6e19c705493e390d6a3427887cfd2c47ec7ee7c85282370687a5ed2ee
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
507789a33d562101a6f64baf193bbc240997ed1153e9381805e9af127fcced6f
50e6072d26098d48004a30addeecabd5b22b91e5ccdf9dd86f96459783e3ac23
55f759e2b97aaa2e00a3981287f89e537a767a091bcab49456d7d6608fcd6af2
58c13982dda57b01736d7ec2876afa284c644712c9ca414391ad08cd0b34426f
5c76dd89a767afd512ce6c6370424f39a632ebb736c16ac37952fbfd97575448
5eeacc5ed7b71a9c635fce4bf11cecdade33e6799fff455557ddafd8293f5c3a
66721803c6f90dc33c2a6c615d098ed811d07f051817550d61e40bf4718974b8
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6e7312245a8e2ccc79ca59eb5665dc1cf6ea18b50f856760670ab582f332992e
7dce6b1123c5c7276344047e6e431fdf9d91028c886065b452e2121ac7f70b15
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
7e8f70f86d34990e70e0b696310775bc5c4327110a78a08cebf21fc072cab1b2
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
88f919c8205867b42f81cf956ebdfe0e928c724c38aa70d45cdf42660fdb7b86
8e2878b5890564d40f943b55491db8e0d9be7032bc8c2da02493485439e5db47
97b0a2d3ae74521ccc13f7292cc457b30c1ec5d52cb026b74ba18b4ec1ef8840
9800e2b1ad92c97fdee061f823de75bda1a4ddcb1db00c1227767bf0a9719f87
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a44c5da26bab61b64e5327da6b84a7e64ae4a7af13b52e5fb64f2f1a2f982767
ac05f643d51698438fc2504bc237b5a39ce1248b037dbf446aaca4ce65c3182c
b5a2133cf28abe865f4b90d0090171533b1ac916ebcb9a517e3668defdcead26
b7803da6eec19045dcd5c538ae25d8c112aba5169e8847ff1e78346b4d8fe48c
b7b250b0e719d8e87db75aa48aab249ad451ee43e9791cb8257862d36dc52c40
b84632fc4757dbd9bc73113e09f749335d8cd1fd360f8c024b68826f08833fa2
bbdbf000d49e5a92b4cc78262f256a14497f02a8f592b11de9579d522ee9e6a1
bda2cf571d7ea45f68afcdc87f968090dbf4bbdec2c7d6d19ce591b3980c296f
bda7824abcd35432d1329c6514106a8dc27589df1b5b64a21774df15788924b4
be97f840c8399bad48a1a8895558727ef064acf164863b17474bafa4770fcc56
bf98c81a9adf28625ffe8404049527b7c38b4c48a6cf946eb4a2107551b521f2
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6f7ceac3a17866878f5b88ae07ab01eb83ef37146c4abb324125a314f413dfe
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
fd50d0bd7a331d7732fb828df91e0570d343a817cd588ce15ffbfa3fba070733
ff3aed05db20e8d9898204cf73c31c1c35bc59ddfb3eaf9c2d9a5da5643360f0

www.gncu.org Open in urlscan Pro 23.185.0.1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

61 Requests

95 %HTTPS

66 %IPv6

27 Domains

31 Subdomains

29 IPs

4 Countries

1002 kBTransfer

2763 kBSize

29 Cookies

16 Outgoing links

Page URL History

Redirected requests

61 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.gncu.org Open in urlscan Pro
23.185.0.1 Public Scan

Screenshot
Live screenshot

Full Image

61
Requests

95 %
HTTPS

66 %
IPv6

27
Domains

31
Subdomains

29
IPs

4
Countries

1002 kB
Transfer

2763 kB
Size

29
Cookies

61 HTTP transactions
1 data transactions